Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/a46c86-4b08-482b-92ca-84ee22a3ee5b/1/uur_FJa52uIziepSaSOPrAnLCko.roa
File: uur_FJa52uIziepSaSOPrAnLCko.roa (raw, json)
Hash identifier: YUqhVpwF3nen8JadNtThquJwsn0d50c20T2MWk+RWQ4=
Subject key identifier: BA:EA:FF:14:96:B9:DA:E2:33:89:EA:52:69:23:8F:AC:09:CB:0A:4A
Certificate issuer: /CN=fdad61d8e8c1abda8596930e21f18211a517681f
Certificate serial: 018C44BE213D123FF763AC7C799DD25D3C0F
Authority key identifier: FD:AD:61:D8:E8:C1:AB:DA:85:96:93:0E:21:F1:82:11:A5:17:68:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_a1h2OjBq9qFlpMOIfGCEaUXaB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/a46c86-4b08-482b-92ca-84ee22a3ee5b/1/uur_FJa52uIziepSaSOPrAnLCko.roa
Signing time: Thu 07 Dec 2023 14:46:00 +0000
ROA not before: Thu 07 Dec 2023 14:46:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51178
IP address blocks: 91.219.64.0/22 maxlen: 23
5.61.14.0/23 maxlen: 24
5.61.13.0/24 maxlen: 24
188.68.184.0/22 maxlen: 23
185.218.70.0/24 maxlen: 24
185.218.68.0/23 maxlen: 24
92.249.4.0/24 maxlen: 24
2a00:9801::/32 maxlen: 32
2a0b:d0c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:44:be:21:3d:12:3f:f7:63:ac:7c:79:9d:d2:5d:3c:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdad61d8e8c1abda8596930e21f18211a517681f
Validity
Not Before: Dec 7 14:46:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=baeaff1496b9dae23389ea5269238fac09cb0a4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:95:c3:49:12:e6:16:c7:3c:9f:a4:d8:ba:26:
f3:df:0b:f2:9d:f5:5c:7d:bc:6d:ba:29:87:56:b0:
31:05:f5:92:d0:33:77:29:a7:a6:7f:3c:a0:b4:26:
ee:9c:77:20:bc:5b:06:4e:40:72:c8:f2:3b:df:69:
07:c3:cb:7a:e2:5b:f5:18:32:34:18:d6:5a:ea:a5:
4a:1d:d8:6b:6c:37:ad:cc:0c:cc:3b:4d:c4:4b:9f:
67:98:99:b5:96:bb:fd:74:6a:ec:3d:63:de:2d:55:
e1:ef:d0:cd:94:f2:f3:e6:b8:ea:45:37:57:38:74:
e8:35:aa:0d:89:2c:4c:5d:01:2c:77:38:29:e7:5a:
07:48:a9:99:cd:8d:6f:c6:33:9a:31:92:48:dc:79:
18:31:d5:42:ab:f3:88:c6:5a:f9:9b:1a:1a:a3:fb:
cd:3d:67:7b:11:d2:e9:3b:80:ea:15:15:a4:34:d7:
36:59:be:18:6e:0c:e9:d7:95:ba:0f:b2:24:9f:64:
86:af:a0:08:44:1c:d3:f8:65:0b:97:53:7e:60:27:
74:50:35:a6:6b:c6:eb:23:1e:36:c5:5b:c0:68:a4:
d7:dc:42:39:98:f0:39:89:74:f2:a1:b0:5c:1c:c0:
92:ee:a6:16:01:13:16:f3:f8:72:ef:6f:42:87:6f:
8f:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:EA:FF:14:96:B9:DA:E2:33:89:EA:52:69:23:8F:AC:09:CB:0A:4A
X509v3 Authority Key Identifier:
keyid:FD:AD:61:D8:E8:C1:AB:DA:85:96:93:0E:21:F1:82:11:A5:17:68:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_a1h2OjBq9qFlpMOIfGCEaUXaB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a46c86-4b08-482b-92ca-84ee22a3ee5b/1/uur_FJa52uIziepSaSOPrAnLCko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a46c86-4b08-482b-92ca-84ee22a3ee5b/1/_a1h2OjBq9qFlpMOIfGCEaUXaB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.13.0-5.61.15.255
