Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/UIkIZzxoWg0XdA2Hpc6tiH_rxGo.roa
File: UIkIZzxoWg0XdA2Hpc6tiH_rxGo.roa (raw, json)
Hash identifier: jrCN9MY4NAByCGdlTwtzL4jk3G321OmvnkN36gwCZ1Y=
Subject key identifier: 50:89:08:67:3C:68:5A:0D:17:74:0D:87:A5:CE:AD:88:7F:EB:C4:6A
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01850AE9348AE213A4BC4611A3DB27D79B92
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/UIkIZzxoWg0XdA2Hpc6tiH_rxGo.roa
Signing time: Tue 13 Dec 2022 09:55:33 +0000
ROA not before: Tue 13 Dec 2022 09:55:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3308
IP address blocks: 193.234.184.0/24 maxlen: 24
193.234.185.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0a:e9:34:8a:e2:13:a4:bc:46:11:a3:db:27:d7:9b:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Dec 13 09:55:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=508908673c685a0d17740d87a5cead887febc46a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:93:47:0d:68:e3:c8:d3:47:4a:d5:c3:20:b5:
c2:e5:58:1d:3a:48:57:f6:92:ab:d1:71:34:fe:c1:
df:9f:1a:77:05:ca:59:5c:bf:23:6a:2a:88:7b:1d:
f5:f9:31:11:e4:81:42:bd:83:67:86:03:ae:ee:a2:
5d:b3:90:a7:c0:a3:f2:76:10:35:83:17:5f:6e:56:
45:bb:32:cb:58:dd:4a:8c:2d:b9:dd:b2:b8:e6:c9:
8d:74:bc:a2:35:ff:fb:d4:0f:b8:b2:88:79:44:3f:
d6:aa:38:de:b5:08:07:fa:34:8b:04:f5:cb:ac:01:
da:8f:99:21:6f:c8:06:cb:3f:8f:52:d6:87:f4:c8:
29:1e:ca:6d:1c:22:69:1c:de:99:3a:24:b2:5e:79:
db:af:e6:3f:1a:e9:cc:09:99:6d:f3:85:19:4b:26:
6f:a5:0e:b7:e5:68:3a:13:41:e5:3a:b3:a4:3e:f7:
d5:9a:9f:2f:07:f6:71:35:7f:3e:60:20:7c:a8:31:
93:61:48:c2:c1:9a:28:0a:ba:32:84:3d:49:66:fd:
a8:f2:41:99:8e:ae:ee:77:2d:ad:31:ed:70:78:e2:
0f:8d:25:8c:8a:2a:b3:bd:1d:83:38:9d:76:17:fa:
03:51:dd:5d:12:77:b9:ea:ae:e8:47:91:54:f0:5e:
24:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:89:08:67:3C:68:5A:0D:17:74:0D:87:A5:CE:AD:88:7F:EB:C4:6A
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/UIkIZzxoWg0XdA2Hpc6tiH_rxGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.234.184.0/23
Signature Algorithm: sha256WithRSAEncryption
72:ca:3a:d3:4c:c6:bd:b3:b4:04:5d:33:24:04:83:d1:85:b7:
0e:d6:28:4a:5e:36:18:68:af:31:94:2f:7a:b7:f6:76:8e:5c:
76:a4:21:9d:3b:41:1e:34:a7:e7:ca:87:90:3d:5c:59:e7:39:
c8:f9:04:08:07:06:fc:a9:b0:22:af:d4:b4:b1:d9:c9:fa:e6:
c5:3b:7f:37:a0:ea:97:2e:0f:50:a3:6a:be:86:ad:24:d1:25:
42:57:a4:bb:19:8f:93:7f:35:b1:23:3e:67:61:6d:ee:46:13:
6a:20:34:fa:82:34:55:cf:b5:4f:95:48:0e:8b:88:06:81:83:
b6:f9:e8:3e:c8:49:f9:63:d4:17:ef:04:04:ec:9e:f1:39:f0:
ca:c7:c5:a7:68:34:f9:fc:70:85:0b:7e:fa:4e:9b:83:1b:e8:
ab:5c:0b:2f:ef:02:ed:15:2c:dd:ad:70:d2:20:4b:db:ab:e7:
70:80:36:06:1a:d8:0b:87:18:15:34:78:43:3c:ef:ca:b9:bd:
d1:62:83:f6:c8:ae:1c:4e:40:c4:85:d4:cb:01:02:f2:a4:8d:
0c:98:db:5e:0d:18:85:32:19:a4:ac:34:68:b7:ae:71:37:47:
e2:fc:f3:b3:cf:6a:8c:ba:92:91:87:cc:cf:fe:19:59:c6:df:
38:bc:f9:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUK6TSK4hOkvEYRo9sn15uSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjIxMjEzMDk1NTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDg5MDg2NzNjNjg1YTBkMTc3NDBkODdhNWNlYWQ4ODdmZWJjNDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJNHDWjjyNNHStXDILXC5VgdOkhX
9pKr0XE0/sHfnxp3BcpZXL8jaiqIex31+TER5IFCvYNnhgOu7qJds5CnwKPydhA1
gxdfblZFuzLLWN1KjC253bK45smNdLyiNf/71A+4soh5RD/WqjjetQgH+jSLBPXL
rAHaj5khb8gGyz+PUtaH9MgpHsptHCJpHN6ZOiSyXnnbr+Y/GunMCZlt84UZSyZv
pQ635Wg6E0HlOrOkPvfVmp8vB/ZxNX8+YCB8qDGTYUjCwZooCroyhD1JZv2o8kGZ
jq7udy2tMe1weOIPjSWMiiqzvR2DOJ12F/oDUd1dEne56q7oR5FU8F4kZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFCJCGc8aFoNF3QNh6XOrYh/68RqMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvVUlrSVp6eG9XZzBYZEEySHBjNnRpSF9yeEdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBweq4MA0G
CSqGSIb3DQEBCwUAA4IBAQByyjrTTMa9s7QEXTMkBIPRhbcO1ihKXjYYaK8xlC96
t/Z2jlx2pCGdO0EeNKfnyoeQPVxZ5znI+QQIBwb8qbAir9S0sdnJ+ubFO383oOqX
Lg9Qo2q+hq0k0SVCV6S7GY+TfzWxIz5nYW3uRhNqIDT6gjRVz7VPlUgOi4gGgYO2
+eg+yEn5Y9QX7wQE7J7xOfDKx8WnaDT5/HCFC376TpuDG+irXAsv7wLtFSzdrXDS
IEvbq+dwgDYGGtgLhxgVNHhDPO/Kub3RYoP2yK4cTkDEhdTLAQLypI0MmNteDRiF
MhmkrDRot65xN0fi/POzz2qMupKRh8zP/hlZxt84vPkx
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:27 2025 by rpki-client