Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/654f36-ac5a-4292-8140-534d78898d6b/1/UZpZsSYpaFQoU5CQeVB7lhDGl50.roa
File: UZpZsSYpaFQoU5CQeVB7lhDGl50.roa (raw, json)
Hash identifier: O2GO4jDp480atxMQ59rRz54labUCDPSa8oFYue+YGrI=
Subject key identifier: 51:9A:59:B1:26:29:68:54:28:53:90:90:79:50:7B:96:10:C6:97:9D
Certificate issuer: /CN=b55d4e6317c62a1a69dac31f4f143e3bc280ba62
Certificate serial: 07F917A4
Authority key identifier: B5:5D:4E:63:17:C6:2A:1A:69:DA:C3:1F:4F:14:3E:3B:C2:80:BA:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tV1OYxfGKhpp2sMfTxQ-O8KAumI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/654f36-ac5a-4292-8140-534d78898d6b/1/UZpZsSYpaFQoU5CQeVB7lhDGl50.roa
Signing time: Thu 10 Mar 2022 03:00:11 +0000
ROA not before: Thu 10 Mar 2022 03:00:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16321
IP address blocks: 176.116.240.0/20 maxlen: 20
91.196.252.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 133765028 (0x7f917a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b55d4e6317c62a1a69dac31f4f143e3bc280ba62
Validity
Not Before: Mar 10 03:00:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=519a59b1262968542853909079507b9610c6979d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c4:29:db:9e:1e:a8:08:80:22:64:ee:34:17:
c1:1a:49:6f:37:19:13:35:8d:d5:8c:f0:d4:24:c6:
83:2b:66:66:da:42:84:a2:cd:7e:d3:8d:14:da:07:
bb:2e:6f:07:e7:f1:71:3e:19:2e:b4:5b:ca:2c:b3:
29:a2:fb:48:2e:eb:cd:a0:c0:c7:84:c4:da:b9:3b:
0a:97:41:c0:5a:5b:40:dc:ec:ac:72:e4:8b:24:1d:
14:68:97:8f:bb:09:25:59:12:15:9a:da:34:03:42:
e8:60:b3:25:64:9d:2c:df:d8:13:89:12:08:4b:ba:
57:8c:72:b5:16:77:0d:f0:e1:39:5e:25:44:29:2a:
34:ee:9a:c7:a0:0b:74:2c:ea:d5:23:64:23:1f:3c:
e2:83:2c:28:5c:88:fd:a9:5e:0c:3c:58:5d:e6:ff:
01:1c:88:96:d4:d2:b5:f3:59:62:b9:93:9a:68:58:
98:58:c1:41:b6:0c:70:5c:f0:a5:49:56:8d:9c:f4:
ce:5d:46:9a:38:66:f8:ca:08:7c:8c:31:a4:d1:d2:
49:94:cf:de:5b:a2:dd:48:83:cb:b1:6b:76:18:5b:
12:ec:95:fb:26:cf:a4:43:eb:2c:73:d3:d4:af:c3:
2e:5c:f6:7a:a2:96:aa:f0:12:51:9c:f7:40:44:86:
c2:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:9A:59:B1:26:29:68:54:28:53:90:90:79:50:7B:96:10:C6:97:9D
X509v3 Authority Key Identifier:
keyid:B5:5D:4E:63:17:C6:2A:1A:69:DA:C3:1F:4F:14:3E:3B:C2:80:BA:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tV1OYxfGKhpp2sMfTxQ-O8KAumI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/654f36-ac5a-4292-8140-534d78898d6b/1/UZpZsSYpaFQoU5CQeVB7lhDGl50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/654f36-ac5a-4292-8140-534d78898d6b/1/tV1OYxfGKhpp2sMfTxQ-O8KAumI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.252.0/22
