Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/uuPCrc_Rehdhjj8_5a76QMIJWRE.roa
File: uuPCrc_Rehdhjj8_5a76QMIJWRE.roa (raw, json)
Hash identifier: nOcEMeq+BF1/zoZ4H9taO+G0t/y01WqBbHUK2DwwIP4=
Subject key identifier: BA:E3:C2:AD:CF:D1:7A:17:61:8E:3F:3F:E5:AE:FA:40:C2:09:59:11
Certificate issuer: /CN=c1acf260d23263a7c6bb6c59c19eebc6759b60be
Certificate serial: 0185977A16058CE14548FADA58BB00390D7E
Authority key identifier: C1:AC:F2:60:D2:32:63:A7:C6:BB:6C:59:C1:9E:EB:C6:75:9B:60:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wazyYNIyY6fGu2xZwZ7rxnWbYL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/uuPCrc_Rehdhjj8_5a76QMIJWRE.roa
Signing time: Mon 09 Jan 2023 17:00:38 +0000
ROA not before: Mon 09 Jan 2023 17:00:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34218
IP address blocks: 185.60.124.0/22 maxlen: 24
178.167.128.0/17 maxlen: 24
92.251.128.0/17 maxlen: 24
83.136.40.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:97:7a:16:05:8c:e1:45:48:fa:da:58:bb:00:39:0d:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1acf260d23263a7c6bb6c59c19eebc6759b60be
Validity
Not Before: Jan 9 17:00:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bae3c2adcfd17a17618e3f3fe5aefa40c2095911
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:79:80:84:0d:6f:0d:97:8b:15:01:c2:c8:4e:
d1:7b:71:2e:8a:04:8d:b5:8b:80:45:90:63:44:71:
ab:5c:59:47:95:de:4d:9d:1f:75:40:36:7c:0a:68:
da:94:8b:5c:79:4a:ef:41:6a:41:ed:e1:34:27:48:
58:40:6c:b9:38:ce:10:24:02:d6:8c:e2:00:c5:a6:
4b:58:03:d8:c9:ed:4d:78:fe:57:a5:fa:58:3c:bb:
b3:45:b8:96:f7:ae:1d:ab:17:69:a3:10:11:25:b8:
f2:9d:21:a4:26:aa:bd:0e:71:14:ae:bc:58:0f:b2:
0e:18:2c:0b:43:5b:98:ad:a7:6c:e8:94:75:cd:d1:
72:14:65:00:6a:8a:de:2b:2c:dd:73:ce:bf:dc:4a:
a2:3c:a2:97:19:68:22:d8:e9:78:b3:a1:6a:59:ca:
f4:3c:05:23:a4:6a:aa:2a:93:e3:3e:a9:29:0e:49:
60:25:25:6e:9e:e5:8c:af:fe:69:b9:23:8f:b5:41:
43:c6:1a:95:f4:c8:43:2b:37:fc:47:46:d3:04:c7:
00:66:95:4a:3f:82:1c:3c:4c:b6:4d:87:11:5c:59:
b6:08:dd:51:fb:db:57:c2:b1:8b:45:4f:aa:57:10:
b5:2d:1e:36:ea:7e:99:42:23:d2:7a:77:42:ea:14:
ad:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:E3:C2:AD:CF:D1:7A:17:61:8E:3F:3F:E5:AE:FA:40:C2:09:59:11
X509v3 Authority Key Identifier:
keyid:C1:AC:F2:60:D2:32:63:A7:C6:BB:6C:59:C1:9E:EB:C6:75:9B:60:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wazyYNIyY6fGu2xZwZ7rxnWbYL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/uuPCrc_Rehdhjj8_5a76QMIJWRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/wazyYNIyY6fGu2xZwZ7rxnWbYL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.40.0/21
92.251.128.0/17
