Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/2ebba5-7a0d-4333-b911-0f88d16e1afe/1/UgWg3qtmJ44abFTFC2ZYDO_oNok.roa
File: UgWg3qtmJ44abFTFC2ZYDO_oNok.roa (raw, json)
Hash identifier: OOgxoxYxmeuPdV5RHSZyehVTCKt9OvvjdjXrfZ2LeCs=
Subject key identifier: 52:05:A0:DE:AB:66:27:8E:1A:6C:54:C5:0B:66:58:0C:EF:E8:36:89
Certificate issuer: /CN=e11aa92850ebfe648ad3d89add8e736ec3675a11
Certificate serial: 018570950F8E2B4CE7CBF2EED4F510908613
Authority key identifier: E1:1A:A9:28:50:EB:FE:64:8A:D3:D8:9A:DD:8E:73:6E:C3:67:5A:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4RqpKFDr_mSK09ia3Y5zbsNnWhE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/2ebba5-7a0d-4333-b911-0f88d16e1afe/1/UgWg3qtmJ44abFTFC2ZYDO_oNok.roa
Signing time: Mon 02 Jan 2023 03:44:55 +0000
ROA not before: Mon 02 Jan 2023 03:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8075
IP address blocks: 194.180.131.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:0f:8e:2b:4c:e7:cb:f2:ee:d4:f5:10:90:86:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e11aa92850ebfe648ad3d89add8e736ec3675a11
Validity
Not Before: Jan 2 03:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5205a0deab66278e1a6c54c50b66580cefe83689
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ea:d4:b8:1c:54:ed:0b:f3:a9:7b:24:5d:9a:
a6:d4:c4:2f:e5:a3:03:ab:7c:4b:d9:1c:1b:60:9b:
11:c0:1e:b0:83:51:d8:fd:d9:54:8d:9e:0a:c4:3e:
2b:83:4e:34:20:ca:79:c0:97:f4:de:5d:de:01:6d:
91:9b:7d:e6:ab:a2:a5:e6:66:75:68:42:c3:88:fd:
48:ec:cf:db:67:38:8c:59:2f:30:70:46:13:e6:02:
84:a6:a5:70:d8:d9:9d:39:a5:53:c5:28:ce:f3:03:
f0:c2:51:57:4d:9f:2f:28:32:d5:da:fb:d6:3a:f6:
b9:ea:d3:fc:6b:88:de:0f:55:41:2d:97:4b:85:4b:
58:70:3b:3b:1d:0f:c3:f3:fa:7f:91:f8:f4:d1:a5:
94:f4:d6:d2:4a:47:23:26:c4:db:b1:59:87:aa:04:
33:e1:4d:23:f7:65:7c:88:ef:1a:40:09:7a:04:20:
32:71:24:71:36:bd:19:e4:98:4e:8f:ce:b9:b4:7e:
8a:3c:ce:0a:29:b9:57:2b:93:52:f5:f2:85:e3:8c:
5e:69:b3:f2:51:63:c8:a7:55:15:a9:c5:4e:25:73:
e9:a0:5c:e6:fb:48:89:06:7a:7e:a0:17:e7:e2:19:
44:1c:ca:c2:bf:d5:f0:ca:96:cd:7e:ca:5a:0b:9f:
54:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:05:A0:DE:AB:66:27:8E:1A:6C:54:C5:0B:66:58:0C:EF:E8:36:89
X509v3 Authority Key Identifier:
keyid:E1:1A:A9:28:50:EB:FE:64:8A:D3:D8:9A:DD:8E:73:6E:C3:67:5A:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4RqpKFDr_mSK09ia3Y5zbsNnWhE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/2ebba5-7a0d-4333-b911-0f88d16e1afe/1/UgWg3qtmJ44abFTFC2ZYDO_oNok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/2ebba5-7a0d-4333-b911-0f88d16e1afe/1/4RqpKFDr_mSK09ia3Y5zbsNnWhE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.180.131.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:d3:78:45:ad:2d:4a:81:f3:ed:05:d0:18:01:b4:28:7c:22:
