Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/a27a03-f645-462b-94e7-66c5ae8a36b4/1/UR8YwdbCSRLP2QerEkZ0dwyNS6Q.roa
File: UR8YwdbCSRLP2QerEkZ0dwyNS6Q.roa (raw, json)
Hash identifier: irfqf/THhTuy97tZpi9bcwzd6jvp/UMNWMLSYAnGRmY=
Subject key identifier: 51:1F:18:C1:D6:C2:49:12:CF:D9:07:AB:12:46:74:77:0C:8D:4B:A4
Certificate issuer: /CN=5c791a1ba09b9d4d358ef05aaded7f0e85e881b6
Certificate serial: 01835185CF73DFFA5A7C65B3F38E791632EE
Authority key identifier: 5C:79:1A:1B:A0:9B:9D:4D:35:8E:F0:5A:AD:ED:7F:0E:85:E8:81:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XHkaG6CbnU01jvBare1_DoXogbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/a27a03-f645-462b-94e7-66c5ae8a36b4/1/UR8YwdbCSRLP2QerEkZ0dwyNS6Q.roa
Signing time: Sun 18 Sep 2022 16:54:27 +0000
ROA not before: Sun 18 Sep 2022 16:54:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44640
IP address blocks: 185.56.116.0/22 maxlen: 24
91.202.44.0/22 maxlen: 24
2a04:c340::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:51:85:cf:73:df:fa:5a:7c:65:b3:f3:8e:79:16:32:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c791a1ba09b9d4d358ef05aaded7f0e85e881b6
Validity
Not Before: Sep 18 16:54:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=511f18c1d6c24912cfd907ab124674770c8d4ba4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:cf:46:82:33:9a:8b:72:2d:92:3d:ca:87:74:
3d:29:48:a8:28:72:40:73:dc:d3:fe:ec:4a:9a:e2:
00:c8:7b:8a:47:c0:e1:ed:bc:a1:00:02:29:d0:e8:
c0:ba:c8:73:09:d1:1a:73:8d:87:bf:b1:ae:77:aa:
24:c2:cd:41:80:32:ca:87:a3:f2:26:53:6b:dd:bc:
b3:8f:7f:89:3c:20:3b:47:a7:6d:9b:83:4e:47:ea:
93:82:2e:cd:47:ed:f9:0b:4d:a6:e0:e0:b9:c9:15:
aa:24:d8:69:29:d4:f2:29:90:5c:71:b7:0d:0a:cb:
ea:8f:c6:4f:23:7f:5e:ee:4e:f4:5d:eb:b4:f6:dd:
66:63:7c:14:d4:97:54:1e:4e:68:d0:82:65:6c:f8:
f3:3f:2f:1b:8b:b2:b8:5a:25:a2:f6:90:69:00:2b:
13:e0:ba:bc:0f:3d:a9:81:01:21:23:34:a1:01:3a:
77:b5:05:b5:61:4a:5a:18:76:b1:68:da:e8:d2:25:
94:85:35:d5:b8:2a:ce:73:ae:a9:f0:2d:44:61:f8:
81:6d:aa:a5:76:bb:99:05:32:ab:71:f6:64:df:6a:
40:18:9b:4f:83:8f:49:5e:2a:3f:c4:29:e1:1d:25:
39:08:41:de:d6:b6:70:49:73:b5:95:20:c5:87:d0:
12:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:1F:18:C1:D6:C2:49:12:CF:D9:07:AB:12:46:74:77:0C:8D:4B:A4
X509v3 Authority Key Identifier:
keyid:5C:79:1A:1B:A0:9B:9D:4D:35:8E:F0:5A:AD:ED:7F:0E:85:E8:81:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XHkaG6CbnU01jvBare1_DoXogbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/a27a03-f645-462b-94e7-66c5ae8a36b4/1/UR8YwdbCSRLP2QerEkZ0dwyNS6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/a27a03-f645-462b-94e7-66c5ae8a36b4/1/XHkaG6CbnU01jvBare1_DoXogbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.44.0/22
