Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/UYKKPpLJCSmUl4gZw6m550hkwPA.roa
File: UYKKPpLJCSmUl4gZw6m550hkwPA.roa (raw, json)
Hash identifier: eYFEV/ubw7reedMEFdvO785nheRkQw7b5LKwZsA7Bm0=
Subject key identifier: 51:82:8A:3E:92:C9:09:29:94:97:88:19:C3:A9:B9:E7:48:64:C0:F0
Certificate issuer: /CN=49378660f5f01923946c35d94be5ccd7d2b71051
Certificate serial: 0182E84326A937B4FCC8B7D54052D35CBCE0
Authority key identifier: 49:37:86:60:F5:F0:19:23:94:6C:35:D9:4B:E5:CC:D7:D2:B7:10:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/STeGYPXwGSOUbDXZS-XM19K3EFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/UYKKPpLJCSmUl4gZw6m550hkwPA.roa
Signing time: Mon 29 Aug 2022 06:21:31 +0000
ROA not before: Mon 29 Aug 2022 06:21:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203593
IP address blocks: 185.129.253.0/24 maxlen: 24
185.129.254.0/24 maxlen: 24
185.129.255.0/24 maxlen: 24
157.97.163.0/24 maxlen: 24
193.254.202.0/24 maxlen: 24
193.254.203.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:e8:43:26:a9:37:b4:fc:c8:b7:d5:40:52:d3:5c:bc:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49378660f5f01923946c35d94be5ccd7d2b71051
Validity
Not Before: Aug 29 06:21:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=51828a3e92c9092994978819c3a9b9e74864c0f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:7e:01:16:9a:92:d5:bd:0b:5e:02:0c:da:bc:
c4:c2:3c:8a:8e:a2:f4:59:49:34:c1:1f:de:f9:1b:
9b:ee:a1:2d:2e:b3:e2:ba:f3:fe:70:48:ec:1e:26:
59:74:6e:67:ad:31:fe:7d:8c:d3:9b:f3:39:20:3f:
b2:47:7c:97:04:a2:33:2f:9e:87:10:b0:0f:7e:e8:
61:9c:23:d2:b2:31:42:d4:5e:23:63:c1:e0:db:f5:
30:0f:43:7b:0d:f8:bd:54:28:58:d8:93:2e:f8:d4:
91:cc:5f:14:5b:fc:4d:eb:c8:2a:38:f8:ea:d8:8a:
9f:58:9c:5c:9f:4b:bd:00:ed:76:10:eb:1f:c7:8b:
24:d4:5d:81:69:35:28:08:b2:19:8e:90:a1:98:13:
b4:26:4e:10:0b:c4:b7:92:f0:0a:b6:0d:e6:86:07:
fe:b9:32:36:43:d9:74:1b:d8:63:f7:30:ab:1d:75:
5a:72:07:ae:b1:53:9d:6a:a3:73:b0:46:a8:e7:43:
01:b1:a8:9b:8a:ac:d9:9d:db:35:42:62:de:7f:60:
06:38:8c:31:40:a1:4a:8c:57:c2:af:e8:d0:8a:49:
d8:5a:4c:35:19:d8:d1:37:5f:64:c4:92:e5:14:79:
f6:02:12:2c:79:96:0e:99:f5:8b:9f:36:bc:d2:32:
35:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:82:8A:3E:92:C9:09:29:94:97:88:19:C3:A9:B9:E7:48:64:C0:F0
X509v3 Authority Key Identifier:
keyid:49:37:86:60:F5:F0:19:23:94:6C:35:D9:4B:E5:CC:D7:D2:B7:10:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/STeGYPXwGSOUbDXZS-XM19K3EFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/UYKKPpLJCSmUl4gZw6m550hkwPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/STeGYPXwGSOUbDXZS-XM19K3EFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.97.163.0/24
