Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/de6383-4ad5-457b-953c-a776fede9905/1/UJe8EzAsRJ98DGvM7n21cFy76ks.roa
File: UJe8EzAsRJ98DGvM7n21cFy76ks.roa (raw, json)
Hash identifier: mCvK4pDZ7HzZihJpJjKCAgHLjhNtX3qMFk18NBOzgeU=
Subject key identifier: 50:97:BC:13:30:2C:44:9F:7C:0C:6B:CC:EE:7D:B5:70:5C:BB:EA:4B
Certificate issuer: /CN=53f3590809d187f7b361fb24cd43f93f664b20b3
Certificate serial: 018571A7C6EEEACAFAE7779DBF3DAB1F1510
Authority key identifier: 53:F3:59:08:09:D1:87:F7:B3:61:FB:24:CD:43:F9:3F:66:4B:20:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U_NZCAnRh_ezYfskzUP5P2ZLILM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/de6383-4ad5-457b-953c-a776fede9905/1/UJe8EzAsRJ98DGvM7n21cFy76ks.roa
Signing time: Mon 02 Jan 2023 08:44:58 +0000
ROA not before: Mon 02 Jan 2023 08:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60349
IP address blocks: 194.38.38.0/24 maxlen: 24
194.38.36.0/22 maxlen: 23
194.38.37.0/24 maxlen: 24
194.38.36.0/24 maxlen: 24
194.38.39.0/24 maxlen: 24
2a09:6d40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:c6:ee:ea:ca:fa:e7:77:9d:bf:3d:ab:1f:15:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53f3590809d187f7b361fb24cd43f93f664b20b3
Validity
Not Before: Jan 2 08:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5097bc13302c449f7c0c6bccee7db5705cbbea4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:53:33:f7:44:69:9d:17:55:fa:67:f5:14:8a:
b2:a4:dd:99:03:5f:87:68:ea:b6:c0:b9:4f:a8:ab:
f2:42:9f:51:40:ae:28:a7:56:aa:ca:23:22:f8:33:
25:32:5e:54:b7:3d:8f:84:d3:0a:6e:8b:8a:6c:91:
91:0d:60:21:f6:e0:6d:3d:9f:09:d6:7c:cf:f1:3d:
55:f9:13:51:2c:13:e3:f9:e4:50:0e:72:7e:96:9d:
12:cc:80:bb:e8:1b:90:c3:c1:c4:e1:8e:12:8e:87:
0c:71:06:ca:9f:3d:73:8e:aa:91:8e:3f:32:8e:c5:
77:a3:b0:0f:c8:68:e5:69:b9:40:28:7c:0f:ac:2f:
af:9e:4a:d8:f4:94:78:84:2a:8b:6a:0a:1d:6f:3b:
55:65:ca:8d:64:fe:41:46:e3:8c:92:eb:37:b8:3a:
45:3b:f2:a8:b7:e1:54:81:29:44:3c:c0:02:95:2d:
0a:66:45:b7:cf:e9:22:29:48:52:2e:9d:68:2a:8c:
6f:d6:3b:89:ab:64:34:11:37:ef:83:4e:55:42:fc:
18:11:fd:8d:21:dd:88:5c:45:63:6f:bf:8a:f8:7d:
27:57:fd:bf:94:90:41:8b:5c:17:d3:18:db:44:32:
3c:14:d0:4f:4b:e3:e6:13:0f:3b:c9:21:cd:0f:ac:
d9:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:97:BC:13:30:2C:44:9F:7C:0C:6B:CC:EE:7D:B5:70:5C:BB:EA:4B
X509v3 Authority Key Identifier:
keyid:53:F3:59:08:09:D1:87:F7:B3:61:FB:24:CD:43:F9:3F:66:4B:20:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U_NZCAnRh_ezYfskzUP5P2ZLILM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/de6383-4ad5-457b-953c-a776fede9905/1/UJe8EzAsRJ98DGvM7n21cFy76ks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/de6383-4ad5-457b-953c-a776fede9905/1/U_NZCAnRh_ezYfskzUP5P2ZLILM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.38.36.0/22
