Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/U-B-oZ_09qihV-HHGGUWGom-j78.roa
File: U-B-oZ_09qihV-HHGGUWGom-j78.roa (raw, json)
Hash identifier: iNZoD38t0mdnRtwiBhN98bOCXqyZFJyd0pW/4fComcY=
Subject key identifier: 53:E0:7E:A1:9F:F4:F6:A8:A1:57:E1:C7:18:65:16:1A:89:BE:8F:BF
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 427BAF44
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/U-B-oZ_09qihV-HHGGUWGom-j78.roa
Signing time: Sat 01 Jan 2022 14:03:20 +0000
ROA not before: Sat 01 Jan 2022 14:03:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57630
IP address blocks: 194.71.0.0/23 maxlen: 23
192.71.0.0/24 maxlen: 24
193.234.116.0/22 maxlen: 22
193.181.34.0/24 maxlen: 24
194.103.197.0/24 maxlen: 24
194.103.95.0/24 maxlen: 24
194.14.57.0/24 maxlen: 24
193.234.3.0/24 maxlen: 24
194.103.145.0/24 maxlen: 24
194.132.166.0/24 maxlen: 24
194.132.164.0/24 maxlen: 24
193.234.144.0/24 maxlen: 24
192.165.134.0/23 maxlen: 23
194.132.186.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1115402052 (0x427baf44)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 14:03:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=53e07ea19ff4f6a8a157e1c71865161a89be8fbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:59:ac:1e:3a:7a:29:60:26:65:7d:db:b3:9c:
cc:4c:a9:c3:b2:07:89:e6:93:a7:20:59:74:ab:96:
a3:bb:5b:ed:72:c1:91:b5:12:f5:21:68:2a:1a:8d:
48:7e:c9:61:d2:40:2f:a8:ab:9a:d9:26:1e:53:33:
24:d0:8d:b4:5a:f1:55:74:29:dd:57:15:7d:f1:16:
f8:21:a4:eb:b2:7f:32:9e:1c:ea:de:62:44:ed:8c:
f7:31:0d:97:fc:77:fa:69:00:7a:e9:3e:5f:8c:f3:
0e:05:e9:b8:ea:29:f4:20:8b:f7:0c:4e:70:5b:95:
85:f1:c5:bb:88:1e:d9:d9:6a:8d:87:f0:08:1d:d0:
90:7a:d4:b2:32:7a:08:38:ad:0f:02:a3:6c:19:2b:
30:1d:4d:4d:5a:23:3e:66:71:1b:96:cf:0b:86:2d:
19:14:38:9c:07:f1:79:cf:14:0d:2d:b0:10:89:d0:
e8:ba:b2:d1:24:61:6e:0c:57:2b:e3:fb:f7:78:3c:
86:da:c3:d9:d0:3e:8a:84:4b:f4:7f:07:cb:40:62:
42:45:e2:f1:27:40:15:76:9c:1e:fa:a8:c9:66:bf:
b3:8f:75:ba:7c:ab:3e:26:ee:ba:4f:18:0d:ba:85:
02:fb:2a:13:e0:d1:fd:1d:59:7b:ad:ad:21:2a:11:
73:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:E0:7E:A1:9F:F4:F6:A8:A1:57:E1:C7:18:65:16:1A:89:BE:8F:BF
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/U-B-oZ_09qihV-HHGGUWGom-j78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.0.0/24
192.165.134.0/23
193.181.34.0/24
193.234.3.0/24
193.234.116.0/22
193.234.144.0/24
194.14.57.0/24
194.71.0.0/23
194.103.95.0/24
194.103.145.0/24
194.103.197.0/24
194.132.164.0/24
194.132.166.0/24
194.132.186.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:71:49:ea:55:a1:76:6a:23:e2:d1:d4:4d:97:67:3e:6a:94:
