Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/7dda4f-f0c7-4008-9ab9-dfa0b8052614/1/uQnMhBhxBy4-M1dKq2yS5mgLJOs.roa
File: uQnMhBhxBy4-M1dKq2yS5mgLJOs.roa (raw, json)
Hash identifier: g3DOajMtyI7ujfBxMg0/+k2OEGP9C1br+IzfhwZWKWw=
Subject key identifier: B9:09:CC:84:18:71:07:2E:3E:33:57:4A:AB:6C:92:E6:68:0B:24:EB
Certificate issuer: /CN=ec2e821d88de7a011341704202346f7c2bb9ebcf
Certificate serial: 01856D9415EC4554D6AA8CF2D7A280B4DE0D
Authority key identifier: EC:2E:82:1D:88:DE:7A:01:13:41:70:42:02:34:6F:7C:2B:B9:EB:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7C6CHYjeegETQXBCAjRvfCu5688.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/7dda4f-f0c7-4008-9ab9-dfa0b8052614/1/uQnMhBhxBy4-M1dKq2yS5mgLJOs.roa
Signing time: Sun 01 Jan 2023 13:44:59 +0000
ROA not before: Sun 01 Jan 2023 13:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50599
IP address blocks: 91.219.184.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:94:15:ec:45:54:d6:aa:8c:f2:d7:a2:80:b4:de:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec2e821d88de7a011341704202346f7c2bb9ebcf
Validity
Not Before: Jan 1 13:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b909cc841871072e3e33574aab6c92e6680b24eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ea:fb:23:1d:f0:5a:5c:2d:66:a7:5f:d6:15:
08:1c:e5:b4:30:76:27:63:12:b7:2f:91:86:11:2e:
bc:24:38:ca:a5:ad:87:77:7a:88:97:60:58:ec:ff:
f5:1b:61:95:79:3b:b0:5b:6c:ac:24:3c:4b:87:93:
87:29:49:a7:2d:14:bb:84:77:3b:19:e8:70:a8:18:
c0:78:c4:90:3a:a0:78:54:e8:7f:1f:e6:c9:35:bc:
7f:e9:27:5c:76:6e:3f:55:a3:51:e6:22:ca:7a:52:
27:63:d8:43:26:f4:75:c1:2f:2f:fe:d1:14:b2:76:
09:21:e8:27:7b:ca:df:82:42:6e:39:00:13:36:3e:
45:85:88:3f:f2:6e:25:d9:f8:bb:14:74:41:c7:48:
17:c3:91:f8:56:65:5f:8f:f8:19:00:1c:ab:23:b6:
19:d9:1b:52:39:2c:f5:31:c7:02:d8:bd:d4:72:61:
f6:a1:f9:81:c2:6d:e6:e5:d1:41:b7:32:53:3a:80:
7c:f8:0e:78:b1:3b:50:24:8e:2c:4b:19:53:82:77:
50:b3:8c:2e:80:fb:e0:5a:df:e3:e5:30:db:2d:5e:
66:14:a6:d4:60:22:a1:59:71:94:be:b0:44:6b:f5:
ac:ec:74:21:f1:ae:2e:02:6d:21:c2:dd:1f:38:79:
60:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:09:CC:84:18:71:07:2E:3E:33:57:4A:AB:6C:92:E6:68:0B:24:EB
X509v3 Authority Key Identifier:
keyid:EC:2E:82:1D:88:DE:7A:01:13:41:70:42:02:34:6F:7C:2B:B9:EB:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7C6CHYjeegETQXBCAjRvfCu5688.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/7dda4f-f0c7-4008-9ab9-dfa0b8052614/1/uQnMhBhxBy4-M1dKq2yS5mgLJOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/7dda4f-f0c7-4008-9ab9-dfa0b8052614/1/7C6CHYjeegETQXBCAjRvfCu5688.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.184.0/22