IPv6:
2a09:6d40::/32
Signature Algorithm: sha256WithRSAEncryption
b2:d7:70:73:60:89:87:8e:b8:83:67:c5:26:bf:50:55:9d:43:
0d:5a:78:22:bd:8b:57:43:a3:68:a7:5a:5f:de:42:ef:8d:6b:
74:fe:07:b1:47:ae:86:28:bc:f9:70:de:be:31:15:d3:db:bc:
f3:9d:7c:f9:5e:aa:e2:1b:10:98:be:9d:66:25:06:85:ba:9a:
f4:c6:69:00:a1:c6:69:31:84:a3:3f:72:08:4b:52:c3:e5:87:
e3:9b:35:06:ce:04:cc:17:13:0b:e8:56:22:a2:9e:38:0a:8e:
26:6d:ed:6f:f3:b8:0d:ce:0a:3e:12:bf:e9:52:3b:b0:9e:2b:
64:18:13:9c:ea:ed:e7:c6:5f:94:15:71:e1:31:0d:ad:57:1a:
7d:fd:7e:b7:76:f0:31:d5:c2:a8:ed:7b:08:96:23:f1:b9:fe:
dc:29:a6:98:51:8b:2f:63:f3:2d:e2:c9:ce:ee:1e:5e:f2:dc:
07:f4:c3:51:0b:6f:d0:0f:a2:66:1c:78:9c:cb:e8:08:de:48:
4b:ce:10:98:9e:b1:27:0a:d9:bb:fc:04:3e:b4:0c:b7:25:2f:
17:b1:94:25:ec:fd:1e:fd:bc:f8:7a:df:d2:06:44:5a:71:34:
2c:4f:53:3c:08:af:6b:d4:31:b0:74:97:e6:f7:cd:1f:63:80:
d6:b9:5b:12
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxp8bu6sr653edvz2rHxUQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZjM1OTA4MDlkMTg3ZjdiMzYxZmIyNGNkNDNmOTNmNjY0
YjIwYjMwHhcNMjMwMTAyMDg0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDk3YmMxMzMwMmM0NDlmN2MwYzZiY2NlZTdkYjU3MDVjYmJlYTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVMz90RpnRdV+mf1FIqypN2ZA1+H
aOq2wLlPqKvyQp9RQK4op1aqyiMi+DMlMl5Utz2PhNMKbouKbJGRDWAh9uBtPZ8J
1nzP8T1V+RNRLBPj+eRQDnJ+lp0SzIC76BuQw8HE4Y4SjocMcQbKnz1zjqqRjj8y
jsV3o7APyGjlablAKHwPrC+vnkrY9JR4hCqLagodbztVZcqNZP5BRuOMkus3uDpF
O/Kot+FUgSlEPMAClS0KZkW3z+kiKUhSLp1oKoxv1juJq2Q0ETfvg05VQvwYEf2N
Id2IXEVjb7+K+H0nV/2/lJBBi1wX0xjbRDI8FNBPS+PmEw87ySHND6zZ+wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFCXvBMwLESffAxrzO59tXBcu+pLMB8GA1UdIwQY
MBaAFFPzWQgJ0Yf3s2H7JM1D+T9mSyCzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVV9OWkNBblJoX2V6WWZza3pVUDVQMlpMSUxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9kZTYzODMtNGFkNS00NTdiLTk1M2Mt
YTc3NmZlZGU5OTA1LzEvVUplOEV6QXNSSjk4REd2TTduMjFjRnk3NmtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9kZTYzODMtNGFkNS00NTdiLTk1M2MtYTc3NmZlZGU5OTA1
LzEvVV9OWkNBblJoX2V6WWZza3pVUDVQMlpMSUxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwiYkMA0E
AgACMAcDBQAqCW1AMA0GCSqGSIb3DQEBCwUAA4IBAQCy13BzYImHjriDZ8Umv1BV
nUMNWngivYtXQ6Nop1pf3kLvjWt0/gexR66GKLz5cN6+MRXT27zznXz5XqriGxCY
vp1mJQaFupr0xmkAocZpMYSjP3IIS1LD5YfjmzUGzgTMFxML6FYiop44Co4mbe1v
87gNzgo+Er/pUjuwnitkGBOc6u3nxl+UFXHhMQ2tVxp9/X63dvAx1cKo7XsIliPx
uf7cKaaYUYsvY/Mt4snO7h5e8twH9MNRC2/QD6JmHHicy+gI3khLzhCYnrEnCtm7
/AQ+tAy3JS8XsZQl7P0e/bz4et/SBkRacTQsT1M8CK9r1DGwdJfm980fY4DWuVsS
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:30 2025 by rpki-client