c6:e7:8d:c1:46:3b:81:63:2e:75:95:da:d9:ff:e0:82:88:8d:
a8:1a:49:25:2a:e1:44:9a:1a:2f:d3:d1:91:bc:28:39:d5:0f:
07:81:d7:9a:5d:74:ee:5e:3a:d8:86:2e:9b:ac:e5:ce:b0:77:
9f:87:a6:01:4c:cd:47:78:07:2c:88:90:bc:06:18:1f:24:77:
ab:b8:a9:a0:68:51:bf:35:06:75:fb:f7:2f:0a:c1:df:d7:39:
4e:ce:e2:32:6e:f7:27:b3:3f:0e:a8:1d:aa:48:a1:b3:19:fd:
e8:f7:e7:e0:01:cd:53:a4:b3:a0:70:a1:8e:31:5c:cc:94:09:
2b:97:dd:1a:e8:44:79:b3:0e:d8:0c:8b:29:ca:00:b8:e5:71:
e7:1c:e8:94:a9:69:d7:74:b5:f9:e7:fe:4d:93:f8:cf:e8:3f:
d7:49:b2:ba:73:46:be:c7:3a:4d:e6:7c:1e:11:87:4f:51:1c:
8f:96:98:cc:69:da:03:34:48:b0:93:28:19:f6:39:af:17:a0:
f9:8c:bf:d7:da:35:8b:54:60:58:68:68:a6:79:87:b7:49:ed:
ad:12:93:71:ed:78:e9:12:d5:aa:63:f4:45:6b:d7:d6:66:83:
24:1d:0a:cd
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIEQnuvRDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTM1YzdmNTcxZWVmZWI2NzQwNGFiNmM0NWZkNDc1NTUxYWRhZjFiMB4XDTIyMDEw
MTE0MDMyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTNlMDdlYTE5ZmY0
ZjZhOGExNTdlMWM3MTg2NTE2MWE4OWJlOGZiZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM5ZrB46eilgJmV927OczEypw7IHieaTpyBZdKuWo7tb7XLB
kbUS9SFoKhqNSH7JYdJAL6irmtkmHlMzJNCNtFrxVXQp3VcVffEW+CGk67J/Mp4c
6t5iRO2M9zENl/x3+mkAeuk+X4zzDgXpuOop9CCL9wxOcFuVhfHFu4ge2dlqjYfw
CB3QkHrUsjJ6CDitDwKjbBkrMB1NTVojPmZxG5bPC4YtGRQ4nAfxec8UDS2wEInQ
6Lqy0SRhbgxXK+P793g8htrD2dA+ioRL9H8Hy0BiQkXi8SdAFXacHvqoyWa/s491
unyrPibuuk8YDbqFAvsqE+DR/R1Ze62tISoRc3kCAwEAAaOCAlcwggJTMB0GA1Ud
DgQWBBRT4H6hn/T2qKFX4ccYZRYaib6PvzAfBgNVHSMEGDAWgBQhNcf1ce7+tnQE
q2xF/UdVUa2vGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lUWEg5WEh1X3JaMEJLdHNSZjFIVlZHdHJ4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8x
L1UtQi1vWl8wOXFpaFYtSEhHR1VXR29tLWo3OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
NjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8xL0lUWEg5WEh1X3Ja
MEJLdHNSZjFIVlZHdHJ4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBt
BggrBgEFBQcBBwEB/wReMFwwWgQCAAEwVAMEAMBHAAMEAcClhgMEAMG1IgMEAMHq
AwMEAsHqdAMEAMHqkAMEAMIOOQMEAcJHAAMEAMJnXwMEAMJnkQMEAMJnxQMEAMKE
pAMEAMKEpgMEAMKEujANBgkqhkiG9w0BAQsFAAOCAQEATHFJ6lWhdmoj4tHUTZdn
PmqUxueNwUY7gWMudZXa2f/ggoiNqBpJJSrhRJoaL9PRkbwoOdUPB4HXml107l46
2IYum6zlzrB3n4emAUzNR3gHLIiQvAYYHyR3q7ipoGhRvzUGdfv3LwrB39c5Ts7i
Mm73J7M/Dqgdqkihsxn96Pfn4AHNU6SzoHChjjFczJQJK5fdGuhEebMO2AyLKcoA
uOVx5xzolKlp13S1+ef+TZP4z+g/10myunNGvsc6TeZ8HhGHT1Ecj5aYzGnaAzRI
sJMoGfY5rxeg+Yy/19o1i1RgWGhopnmHt0ntrRKTce146RLVqmP0RWvX1maDJB0K
zQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:46 2025 by rpki-client