185.56.116.0/22
IPv6:
2a04:c340::/29
Signature Algorithm: sha256WithRSAEncryption
17:9f:20:cd:f4:e7:c3:55:fd:5d:0c:82:f5:24:49:3a:85:48:
99:e9:3e:6d:84:46:61:17:48:58:d1:01:e4:99:4d:6b:b8:d9:
21:75:45:e2:5a:f8:e4:8b:75:a6:bc:4e:59:1b:da:7d:86:45:
57:06:9d:e4:24:bc:2c:b6:5f:ae:fa:8b:fa:d9:09:96:78:64:
c8:72:ae:4a:5c:98:f1:aa:63:04:eb:ec:61:1a:56:92:a8:d5:
0b:4f:3a:91:a0:1b:4a:85:88:78:66:a8:66:07:ba:00:9b:48:
61:d1:53:f0:d0:de:17:1f:82:9a:ba:93:76:e5:88:57:be:1e:
b7:bc:c2:35:f2:23:ab:cf:a4:b5:4b:53:63:ea:b3:35:a7:6d:
55:0b:87:f7:27:dc:0f:4e:a4:cb:59:0f:13:f6:64:9c:5e:2b:
fc:d0:c7:69:fe:8c:38:27:c7:e4:54:cb:6f:49:52:e0:55:af:
6f:bb:be:b1:a2:6a:8b:95:45:47:cb:a6:43:0c:5a:0e:42:ff:
03:f8:fc:d4:64:23:7b:8d:14:33:7d:59:cd:c6:74:a7:91:6d:
37:a1:44:1e:56:8d:55:e4:e3:59:61:c6:19:39:af:5e:43:93:
dc:77:30:06:41:5a:ae:7b:1e:8a:1b:91:30:92:36:a2:e9:35:
0d:f5:4c:5e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYNRhc9z3/pafGWz8455FjLuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNzkxYTFiYTA5YjlkNGQzNThlZjA1YWFkZWQ3ZjBlODVl
ODgxYjYwHhcNMjIwOTE4MTY1NDI3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTFmMThjMWQ2YzI0OTEyY2ZkOTA3YWIxMjQ2NzQ3NzBjOGQ0YmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2M9GgjOai3Itkj3Kh3Q9KUioKHJA
c9zT/uxKmuIAyHuKR8Dh7byhAAIp0OjAushzCdEac42Hv7Gud6okws1BgDLKh6Py
JlNr3byzj3+JPCA7R6dtm4NOR+qTgi7NR+35C02m4OC5yRWqJNhpKdTyKZBccbcN
Csvqj8ZPI39e7k70Xeu09t1mY3wU1JdUHk5o0IJlbPjzPy8bi7K4WiWi9pBpACsT
4Lq8Dz2pgQEhIzShATp3tQW1YUpaGHaxaNro0iWUhTXVuCrOc66p8C1EYfiBbaql
druZBTKrcfZk32pAGJtPg49JXio/xCnhHSU5CEHe1rZwSXO1lSDFh9ASCQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFEfGMHWwkkSz9kHqxJGdHcMjUukMB8GA1UdIwQY
MBaAFFx5Ghugm51NNY7wWq3tfw6F6IG2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEhrYUc2Q2JuVTAxanZCYXJlMV9Eb1hvZ2JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9hMjdhMDMtZjY0NS00NjJiLTk0ZTct
NjZjNWFlOGEzNmI0LzEvVVI4WXdkYkNTUkxQMlFlckVrWjBkd3lOUzZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9hMjdhMDMtZjY0NS00NjJiLTk0ZTctNjZjNWFlOGEzNmI0
LzEvWEhrYUc2Q2JuVTAxanZCYXJlMV9Eb1hvZ2JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW8osAwQC
uTh0MA0EAgACMAcDBQMqBMNAMA0GCSqGSIb3DQEBCwUAA4IBAQAXnyDN9OfDVf1d
DIL1JEk6hUiZ6T5thEZhF0hY0QHkmU1ruNkhdUXiWvjki3WmvE5ZG9p9hkVXBp3k
JLwstl+u+ov62QmWeGTIcq5KXJjxqmME6+xhGlaSqNULTzqRoBtKhYh4ZqhmB7oA
m0hh0VPw0N4XH4KaupN25YhXvh63vMI18iOrz6S1S1Nj6rM1p21VC4f3J9wPTqTL
WQ8T9mScXiv80Mdp/ow4J8fkVMtvSVLgVa9vu76xomqLlUVHy6ZDDFoOQv8D+PzU
ZCN7jRQzfVnNxnSnkW03oUQeVo1V5ONZYcYZOa9eQ5PcdzAGQVquex6KG5Ewkjai
6TUN9Uxe
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:13 2025 by rpki-client