Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/Um-0CTh6O9IX2psQBENdN6iI54E.roa
File: Um-0CTh6O9IX2psQBENdN6iI54E.roa (raw, json)
Hash identifier: cs19V6uHPuvJZE5nqZqmtx334vnF+kt0ea/q3upcZzU=
Subject key identifier: 52:6F:B4:09:38:7A:3B:D2:17:DA:9B:10:04:43:5D:37:A8:88:E7:81
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 17542D45
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/Um-0CTh6O9IX2psQBENdN6iI54E.roa
Signing time: Sat 01 Jan 2022 16:03:55 +0000
ROA not before: Sat 01 Jan 2022 16:03:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57746
IP address blocks: 176.223.96.0/23 maxlen: 23
176.223.96.0/22 maxlen: 22
176.223.98.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 391392581 (0x17542d45)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 16:03:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=526fb409387a3bd217da9b1004435d37a888e781
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:3c:e3:21:54:8b:4d:aa:4c:04:ba:1c:cf:fe:
d3:fb:f7:27:fc:9b:3c:07:50:d8:66:a7:ee:87:38:
7a:fb:f4:48:b1:c3:e7:86:6a:30:d5:da:c9:ac:ff:
a1:26:61:12:be:4e:d8:c3:0b:e3:f2:82:b8:0b:2c:
b9:73:89:5a:20:98:39:3a:bc:13:f1:f1:ee:9f:45:
e6:60:33:30:4d:d2:33:78:b4:18:c4:82:a9:6d:f5:
91:7d:63:1a:ad:09:1f:8d:33:79:e8:f6:01:3b:07:
64:2a:41:80:60:06:ca:cf:0a:dc:35:84:ee:ce:44:
11:87:4f:bf:35:e6:cd:ae:9a:0a:f0:bf:a0:ce:1c:
c7:2e:a2:e3:91:00:f9:14:e8:f7:28:20:7e:88:63:
8c:18:4b:53:b8:11:bb:03:47:c1:0c:dd:30:f6:94:
40:43:0d:dd:01:28:9e:7f:40:21:fc:89:0b:b3:26:
8b:1d:c7:e5:09:dd:76:d7:cb:5a:ef:08:21:8d:ab:
3a:86:94:e0:fb:84:54:f9:3c:28:72:ba:5f:d2:e0:
04:bb:7f:fd:9f:78:07:93:63:a5:c5:4b:28:8f:da:
6b:75:44:74:95:c3:e8:17:07:30:3d:3b:63:a9:f2:
02:90:5a:c8:80:1b:92:88:f4:a5:94:64:cb:bc:20:
40:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:6F:B4:09:38:7A:3B:D2:17:DA:9B:10:04:43:5D:37:A8:88:E7:81
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/Um-0CTh6O9IX2psQBENdN6iI54E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.223.96.0/22
Signature Algorithm: sha256WithRSAEncryption
20:8f:87:b2:20:bb:b2:f7:7f:c4:eb:d0:21:c1:aa:00:59:97:
63:5b:42:de:38:b3:0b:49:fe:61:0a:0c:68:95:d9:4f:f0:a5:
b3:eb:eb:23:87:b0:6a:ac:67:90:ff:c1:2d:32:d5:f0:f2:82:
ba:b2:8c:d4:0e:75:44:5f:50:c7:14:89:26:5a:8a:fd:70:08:
7e:fb:d6:fb:71:a1:f4:ac:75:dc:3a:fc:6b:a0:b1:2f:2a:e7:
18:ed:9c:1f:ce:2d:d0:b4:27:85:22:d5:98:bf:d7:ac:17:f0:
10:39:37:93:b1:39:9b:64:61:5e:58:34:55:27:f3:86:64:bd:
7b:1c:7f:65:b3:32:21:3e:fa:bf:7c:fb:57:fd:82:3d:ca:4d:
26:24:0d:ac:b6:d9:02:f3:92:02:00:74:91:d7:70:bb:fa:1e:
80:54:27:cf:62:0a:c7:2a:ab:e5:99:99:59:3b:7b:fe:69:95:
6d:50:f5:ce:82:28:60:96:71:dd:fb:cb:3c:9e:5c:2d:97:04:
24:b9:a0:4c:db:29:74:61:f1:1e:74:f9:94:4a:e3:0f:b6:26:
a7:1c:3f:ab:9c:1b:05:64:8e:3b:c5:5f:89:ce:a0:7a:44:67:
c3:f9:b7:b9:a0:c0:65:01:cd:fe:eb:04:53:d7:89:95:4f:04:
23:e6:c2:98
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEF1QtRTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZGYxMzJkZjEzZTRiZTUzZDgyNTBjOGM0ODQyMDI2NGVlZjZjMTRjMB4XDTIyMDEw
MTE2MDM1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTI2ZmI0MDkzODdh
M2JkMjE3ZGE5YjEwMDQ0MzVkMzdhODg4ZTc4MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOY84yFUi02qTAS6HM/+0/v3J/ybPAdQ2Gan7oc4evv0SLHD
54ZqMNXayaz/oSZhEr5O2MML4/KCuAssuXOJWiCYOTq8E/Hx7p9F5mAzME3SM3i0
GMSCqW31kX1jGq0JH40zeej2ATsHZCpBgGAGys8K3DWE7s5EEYdPvzXmza6aCvC/
oM4cxy6i45EA+RTo9yggfohjjBhLU7gRuwNHwQzdMPaUQEMN3QEonn9AIfyJC7Mm
ix3H5QnddtfLWu8IIY2rOoaU4PuEVPk8KHK6X9LgBLt//Z94B5NjpcVLKI/aa3VE
dJXD6BcHMD07Y6nyApBayIAbkoj0pZRky7wgQKUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRSb7QJOHo70hfamxAEQ103qIjngTAfBgNVHSMEGDAWgBR98TLfE+S+U9gl
DIxIQgJk7vbBTDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZmRXkzeFBrdmxQWUpReU1TRUlDWk83MndVdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvYzM3NDk3LTYzNzYtNDYxZS05M2M2LTk3Nzg2NzRlZGM5Ny8x
L1VtLTBDVGg2TzlJWDJwc1FCRU5kTjZpSTU0RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
YzM3NDk3LTYzNzYtNDYxZS05M2M2LTk3Nzg2NzRlZGM5Ny8xL2ZmRXkzeFBrdmxQ
WUpReU1TRUlDWk83MndVdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArDfYDANBgkqhkiG9w0BAQsFAAOC
AQEAII+HsiC7svd/xOvQIcGqAFmXY1tC3jizC0n+YQoMaJXZT/Cls+vrI4ewaqxn
kP/BLTLV8PKCurKM1A51RF9QxxSJJlqK/XAIfvvW+3Gh9Kx13Dr8a6CxLyrnGO2c
H84t0LQnhSLVmL/XrBfwEDk3k7E5m2RhXlg0VSfzhmS9exx/ZbMyIT76v3z7V/2C
PcpNJiQNrLbZAvOSAgB0kddwu/oegFQnz2IKxyqr5ZmZWTt7/mmVbVD1zoIoYJZx
3fvLPJ5cLZcEJLmgTNspdGHxHnT5lErjD7Ympxw/q5wbBWSOO8Vfic6gekRnw/m3
uaDAZQHN/usEU9eJlU8EI+bCmA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:50 2025 by rpki-client