80:54:25:0b:6f:3d:ca:69:ca:8d:89:b1:d1:53:76:af:2e:5f:
e3:73:73:26:dc:a7:f9:1c:be:5b:b2:ef:7e:20:b1:91:1f:91:
06:9d:a4:fd:70:46:a4:03:3b:04:5b:d6:c3:a6:33:ac:05:a0:
df:0d:ff:e4:47:5a:84:b0:58:c7:4f:1b:ed:33:c6:aa:38:44:
24:62:1c:d1:bb:b8:0f:e6:80:f7:ef:ca:a6:c3:79:e7:49:0f:
f2:f9:99:b0:5d:a8:a0:dc:dc:7a:0f:c4:10:88:66:29:31:8b:
53:93:1c:89:9c:c3:b1:f0:3e:be:60:17:e1:86:f1:f6:19:92:
7c:e3:27:35:fd:f0:f9:33:c3:19:41:07:01:f9:1e:1b:27:82:
f4:33:7f:df:58:86:90:e6:e5:2f:e8:06:56:c5:bd:c0:84:47:
db:38:a4:bd:ee:0c:8d:2a:c9:3a:74:ef:7c:5d:10:53:1a:57:
df:37:57:69:b6:3e:37:1e:e7:4b:d8:f5:2c:a4:45:6a:c2:4a:
e9:3b:73:6a:a5:e7:d3:b8:84:ec:21:64:d0:86:55:66:15:7b:
ad:f3:b9:ad:10:19:69:79:7c:0f:26:39:74:bb:57:db:1b:50:
73:0b:1f:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlQ+OK0zny/Lu1PUQkIYTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMWFhOTI4NTBlYmZlNjQ4YWQzZDg5YWRkOGU3MzZlYzM2
NzVhMTEwHhcNMjMwMTAyMDM0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjA1YTBkZWFiNjYyNzhlMWE2YzU0YzUwYjY2NTgwY2VmZTgzNjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+rUuBxU7QvzqXskXZqm1MQv5aMD
q3xL2RwbYJsRwB6wg1HY/dlUjZ4KxD4rg040IMp5wJf03l3eAW2Rm33mq6Kl5mZ1
aELDiP1I7M/bZziMWS8wcEYT5gKEpqVw2NmdOaVTxSjO8wPwwlFXTZ8vKDLV2vvW
Ova56tP8a4jeD1VBLZdLhUtYcDs7HQ/D8/p/kfj00aWU9NbSSkcjJsTbsVmHqgQz
4U0j92V8iO8aQAl6BCAycSRxNr0Z5JhOj865tH6KPM4KKblXK5NS9fKF44xeabPy
UWPIp1UVqcVOJXPpoFzm+0iJBnp+oBfn4hlEHMrCv9XwypbNfspaC59U3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFIFoN6rZieOGmxUxQtmWAzv6DaJMB8GA1UdIwQY
MBaAFOEaqShQ6/5kitPYmt2Oc27DZ1oRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFJxcEtGRHJfbVNLMDlpYTNZNXpic05uV2hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8yZWJiYTUtN2EwZC00MzMzLWI5MTEt
MGY4OGQxNmUxYWZlLzEvVWdXZzNxdG1KNDRhYkZURkMyWllET19vTm9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8yZWJiYTUtN2EwZC00MzMzLWI5MTEtMGY4OGQxNmUxYWZl
LzEvNFJxcEtGRHJfbVNLMDlpYTNZNXpic05uV2hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwrSDMA0G
CSqGSIb3DQEBCwUAA4IBAQA/03hFrS1KgfPtBdAYAbQofCKAVCULbz3KacqNibHR
U3avLl/jc3Mm3Kf5HL5bsu9+ILGRH5EGnaT9cEakAzsEW9bDpjOsBaDfDf/kR1qE
sFjHTxvtM8aqOEQkYhzRu7gP5oD378qmw3nnSQ/y+ZmwXaig3Nx6D8QQiGYpMYtT
kxyJnMOx8D6+YBfhhvH2GZJ84yc1/fD5M8MZQQcB+R4bJ4L0M3/fWIaQ5uUv6AZW
xb3AhEfbOKS97gyNKsk6dO98XRBTGlffN1dptj43HudL2PUspEVqwkrpO3NqpefT
uITsIWTQhlVmFXut87mtEBlpeXwPJjl0u1fbG1BzCx/0
-----END CERTIFICATE-----
Generated at Sun Apr 13 20:19:10 2025 by rpki-client