176.116.240.0/20
Signature Algorithm: sha256WithRSAEncryption
60:ee:1e:2f:6f:67:d8:af:05:29:5a:e5:31:f9:1e:04:06:88:
79:1a:35:85:eb:18:5f:97:75:bd:53:7b:7e:10:a4:bf:ac:89:
df:8c:79:2b:a4:7b:31:f3:83:cd:ae:b3:74:d2:7e:ef:91:9f:
a7:33:07:5c:5b:ac:22:ae:4c:5b:b1:c0:7b:b8:5b:5a:65:e8:
bb:66:08:12:97:df:68:93:1e:66:ec:10:f0:98:6e:b6:ee:c5:
f7:82:80:0d:07:39:cf:42:b8:3b:95:a0:52:86:f5:83:65:7d:
31:f6:80:3c:e7:50:f3:1a:f7:38:cd:fd:52:ab:8d:13:bb:33:
d8:b0:4b:58:e5:2b:42:76:cb:3f:e6:65:59:36:ac:2c:e2:c3:
54:36:49:24:6e:e4:ba:5d:de:68:08:de:7e:42:96:59:f9:38:
bf:27:05:76:3c:f1:48:8a:8b:b8:c4:da:14:81:3a:45:71:e2:
7c:e0:1f:86:5c:b0:6f:cd:02:de:45:3c:d5:32:ed:05:d6:35:
98:c9:d2:12:13:4e:83:71:43:22:8e:5b:89:37:1a:58:62:ea:
16:89:47:cd:e9:66:26:db:91:9d:89:e8:01:0b:69:4f:b8:21:
45:f7:ff:a9:2c:33:72:82:c9:fd:8a:0c:ef:a0:51:5b:da:02:
ef:4a:60:5e
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEB/kXpDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NTVkNGU2MzE3YzYyYTFhNjlkYWMzMWY0ZjE0M2UzYmMyODBiYTYyMB4XDTIyMDMx
MDAzMDAxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTE5YTU5YjEyNjI5
Njg1NDI4NTM5MDkwNzk1MDdiOTYxMGM2OTc5ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK/EKdueHqgIgCJk7jQXwRpJbzcZEzWN1Yzw1CTGgytmZtpC
hKLNftONFNoHuy5vB+fxcT4ZLrRbyiyzKaL7SC7rzaDAx4TE2rk7CpdBwFpbQNzs
rHLkiyQdFGiXj7sJJVkSFZraNANC6GCzJWSdLN/YE4kSCEu6V4xytRZ3DfDhOV4l
RCkqNO6ax6ALdCzq1SNkIx884oMsKFyI/aleDDxYXeb/ARyIltTStfNZYrmTmmhY
mFjBQbYMcFzwpUlWjZz0zl1Gmjhm+MoIfIwxpNHSSZTP3lui3UiDy7FrdhhbEuyV
+ybPpEPrLHPT1K/DLlz2eqKWqvASUZz3QESGwpkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRRmlmxJiloVChTkJB5UHuWEMaXnTAfBgNVHSMEGDAWgBS1XU5jF8YqGmna
wx9PFD47woC6YjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RWMU9ZeGZHS2hwcDJzTWZUeFEtTzhLQXVtSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvNjU0ZjM2LWFjNWEtNDI5Mi04MTQwLTUzNGQ3ODg5OGQ2Yi8x
L1VacFpzU1lwYUZRb1U1Q1FlVkI3bGhER2w1MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
NjU0ZjM2LWFjNWEtNDI5Mi04MTQwLTUzNGQ3ODg5OGQ2Yi8xL3RWMU9ZeGZHS2hw
cDJzTWZUeFEtTzhLQXVtSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAlvE/AMEBLB08DANBgkqhkiG9w0B
AQsFAAOCAQEAYO4eL29n2K8FKVrlMfkeBAaIeRo1hesYX5d1vVN7fhCkv6yJ34x5
K6R7MfODza6zdNJ+75GfpzMHXFusIq5MW7HAe7hbWmXou2YIEpffaJMeZuwQ8Jhu
tu7F94KADQc5z0K4O5WgUob1g2V9MfaAPOdQ8xr3OM39UquNE7sz2LBLWOUrQnbL
P+ZlWTasLOLDVDZJJG7kul3eaAjefkKWWfk4vycFdjzxSIqLuMTaFIE6RXHifOAf
hlywb80C3kU81TLtBdY1mMnSEhNOg3FDIo5biTcaWGLqFolHzelmJtuRnYnoAQtp
T7ghRff/qSwzcoLJ/YoM76BRW9oC70pgXg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:44 2025 by rpki-client