Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/293328-9245-403b-8a4a-169c836bd6b0/1/UumL4qc1T2WO3vhzeRKQNVryfJY.roa
File: UumL4qc1T2WO3vhzeRKQNVryfJY.roa (raw, json)
Hash identifier: EgTe/2Ft/k7U3YUVnKuMld2Ar+ovsGe0qpjYCRlza44=
Subject key identifier: 52:E9:8B:E2:A7:35:4F:65:8E:DE:F8:73:79:12:90:35:5A:F2:7C:96
Certificate issuer: /CN=18886007da1730b0770d8604db73d12fd264f3f9
Certificate serial: 018B19890862981329350041A9B4268909B9
Authority key identifier: 18:88:60:07:DA:17:30:B0:77:0D:86:04:DB:73:D1:2F:D2:64:F3:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GIhgB9oXMLB3DYYE23PRL9Jk8_k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/293328-9245-403b-8a4a-169c836bd6b0/1/UumL4qc1T2WO3vhzeRKQNVryfJY.roa
Signing time: Tue 10 Oct 2023 12:21:32 +0000
ROA not before: Tue 10 Oct 2023 12:21:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9123
IP address blocks: 213.171.3.0/24 maxlen: 24
213.171.4.0/24 maxlen: 24
213.171.8.0/24 maxlen: 24
213.171.9.0/24 maxlen: 24
213.171.5.0/24 maxlen: 24
213.171.6.0/24 maxlen: 24
213.171.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:19:89:08:62:98:13:29:35:00:41:a9:b4:26:89:09:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18886007da1730b0770d8604db73d12fd264f3f9
Validity
Not Before: Oct 10 12:21:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52e98be2a7354f658edef873791290355af27c96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:14:85:11:f2:ec:75:fe:e0:b2:c0:c9:66:98:
18:12:69:b2:be:74:ae:a5:04:0a:64:88:a2:7c:fd:
d8:d2:b0:91:f9:18:a9:69:75:e1:ef:fe:31:56:2e:
f3:48:24:ee:14:2f:cd:cf:d9:d4:e7:c3:79:65:1b:
43:c4:b7:e0:81:c9:8b:f4:12:5a:cf:a3:c8:7b:5f:
53:f1:2a:dd:18:38:3f:0b:87:06:38:ac:25:44:a7:
a9:29:2e:1e:5c:3c:af:c5:79:77:f0:b4:42:61:1e:
63:6f:84:d4:b8:25:44:d1:dc:fb:4b:85:e4:94:52:
d8:6e:c0:17:b8:3b:62:a8:6d:72:25:25:ed:37:3f:
f9:4d:c3:b4:00:09:a6:ae:b1:ae:fa:38:e7:8d:f8:
36:06:da:47:8f:7c:d6:6c:55:44:74:f5:54:54:37:
01:89:83:7d:67:4d:36:2f:12:6a:96:fe:86:67:3f:
a1:e8:c8:bc:22:3c:80:a9:13:46:38:47:56:e6:d0:
aa:fa:0f:89:74:97:81:2b:a4:7d:b3:99:0c:b3:cf:
5b:74:5a:76:19:9e:cb:f6:5f:fc:f9:5b:50:83:51:
4d:dc:0c:78:06:e3:58:7f:87:c5:4f:9b:de:65:c3:
ab:f3:03:73:b1:28:c0:3c:39:6c:a4:42:e0:35:97:
4d:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:E9:8B:E2:A7:35:4F:65:8E:DE:F8:73:79:12:90:35:5A:F2:7C:96
X509v3 Authority Key Identifier:
keyid:18:88:60:07:DA:17:30:B0:77:0D:86:04:DB:73:D1:2F:D2:64:F3:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GIhgB9oXMLB3DYYE23PRL9Jk8_k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/293328-9245-403b-8a4a-169c836bd6b0/1/UumL4qc1T2WO3vhzeRKQNVryfJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/293328-9245-403b-8a4a-169c836bd6b0/1/GIhgB9oXMLB3DYYE23PRL9Jk8_k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.171.3.0-213.171.9.255
