Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/UF-qqa0GCOciuTIxf8sQxT20LgU.roa
File: UF-qqa0GCOciuTIxf8sQxT20LgU.roa (raw, json)
Hash identifier: zB1wnqGyoAksrxw4JgmO5FbGs7C6dnAWlI3RKrw0unU=
Subject key identifier: 50:5F:AA:A9:AD:06:08:E7:22:B9:32:31:7F:CB:10:C5:3D:B4:2E:05
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01856CCAD9DEE5BA997184D0679DA48C2596
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/UF-qqa0GCOciuTIxf8sQxT20LgU.roa
Signing time: Sun 01 Jan 2023 10:05:11 +0000
ROA not before: Sun 01 Jan 2023 10:05:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15830
IP address blocks: 192.71.155.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:d9:de:e5:ba:99:71:84:d0:67:9d:a4:8c:25:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 10:05:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=505faaa9ad0608e722b932317fcb10c53db42e05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:59:b7:d1:6f:0a:d5:4c:22:35:b8:4a:f1:9f:
06:4a:f9:0d:aa:cd:89:25:c3:0c:1d:84:0a:c6:b7:
4d:33:b6:ac:1a:89:bc:cc:98:15:22:7a:13:70:f3:
2d:f0:11:6d:e3:b3:40:20:a2:98:95:16:e9:0c:51:
3d:84:b7:d2:44:cf:a2:50:9b:72:12:04:be:c2:81:
9c:4f:25:61:24:f0:0a:6b:5f:2c:ef:34:51:18:ed:
46:da:82:e3:98:a7:92:be:7e:9d:96:83:d9:c5:db:
0c:2f:1f:ea:73:0a:5a:4e:79:7b:6e:85:ad:84:da:
de:b2:14:1e:7f:f3:b6:13:c6:06:da:3d:66:03:be:
b4:81:6a:99:55:25:4e:03:f8:74:60:7c:d7:f8:ab:
05:9e:a1:36:c5:2a:35:10:5e:f8:58:63:04:a5:6f:
68:1a:87:0a:84:a2:0c:70:fd:82:d9:d0:f9:c6:d6:
9a:94:d0:b7:71:32:54:29:d9:98:e3:66:fb:d4:14:
af:7b:df:72:ce:b0:26:2f:70:57:ad:6f:09:5c:45:
5d:06:00:df:c2:b3:04:60:ce:b8:cf:7a:4e:12:32:
0c:d8:a0:51:22:7d:88:d3:8c:b0:fb:af:f7:c7:b6:
3f:db:2c:0d:eb:38:65:a1:79:43:5b:fb:41:df:dc:
de:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:5F:AA:A9:AD:06:08:E7:22:B9:32:31:7F:CB:10:C5:3D:B4:2E:05
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/UF-qqa0GCOciuTIxf8sQxT20LgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.155.0/24
Signature Algorithm: sha256WithRSAEncryption
64:db:00:33:16:3a:25:03:30:da:fe:08:ef:13:e9:f6:b5:2e:
70:3a:a1:e7:c1:20:c9:a5:58:2b:08:63:04:ff:b6:64:f7:1a:
39:8c:ac:cc:e6:4a:73:9b:6e:47:86:ee:11:72:7f:af:42:a8:
aa:dd:f7:19:33:00:7b:9e:c8:92:da:ec:70:89:b9:5c:17:b9:
fb:97:ea:71:65:53:86:21:38:6a:19:95:3a:ab:bb:64:c3:02:
37:19:de:d7:68:c5:18:a6:dc:ba:46:3c:88:55:1e:4b:42:64:
75:5c:00:45:b9:57:8d:a4:d2:14:f8:c2:59:45:53:62:4b:58:
47:2a:1b:b1:82:61:7c:06:43:53:c1:7d:3d:51:81:d4:5b:c5:
f8:d2:ef:e9:79:6d:95:7f:13:80:93:82:72:9d:8e:2b:57:18:
db:59:45:3b:43:16:65:e2:15:a1:3c:d9:5b:64:42:7f:8a:32:
d8:ea:55:68:d1:e3:52:c2:39:08:5c:8c:9c:a3:82:a5:42:9d:
04:c3:2f:83:47:05:a0:0c:41:86:36:0d:25:b2:a8:58:1c:aa:
58:6f:b9:13:08:0b:b6:f8:6a:79:56:06:6b:7d:c9:f5:fd:d8:
73:44:0d:bd:20:16:f5:93:de:5a:1d:95:41:07:2d:b6:c3:78:
4f:9c:7a:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsytne5bqZcYTQZ52kjCWWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMTAxMTAwNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDVmYWFhOWFkMDYwOGU3MjJiOTMyMzE3ZmNiMTBjNTNkYjQyZTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1m30W8K1UwiNbhK8Z8GSvkNqs2J
JcMMHYQKxrdNM7asGom8zJgVInoTcPMt8BFt47NAIKKYlRbpDFE9hLfSRM+iUJty
EgS+woGcTyVhJPAKa18s7zRRGO1G2oLjmKeSvn6dloPZxdsMLx/qcwpaTnl7boWt
hNreshQef/O2E8YG2j1mA760gWqZVSVOA/h0YHzX+KsFnqE2xSo1EF74WGMEpW9o
GocKhKIMcP2C2dD5xtaalNC3cTJUKdmY42b71BSve99yzrAmL3BXrW8JXEVdBgDf
wrMEYM64z3pOEjIM2KBRIn2I04yw+6/3x7Y/2ywN6zhloXlDW/tB39zemwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFBfqqmtBgjnIrkyMX/LEMU9tC4FMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvVUYtcXFhMEdDT2NpdVRJeGY4c1F4VDIwTGdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwEebMA0G
CSqGSIb3DQEBCwUAA4IBAQBk2wAzFjolAzDa/gjvE+n2tS5wOqHnwSDJpVgrCGME
/7Zk9xo5jKzM5kpzm25Hhu4Rcn+vQqiq3fcZMwB7nsiS2uxwiblcF7n7l+pxZVOG
IThqGZU6q7tkwwI3Gd7XaMUYpty6RjyIVR5LQmR1XABFuVeNpNIU+MJZRVNiS1hH
KhuxgmF8BkNTwX09UYHUW8X40u/peW2VfxOAk4JynY4rVxjbWUU7QxZl4hWhPNlb
ZEJ/ijLY6lVo0eNSwjkIXIyco4KlQp0Ewy+DRwWgDEGGNg0lsqhYHKpYb7kTCAu2
+Gp5VgZrfcn1/dhzRA29IBb1k95aHZVBBy22w3hPnHqX
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:10:47 2025 by rpki-client