Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/uZo4JItLKBTpb_JVg1X2gjeldn8.roa
File: uZo4JItLKBTpb_JVg1X2gjeldn8.roa (raw, json)
Hash identifier: sZ61grrqg0+oPZoGeqBx9DuUORQxZlgO5eL2FtZMKDM=
Subject key identifier: B9:9A:38:24:8B:4B:28:14:E9:6F:F2:55:83:55:F6:82:37:A5:76:7F
Certificate issuer: /CN=7299ce64a0f1624d7bb2d2969e5c11adbaa5485c
Certificate serial: 01854F3AA57F2E839D1CEA2971FD3AB6653C
Authority key identifier: 72:99:CE:64:A0:F1:62:4D:7B:B2:D2:96:9E:5C:11:AD:BA:A5:48:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cpnOZKDxYk17stKWnlwRrbqlSFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/uZo4JItLKBTpb_JVg1X2gjeldn8.roa
Signing time: Mon 26 Dec 2022 16:18:41 +0000
ROA not before: Mon 26 Dec 2022 16:18:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197579
IP address blocks: 185.92.232.0/22 maxlen: 22
91.223.113.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:4f:3a:a5:7f:2e:83:9d:1c:ea:29:71:fd:3a:b6:65:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7299ce64a0f1624d7bb2d2969e5c11adbaa5485c
Validity
Not Before: Dec 26 16:18:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b99a38248b4b2814e96ff2558355f68237a5767f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:33:d0:eb:62:42:dc:39:6d:92:6b:6e:8c:25:
16:73:14:28:10:f9:f5:6f:d4:e6:d4:e2:f6:13:de:
0a:1d:8f:6b:ab:e0:e5:cf:a1:d2:12:2a:94:af:2e:
93:df:a6:22:65:07:99:79:30:86:08:23:a5:6b:e9:
fe:88:8c:fa:3e:2e:83:4d:74:37:c8:1c:31:d6:a8:
c0:dc:1e:32:e4:5e:4c:4f:1d:50:8c:2d:c2:28:42:
0f:13:79:4a:06:1a:09:36:9b:f0:a9:35:b9:5e:40:
a7:f7:d2:27:35:b9:a5:9b:35:25:6d:7b:f5:7b:bd:
91:e1:da:87:af:66:f4:82:ba:ca:63:00:15:bf:fb:
1c:a0:95:39:86:b4:46:f2:a6:91:d6:a4:02:f5:96:
9b:ef:47:ae:b2:4b:6f:e8:15:d7:39:03:72:9e:22:
be:25:2b:06:fa:8f:47:ba:4f:d8:af:a3:ea:de:31:
84:22:a6:81:a3:66:d0:55:46:36:c0:f0:ff:29:0b:
29:1f:21:36:31:52:c4:68:9f:6a:43:74:f0:0c:ca:
45:84:06:b3:8d:b5:71:d7:04:4e:b1:43:6f:2e:dc:
76:30:7d:fa:11:22:d5:e5:a1:f5:63:aa:50:72:47:
c6:09:bd:54:b9:90:e1:26:8a:9d:84:81:61:ac:5f:
59:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:9A:38:24:8B:4B:28:14:E9:6F:F2:55:83:55:F6:82:37:A5:76:7F
X509v3 Authority Key Identifier:
keyid:72:99:CE:64:A0:F1:62:4D:7B:B2:D2:96:9E:5C:11:AD:BA:A5:48:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cpnOZKDxYk17stKWnlwRrbqlSFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/uZo4JItLKBTpb_JVg1X2gjeldn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/cpnOZKDxYk17stKWnlwRrbqlSFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.113.0/24
