Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/4cb1b1-701b-4e42-8b05-2cbc40e5fe62/1/UQJNr3amoeHgULtslaILGV63cfs.roa
File: UQJNr3amoeHgULtslaILGV63cfs.roa (raw, json)
Hash identifier: cDLQaD4U6GK/JwUyE3kF0DbEnxw6qnThaKnPpLxFB54=
Subject key identifier: 51:02:4D:AF:76:A6:A1:E1:E0:50:BB:6C:95:A2:0B:19:5E:B7:71:FB
Certificate issuer: /CN=7728052ae7d10fd2261a2248fc00d202b0f25574
Certificate serial: 0185711EA33B15B676F629AA10047BE53018
Authority key identifier: 77:28:05:2A:E7:D1:0F:D2:26:1A:22:48:FC:00:D2:02:B0:F2:55:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dygFKufRD9ImGiJI_ADSArDyVXQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/4cb1b1-701b-4e42-8b05-2cbc40e5fe62/1/UQJNr3amoeHgULtslaILGV63cfs.roa
Signing time: Mon 02 Jan 2023 06:15:11 +0000
ROA not before: Mon 02 Jan 2023 06:15:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208981
IP address blocks: 45.12.124.0/24 maxlen: 24
45.12.125.0/24 maxlen: 24
45.12.127.0/24 maxlen: 24
45.12.126.0/24 maxlen: 24
2a0e:a900::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:a3:3b:15:b6:76:f6:29:aa:10:04:7b:e5:30:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7728052ae7d10fd2261a2248fc00d202b0f25574
Validity
Not Before: Jan 2 06:15:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=51024daf76a6a1e1e050bb6c95a20b195eb771fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:59:20:69:c3:1a:24:28:06:65:62:09:e7:ea:
dc:cd:55:c5:6d:92:19:3e:01:61:60:42:fb:bd:ff:
70:46:f4:c0:03:9a:0a:33:64:9d:13:bb:42:42:9c:
4d:50:12:fb:2d:fe:a1:9c:4c:11:ef:ff:8e:3c:7e:
fb:de:29:46:a6:b3:67:6e:f3:aa:6c:a2:f8:73:54:
75:0f:e8:e3:5e:0c:f0:57:b8:86:40:e1:bc:fe:d9:
f9:3a:48:fe:77:04:c1:db:17:68:23:4c:aa:91:ab:
ca:4b:ee:66:60:48:a6:8e:66:63:7a:f2:4c:5e:73:
f0:b0:11:b8:fc:a0:12:ec:b4:56:55:60:04:e7:6a:
43:c7:5a:7a:23:fc:9e:d1:51:dc:35:37:f8:1c:c6:
d2:97:f0:c7:a5:04:23:f6:61:e4:03:25:40:b5:79:
69:4b:79:6f:6f:c2:27:c0:bf:28:7d:e1:05:3f:1b:
aa:47:cb:a1:91:e6:b1:5f:39:72:0f:1a:5c:8e:ca:
4e:0b:81:ab:a4:63:71:c9:7d:6f:e0:ed:18:9e:93:
54:60:30:7b:a4:a5:38:45:0f:b4:5c:07:49:9f:a5:
4e:9a:d9:3e:dd:30:2c:5e:14:34:d9:c6:ab:3a:d4:
db:18:69:6e:68:18:8c:75:2e:cb:85:4f:7a:54:bf:
9a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:02:4D:AF:76:A6:A1:E1:E0:50:BB:6C:95:A2:0B:19:5E:B7:71:FB
X509v3 Authority Key Identifier:
keyid:77:28:05:2A:E7:D1:0F:D2:26:1A:22:48:FC:00:D2:02:B0:F2:55:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dygFKufRD9ImGiJI_ADSArDyVXQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/4cb1b1-701b-4e42-8b05-2cbc40e5fe62/1/UQJNr3amoeHgULtslaILGV63cfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/4cb1b1-701b-4e42-8b05-2cbc40e5fe62/1/dygFKufRD9ImGiJI_ADSArDyVXQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.124.0/22