178.167.128.0/17
185.60.124.0/22
Signature Algorithm: sha256WithRSAEncryption
70:a0:7a:28:56:6f:1c:64:69:d6:e8:2d:a3:4b:5b:29:a1:97:
1b:69:26:ce:58:43:68:18:4c:ad:94:ef:ce:de:da:bc:1c:ab:
fb:aa:19:5f:2a:01:cf:d9:f0:62:86:cd:2f:f5:34:48:cc:45:
f9:d5:70:2e:4d:ee:e1:fe:05:6a:28:5b:3a:d8:10:61:c7:1d:
ad:60:8b:d2:8d:6f:48:0c:c6:d4:ae:18:4c:dc:cd:70:48:5b:
57:39:69:02:64:da:dc:57:45:1c:6e:72:1e:7b:30:59:91:3d:
4c:1d:db:eb:64:cc:90:3f:e3:54:15:35:42:77:91:e2:8c:14:
55:90:54:6e:8f:93:59:1f:69:c4:31:98:e5:84:fa:5d:b2:52:
a8:0b:cc:cf:35:de:19:87:04:20:2e:80:c3:9f:6c:36:b3:7d:
2b:be:82:03:a4:2f:6e:e1:45:e1:1b:1c:a5:49:a5:6e:b0:0d:
f8:9a:e0:28:64:85:8b:2e:1c:db:8c:a9:f0:12:39:a9:30:a0:
a7:30:14:d7:8a:d0:82:85:56:d0:58:89:d7:33:e0:68:a5:14:
19:b5:38:6c:e5:7c:24:bc:ce:27:3b:f5:28:41:9f:d9:a8:f8:
7b:59:65:52:fa:fe:8e:98:03:c7:0d:06:18:31:65:c4:66:a7:
2a:a3:47:ad
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYWXehYFjOFFSPraWLsAOQ1+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYWNmMjYwZDIzMjYzYTdjNmJiNmM1OWMxOWVlYmM2NzU5
YjYwYmUwHhcNMjMwMTA5MTcwMDM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWUzYzJhZGNmZDE3YTE3NjE4ZTNmM2ZlNWFlZmE0MGMyMDk1OTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXmAhA1vDZeLFQHCyE7Re3EuigSN
tYuARZBjRHGrXFlHld5NnR91QDZ8CmjalItceUrvQWpB7eE0J0hYQGy5OM4QJALW
jOIAxaZLWAPYye1NeP5XpfpYPLuzRbiW964dqxdpoxARJbjynSGkJqq9DnEUrrxY
D7IOGCwLQ1uYrads6JR1zdFyFGUAaoreKyzdc86/3EqiPKKXGWgi2Ol4s6FqWcr0
PAUjpGqqKpPjPqkpDklgJSVunuWMr/5puSOPtUFDxhqV9MhDKzf8R0bTBMcAZpVK
P4IcPEy2TYcRXFm2CN1R+9tXwrGLRU+qVxC1LR426n6ZQiPSendC6hStawIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLrjwq3P0XoXYY4/P+Wu+kDCCVkRMB8GA1UdIwQY
MBaAFMGs8mDSMmOnxrtsWcGe68Z1m2C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2F6eVlOSXlZNmZHdTJ4WndaN3J4bldiWUw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9kMGMxN2EtMTliNy00MTQyLWI5NDEt
ZmZkNjQ2ZDA1ZjY3LzEvdXVQQ3JjX1JlaGRoamo4XzVhNzZRTUlKV1JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9kMGMxN2EtMTliNy00MTQyLWI5NDEtZmZkNjQ2ZDA1ZjY3
LzEvd2F6eVlOSXlZNmZHdTJ4WndaN3J4bldiWUw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDU4goAwQH
XPuAAwQHsqeAAwQCuTx8MA0GCSqGSIb3DQEBCwUAA4IBAQBwoHooVm8cZGnW6C2j
S1spoZcbaSbOWENoGEytlO/O3tq8HKv7qhlfKgHP2fBihs0v9TRIzEX51XAuTe7h
/gVqKFs62BBhxx2tYIvSjW9IDMbUrhhM3M1wSFtXOWkCZNrcV0UcbnIeezBZkT1M
HdvrZMyQP+NUFTVCd5HijBRVkFRuj5NZH2nEMZjlhPpdslKoC8zPNd4ZhwQgLoDD
n2w2s30rvoIDpC9u4UXhGxylSaVusA34muAoZIWLLhzbjKnwEjmpMKCnMBTXitCC
hVbQWInXM+BopRQZtThs5XwkvM4nO/UoQZ/ZqPh7WWVS+v6OmAPHDQYYMWXEZqcq
o0et
-----END CERTIFICATE-----
Generated at Mon Apr 14 16:40:33 2025 by rpki-client