Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/34439e-9cd2-44c5-9cfd-555f3f18e54f/1/U90IFH0WiU90E0SesrLKPqRAzIA.roa
File: U90IFH0WiU90E0SesrLKPqRAzIA.roa (raw, json)
Hash identifier: wtxuId9uJJIrfDgLSdVod8LxR3OOL9p2xhpcHqMnzPM=
Subject key identifier: 53:DD:08:14:7D:16:89:4F:74:13:44:9E:B2:B2:CA:3E:A4:40:CC:80
Certificate issuer: /CN=acf6ea0ffb2aee4f76ee1a1048969b8b5065da45
Certificate serial: 018665212894F2BEB792FC710F47987298A9
Authority key identifier: AC:F6:EA:0F:FB:2A:EE:4F:76:EE:1A:10:48:96:9B:8B:50:65:DA:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rPbqD_sq7k927hoQSJabi1Bl2kU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/34439e-9cd2-44c5-9cfd-555f3f18e54f/1/U90IFH0WiU90E0SesrLKPqRAzIA.roa
Signing time: Sat 18 Feb 2023 15:25:17 +0000
ROA not before: Sat 18 Feb 2023 15:25:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209500
IP address blocks: 193.31.7.0/24 maxlen: 24
83.229.62.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:65:21:28:94:f2:be:b7:92:fc:71:0f:47:98:72:98:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acf6ea0ffb2aee4f76ee1a1048969b8b5065da45
Validity
Not Before: Feb 18 15:25:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53dd08147d16894f7413449eb2b2ca3ea440cc80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:05:6c:02:1f:be:c3:cb:36:57:89:51:98:4e:
aa:3b:69:e8:ad:fa:4a:dc:fa:a5:68:aa:1e:74:e0:
5f:8f:51:28:d1:f8:1d:62:95:52:fc:1f:b8:c9:1e:
60:47:79:8a:21:af:e2:e8:89:fa:a7:fa:82:0c:1c:
b6:ed:59:68:df:7b:98:40:41:8b:74:0e:61:1f:39:
ad:df:1f:f9:d2:05:71:1d:d1:73:24:28:2f:89:57:
66:c3:29:b0:3f:34:02:59:90:bd:ac:4c:37:d3:a1:
2a:54:a8:bf:37:24:8d:9b:ed:f3:e0:47:62:aa:ef:
5e:b8:2a:5c:56:d0:9a:6a:5c:84:d2:ae:c0:27:0c:
8f:ae:80:0f:da:c0:35:9a:38:89:28:c6:48:d8:32:
40:db:55:44:3e:f9:25:9b:05:72:36:51:df:46:b2:
2b:17:5b:54:a3:4a:84:e0:fd:70:c2:11:1f:a2:b9:
53:6e:97:de:c9:39:2d:ed:d5:31:9d:06:dd:cf:2a:
87:aa:02:d4:b6:3d:27:5a:a8:7f:ad:46:e2:0b:bc:
61:c1:cf:22:d2:a7:1d:e8:2b:51:d0:61:aa:f6:47:
ed:be:e1:5a:c2:ff:a1:69:c8:b4:f7:42:d0:3f:9f:
0c:71:29:b3:34:d6:c7:4e:ee:6a:96:e2:e1:87:71:
c5:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:DD:08:14:7D:16:89:4F:74:13:44:9E:B2:B2:CA:3E:A4:40:CC:80
X509v3 Authority Key Identifier:
keyid:AC:F6:EA:0F:FB:2A:EE:4F:76:EE:1A:10:48:96:9B:8B:50:65:DA:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rPbqD_sq7k927hoQSJabi1Bl2kU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/34439e-9cd2-44c5-9cfd-555f3f18e54f/1/U90IFH0WiU90E0SesrLKPqRAzIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/34439e-9cd2-44c5-9cfd-555f3f18e54f/1/rPbqD_sq7k927hoQSJabi1Bl2kU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.229.62.0/24