91.219.64.0/22
92.249.4.0/24
185.218.68.0-185.218.70.255
188.68.184.0/22
IPv6:
2a00:9801::/32
2a0b:d0c0::/29
Signature Algorithm: sha256WithRSAEncryption
53:2a:d9:e4:1e:b5:25:63:5c:45:e1:df:35:8f:4f:e2:d8:ed:
46:a0:22:d4:91:73:c3:51:ad:1a:9f:2c:a3:9f:22:d8:30:2e:
b4:25:74:47:2f:87:d4:35:3c:51:45:89:c4:a4:1e:8c:3a:5f:
f9:33:9e:09:5e:7d:35:ad:e7:c6:df:bc:c3:7a:19:a0:ff:d1:
06:87:7d:29:80:99:d5:45:2d:c5:b4:89:bd:e4:03:b9:53:32:
29:76:27:96:e0:1c:92:4c:a0:25:53:ca:00:3b:c0:70:e6:39:
6e:f6:bd:32:74:c9:21:d1:65:66:91:1f:22:61:f5:59:7c:e4:
a5:53:30:a2:b3:4f:8f:e4:52:8a:c2:72:fd:56:93:5d:dc:f0:
89:22:83:ef:f3:bf:22:64:f9:e2:e9:92:3b:de:fc:0d:6f:45:
88:ee:33:59:21:34:9a:b6:7b:5e:37:ab:5c:36:8a:5d:f1:52:
15:40:30:33:20:6a:69:af:3d:7f:3d:b2:41:7f:3f:d0:16:4f:
fe:a0:eb:d8:22:dc:e1:0b:7d:f2:8c:34:de:22:75:3a:c4:57:
fd:26:27:fb:42:5d:d3:15:0c:e2:5e:15:c0:82:8b:ff:af:9a:
22:a4:2c:c5:58:50:71:47:91:d1:f9:8b:b3:57:72:78:18:ad:
92:bf:a2:cd
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYxEviE9Ej/3Y6x8eZ3SXTwPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkYWQ2MWQ4ZThjMWFiZGE4NTk2OTMwZTIxZjE4MjExYTUx
NzY4MWYwHhcNMjMxMjA3MTQ0NjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWVhZmYxNDk2YjlkYWUyMzM4OWVhNTI2OTIzOGZhYzA5Y2IwYTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5XDSRLmFsc8n6TYuibz3wvynfVc
fbxtuimHVrAxBfWS0DN3KaemfzygtCbunHcgvFsGTkByyPI732kHw8t64lv1GDI0
GNZa6qVKHdhrbDetzAzMO03ES59nmJm1lrv9dGrsPWPeLVXh79DNlPLz5rjqRTdX
OHToNaoNiSxMXQEsdzgp51oHSKmZzY1vxjOaMZJI3HkYMdVCq/OIxlr5mxoao/vN
PWd7EdLpO4DqFRWkNNc2Wb4Ybgzp15W6D7Ikn2SGr6AIRBzT+GULl1N+YCd0UDWm
a8brIx42xVvAaKTX3EI5mPA5iXTyobBcHMCS7qYWARMW8/hy729Ch2+P8QIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFLrq/xSWudriM4nqUmkjj6wJywpKMB8GA1UdIwQY
MBaAFP2tYdjowavahZaTDiHxghGlF2gfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2ExaDJPakJxOXFGbHBNT0lmR0NFYVVYYUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9hNDZjODYtNGIwOC00ODJiLTkyY2Et
ODRlZTIyYTNlZTViLzEvdXVyX0ZKYTUydUl6aWVwU2FTT1ByQW5MQ2tvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9hNDZjODYtNGIwOC00ODJiLTkyY2EtODRlZTIyYTNlZTVi
LzEvX2ExaDJPakJxOXFGbHBNT0lmR0NFYVVYYUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDA0BAIAATAuMAwDBAAFPQ0D
BAQFPQADBAJb20ADBABc+QQwDAMEArnaRAMEALnaRgMEArxEuDAUBAIAAjAOAwUA
KgCYAQMFAyoL0MAwDQYJKoZIhvcNAQELBQADggEBAFMq2eQetSVjXEXh3zWPT+LY
7UagItSRc8NRrRqfLKOfItgwLrQldEcvh9Q1PFFFicSkHow6X/kznglefTWt58bf
vMN6GaD/0QaHfSmAmdVFLcW0ib3kA7lTMil2J5bgHJJMoCVTygA7wHDmOW72vTJ0
ySHRZWaRHyJh9Vl85KVTMKKzT4/kUorCcv1Wk13c8Ikig+/zvyJk+eLpkjve/A1v
RYjuM1khNJq2e143q1w2il3xUhVAMDMgammvPX89skF/P9AWT/6g69gi3OELffKM
NN4idTrEV/0mJ/tCXdMVDOJeFcCCi/+vmiKkLMVYUHFHkdH5i7NXcngYrZK/os0=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:30:30 2025 by rpki-client