185.92.232.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:a5:23:05:7b:71:b0:9e:f4:52:9f:48:f9:ff:50:c4:41:12:
87:6b:30:8a:44:91:c4:63:1b:3b:f3:32:8d:46:b4:b0:4d:49:
32:e7:97:40:1c:8c:c6:bc:b1:8e:04:2a:02:e7:d5:e8:fe:84:
b3:f1:22:10:7e:5d:52:c6:0d:b4:6b:a9:13:a5:d0:ad:2b:fb:
c4:d0:ae:12:02:ea:13:1b:27:2a:bf:1b:66:e8:b9:bf:1b:48:
c7:8e:64:ed:fe:fc:64:ad:2e:32:91:c1:24:5e:1b:4a:e4:a7:
20:d6:12:78:6f:34:7b:12:56:0b:6e:73:4e:4e:82:62:24:5f:
89:59:6a:2a:38:80:ef:65:f2:b0:29:c1:df:d9:1e:7b:45:8b:
2c:d6:e3:28:8f:39:9f:79:59:13:35:90:aa:f7:1a:f7:90:a8:
3f:b8:ea:db:4d:c4:74:26:0e:5e:42:61:58:3f:eb:3e:2f:4f:
e3:f1:26:eb:22:9e:ab:fe:a6:32:07:6b:14:7b:fd:5c:a5:fa:
97:4d:20:5c:23:1b:cc:a8:f7:5e:30:cf:d6:ae:4a:cd:6f:c4:
13:1e:c1:b4:8a:08:31:4c:22:05:63:8b:79:06:b7:12:29:05:
2c:ee:88:95:7e:8a:15:25:15:86:5f:f4:92:50:b7:8e:6b:e1:
39:a5:99:02
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVPOqV/LoOdHOopcf06tmU8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyOTljZTY0YTBmMTYyNGQ3YmIyZDI5NjllNWMxMWFkYmFh
NTQ4NWMwHhcNMjIxMjI2MTYxODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTlhMzgyNDhiNGIyODE0ZTk2ZmYyNTU4MzU1ZjY4MjM3YTU3NjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzPQ62JC3DltkmtujCUWcxQoEPn1
b9Tm1OL2E94KHY9rq+Dlz6HSEiqUry6T36YiZQeZeTCGCCOla+n+iIz6Pi6DTXQ3
yBwx1qjA3B4y5F5MTx1QjC3CKEIPE3lKBhoJNpvwqTW5XkCn99InNbmlmzUlbXv1
e72R4dqHr2b0grrKYwAVv/scoJU5hrRG8qaR1qQC9Zab70eusktv6BXXOQNyniK+
JSsG+o9Huk/Yr6Pq3jGEIqaBo2bQVUY2wPD/KQspHyE2MVLEaJ9qQ3TwDMpFhAaz
jbVx1wROsUNvLtx2MH36ESLV5aH1Y6pQckfGCb1UuZDhJoqdhIFhrF9ZxQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLmaOCSLSygU6W/yVYNV9oI3pXZ/MB8GA1UdIwQY
MBaAFHKZzmSg8WJNe7LSlp5cEa26pUhcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3BuT1pLRHhZazE3c3RLV25sd1JyYnFsU0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9jMjBmYmEtNWI2Ny00MzhjLWFiMDAt
YzdlYjM0ZTJkY2E2LzEvdVpvNEpJdExLQlRwYl9KVmcxWDJnamVsZG44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9jMjBmYmEtNWI2Ny00MzhjLWFiMDAtYzdlYjM0ZTJkY2E2
LzEvY3BuT1pLRHhZazE3c3RLV25sd1JyYnFsU0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW99xAwQC
uVzoMA0GCSqGSIb3DQEBCwUAA4IBAQBcpSMFe3GwnvRSn0j5/1DEQRKHazCKRJHE
Yxs78zKNRrSwTUky55dAHIzGvLGOBCoC59Xo/oSz8SIQfl1Sxg20a6kTpdCtK/vE
0K4SAuoTGycqvxtm6Lm/G0jHjmTt/vxkrS4ykcEkXhtK5Kcg1hJ4bzR7ElYLbnNO
ToJiJF+JWWoqOIDvZfKwKcHf2R57RYss1uMojzmfeVkTNZCq9xr3kKg/uOrbTcR0
Jg5eQmFYP+s+L0/j8SbrIp6r/qYyB2sUe/1cpfqXTSBcIxvMqPdeMM/WrkrNb8QT
HsG0iggxTCIFY4t5BrcSKQUs7oiVfooVJRWGX/SSULeOa+E5pZkC
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:13:45 2025 by rpki-client