Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/uvQ1Z9ldfVTzrcKVFyhHuRVXzSk.roa
File: uvQ1Z9ldfVTzrcKVFyhHuRVXzSk.roa (raw, json)
Hash identifier: 1llwSZ4V9qxZK1KUNaE64iPSlU7/doH8ReaQKk8C7Jc=
Subject key identifier: BA:F4:35:67:D9:5D:7D:54:F3:AD:C2:95:17:28:47:B9:15:57:CD:29
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 01856E41D2C1579264FFB9A160C67BD87DD7
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/uvQ1Z9ldfVTzrcKVFyhHuRVXzSk.roa
Signing time: Sun 01 Jan 2023 16:54:45 +0000
ROA not before: Sun 01 Jan 2023 16:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34358
IP address blocks: 188.212.111.0/24 maxlen: 24
91.250.247.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:41:d2:c1:57:92:64:ff:b9:a1:60:c6:7b:d8:7d:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 16:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=baf43567d95d7d54f3adc295172847b91557cd29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:3e:e1:f8:43:5e:b2:9c:34:24:c5:d0:3b:8a:
dc:38:07:a2:de:3a:6e:05:54:f1:a0:fc:e1:68:3f:
eb:4e:e9:2e:bf:6c:67:87:07:58:1b:13:6c:1b:29:
f8:f2:a8:02:7f:2c:36:f2:2d:4a:3d:c9:54:62:04:
86:48:cf:4c:0e:3c:3e:99:e2:e5:60:89:ca:3b:f9:
f6:d0:75:77:22:d0:31:12:6e:d1:8c:d1:5d:37:d2:
f4:07:15:11:0e:f2:c6:51:12:d3:45:24:b3:b4:1a:
0f:21:5d:b5:38:a9:bf:e0:cf:89:98:5e:02:54:e4:
ba:19:53:1b:ef:e4:c6:d1:4e:12:cd:ec:97:06:5d:
49:cf:9a:09:14:63:0e:fe:fd:0b:5b:4e:e8:2f:dc:
5e:57:69:d9:3c:58:1b:06:03:ec:85:da:97:8c:2c:
31:89:27:27:5f:cf:96:1b:08:56:68:fa:96:e5:1c:
a6:8c:83:69:08:24:c7:dc:fa:fc:95:17:f2:3b:93:
44:f6:ad:5d:35:58:40:d8:09:aa:16:da:7a:b2:7f:
4b:b1:2e:29:d5:8d:ee:3d:a3:02:a0:53:d9:1d:9c:
c4:3d:ee:8f:a1:a6:e6:ec:42:e3:e1:ef:f2:ab:26:
c9:10:99:3f:05:49:93:23:01:e7:ca:42:02:36:80:
05:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:F4:35:67:D9:5D:7D:54:F3:AD:C2:95:17:28:47:B9:15:57:CD:29
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/uvQ1Z9ldfVTzrcKVFyhHuRVXzSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.250.247.0/24
188.212.111.0/24
Signature Algorithm: sha256WithRSAEncryption
45:23:72:33:e6:9a:71:c7:f1:db:4f:73:c2:25:40:b6:15:e2:
31:93:2b:dc:95:e5:13:ee:6a:05:e1:44:c6:cc:6f:82:d5:1c:
90:8f:56:71:e4:9a:8b:e8:d2:f0:1e:e4:69:4d:7c:eb:04:b2:
b0:ca:6b:bd:3f:df:66:f1:e6:fd:c5:a2:1b:f9:df:9c:a7:bc:
21:6e:aa:30:b8:7d:4d:8e:3c:32:bf:11:4f:fa:a9:3b:6c:20:
44:8a:c9:59:26:78:3c:52:f6:70:2e:ca:15:cf:88:66:9f:60:
a5:5f:aa:c6:4f:8d:5e:79:c7:0b:ca:79:74:c4:62:69:54:bf:
fb:f9:f4:3a:bb:90:02:7d:63:df:21:92:a0:f0:71:bd:ab:7e:
6f:2e:5c:0c:85:27:ba:bf:6c:88:e6:0b:ca:b2:61:58:aa:e8:
65:40:d9:9f:19:bb:33:12:ad:2c:c1:9c:75:c9:d3:9e:2a:76:
e1:3e:60:19:ff:00:84:aa:90:6d:8c:9e:f1:3c:24:82:c9:5a:
d5:e3:cd:63:2f:38:d1:a0:87:00:fe:7e:b6:d9:8c:2e:23:bd:
4b:09:4f:bf:93:92:39:19:52:cd:7e:67:ff:0c:f8:e4:f0:78:
f1:46:bc:44:1b:eb:5b:89:df:08:67:34:01:1a:0b:0f:bb:6c:
18:bc:c1:d6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuQdLBV5Jk/7mhYMZ72H3XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjMwMTAxMTY1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWY0MzU2N2Q5NWQ3ZDU0ZjNhZGMyOTUxNzI4NDdiOTE1NTdjZDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoz7h+ENespw0JMXQO4rcOAei3jpu
BVTxoPzhaD/rTukuv2xnhwdYGxNsGyn48qgCfyw28i1KPclUYgSGSM9MDjw+meLl
YInKO/n20HV3ItAxEm7RjNFdN9L0BxURDvLGURLTRSSztBoPIV21OKm/4M+JmF4C
VOS6GVMb7+TG0U4SzeyXBl1Jz5oJFGMO/v0LW07oL9xeV2nZPFgbBgPshdqXjCwx
iScnX8+WGwhWaPqW5RymjINpCCTH3Pr8lRfyO5NE9q1dNVhA2AmqFtp6sn9LsS4p
1Y3uPaMCoFPZHZzEPe6Poabm7ELj4e/yqybJEJk/BUmTIwHnykICNoAFPQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLr0NWfZXX1U863ClRcoR7kVV80pMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvdXZRMVo5bGRmVlR6cmNLVkZ5aEh1UlZYelNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW/r3AwQA
vNRvMA0GCSqGSIb3DQEBCwUAA4IBAQBFI3Iz5ppxx/HbT3PCJUC2FeIxkyvcleUT
7moF4UTGzG+C1RyQj1Zx5JqL6NLwHuRpTXzrBLKwymu9P99m8eb9xaIb+d+cp7wh
bqowuH1NjjwyvxFP+qk7bCBEislZJng8UvZwLsoVz4hmn2ClX6rGT41eeccLynl0
xGJpVL/7+fQ6u5ACfWPfIZKg8HG9q35vLlwMhSe6v2yI5gvKsmFYquhlQNmfGbsz
Eq0swZx1ydOeKnbhPmAZ/wCEqpBtjJ7xPCSCyVrV481jLzjRoIcA/n622YwuI71L
CU+/k5I5GVLNfmf/DPjk8HjxRrxEG+tbid8IZzQBGgsPu2wYvMHW
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:45 2025 by rpki-client