Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/uAlaqp2_z14L4WxC0wj8B_BDQAA.roa
File: uAlaqp2_z14L4WxC0wj8B_BDQAA.roa (raw, json)
Hash identifier: AXfawO1oo1PytQ0HbmY/sElpuq5gJ5hR7ho0CwZMU18=
Subject key identifier: B8:09:5A:AA:9D:BF:CF:5E:0B:E1:6C:42:D3:08:FC:07:F0:43:40:00
Certificate issuer: /CN=3bfa6636fe6440acf293b75705a7a1dcada8420b
Certificate serial: 0185715E97507CB55388928DB0FC545B4E55
Authority key identifier: 3B:FA:66:36:FE:64:40:AC:F2:93:B7:57:05:A7:A1:DC:AD:A8:42:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O_pmNv5kQKzyk7dXBaeh3K2oQgs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/uAlaqp2_z14L4WxC0wj8B_BDQAA.roa
Signing time: Mon 02 Jan 2023 07:25:02 +0000
ROA not before: Mon 02 Jan 2023 07:25:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208062
IP address blocks: 149.3.188.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:5e:97:50:7c:b5:53:88:92:8d:b0:fc:54:5b:4e:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bfa6636fe6440acf293b75705a7a1dcada8420b
Validity
Not Before: Jan 2 07:25:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8095aaa9dbfcf5e0be16c42d308fc07f0434000
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:b7:bf:84:48:f2:52:72:c0:1d:0e:be:1e:d3:
d4:23:49:72:1d:47:14:22:f0:41:f1:ca:60:a9:64:
a7:1f:56:31:e8:c2:bf:93:84:07:5e:5a:e2:9e:a6:
40:73:f1:90:cf:f3:ae:a0:ef:4a:13:98:b0:47:22:
6d:5f:d6:60:19:ea:d4:09:7d:9b:56:1b:97:8a:0f:
ea:7a:ca:88:84:58:a8:63:39:b1:71:26:58:8a:e6:
88:a4:16:83:ff:d4:4d:ae:f4:42:62:ca:47:9f:dc:
4b:f4:9a:7a:84:ba:3f:5c:b1:fa:be:29:8b:ba:89:
a2:ff:21:1e:b1:a7:cf:5a:f8:45:40:06:9b:dd:21:
88:b5:37:93:b6:f8:13:6d:10:71:e6:9b:73:d5:6c:
98:ea:57:c5:48:df:81:13:c0:37:db:dc:96:59:0c:
59:08:b2:4b:bf:32:8c:95:37:7c:fd:c9:0a:6f:03:
41:0f:21:67:d1:8f:24:60:49:b8:c8:d2:20:1b:20:
7d:b1:82:68:f2:f9:4f:62:af:cb:69:ed:7e:f3:a6:
86:23:08:4f:3f:3c:6c:49:ac:5d:ce:87:83:63:56:
e0:d1:ca:d5:e3:d1:ae:98:54:bd:d2:a7:be:be:e4:
5e:e8:09:bf:0b:ea:72:ee:4c:f8:b0:4c:f8:5b:8c:
ce:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:09:5A:AA:9D:BF:CF:5E:0B:E1:6C:42:D3:08:FC:07:F0:43:40:00
X509v3 Authority Key Identifier:
keyid:3B:FA:66:36:FE:64:40:AC:F2:93:B7:57:05:A7:A1:DC:AD:A8:42:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O_pmNv5kQKzyk7dXBaeh3K2oQgs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/uAlaqp2_z14L4WxC0wj8B_BDQAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/O_pmNv5kQKzyk7dXBaeh3K2oQgs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.3.188.0/24