IPv6:
2a0e:a900::/29
Signature Algorithm: sha256WithRSAEncryption
a9:c7:41:65:b3:e8:cf:4e:ed:2b:0b:64:53:a7:9a:80:8d:9d:
09:5d:3c:99:91:29:2c:3a:9c:06:59:cf:a5:0a:c9:00:1a:7f:
8f:69:a7:2e:31:53:0b:d2:47:ee:bd:f8:b4:d1:67:73:ec:0b:
17:5a:d7:1e:5e:9b:6b:c8:b3:4d:b8:76:cc:40:03:64:86:0c:
17:4b:27:f4:01:20:96:fc:61:07:65:31:ab:53:36:29:7b:d1:
9d:a3:99:1a:92:1c:ec:72:af:49:fa:5a:7d:4a:39:5a:44:4c:
46:28:64:5b:9d:c9:b4:ca:34:3b:f9:18:27:32:30:86:44:98:
8a:f4:b9:4c:48:2e:4c:2d:57:58:c9:f7:cc:a3:45:50:db:40:
12:b2:32:f2:bc:b5:ac:01:29:ca:50:92:0b:62:79:fe:c7:1d:
9a:1f:b9:18:9b:6f:f1:b3:bc:0f:2c:f1:e7:57:aa:4e:44:a7:
ec:60:c7:96:89:67:34:4c:07:dd:c5:72:84:4b:09:54:f1:13:
6e:66:7b:60:d0:2c:cc:49:02:1c:cc:13:43:3a:27:8c:00:a0:
cb:d8:40:d7:2d:0a:27:92:26:4c:c0:12:cf:11:51:b1:46:44:
e5:4c:a8:71:26:7d:c3:64:e2:c6:89:9b:e6:44:0a:02:f4:f5:
f4:ec:41:d4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxHqM7FbZ29imqEAR75TAYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MjgwNTJhZTdkMTBmZDIyNjFhMjI0OGZjMDBkMjAyYjBm
MjU1NzQwHhcNMjMwMTAyMDYxNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTAyNGRhZjc2YTZhMWUxZTA1MGJiNmM5NWEyMGIxOTVlYjc3MWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFkgacMaJCgGZWIJ5+rczVXFbZIZ
PgFhYEL7vf9wRvTAA5oKM2SdE7tCQpxNUBL7Lf6hnEwR7/+OPH773ilGprNnbvOq
bKL4c1R1D+jjXgzwV7iGQOG8/tn5Okj+dwTB2xdoI0yqkavKS+5mYEimjmZjevJM
XnPwsBG4/KAS7LRWVWAE52pDx1p6I/ye0VHcNTf4HMbSl/DHpQQj9mHkAyVAtXlp
S3lvb8InwL8ofeEFPxuqR8uhkeaxXzlyDxpcjspOC4GrpGNxyX1v4O0YnpNUYDB7
pKU4RQ+0XAdJn6VOmtk+3TAsXhQ02carOtTbGGluaBiMdS7LhU96VL+amwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFECTa92pqHh4FC7bJWiCxlet3H7MB8GA1UdIwQY
MBaAFHcoBSrn0Q/SJhoiSPwA0gKw8lV0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHlnRkt1ZlJEOUltR2lKSV9BRFNBckR5VlhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS80Y2IxYjEtNzAxYi00ZTQyLThiMDUt
MmNiYzQwZTVmZTYyLzEvVVFKTnIzYW1vZUhnVUx0c2xhSUxHVjYzY2ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS80Y2IxYjEtNzAxYi00ZTQyLThiMDUtMmNiYzQwZTVmZTYy
LzEvZHlnRkt1ZlJEOUltR2lKSV9BRFNBckR5VlhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLQx8MA0E
AgACMAcDBQMqDqkAMA0GCSqGSIb3DQEBCwUAA4IBAQCpx0Fls+jPTu0rC2RTp5qA
jZ0JXTyZkSksOpwGWc+lCskAGn+PaacuMVML0kfuvfi00Wdz7AsXWtceXptryLNN
uHbMQANkhgwXSyf0ASCW/GEHZTGrUzYpe9Gdo5kakhzscq9J+lp9SjlaRExGKGRb
ncm0yjQ7+RgnMjCGRJiK9LlMSC5MLVdYyffMo0VQ20ASsjLyvLWsASnKUJILYnn+
xx2aH7kYm2/xs7wPLPHnV6pORKfsYMeWiWc0TAfdxXKESwlU8RNuZntg0CzMSQIc
zBNDOieMAKDL2EDXLQonkiZMwBLPEVGxRkTlTKhxJn3DZOLGiZvmRAoC9PX07EHU
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:45:23 2025 by rpki-client