185.129.253.0-185.129.255.255
193.254.202.0/23
Signature Algorithm: sha256WithRSAEncryption
4f:1a:7e:19:64:4b:8a:0c:d8:71:d2:a6:53:7b:0f:b0:8b:6a:
68:4d:0b:35:4c:1f:1d:ad:a6:66:22:85:07:02:f8:f7:e0:a2:
7a:92:c9:c6:4a:63:63:1b:bb:35:c2:ca:c6:d3:c0:7d:90:36:
b9:6c:0b:92:81:32:21:92:7c:73:6b:22:b6:ff:1c:52:f2:83:
84:d3:dd:59:0e:69:52:86:cf:92:95:94:82:9e:30:fd:3d:82:
68:bb:c2:45:cd:68:04:6b:e3:cd:dc:39:bc:2d:dc:26:ff:0c:
9f:82:7e:cd:e9:ff:04:c0:b0:57:d6:2b:1a:b5:31:53:e0:c3:
2f:5d:c6:e4:20:34:e5:b7:e2:26:56:79:ea:42:24:cd:bd:39:
af:70:c7:8d:60:e0:cd:22:6d:44:bc:62:57:30:05:08:e9:5e:
29:46:6a:32:e7:a2:10:e8:da:1e:d3:f8:f9:ab:87:e0:7e:a0:
a8:be:34:9d:2a:b7:d9:4b:20:17:aa:e5:aa:7e:97:b9:ad:d5:
96:7b:eb:b1:d3:57:b5:3e:f6:8e:ca:18:04:70:a3:e7:d5:be:
11:1a:a0:9f:2d:65:fb:82:4e:c4:87:9b:6e:54:4a:84:5a:f8:
55:66:e2:1a:c5:09:5a:1e:5a:c4:cd:bf:77:d0:60:60:bc:be:
2f:31:24:89
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYLoQyapN7T8yLfVQFLTXLzgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5Mzc4NjYwZjVmMDE5MjM5NDZjMzVkOTRiZTVjY2Q3ZDJi
NzEwNTEwHhcNMjIwODI5MDYyMTMxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTgyOGEzZTkyYzkwOTI5OTQ5Nzg4MTljM2E5YjllNzQ4NjRjMGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApX4BFpqS1b0LXgIM2rzEwjyKjqL0
WUk0wR/e+Rub7qEtLrPiuvP+cEjsHiZZdG5nrTH+fYzTm/M5ID+yR3yXBKIzL56H
ELAPfuhhnCPSsjFC1F4jY8Hg2/UwD0N7Dfi9VChY2JMu+NSRzF8UW/xN68gqOPjq
2IqfWJxcn0u9AO12EOsfx4sk1F2BaTUoCLIZjpChmBO0Jk4QC8S3kvAKtg3mhgf+
uTI2Q9l0G9hj9zCrHXVacgeusVOdaqNzsEao50MBsaibiqzZnds1QmLef2AGOIwx
QKFKjFfCr+jQiknYWkw1GdjRN19kxJLlFHn2AhIseZYOmfWLnza80jI1VwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFFGCij6SyQkplJeIGcOpuedIZMDwMB8GA1UdIwQY
MBaAFEk3hmD18BkjlGw12UvlzNfStxBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1RlR1lQWHdHU09VYkRYWlMtWE0xOUszRUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8wN2NkY2YtODg3NS00NzcwLThjNzUt
NDFiNzQ1YmY1M2RiLzEvVVlLS1BwTEpDU21VbDRnWnc2bTU1MGhrd1BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8wN2NkY2YtODg3NS00NzcwLThjNzUtNDFiNzQ1YmY1M2Ri
LzEvU1RlR1lQWHdHU09VYkRYWlMtWE0xOUszRUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAATAZAwQAnWGjMAsD
BAC5gf0DAwG5gAMEAcH+yjANBgkqhkiG9w0BAQsFAAOCAQEATxp+GWRLigzYcdKm
U3sPsItqaE0LNUwfHa2mZiKFBwL49+CiepLJxkpjYxu7NcLKxtPAfZA2uWwLkoEy
IZJ8c2sitv8cUvKDhNPdWQ5pUobPkpWUgp4w/T2CaLvCRc1oBGvjzdw5vC3cJv8M
n4J+zen/BMCwV9YrGrUxU+DDL13G5CA05bfiJlZ56kIkzb05r3DHjWDgzSJtRLxi
VzAFCOleKUZqMueiEOjaHtP4+auH4H6gqL40nSq32UsgF6rlqn6Xua3VlnvrsdNX
tT72jsoYBHCj59W+ERqgny1l+4JOxIebblRKhFr4VWbiGsUJWh5axM2/d9BgYLy+
LzEkiQ==
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:36:00 2025 by rpki-client