Signature Algorithm: sha256WithRSAEncryption
01:3a:f4:ca:95:9a:0c:c7:17:7f:ca:2c:75:a4:da:f4:0b:c6:
0e:1a:d7:2d:6b:4f:7c:3c:a8:bc:7e:b9:a8:35:6b:3f:3b:2c:
9c:c1:d6:77:e2:e2:c8:e7:28:8b:77:08:f7:ff:58:cd:8b:27:
5c:e4:2e:bc:d0:ab:32:eb:30:2e:6a:ec:5b:9d:bf:31:eb:c9:
11:3b:df:fd:2d:a0:7c:1f:3a:53:d9:5c:41:dc:44:6c:5f:8d:
c7:f5:82:f3:12:5a:61:0d:fe:ee:75:2a:fc:93:1d:0f:c9:56:
bb:31:fc:e6:3d:86:5a:8f:89:8b:20:c2:ee:40:43:17:c6:a2:
04:04:89:3a:9a:cc:7b:4a:ef:fb:f6:7e:65:8c:12:8f:e9:6a:
26:f4:91:e3:60:32:af:28:b1:f0:49:cf:19:ab:8f:8b:93:cb:
56:48:9e:cf:72:8e:27:f8:bc:e2:18:27:7b:6a:84:c5:d6:9a:
8a:c0:4d:9d:78:0a:c8:ad:ea:7a:04:91:86:8c:c2:99:cd:0c:
52:46:6f:7c:0b:74:27:40:e4:28:bf:c4:68:f0:86:4f:ff:5e:
61:48:9d:40:45:b2:66:13:81:fb:b5:fe:54:f7:a6:96:1b:98:
b0:fd:85:d3:69:e5:d5:8b:28:20:1b:3a:34:7a:03:27:ce:a7:
8d:82:b9:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxXpdQfLVTiJKNsPxUW05VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZmE2NjM2ZmU2NDQwYWNmMjkzYjc1NzA1YTdhMWRjYWRh
ODQyMGIwHhcNMjMwMTAyMDcyNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODA5NWFhYTlkYmZjZjVlMGJlMTZjNDJkMzA4ZmMwN2YwNDM0MDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLe/hEjyUnLAHQ6+HtPUI0lyHUcU
IvBB8cpgqWSnH1Yx6MK/k4QHXlrinqZAc/GQz/OuoO9KE5iwRyJtX9ZgGerUCX2b
VhuXig/qesqIhFioYzmxcSZYiuaIpBaD/9RNrvRCYspHn9xL9Jp6hLo/XLH6vimL
uomi/yEesafPWvhFQAab3SGItTeTtvgTbRBx5ptz1WyY6lfFSN+BE8A329yWWQxZ
CLJLvzKMlTd8/ckKbwNBDyFn0Y8kYEm4yNIgGyB9sYJo8vlPYq/Lae1+86aGIwhP
PzxsSaxdzoeDY1bg0crV49GumFS90qe+vuRe6Am/C+py7kz4sEz4W4zO1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLgJWqqdv89eC+FsQtMI/AfwQ0AAMB8GA1UdIwQY
MBaAFDv6Zjb+ZECs8pO3VwWnodytqEILMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT19wbU52NWtRS3p5azdkWEJhZWgzSzJvUWdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hNDdjZGYtZDIxYi00ZjFkLTg5MDEt
OTJlYzUxNWM1OTVhLzEvdUFsYXFwMl96MTRMNFd4QzB3ajhCX0JEUUFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hNDdjZGYtZDIxYi00ZjFkLTg5MDEtOTJlYzUxNWM1OTVh
LzEvT19wbU52NWtRS3p5azdkWEJhZWgzSzJvUWdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAlQO8MA0G
CSqGSIb3DQEBCwUAA4IBAQABOvTKlZoMxxd/yix1pNr0C8YOGtcta098PKi8frmo
NWs/OyycwdZ34uLI5yiLdwj3/1jNiydc5C680Ksy6zAuauxbnb8x68kRO9/9LaB8
HzpT2VxB3ERsX43H9YLzElphDf7udSr8kx0PyVa7MfzmPYZaj4mLIMLuQEMXxqIE
BIk6msx7Su/79n5ljBKP6Wom9JHjYDKvKLHwSc8Zq4+Lk8tWSJ7Pco4n+LziGCd7
aoTF1pqKwE2deArIrep6BJGGjMKZzQxSRm98C3QnQOQov8Ro8IZP/15hSJ1ARbJm
E4H7tf5U96aWG5iw/YXTaeXViyggGzo0egMnzqeNgrmX
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:44 2025 by rpki-client