Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/5e6720-0f51-4014-ba1f-bda0bb885544/1/UgmlkzUqKlQgy0Qowgx1ftWhVKQ.roa
File: UgmlkzUqKlQgy0Qowgx1ftWhVKQ.roa (raw, json)
Hash identifier: LGAIHS0PBwEOBgkde+89UhHsXheclttdCQ4oLhmV98A=
Subject key identifier: 52:09:A5:93:35:2A:2A:54:20:CB:44:28:C2:0C:75:7E:D5:A1:54:A4
Certificate issuer: /CN=56bfb0ccb5d9bcb3974ab939e20c895d21f46c71
Certificate serial: 01856C0A47C06DF5677F72E74B40D1A70EAE
Authority key identifier: 56:BF:B0:CC:B5:D9:BC:B3:97:4A:B9:39:E2:0C:89:5D:21:F4:6C:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vr-wzLXZvLOXSrk54gyJXSH0bHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/5e6720-0f51-4014-ba1f-bda0bb885544/1/UgmlkzUqKlQgy0Qowgx1ftWhVKQ.roa
Signing time: Sun 01 Jan 2023 06:34:51 +0000
ROA not before: Sun 01 Jan 2023 06:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204671
IP address blocks: 2001:678:5e0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:0a:47:c0:6d:f5:67:7f:72:e7:4b:40:d1:a7:0e:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56bfb0ccb5d9bcb3974ab939e20c895d21f46c71
Validity
Not Before: Jan 1 06:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5209a593352a2a5420cb4428c20c757ed5a154a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ad:1e:e5:64:9a:11:0b:d1:29:47:8b:59:b9:
a8:b2:a7:73:72:f3:00:8d:73:7b:08:c4:b9:ae:41:
bf:b0:65:6f:8c:1d:84:29:5a:8f:13:ef:31:92:a6:
a0:ed:7f:44:aa:29:8f:ff:2e:f1:b3:c2:ea:89:4e:
25:59:17:25:31:38:ae:21:0d:59:b4:66:3e:1d:f5:
13:95:09:07:23:14:0b:34:38:3b:3b:7c:4b:dd:9d:
a8:82:2b:99:d1:db:18:25:3c:14:d8:ac:26:8a:58:
d1:2e:24:7b:79:d9:a2:36:17:69:75:c3:83:6c:64:
de:59:ad:c2:02:e1:0a:08:f6:5a:4d:9d:90:18:d5:
ad:7a:e6:a3:e5:54:b3:7b:f4:80:bd:7c:e4:c8:73:
4b:28:92:0e:d7:4d:b5:b2:57:77:17:7d:92:05:6e:
50:b1:44:58:4d:00:a4:4c:4b:63:e3:2e:10:2e:09:
8f:84:38:87:e4:13:a3:c6:9a:66:33:d3:78:21:94:
b6:2a:78:65:b6:51:5d:91:84:8f:fb:32:23:d7:71:
1d:28:12:a4:1a:c1:4b:ca:18:05:63:fd:8f:e6:e9:
57:02:9c:e0:f9:ec:06:e2:60:24:66:24:52:b8:10:
a3:83:db:7c:b3:5d:0b:d0:e1:c6:64:b6:0a:b7:10:
26:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:09:A5:93:35:2A:2A:54:20:CB:44:28:C2:0C:75:7E:D5:A1:54:A4
X509v3 Authority Key Identifier:
keyid:56:BF:B0:CC:B5:D9:BC:B3:97:4A:B9:39:E2:0C:89:5D:21:F4:6C:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vr-wzLXZvLOXSrk54gyJXSH0bHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5e6720-0f51-4014-ba1f-bda0bb885544/1/UgmlkzUqKlQgy0Qowgx1ftWhVKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5e6720-0f51-4014-ba1f-bda0bb885544/1/Vr-wzLXZvLOXSrk54gyJXSH0bHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:5e0::/48