Signature Algorithm: sha256WithRSAEncryption
c6:76:41:fb:a5:db:94:61:b4:40:06:17:7f:34:39:12:d8:09:
e1:fb:f3:3d:ae:d0:6e:cc:ad:7b:e3:92:6b:2a:0b:89:0f:21:
c6:5b:a6:6d:74:16:48:91:eb:b1:f6:07:5c:73:d3:dc:50:4c:
df:5d:d0:c2:b1:da:13:65:34:fd:1c:84:e9:94:5a:bd:b4:6a:
b2:1a:8d:a2:bb:d8:08:0e:14:19:01:56:52:23:9d:41:52:17:
ba:8c:95:de:80:eb:08:ed:88:22:6e:e6:1b:5b:46:66:df:f5:
e0:11:5a:18:c0:aa:55:12:c1:49:c2:e1:03:b9:bf:d1:1d:91:
fb:cf:aa:83:b9:7d:03:e2:ba:b5:71:da:1e:d1:b4:af:63:95:
48:35:a4:c8:d7:54:8a:f4:8c:3c:aa:98:c7:c9:34:08:2f:26:
f8:9a:fb:50:dc:30:5e:23:28:c5:08:19:20:f6:ae:e0:4c:fe:
9d:c3:21:3a:0b:42:ae:bd:13:e3:8b:9e:1e:1a:3c:ec:87:cf:
88:c7:5b:21:92:64:23:ff:9c:d2:10:63:49:b8:47:43:42:44:
07:fe:05:a9:f8:f7:3c:37:07:b2:98:29:ba:bd:d2:ac:20:5d:
3e:1f:96:56:c0:ba:ff:b8:82:52:e1:de:9d:3d:e4:78:93:9b:
95:36:42:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtlBXsRVTWqozy16KAtN4NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjMmU4MjFkODhkZTdhMDExMzQxNzA0MjAyMzQ2ZjdjMmJi
OWViY2YwHhcNMjMwMTAxMTM0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTA5Y2M4NDE4NzEwNzJlM2UzMzU3NGFhYjZjOTJlNjY4MGIyNGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ur7Ix3wWlwtZqdf1hUIHOW0MHYn
YxK3L5GGES68JDjKpa2Hd3qIl2BY7P/1G2GVeTuwW2ysJDxLh5OHKUmnLRS7hHc7
GehwqBjAeMSQOqB4VOh/H+bJNbx/6Sdcdm4/VaNR5iLKelInY9hDJvR1wS8v/tEU
snYJIegne8rfgkJuOQATNj5FhYg/8m4l2fi7FHRBx0gXw5H4VmVfj/gZAByrI7YZ
2RtSOSz1MccC2L3UcmH2ofmBwm3m5dFBtzJTOoB8+A54sTtQJI4sSxlTgndQs4wu
gPvgWt/j5TDbLV5mFKbUYCKhWXGUvrBEa/Ws7HQh8a4uAm0hwt0fOHlg2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLkJzIQYcQcuPjNXSqtskuZoCyTrMB8GA1UdIwQY
MBaAFOwugh2I3noBE0FwQgI0b3wruevPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0M2Q0hZamVlZ0VUUVhCQ0FqUnZmQ3U1Njg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy83ZGRhNGYtZjBjNy00MDA4LTlhYjkt
ZGZhMGI4MDUyNjE0LzEvdVFuTWhCaHhCeTQtTTFkS3EyeVM1bWdMSk9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy83ZGRhNGYtZjBjNy00MDA4LTlhYjktZGZhMGI4MDUyNjE0
LzEvN0M2Q0hZamVlZ0VUUVhCQ0FqUnZmQ3U1Njg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW9u4MA0G
CSqGSIb3DQEBCwUAA4IBAQDGdkH7pduUYbRABhd/NDkS2Anh+/M9rtBuzK1745Jr
KguJDyHGW6ZtdBZIkeux9gdcc9PcUEzfXdDCsdoTZTT9HITplFq9tGqyGo2iu9gI
DhQZAVZSI51BUhe6jJXegOsI7YgibuYbW0Zm3/XgEVoYwKpVEsFJwuEDub/RHZH7
z6qDuX0D4rq1cdoe0bSvY5VINaTI11SK9Iw8qpjHyTQILyb4mvtQ3DBeIyjFCBkg
9q7gTP6dwyE6C0KuvRPji54eGjzsh8+Ix1shkmQj/5zSEGNJuEdDQkQH/gWp+Pc8
NweymCm6vdKsIF0+H5ZWwLr/uIJS4d6dPeR4k5uVNkIN
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:48 2025 by rpki-client