Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/ufUXe8wr36oTjb87RXRo1N4nevI.roa
File: ufUXe8wr36oTjb87RXRo1N4nevI.roa (raw, json)
Hash identifier: VqZjdhBI38BuTglvYKT26PGjAXpge1pQvzl5n/zi2z4=
Subject key identifier: B9:F5:17:7B:CC:2B:DF:AA:13:8D:BF:3B:45:74:68:D4:DE:27:7A:F2
Certificate issuer: /CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
Certificate serial: 2635DFED
Authority key identifier: 65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/ufUXe8wr36oTjb87RXRo1N4nevI.roa
Signing time: Sat 01 Jan 2022 07:02:53 +0000
ROA not before: Sat 01 Jan 2022 07:02:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197595
IP address blocks: 2a02:20c8:4750::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 641064941 (0x2635dfed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
Validity
Not Before: Jan 1 07:02:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b9f5177bcc2bdfaa138dbf3b457468d4de277af2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:13:54:e7:b0:cf:0a:cc:4c:24:fa:bd:06:50:
db:fa:be:3b:8f:60:ec:be:a1:b8:48:b9:e4:d2:1f:
a5:6b:e4:d6:6f:dd:8c:93:91:ea:3c:a7:b2:ed:41:
0e:b3:83:2c:45:c1:fa:e2:32:ea:72:bb:07:c9:89:
6f:c0:63:15:1c:cc:a7:48:8b:27:64:e5:3f:05:3a:
d3:fc:cc:92:15:e6:97:90:08:e9:7f:fa:2e:71:58:
2c:93:32:5a:41:1f:b1:7c:20:ec:ff:4e:fe:0c:15:
ff:ed:db:18:11:fe:33:6f:58:a6:e7:cb:79:f9:e8:
30:b5:1c:71:ea:96:70:c7:e0:d1:f8:fa:63:70:86:
76:d5:b1:1e:bd:30:16:da:12:46:c2:10:f8:11:85:
de:15:27:89:b1:ab:0f:3e:44:53:65:82:85:a1:11:
d6:ef:e3:9c:73:3c:29:9a:09:1e:e3:cf:97:64:84:
e7:5b:46:6c:75:98:8c:82:d4:88:67:a8:e7:95:82:
3b:19:86:ef:5e:7e:37:c1:ef:a3:35:ec:67:c6:93:
92:ce:4f:17:4d:c3:4a:54:67:f4:84:3c:e3:56:96:
59:10:38:8c:70:64:25:2c:6c:b9:6a:ff:11:5c:df:
eb:aa:0c:39:1d:e2:83:8f:b3:19:c2:7d:c3:0f:60:
95:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:F5:17:7B:CC:2B:DF:AA:13:8D:BF:3B:45:74:68:D4:DE:27:7A:F2
X509v3 Authority Key Identifier:
keyid:65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/ufUXe8wr36oTjb87RXRo1N4nevI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/Zb3P93vwYNXaEt5F4gcuHP9FYKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:20c8:4750::/48
Signature Algorithm: sha256WithRSAEncryption
36:2c:6e:ce:ca:c0:7c:9c:77:af:79:bf:01:19:e5:63:24:05:
7c:34:6a:ea:a3:3e:c6:81:ac:86:0f:6d:6f:c4:e3:4d:82:e4:
45:8a:eb:c2:a6:f5:a7:12:aa:6b:43:2b:d6:65:fa:86:6f:2e:
d6:5a:96:09:4c:8a:bd:54:a0:6b:f3:bb:03:7d:ea:e2:db:bc:
f9:79:12:f3:12:45:c5:a3:1c:af:5e:f2:bc:eb:92:81:e8:21:
8e:ff:6c:1a:b3:97:e2:35:63:4e:19:5e:b4:05:b5:15:c9:01:
c7:cc:79:79:f3:0d:2e:2a:6f:9a:9c:3c:e2:d8:27:ef:c6:a4:
bc:bd:46:eb:b6:fd:3a:b6:71:6b:4b:5f:95:21:e3:c4:70:74:
84:a3:7f:b2:0b:dc:24:3f:4f:33:a8:ba:94:77:47:42:d7:3b:
44:82:c9:d8:25:31:97:0e:e8:35:0f:4d:d6:65:f6:17:3c:32:
e9:91:9e:d5:1e:f9:62:f4:23:02:4d:06:4c:6a:f9:1f:e6:23:
18:95:0f:3b:4b:66:c5:92:0f:d5:7c:99:fe:7f:6a:bd:70:d1:
08:8c:2a:94:74:9a:c2:2c:ab:13:d2:98:96:93:e4:6d:36:6b:
0b:8e:8e:e9:e7:22:92:81:7d:b7:0a:cc:20:6d:ec:3c:07:a6:
1e:5a:08:6c
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEJjXf7TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NWJkY2ZmNzdiZjA2MGQ1ZGExMmRlNDVlMjA3MmUxY2ZmNDU2MGE3MB4XDTIyMDEw
MTA3MDI1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjlmNTE3N2JjYzJi
ZGZhYTEzOGRiZjNiNDU3NDY4ZDRkZTI3N2FmMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ8TVOewzwrMTCT6vQZQ2/q+O49g7L6huEi55NIfpWvk1m/d
jJOR6jynsu1BDrODLEXB+uIy6nK7B8mJb8BjFRzMp0iLJ2TlPwU60/zMkhXml5AI
6X/6LnFYLJMyWkEfsXwg7P9O/gwV/+3bGBH+M29YpufLefnoMLUcceqWcMfg0fj6
Y3CGdtWxHr0wFtoSRsIQ+BGF3hUnibGrDz5EU2WChaER1u/jnHM8KZoJHuPPl2SE
51tGbHWYjILUiGeo55WCOxmG715+N8HvozXsZ8aTks5PF03DSlRn9IQ841aWWRA4
jHBkJSxsuWr/EVzf66oMOR3ig4+zGcJ9ww9glUsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBS59Rd7zCvfqhONvztFdGjU3id68jAfBgNVHSMEGDAWgBRlvc/3e/Bg1doS
3kXiBy4c/0VgpzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1piM1A5M3Z3WU5YYUV0NUY0Z2N1SFA5RllLYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzEvMTk1ZjNkLWE4NTEtNDU1YS05YjBmLWQ3MGNkOTdmNDg1Ny8x
L3VmVVhlOHdyMzZvVGpiODdSWFJvMU40bmV2SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzEv
MTk1ZjNkLWE4NTEtNDU1YS05YjBmLWQ3MGNkOTdmNDg1Ny8xL1piM1A5M3Z3WU5Y
YUV0NUY0Z2N1SFA5RllLYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoCIMhHUDANBgkqhkiG9w0BAQsF
AAOCAQEANixuzsrAfJx3r3m/ARnlYyQFfDRq6qM+xoGshg9tb8TjTYLkRYrrwqb1
pxKqa0Mr1mX6hm8u1lqWCUyKvVSga/O7A33q4tu8+XkS8xJFxaMcr17yvOuSgegh
jv9sGrOX4jVjThletAW1FckBx8x5efMNLipvmpw84tgn78akvL1G67b9OrZxa0tf
lSHjxHB0hKN/sgvcJD9PM6i6lHdHQtc7RILJ2CUxlw7oNQ9N1mX2Fzwy6ZGe1R75
YvQjAk0GTGr5H+YjGJUPO0tmxZIP1XyZ/n9qvXDRCIwqlHSawiyrE9KYlpPkbTZr
C46O6ecikoF9twrMIG3sPAemHloIbA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:12 2025 by rpki-client