193.31.7.0/24
Signature Algorithm: sha256WithRSAEncryption
50:4f:2c:98:99:00:f5:7f:e4:67:3a:85:c6:2b:16:44:f8:2f:
f3:ad:de:13:4f:18:f3:c5:4d:31:99:a9:6d:5c:23:58:f3:ae:
9c:be:61:92:c0:c6:55:1f:cb:da:35:b2:0c:3c:0a:4e:26:dc:
36:56:c0:3c:bf:33:4e:8c:cb:b0:9d:db:1b:32:51:8e:4f:bd:
f8:69:54:c7:7a:a5:af:14:58:4d:d1:b0:cc:08:4c:01:65:ad:
3a:84:46:63:51:fb:b3:6c:a7:16:7f:3f:8b:fb:51:33:8e:5f:
e2:18:49:85:0e:0b:62:22:db:9e:c5:b9:64:f4:7d:b5:1e:66:
9e:10:cd:06:5f:7f:d6:dd:f8:40:bf:11:16:a6:82:35:f6:12:
f9:4c:cc:aa:d1:e0:eb:93:f3:e0:50:f6:07:ca:b1:5a:90:98:
ad:be:15:9e:61:c4:9f:58:3d:d2:19:f6:ad:99:3f:ee:0c:e1:
63:aa:d5:04:f7:0e:b2:64:c5:69:f7:ae:20:7f:69:dc:ac:6f:
9e:bf:f0:5e:45:00:2a:d6:25:32:40:74:5f:6e:c4:0e:6c:c3:
4e:d6:11:a5:c6:f4:00:1e:75:19:90:23:7d:13:1b:a0:2c:bb:
e2:fa:7b:14:ef:46:d1:0f:9a:a2:8e:f1:e4:f3:2a:01:c2:be:
de:7b:f1:e8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYZlISiU8r63kvxxD0eYcpipMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjZjZlYTBmZmIyYWVlNGY3NmVlMWExMDQ4OTY5YjhiNTA2
NWRhNDUwHhcNMjMwMjE4MTUyNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2RkMDgxNDdkMTY4OTRmNzQxMzQ0OWViMmIyY2EzZWE0NDBjYzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgVsAh++w8s2V4lRmE6qO2norfpK
3PqlaKoedOBfj1Eo0fgdYpVS/B+4yR5gR3mKIa/i6In6p/qCDBy27Vlo33uYQEGL
dA5hHzmt3x/50gVxHdFzJCgviVdmwymwPzQCWZC9rEw306EqVKi/NySNm+3z4Edi
qu9euCpcVtCaalyE0q7AJwyProAP2sA1mjiJKMZI2DJA21VEPvklmwVyNlHfRrIr
F1tUo0qE4P1wwhEforlTbpfeyTkt7dUxnQbdzyqHqgLUtj0nWqh/rUbiC7xhwc8i
0qcd6CtR0GGq9kftvuFawv+haci090LQP58McSmzNNbHTu5qluLhh3HF4QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFPdCBR9FolPdBNEnrKyyj6kQMyAMB8GA1UdIwQY
MBaAFKz26g/7Ku5Pdu4aEEiWm4tQZdpFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclBicURfc3E3azkyN2hvUVNKYWJpMUJsMmtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8zNDQzOWUtOWNkMi00NGM1LTljZmQt
NTU1ZjNmMThlNTRmLzEvVTkwSUZIMFdpVTkwRTBTZXNyTEtQcVJBeklBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8zNDQzOWUtOWNkMi00NGM1LTljZmQtNTU1ZjNmMThlNTRm
LzEvclBicURfc3E3azkyN2hvUVNKYWJpMUJsMmtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAU+U+AwQA
wR8HMA0GCSqGSIb3DQEBCwUAA4IBAQBQTyyYmQD1f+RnOoXGKxZE+C/zrd4TTxjz
xU0xmaltXCNY866cvmGSwMZVH8vaNbIMPApOJtw2VsA8vzNOjMuwndsbMlGOT734
aVTHeqWvFFhN0bDMCEwBZa06hEZjUfuzbKcWfz+L+1Ezjl/iGEmFDgtiItuexblk
9H21HmaeEM0GX3/W3fhAvxEWpoI19hL5TMyq0eDrk/PgUPYHyrFakJitvhWeYcSf
WD3SGfatmT/uDOFjqtUE9w6yZMVp964gf2ncrG+ev/BeRQAq1iUyQHRfbsQObMNO
1hGlxvQAHnUZkCN9ExugLLvi+nsU70bRD5qijvHk8yoBwr7ee/Ho
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:33:30 2025 by rpki-client