Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/UNmFiFAaTPhE4dJ9xxCC-oFtbLA.roa
File: UNmFiFAaTPhE4dJ9xxCC-oFtbLA.roa (raw, json)
Hash identifier: jQjqhjOP/zFYuFRhFRbH757b3oNxL3QXz9J+c4bdmuY=
Subject key identifier: 50:D9:85:88:50:1A:4C:F8:44:E1:D2:7D:C7:10:82:FA:81:6D:6C:B0
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 0183FA8FC515934F74085A49E0C40BA40A7B
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/UNmFiFAaTPhE4dJ9xxCC-oFtbLA.roa
Signing time: Fri 21 Oct 2022 12:41:09 +0000
ROA not before: Fri 21 Oct 2022 12:41:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29577
IP address blocks: 81.12.0.0/22 maxlen: 24
87.107.104.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:fa:8f:c5:15:93:4f:74:08:5a:49:e0:c4:0b:a4:0a:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Oct 21 12:41:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=50d98588501a4cf844e1d27dc71082fa816d6cb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:13:26:76:75:07:09:2c:c0:af:ae:05:6c:88:
3e:fc:e5:db:ba:88:cb:aa:01:f3:a9:ad:ca:87:d2:
86:c0:db:08:bc:22:64:cf:50:cc:a9:ab:d0:58:f6:
a1:68:65:3c:80:21:54:50:2e:77:dd:d7:9c:28:39:
8f:53:a7:dd:b8:be:f5:ab:dc:95:f1:05:ca:66:a9:
4d:4d:27:98:75:40:1e:6e:c2:c6:a0:a3:36:ad:f3:
ae:e3:bb:ca:e2:c7:13:80:96:b2:70:84:67:74:0c:
65:33:04:bc:b2:26:1c:df:51:cc:cb:2c:31:14:26:
d8:c5:8e:25:66:dc:03:13:8f:e8:ef:67:0a:4a:80:
d5:05:d0:ec:b9:42:1c:96:4e:df:4d:8b:fe:b9:dc:
22:bb:14:b5:b4:d4:21:5d:b7:8c:49:cc:ff:d8:00:
ad:ce:9e:4d:09:ed:75:e5:a6:3e:47:9b:27:1c:1b:
81:b4:47:f9:81:09:03:08:b9:24:74:6c:6d:1a:da:
89:84:aa:2f:c5:06:85:83:55:73:bf:b8:94:27:6f:
8d:e2:1a:f9:5b:ab:4d:17:f3:7c:a8:fb:06:6c:51:
ee:e6:fd:9a:60:4a:80:87:cb:d5:79:6d:51:13:6f:
2d:f2:13:12:e2:7a:5e:69:36:37:06:5b:52:56:04:
fa:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:D9:85:88:50:1A:4C:F8:44:E1:D2:7D:C7:10:82:FA:81:6D:6C:B0
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/UNmFiFAaTPhE4dJ9xxCC-oFtbLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.12.0.0/22
87.107.104.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:fc:86:cd:e6:1e:f3:95:1a:28:c0:56:f9:e7:f8:ab:fc:f1:
fa:7a:6b:88:bb:54:ae:30:2e:60:f8:66:99:cc:85:c2:31:ac:
80:5d:fb:4b:fc:76:03:fa:07:38:f7:d9:d8:71:be:22:ce:74:
b0:16:b9:c6:6e:f3:a0:e1:54:38:dc:8e:07:28:7d:44:c5:95:
ac:ce:ce:0f:58:11:26:f3:16:f8:f7:18:d8:35:b5:7f:df:dc:
01:f4:83:23:a0:01:94:aa:6d:1e:64:93:63:26:61:e8:65:91:
4a:35:38:5a:6f:92:03:10:24:f2:d1:81:6b:39:ab:8a:ef:ac:
8c:27:7e:8d:df:cb:b0:a0:a6:8d:d4:d6:14:a7:62:5e:87:51:
ee:b9:64:b0:63:08:6d:09:d3:a6:2a:a8:ce:7e:2b:19:47:dc:
77:be:e1:20:f1:dc:9b:9f:94:7b:2c:85:c6:e9:c2:ea:a6:e0:
c7:c6:64:91:a1:e3:7d:34:71:e0:ca:31:b2:3d:7b:2a:bb:0c:
42:35:64:d2:ab:0e:d9:d0:24:c3:d9:9f:61:00:47:b2:6c:65:
27:e2:9e:f2:7b:90:da:fa:d3:80:1f:1e:14:cb:ad:c7:84:25:
f7:86:9c:8b:63:25:62:ef:33:f6:db:22:3c:be:27:5a:5a:55:
6f:3d:53:9f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYP6j8UVk090CFpJ4MQLpAp7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjIxMDIxMTI0MTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGQ5ODU4ODUwMWE0Y2Y4NDRlMWQyN2RjNzEwODJmYTgxNmQ2Y2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBMmdnUHCSzAr64FbIg+/OXbuojL
qgHzqa3Kh9KGwNsIvCJkz1DMqavQWPahaGU8gCFUUC533decKDmPU6fduL71q9yV
8QXKZqlNTSeYdUAebsLGoKM2rfOu47vK4scTgJaycIRndAxlMwS8siYc31HMyywx
FCbYxY4lZtwDE4/o72cKSoDVBdDsuUIclk7fTYv+udwiuxS1tNQhXbeMScz/2ACt
zp5NCe115aY+R5snHBuBtEf5gQkDCLkkdGxtGtqJhKovxQaFg1Vzv7iUJ2+N4hr5
W6tNF/N8qPsGbFHu5v2aYEqAh8vVeW1RE28t8hMS4npeaTY3BltSVgT60QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFDZhYhQGkz4ROHSfccQgvqBbWywMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvVU5tRmlGQWFUUGhFNGRKOXh4Q0Mtb0Z0YkxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCUQwAAwQA
V2toMA0GCSqGSIb3DQEBCwUAA4IBAQCf/IbN5h7zlRoowFb55/ir/PH6emuIu1Su
MC5g+GaZzIXCMayAXftL/HYD+gc499nYcb4iznSwFrnGbvOg4VQ43I4HKH1ExZWs
zs4PWBEm8xb49xjYNbV/39wB9IMjoAGUqm0eZJNjJmHoZZFKNThab5IDECTy0YFr
OauK76yMJ36N38uwoKaN1NYUp2Jeh1HuuWSwYwhtCdOmKqjOfisZR9x3vuEg8dyb
n5R7LIXG6cLqpuDHxmSRoeN9NHHgyjGyPXsquwxCNWTSqw7Z0CTD2Z9hAEeybGUn
4p7ye5Da+tOAHx4Uy63HhCX3hpyLYyVi7zP22yI8vidaWlVvPVOf
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:55 2025 by rpki-client