Signature Algorithm: sha256WithRSAEncryption
39:ea:48:9f:2b:4b:5e:9b:7d:80:e3:c4:ee:a2:4d:18:25:10:
e9:f1:f4:d9:61:36:62:94:02:12:94:8d:85:07:d7:9d:aa:49:
32:e4:05:64:50:dd:33:41:cb:bd:58:fc:43:b0:40:4c:ed:33:
14:a3:3c:ee:21:f3:f1:67:c3:2b:a3:86:ff:49:21:fc:f1:63:
b3:13:b5:41:c1:17:26:bf:59:a7:15:ee:e4:a5:ad:3b:73:98:
e7:b8:36:95:14:c0:20:0f:1f:3e:f0:28:6c:cd:d8:33:17:7d:
11:08:d6:4e:47:83:f0:31:75:85:bc:08:13:5a:dd:57:eb:60:
19:ee:2f:a2:38:92:e5:d0:80:68:72:62:64:a3:3b:ad:24:30:
15:b9:59:bf:17:0b:67:14:80:d9:75:67:3f:5f:84:f7:39:83:
c0:03:59:11:7e:9a:af:5d:8f:d7:5d:be:06:a2:ef:f6:a4:7e:
06:41:38:aa:50:46:4c:1a:dd:5a:cd:9d:ad:b5:5b:85:09:d2:
b1:6a:91:3a:a0:3b:43:c8:21:e9:6d:e5:f2:20:11:59:fb:6d:
96:13:e7:53:7c:7b:6f:f0:ee:98:3c:6e:9a:9e:19:fb:a6:9a:
87:04:b6:32:96:5c:5d:da:66:53:3b:82:a3:47:d2:13:5c:b6:
02:52:60:16
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVsCkfAbfVnf3LnS0DRpw6uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YmZiMGNjYjVkOWJjYjM5NzRhYjkzOWUyMGM4OTVkMjFm
NDZjNzEwHhcNMjMwMTAxMDYzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjA5YTU5MzM1MmEyYTU0MjBjYjQ0MjhjMjBjNzU3ZWQ1YTE1NGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzq0e5WSaEQvRKUeLWbmosqdzcvMA
jXN7CMS5rkG/sGVvjB2EKVqPE+8xkqag7X9EqimP/y7xs8LqiU4lWRclMTiuIQ1Z
tGY+HfUTlQkHIxQLNDg7O3xL3Z2ogiuZ0dsYJTwU2KwmiljRLiR7edmiNhdpdcOD
bGTeWa3CAuEKCPZaTZ2QGNWteuaj5VSze/SAvXzkyHNLKJIO1021sld3F32SBW5Q
sURYTQCkTEtj4y4QLgmPhDiH5BOjxppmM9N4IZS2KnhltlFdkYSP+zIj13EdKBKk
GsFLyhgFY/2P5ulXApzg+ewG4mAkZiRSuBCjg9t8s10L0OHGZLYKtxAmFQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFIJpZM1KipUIMtEKMIMdX7VoVSkMB8GA1UdIwQY
MBaAFFa/sMy12byzl0q5OeIMiV0h9GxxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnItd3pMWFp2TE9YU3JrNTRneUpYU0gwYkhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS81ZTY3MjAtMGY1MS00MDE0LWJhMWYt
YmRhMGJiODg1NTQ0LzEvVWdtbGt6VXFLbFFneTBRb3dneDFmdFdoVktRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS81ZTY3MjAtMGY1MS00MDE0LWJhMWYtYmRhMGJiODg1NTQ0
LzEvVnItd3pMWFp2TE9YU3JrNTRneUpYU0gwYkhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAXg
MA0GCSqGSIb3DQEBCwUAA4IBAQA56kifK0tem32A48Tuok0YJRDp8fTZYTZilAIS
lI2FB9edqkky5AVkUN0zQcu9WPxDsEBM7TMUozzuIfPxZ8Mro4b/SSH88WOzE7VB
wRcmv1mnFe7kpa07c5jnuDaVFMAgDx8+8ChszdgzF30RCNZOR4PwMXWFvAgTWt1X
62AZ7i+iOJLl0IBocmJkozutJDAVuVm/FwtnFIDZdWc/X4T3OYPAA1kRfpqvXY/X
Xb4Gou/2pH4GQTiqUEZMGt1azZ2ttVuFCdKxapE6oDtDyCHpbeXyIBFZ+22WE+dT
fHtv8O6YPG6anhn7ppqHBLYyllxd2mZTO4KjR9ITXLYCUmAW
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:31 2025 by rpki-client