Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/db8258-2f18-4f48-89a7-fc50566b118f/1/UbFrSQUTLD3rEl2qrJz6hymvHKg.roa
File: UbFrSQUTLD3rEl2qrJz6hymvHKg.roa (raw, json)
Hash identifier: BiGbreyRvaVIV5ZRHFPTCaSSrQtYMObmz2j8In50YRY=
Subject key identifier: 51:B1:6B:49:05:13:2C:3D:EB:12:5D:AA:AC:9C:FA:87:29:AF:1C:A8
Certificate issuer: /CN=e518045cfbd96a376ec98e3f5e8b2afb14cca93c
Certificate serial: 01856F022CA5F8EE2008199C76BE0053FBE1
Authority key identifier: E5:18:04:5C:FB:D9:6A:37:6E:C9:8E:3F:5E:8B:2A:FB:14:CC:A9:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5RgEXPvZajduyY4_Xosq-xTMqTw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/db8258-2f18-4f48-89a7-fc50566b118f/1/UbFrSQUTLD3rEl2qrJz6hymvHKg.roa
Signing time: Sun 01 Jan 2023 20:24:51 +0000
ROA not before: Sun 01 Jan 2023 20:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31374
IP address blocks: 193.200.228.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:2c:a5:f8:ee:20:08:19:9c:76:be:00:53:fb:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e518045cfbd96a376ec98e3f5e8b2afb14cca93c
Validity
Not Before: Jan 1 20:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=51b16b4905132c3deb125daaac9cfa8729af1ca8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:99:50:81:13:71:fc:b7:59:99:38:f1:4d:32:
9e:06:05:2d:31:db:2b:0e:ab:83:86:64:ce:39:27:
95:31:1c:f1:ce:cc:74:c0:84:98:8e:c6:7b:61:ac:
dd:46:31:6d:82:1a:bf:54:dc:c1:8c:c8:19:2a:ec:
6d:8b:83:a0:fb:c2:48:d7:78:3e:07:75:19:7a:50:
4d:02:14:93:7f:02:24:1e:e0:35:21:0c:de:a9:47:
6f:78:43:a5:0d:99:f1:1b:09:17:47:1a:39:93:be:
52:1b:ac:c4:0a:5f:5f:16:e6:bb:52:03:42:75:89:
ea:16:b7:b8:0b:a8:68:3a:6c:ff:c1:e2:43:2d:63:
bf:c2:6c:ff:5b:43:09:80:11:75:1a:97:00:15:24:
7d:de:c7:19:17:05:c1:29:ee:21:f5:08:f2:11:4d:
72:00:62:98:6f:ad:aa:84:ea:72:63:6e:82:c4:3d:
c1:37:a4:2e:41:b5:61:87:48:7a:a7:8d:8c:58:f8:
7b:4f:2c:23:aa:46:21:49:c6:60:58:2d:7d:1a:43:
81:a3:76:e1:06:fb:20:6d:11:3a:9f:b1:b6:83:44:
4d:c4:6d:b7:af:2a:2b:b5:4b:86:7c:f0:37:55:cf:
26:fb:b9:fb:15:95:f3:61:6f:b0:5e:22:f5:45:71:
09:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:B1:6B:49:05:13:2C:3D:EB:12:5D:AA:AC:9C:FA:87:29:AF:1C:A8
X509v3 Authority Key Identifier:
keyid:E5:18:04:5C:FB:D9:6A:37:6E:C9:8E:3F:5E:8B:2A:FB:14:CC:A9:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5RgEXPvZajduyY4_Xosq-xTMqTw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/db8258-2f18-4f48-89a7-fc50566b118f/1/UbFrSQUTLD3rEl2qrJz6hymvHKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/db8258-2f18-4f48-89a7-fc50566b118f/1/5RgEXPvZajduyY4_Xosq-xTMqTw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.200.228.0/24
