Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/UUlWZPSj0x-NQ6JlWo-wMxPOfJw.roa
File: UUlWZPSj0x-NQ6JlWo-wMxPOfJw.roa (raw, json)
Hash identifier: +R38UdHaJlnHP0TlFD5+dtlA4U6g7azZs2zOMvJjnyk=
Subject key identifier: 51:49:56:64:F4:A3:D3:1F:8D:43:A2:65:5A:8F:B0:33:13:CE:7C:9C
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 0189ACF6432DFB7C5CBE93CE0F513AC42318
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/UUlWZPSj0x-NQ6JlWo-wMxPOfJw.roa
Signing time: Mon 31 Jul 2023 17:19:27 +0000
ROA not before: Mon 31 Jul 2023 17:19:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.66.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ac:f6:43:2d:fb:7c:5c:be:93:ce:0f:51:3a:c4:23:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jul 31 17:19:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=51495664f4a3d31f8d43a2655a8fb03313ce7c9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d6:fb:e2:1d:28:b7:89:c7:00:23:aa:72:c0:
1c:6b:ae:03:76:7a:f5:26:95:50:7e:e3:4b:d8:7d:
89:bd:02:ed:ed:37:e5:c3:d8:31:73:51:c9:e2:10:
f9:8d:98:63:9f:0b:50:67:bb:53:9b:13:e5:3d:dc:
e8:17:a2:54:03:e1:45:c8:2f:10:f2:05:b0:60:90:
ff:38:ad:42:da:ea:bb:e5:71:65:f5:5a:b9:7d:13:
56:80:43:0b:53:8b:6f:3d:08:27:8c:6d:77:94:0a:
60:56:da:2d:8d:34:14:d3:8a:ac:09:e7:ce:8d:45:
0d:46:61:f1:17:0d:89:4b:b9:6c:4d:21:ca:7b:14:
ed:f2:d1:22:fe:6e:df:c7:40:45:30:ae:0f:d6:26:
cd:59:2d:13:54:84:cb:dd:cc:d7:d7:87:c9:82:16:
6d:30:bc:13:a6:5f:b8:36:50:4a:57:09:e1:b7:61:
54:2c:42:b2:71:be:1e:75:7a:2c:2c:5f:01:6d:e2:
1d:95:53:7c:38:8e:c8:a5:e8:a1:f8:55:12:e6:28:
27:74:a1:89:2d:b3:88:45:af:61:eb:44:e6:88:8a:
f8:77:50:fa:6e:53:2b:c2:37:a2:22:25:cb:5b:0c:
cf:24:2b:d1:84:2a:02:45:a3:1f:2d:f0:a2:92:0b:
08:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:49:56:64:F4:A3:D3:1F:8D:43:A2:65:5A:8F:B0:33:13:CE:7C:9C
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/UUlWZPSj0x-NQ6JlWo-wMxPOfJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.153.0/24
Signature Algorithm: sha256WithRSAEncryption
90:ab:7e:03:f0:a0:96:40:3f:20:59:89:78:bb:d2:99:42:bc:
02:57:69:78:10:96:7b:3a:3a:b2:df:4d:67:68:7a:3c:6c:33:
be:e1:40:61:3d:6f:da:50:d1:12:d3:04:23:f2:a4:ca:ea:ab:
96:48:ea:c9:63:25:bc:89:ff:46:be:1c:34:18:40:30:73:0e:
4e:7e:98:4b:76:b9:00:0c:a7:05:c8:f2:2e:7d:5c:62:4e:44:
17:1f:e5:7a:d4:87:2d:d3:41:10:09:71:6b:a9:75:c2:8d:38:
16:05:f2:0a:c5:26:72:65:bc:0a:62:f5:e8:2c:da:86:39:d4:
a1:1a:46:e0:f6:2a:bc:d9:06:53:ab:7e:92:95:a0:5a:b0:3f:
04:cb:64:5a:2f:7c:49:3a:a6:85:61:2c:f8:e2:f1:00:f6:d1:
f5:38:ee:e6:1c:97:19:56:7d:03:93:ad:94:41:ee:a5:6a:99:
79:c6:3f:f9:14:d3:54:fc:5e:c2:0a:f5:9e:5e:5c:5f:c9:dd:
eb:ff:6a:9f:c0:3c:70:5c:35:67:5e:68:4a:eb:9a:2c:d8:0e:
11:7d:6c:99:ee:13:5d:c4:c0:a7:33:9d:24:f4:4d:a7:e5:e4:
83:1d:dd:dc:b4:31:df:f8:e0:4e:ea:2e:c8:fd:ea:36:eb:f3:
c0:bb:f2:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYms9kMt+3xcvpPOD1E6xCMYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwNzMxMTcxOTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTQ5NTY2NGY0YTNkMzFmOGQ0M2EyNjU1YThmYjAzMzEzY2U3YzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9b74h0ot4nHACOqcsAca64Ddnr1
JpVQfuNL2H2JvQLt7Tflw9gxc1HJ4hD5jZhjnwtQZ7tTmxPlPdzoF6JUA+FFyC8Q
8gWwYJD/OK1C2uq75XFl9Vq5fRNWgEMLU4tvPQgnjG13lApgVtotjTQU04qsCefO
jUUNRmHxFw2JS7lsTSHKexTt8tEi/m7fx0BFMK4P1ibNWS0TVITL3czX14fJghZt
MLwTpl+4NlBKVwnht2FULEKycb4edXosLF8BbeIdlVN8OI7Ipeih+FUS5igndKGJ
LbOIRa9h60TmiIr4d1D6blMrwjeiIiXLWwzPJCvRhCoCRaMfLfCikgsIuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFFJVmT0o9MfjUOiZVqPsDMTznycMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvVVVsV1pQU2oweC1OUTZKbFdvLXdNeFBPZkp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALUKZMA0G
CSqGSIb3DQEBCwUAA4IBAQCQq34D8KCWQD8gWYl4u9KZQrwCV2l4EJZ7Ojqy301n
aHo8bDO+4UBhPW/aUNES0wQj8qTK6quWSOrJYyW8if9Gvhw0GEAwcw5OfphLdrkA
DKcFyPIufVxiTkQXH+V61Ict00EQCXFrqXXCjTgWBfIKxSZyZbwKYvXoLNqGOdSh
Gkbg9iq82QZTq36SlaBasD8Ey2RaL3xJOqaFYSz44vEA9tH1OO7mHJcZVn0Dk62U
Qe6lapl5xj/5FNNU/F7CCvWeXlxfyd3r/2qfwDxwXDVnXmhK65os2A4RfWyZ7hNd
xMCnM50k9E2n5eSDHd3ctDHf+OBO6i7I/eo26/PAu/Kn
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:03 2025 by rpki-client