Signature Algorithm: sha256WithRSAEncryption
07:12:17:35:c2:40:82:df:bc:fb:44:d6:90:91:3e:60:48:3b:
1d:a0:fc:99:c3:31:10:08:c0:11:f5:ea:c4:56:22:08:e8:3f:
2e:d7:0e:da:b9:02:62:76:73:29:69:9d:39:c5:5c:66:1e:70:
7e:61:5c:19:9a:58:8e:0d:95:7e:c2:c3:b9:a6:00:20:b9:c1:
75:49:f1:27:82:32:1f:3a:4f:ac:80:69:6b:76:ab:52:a3:bf:
29:af:0d:99:5d:df:0f:40:07:53:44:2a:13:9c:ca:7b:95:45:
fb:f9:3a:ca:31:9e:62:b3:8a:77:33:b3:a4:16:2d:5b:01:4f:
e8:19:bd:9a:ff:67:40:51:4b:32:0e:7a:3b:ba:53:fa:9a:1b:
af:9c:93:05:9d:63:77:1b:1a:4e:75:a0:86:20:4c:85:6f:7d:
66:ab:8b:43:77:a2:3a:97:8a:9d:58:57:bb:7a:50:e1:b3:8f:
b5:9e:e3:25:f8:a9:c9:ec:85:fc:62:15:47:fb:fc:a9:c4:3c:
f1:7a:e5:65:5a:9f:ac:00:31:54:91:2a:f1:db:da:52:c2:16:
b2:9c:d1:72:38:5e:26:a1:19:98:6e:db:fe:74:95:44:27:7d:
4c:1b:ed:42:c3:b4:2d:9e:9c:7d:af:7e:02:13:d7:6b:32:eb:
88:ed:d7:88
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYsZiQhimBMpNQBBqbQmiQm5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ODg2MDA3ZGExNzMwYjA3NzBkODYwNGRiNzNkMTJmZDI2
NGYzZjkwHhcNMjMxMDEwMTIyMTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmU5OGJlMmE3MzU0ZjY1OGVkZWY4NzM3OTEyOTAzNTVhZjI3Yzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgxSFEfLsdf7gssDJZpgYEmmyvnSu
pQQKZIiifP3Y0rCR+RipaXXh7/4xVi7zSCTuFC/Nz9nU58N5ZRtDxLfggcmL9BJa
z6PIe19T8SrdGDg/C4cGOKwlRKepKS4eXDyvxXl38LRCYR5jb4TUuCVE0dz7S4Xk
lFLYbsAXuDtiqG1yJSXtNz/5TcO0AAmmrrGu+jjnjfg2BtpHj3zWbFVEdPVUVDcB
iYN9Z002LxJqlv6GZz+h6Mi8IjyAqRNGOEdW5tCq+g+JdJeBK6R9s5kMs89bdFp2
GZ7L9l/8+VtQg1FN3Ax4BuNYf4fFT5veZcOr8wNzsSjAPDlspELgNZdN6QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFLpi+KnNU9ljt74c3kSkDVa8nyWMB8GA1UdIwQY
MBaAFBiIYAfaFzCwdw2GBNtz0S/SZPP5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0loZ0I5b1hNTEIzRFlZRTIzUFJMOUprOF9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8yOTMzMjgtOTI0NS00MDNiLThhNGEt
MTY5YzgzNmJkNmIwLzEvVXVtTDRxYzFUMldPM3ZoemVSS1FOVnJ5ZkpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8yOTMzMjgtOTI0NS00MDNiLThhNGEtMTY5YzgzNmJkNmIw
LzEvR0loZ0I5b1hNTEIzRFlZRTIzUFJMOUprOF9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADVqwMD
BAHVqwgwDQYJKoZIhvcNAQELBQADggEBAAcSFzXCQILfvPtE1pCRPmBIOx2g/JnD
MRAIwBH16sRWIgjoPy7XDtq5AmJ2cylpnTnFXGYecH5hXBmaWI4NlX7Cw7mmACC5
wXVJ8SeCMh86T6yAaWt2q1KjvymvDZld3w9AB1NEKhOcynuVRfv5OsoxnmKzincz
s6QWLVsBT+gZvZr/Z0BRSzIOeju6U/qaG6+ckwWdY3cbGk51oIYgTIVvfWari0N3
ojqXip1YV7t6UOGzj7We4yX4qcnshfxiFUf7/KnEPPF65WVan6wAMVSRKvHb2lLC
FrKc0XI4XiahGZhu2/50lUQnfUwb7ULDtC2enH2vfgIT12sy64jt14g=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:49 2025 by rpki-client