Signature Algorithm: sha256WithRSAEncryption
91:3d:31:3f:3b:bd:98:df:8e:d9:00:51:09:c1:a1:c6:e4:85:
88:9a:d3:a8:60:d6:28:05:29:61:d2:b7:dc:ef:18:2c:f4:58:
e0:79:59:7f:50:04:8d:16:c0:66:3a:92:7f:f4:08:ca:42:43:
43:bd:21:f0:59:ba:e6:b8:f8:86:60:e7:2d:f5:bf:fd:d3:f4:
05:8d:5e:19:b7:80:0c:e7:e8:5b:e5:71:95:7a:dd:03:15:3e:
7f:59:cd:b7:7e:95:11:22:e4:f2:c5:fb:6b:2f:f3:ef:d4:03:
42:4d:0f:68:c4:61:b7:71:ef:f7:00:9b:46:66:5c:8e:4f:f2:
d9:31:01:11:a4:53:5e:3f:0e:18:ac:12:bd:83:e8:c6:e2:20:
52:6f:72:1c:bb:fd:99:15:b4:21:22:cf:a6:94:b3:df:44:20:
1d:43:69:97:65:a6:76:4a:7d:5c:6d:c0:f5:d0:03:21:bf:91:
8d:82:53:8a:b2:30:c6:f4:d4:9f:0b:02:2b:c8:34:f1:dd:86:
df:93:ed:51:16:d4:e1:09:2a:87:83:03:0f:bc:1e:9f:8e:4a:
57:eb:d7:72:1f:21:bb:ee:30:f2:cc:6e:c7:a3:5b:28:b5:ef:
ef:c3:42:c8:3e:e4:9f:e5:34:70:0e:33:0e:91:ba:2d:e5:d1:
15:61:42:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvAiyl+O4gCBmcdr4AU/vhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MTgwNDVjZmJkOTZhMzc2ZWM5OGUzZjVlOGIyYWZiMTRj
Y2E5M2MwHhcNMjMwMTAxMjAyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWIxNmI0OTA1MTMyYzNkZWIxMjVkYWFhYzljZmE4NzI5YWYxY2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJlQgRNx/LdZmTjxTTKeBgUtMdsr
DquDhmTOOSeVMRzxzsx0wISYjsZ7YazdRjFtghq/VNzBjMgZKuxti4Og+8JI13g+
B3UZelBNAhSTfwIkHuA1IQzeqUdveEOlDZnxGwkXRxo5k75SG6zECl9fFua7UgNC
dYnqFre4C6hoOmz/weJDLWO/wmz/W0MJgBF1GpcAFSR93scZFwXBKe4h9QjyEU1y
AGKYb62qhOpyY26CxD3BN6QuQbVhh0h6p42MWPh7TywjqkYhScZgWC19GkOBo3bh
BvsgbRE6n7G2g0RNxG23ryortUuGfPA3Vc8m+7n7FZXzYW+wXiL1RXEJrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFGxa0kFEyw96xJdqqyc+ocprxyoMB8GA1UdIwQY
MBaAFOUYBFz72Wo3bsmOP16LKvsUzKk8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVJnRVhQdlphamR1eVk0X1hvc3EteFRNcVR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9kYjgyNTgtMmYxOC00ZjQ4LTg5YTct
ZmM1MDU2NmIxMThmLzEvVWJGclNRVVRMRDNyRWwycXJKejZoeW12SEtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9kYjgyNTgtMmYxOC00ZjQ4LTg5YTctZmM1MDU2NmIxMThm
LzEvNVJnRVhQdlphamR1eVk0X1hvc3EteFRNcVR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwcjkMA0G
CSqGSIb3DQEBCwUAA4IBAQCRPTE/O72Y347ZAFEJwaHG5IWImtOoYNYoBSlh0rfc
7xgs9FjgeVl/UASNFsBmOpJ/9AjKQkNDvSHwWbrmuPiGYOct9b/90/QFjV4Zt4AM
5+hb5XGVet0DFT5/Wc23fpURIuTyxftrL/Pv1ANCTQ9oxGG3ce/3AJtGZlyOT/LZ
MQERpFNePw4YrBK9g+jG4iBSb3Icu/2ZFbQhIs+mlLPfRCAdQ2mXZaZ2Sn1cbcD1
0AMhv5GNglOKsjDG9NSfCwIryDTx3Ybfk+1RFtThCSqHgwMPvB6fjkpX69dyHyG7
7jDyzG7Ho1sote/vw0LIPuSf5TRwDjMOkbot5dEVYUJS
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:01:07 2025 by rpki-client