Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Uln8kP3fqpsc65I4wMweRaXW46I.roa
File: Uln8kP3fqpsc65I4wMweRaXW46I.roa (raw, json)
Hash identifier: DFlcug05maleMpw4jTrxU5KcSa0QDhkVfijYgtBwsNM=
Subject key identifier: 52:59:FC:90:FD:DF:AA:9B:1C:EB:92:38:C0:CC:1E:45:A5:D6:E3:A2
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0188F6FFC6C703E28A8F7AE4B88D176E5015
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Uln8kP3fqpsc65I4wMweRaXW46I.roa
Signing time: Mon 26 Jun 2023 09:18:57 +0000
ROA not before: Mon 26 Jun 2023 09:18:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 45.141.179.0/24 maxlen: 24
45.135.38.0/24 maxlen: 24
193.41.69.0/24 maxlen: 24
45.153.217.0/24 maxlen: 24
194.41.8.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:f6:ff:c6:c7:03:e2:8a:8f:7a:e4:b8:8d:17:6e:50:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jun 26 09:18:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5259fc90fddfaa9b1ceb9238c0cc1e45a5d6e3a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:96:f9:4e:06:1e:23:17:72:e9:3d:97:ac:2f:
63:3e:6b:5d:a6:e3:ec:a2:21:5b:d6:93:e9:59:31:
3e:70:1b:ca:4c:59:96:35:04:4a:b7:34:11:41:ec:
da:b6:e6:be:0c:fd:99:c0:dc:1d:b7:e4:95:ed:21:
53:52:73:aa:09:69:a6:4e:04:b7:b2:5d:02:42:b9:
f7:97:fd:df:6c:31:8f:96:34:be:06:00:4e:a9:62:
5e:3d:6a:5c:e7:46:88:1c:94:69:20:44:ed:dd:69:
77:6f:21:24:bc:ea:07:8e:51:3d:56:e0:58:68:59:
68:dd:c7:fd:04:2f:a9:c5:bb:78:45:5d:36:71:89:
9d:09:8d:7b:0a:7a:dc:e1:bf:23:0c:22:47:df:94:
2b:7e:7a:78:ad:b3:5d:19:62:7f:52:bc:64:6f:d4:
4a:e7:c0:0d:23:0e:01:a4:12:d6:38:20:4d:28:02:
76:1e:72:61:a0:6d:2b:6b:01:d8:6e:ef:dc:7f:bc:
34:d3:bc:94:02:b4:64:7f:ae:0b:32:8c:c8:9b:af:
1b:c4:7f:48:0c:45:29:2e:2f:4f:4c:11:01:a4:16:
aa:c4:2a:19:e6:35:17:c8:2e:3f:83:e4:c8:d6:4f:
9f:ec:74:40:45:f3:c4:79:d9:b6:27:44:3d:ea:09:
14:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:59:FC:90:FD:DF:AA:9B:1C:EB:92:38:C0:CC:1E:45:A5:D6:E3:A2
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Uln8kP3fqpsc65I4wMweRaXW46I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.38.0/24
45.141.179.0/24
45.153.217.0/24
193.41.69.0/24
194.41.8.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:f1:0e:b8:b3:78:7b:76:91:98:e4:d6:04:46:8e:53:73:1a:
47:fe:43:e0:4d:d5:de:2c:d7:d6:cf:a6:e2:1c:1c:f8:90:03:
f1:d8:dc:b9:43:3d:57:b3:37:ca:cf:36:ec:83:17:e3:ab:b6:
ad:78:3e:e9:a5:63:2f:61:a5:83:a7:78:d6:a3:73:34:fa:75:
c8:65:40:76:26:59:ab:f3:ec:0c:ba:11:5e:e9:00:9c:b9:c4:
1e:05:46:01:e0:ef:de:39:0e:36:3e:7a:f8:81:e5:94:65:16:
5f:3d:2c:ee:16:72:c8:d7:88:dd:5c:d7:8b:1f:08:3f:a7:3e:
d7:f5:1d:df:1b:cf:3e:07:d2:38:d5:f8:67:aa:95:4d:ad:0f:
bc:18:82:77:c2:0f:32:9b:bb:fc:44:d8:72:6a:65:13:7a:83:
70:c3:25:0b:29:54:19:43:a5:fd:e7:40:00:ff:60:0f:44:7c:
8d:23:10:2a:35:2d:57:49:9a:c0:45:11:40:6a:9b:c0:db:47:
45:d7:bf:46:54:24:83:6a:eb:5d:f4:47:b8:04:77:28:e4:4d:
2e:b3:9d:d7:f7:5b:68:6b:b7:af:7a:fe:52:9a:ac:1d:0d:98:
78:51:96:88:6e:63:02:b2:77:75:ea:65:ba:9c:bd:a5:f9:f0:
b4:4f:10:af
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYj2/8bHA+KKj3rkuI0XblAVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwNjI2MDkxODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjU5ZmM5MGZkZGZhYTliMWNlYjkyMzhjMGNjMWU0NWE1ZDZlM2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJb5TgYeIxdy6T2XrC9jPmtdpuPs
oiFb1pPpWTE+cBvKTFmWNQRKtzQRQezatua+DP2ZwNwdt+SV7SFTUnOqCWmmTgS3
sl0CQrn3l/3fbDGPljS+BgBOqWJePWpc50aIHJRpIETt3Wl3byEkvOoHjlE9VuBY
aFlo3cf9BC+pxbt4RV02cYmdCY17Cnrc4b8jDCJH35Qrfnp4rbNdGWJ/Urxkb9RK
58ANIw4BpBLWOCBNKAJ2HnJhoG0rawHYbu/cf7w007yUArRkf64LMozIm68bxH9I
DEUpLi9PTBEBpBaqxCoZ5jUXyC4/g+TI1k+f7HRARfPEedm2J0Q96gkUfQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFJZ/JD936qbHOuSOMDMHkWl1uOiMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvVWxuOGtQM2ZxcHNjNjVJNHdNd2VSYVhXNDZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALYcmAwQA
LY2zAwQALZnZAwQAwSlFAwQAwikIMA0GCSqGSIb3DQEBCwUAA4IBAQCz8Q64s3h7
dpGY5NYERo5TcxpH/kPgTdXeLNfWz6biHBz4kAPx2Ny5Qz1XszfKzzbsgxfjq7at
eD7ppWMvYaWDp3jWo3M0+nXIZUB2Jlmr8+wMuhFe6QCcucQeBUYB4O/eOQ42Pnr4
geWUZRZfPSzuFnLI14jdXNeLHwg/pz7X9R3fG88+B9I41fhnqpVNrQ+8GIJ3wg8y
m7v8RNhyamUTeoNwwyULKVQZQ6X950AA/2APRHyNIxAqNS1XSZrARRFAapvA20dF
179GVCSDautd9Ee4BHco5E0us53X91toa7evev5SmqwdDZh4UZaIbmMCsnd16mW6
nL2l+fC0TxCv
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:00:50 2025 by rpki-client