Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/UgHLCoJxCPbIEJZx72uVq1AeM2w.roa
File: UgHLCoJxCPbIEJZx72uVq1AeM2w.roa (raw, json)
Hash identifier: L+ff3Gu3n3CEqZzNabOKR73pSM6glNYpvayyJqNGvME=
Subject key identifier: 52:01:CB:0A:82:71:08:F6:C8:10:96:71:EF:6B:95:AB:50:1E:33:6C
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018949ED7BBD25566F2C54EF64289A8856BE
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/UgHLCoJxCPbIEJZx72uVq1AeM2w.roa
Signing time: Wed 12 Jul 2023 11:47:27 +0000
ROA not before: Wed 12 Jul 2023 11:47:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43641
IP address blocks: 2a13:2dc0::/29 maxlen: 29
2a13:c900::/29 maxlen: 29
2a13:d900::/29 maxlen: 29
2a13:c700::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:49:ed:7b:bd:25:56:6f:2c:54:ef:64:28:9a:88:56:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jul 12 11:47:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5201cb0a827108f6c8109671ef6b95ab501e336c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:31:56:24:52:cf:bd:72:8c:aa:2e:ae:ca:02:
83:61:6c:e3:c0:61:dd:a5:cc:8d:12:67:31:d0:df:
a1:47:ec:85:2e:2b:bf:18:c6:5d:b1:b5:c8:aa:42:
d1:19:c4:dc:4f:56:8c:78:64:db:a2:fb:8a:b4:59:
fa:40:67:46:32:1b:d2:20:db:f4:47:bc:76:9f:a4:
a3:56:a5:3d:7f:36:88:89:1c:ac:d6:52:81:51:6d:
fd:9c:f5:67:c6:00:12:2f:4e:22:1f:ad:e6:9e:53:
98:53:c7:48:00:2c:7c:7f:ad:e5:e4:4a:c3:b8:15:
e1:c2:a5:38:c8:58:d9:c7:e9:19:85:f4:c0:44:98:
a6:58:5a:80:81:8b:6c:d0:ed:22:78:a9:21:89:fc:
be:fb:74:2c:e7:f7:62:80:ba:3e:fd:d2:1b:3f:1c:
cc:18:de:35:a7:65:6a:8a:a4:31:b9:97:07:a4:80:
71:fc:35:94:b9:65:51:c3:03:19:bd:96:b6:24:6e:
bc:b9:59:22:9f:21:73:bc:07:73:47:f1:e7:e7:70:
68:6d:c0:11:0d:4e:a9:9f:09:ca:77:a2:06:4f:7b:
f5:97:87:5f:d9:74:bc:c7:b0:32:32:24:f9:f5:f2:
85:91:f6:5e:8f:88:8c:47:71:c3:84:91:7a:d7:fb:
60:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:01:CB:0A:82:71:08:F6:C8:10:96:71:EF:6B:95:AB:50:1E:33:6C
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/UgHLCoJxCPbIEJZx72uVq1AeM2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:2dc0::/29
2a13:c700::/29
2a13:c900::/29
2a13:d900::/29
Signature Algorithm: sha256WithRSAEncryption
80:ff:38:0f:72:2f:e0:44:b2:a3:80:0a:56:16:45:c6:a7:b1:
1e:a1:18:51:f6:4d:bd:46:55:45:95:27:7b:b5:10:09:e0:7a:
fe:83:49:c2:03:62:9a:6d:dd:bd:f3:ff:63:be:5d:21:72:d8:
73:8a:ff:9b:65:93:74:ad:c0:1b:d7:e3:a8:13:8e:11:c6:30:
c9:68:42:80:ae:bc:64:90:4a:d5:01:1d:5e:7c:1c:4b:a7:ba:
e1:7a:a7:d6:b9:b9:2c:0d:6d:d6:29:ab:3e:92:0c:89:8d:be:
1b:1d:06:ee:fd:0d:b0:ce:86:c4:fc:3e:b9:3c:a1:f7:5c:d5:
46:37:b6:d8:7d:1c:b7:4d:be:e1:db:43:df:f6:59:b9:06:20:
26:d5:fa:67:3e:d5:85:59:4b:66:48:e3:8c:e1:5a:3b:26:10:
47:70:18:14:39:e5:ca:36:3b:2d:f5:bf:f2:5f:e2:f3:f8:ee:
bc:d7:bc:43:7b:f5:6c:49:e4:ba:a4:8f:4e:b8:bf:ce:97:87:
61:9a:ab:da:3c:7c:5d:1f:80:8b:f5:c0:3e:cf:70:19:33:d7:
8d:36:dd:b0:78:37:39:4b:87:b9:19:5d:ea:63:47:7c:e5:39:
e8:c9:e5:78:ff:cd:6a:92:34:f5:72:04:57:c9:f2:87:59:0a:
c3:01:26:25
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYlJ7Xu9JVZvLFTvZCiaiFa+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwNzEyMTE0NzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjAxY2IwYTgyNzEwOGY2YzgxMDk2NzFlZjZiOTVhYjUwMWUzMzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjFWJFLPvXKMqi6uygKDYWzjwGHd
pcyNEmcx0N+hR+yFLiu/GMZdsbXIqkLRGcTcT1aMeGTbovuKtFn6QGdGMhvSINv0
R7x2n6SjVqU9fzaIiRys1lKBUW39nPVnxgASL04iH63mnlOYU8dIACx8f63l5ErD
uBXhwqU4yFjZx+kZhfTARJimWFqAgYts0O0ieKkhify++3Qs5/digLo+/dIbPxzM
GN41p2VqiqQxuZcHpIBx/DWUuWVRwwMZvZa2JG68uVkinyFzvAdzR/Hn53BobcAR
DU6pnwnKd6IGT3v1l4df2XS8x7AyMiT59fKFkfZej4iMR3HDhJF61/tgQwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFFIBywqCcQj2yBCWce9rlatQHjNsMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvVWdITENvSnhDUGJJRUpaeDcydVZxMUFlTTJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKhMtwAMF
AyoTxwADBQMqE8kAAwUDKhPZADANBgkqhkiG9w0BAQsFAAOCAQEAgP84D3Iv4ESy
o4AKVhZFxqexHqEYUfZNvUZVRZUne7UQCeB6/oNJwgNimm3dvfP/Y75dIXLYc4r/
m2WTdK3AG9fjqBOOEcYwyWhCgK68ZJBK1QEdXnwcS6e64Xqn1rm5LA1t1imrPpIM
iY2+Gx0G7v0NsM6GxPw+uTyh91zVRje22H0ct02+4dtD3/ZZuQYgJtX6Zz7VhVlL
ZkjjjOFaOyYQR3AYFDnlyjY7LfW/8l/i8/juvNe8Q3v1bEnkuqSPTri/zpeHYZqr
2jx8XR+Ai/XAPs9wGTPXjTbdsHg3OUuHuRld6mNHfOU56MnleP/NapI09XIEV8ny
h1kKwwEmJQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:00:57 2025 by rpki-client