Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/umrTO7R0IuDFEdceT8qOzUE_ipo.roa
File: umrTO7R0IuDFEdceT8qOzUE_ipo.roa (raw, json)
Hash identifier: ITrWLfYJwvTCEc5SdUMaWfJ6e+5hBeG+8tBa0ALirMQ=
Subject key identifier: BA:6A:D3:3B:B4:74:22:E0:C5:11:D7:1E:4F:CA:8E:CD:41:3F:8A:9A
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 426A21BA
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/umrTO7R0IuDFEdceT8qOzUE_ipo.roa
Signing time: Sat 01 Jan 2022 14:03:10 +0000
ROA not before: Sat 01 Jan 2022 14:03:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42201
IP address blocks: 192.121.245.0/24 maxlen: 24
194.132.123.0/24 maxlen: 24
192.121.246.0/24 maxlen: 24
193.181.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1114251706 (0x426a21ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 14:03:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ba6ad33bb47422e0c511d71e4fca8ecd413f8a9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fd:3a:9e:9b:09:85:86:38:5b:6a:b7:db:66:
57:89:12:30:a7:0b:3e:3e:2d:81:b2:02:ff:c3:45:
c6:91:82:b1:55:be:c3:b6:d2:37:57:88:7b:9b:db:
0f:e3:53:4e:a6:1f:9b:f5:a4:9f:a3:6e:c4:64:61:
97:a6:8f:26:6e:8f:30:ee:2a:d8:90:50:ee:39:3d:
f3:bd:68:cf:63:3d:24:fe:98:1e:ee:d2:51:5e:7c:
9e:11:cc:74:61:87:1c:0f:de:35:57:db:35:5a:a2:
ab:20:90:3a:4e:17:46:f3:ec:3d:0f:7a:2b:b9:21:
ba:b4:7b:e9:f1:60:d8:e9:96:e6:0c:4a:c6:16:3d:
d1:55:0e:f7:be:61:30:73:2d:ca:a8:28:7b:c7:41:
bf:6c:6d:34:6c:c5:14:a2:7e:ff:94:71:14:40:e2:
a4:ed:46:59:d4:ae:eb:7a:62:d6:2f:02:19:56:d9:
03:2f:6f:7d:83:6c:8b:f2:d6:b5:dd:a9:e1:66:10:
e9:8c:b4:92:e1:97:b8:d3:57:c1:d0:e8:a0:15:cc:
53:2e:77:36:41:4f:b2:1d:18:bb:c4:6b:7c:f8:6f:
f4:e8:d8:73:77:b6:4d:1d:59:e8:d5:7d:fa:e6:f9:
31:8d:ae:6e:c7:d5:65:b8:91:a5:90:73:e9:f7:16:
a3:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:6A:D3:3B:B4:74:22:E0:C5:11:D7:1E:4F:CA:8E:CD:41:3F:8A:9A
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/umrTO7R0IuDFEdceT8qOzUE_ipo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.121.245.0-192.121.246.255
193.181.35.0/24
194.132.123.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:1f:30:11:fd:24:73:50:c9:16:7a:a8:e2:35:fc:39:89:48:
47:4d:39:d1:bd:93:28:2f:2a:09:04:52:2b:d7:e4:5e:95:16:
6b:cd:fa:84:f3:47:67:36:3f:6a:8b:a6:6f:ff:68:92:46:5f:
20:5e:2e:91:ca:40:f0:6b:e3:d2:36:69:e5:e0:84:43:db:fb:
18:4a:a9:97:71:b6:72:98:1b:3a:46:ef:50:64:c4:3c:b8:ba:
65:8c:8e:f6:b1:ea:cc:2c:06:5f:4c:ba:72:33:4a:65:04:87:
6b:47:05:3b:04:0d:20:9a:27:3f:e0:bd:05:36:06:19:41:b1:
3b:89:13:39:b1:ff:e3:8d:0b:2c:43:f1:aa:ca:7c:32:c6:eb:
be:e1:ee:78:26:da:5b:3b:bb:ed:25:37:03:17:93:90:50:66:
6e:bf:94:2b:ee:88:21:15:bf:98:1b:6f:75:51:c1:ab:f1:8e:
a1:a7:9f:c2:ba:63:c0:3c:13:f0:9e:7a:9d:d2:60:ab:93:88:
c1:17:06:c5:7b:e1:92:40:b7:06:d5:66:7d:5a:95:92:b0:fb:
8c:27:ca:9b:88:a7:8a:8b:2e:22:e4:83:f8:79:d7:d2:a8:6b:
87:f6:ce:27:86:7d:57:f4:35:f5:1e:87:7d:26:40:cf:09:80:
aa:0c:a9:0a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEQmohujANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTM1YzdmNTcxZWVmZWI2NzQwNGFiNmM0NWZkNDc1NTUxYWRhZjFiMB4XDTIyMDEw
MTE0MDMxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmE2YWQzM2JiNDc0
MjJlMGM1MTFkNzFlNGZjYThlY2Q0MTNmOGE5YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALf9Op6bCYWGOFtqt9tmV4kSMKcLPj4tgbIC/8NFxpGCsVW+
w7bSN1eIe5vbD+NTTqYfm/Wkn6NuxGRhl6aPJm6PMO4q2JBQ7jk9871oz2M9JP6Y
Hu7SUV58nhHMdGGHHA/eNVfbNVqiqyCQOk4XRvPsPQ96K7khurR76fFg2OmW5gxK
xhY90VUO975hMHMtyqgoe8dBv2xtNGzFFKJ+/5RxFEDipO1GWdSu63pi1i8CGVbZ
Ay9vfYNsi/LWtd2p4WYQ6Yy0kuGXuNNXwdDooBXMUy53NkFPsh0Yu8RrfPhv9OjY
c3e2TR1Z6NV9+ub5MY2ubsfVZbiRpZBz6fcWo9cCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBS6atM7tHQi4MUR1x5Pyo7NQT+KmjAfBgNVHSMEGDAWgBQhNcf1ce7+tnQE
q2xF/UdVUa2vGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lUWEg5WEh1X3JaMEJLdHNSZjFIVlZHdHJ4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8x
L3VtclRPN1IwSXVERkVkY2VUOHFPelVFX2lwby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
NjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8xL0lUWEg5WEh1X3Ja
MEJLdHNSZjFIVlZHdHJ4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGjAMAwQAwHn1AwQAwHn2AwQAwbUjAwQA
woR7MA0GCSqGSIb3DQEBCwUAA4IBAQClHzAR/SRzUMkWeqjiNfw5iUhHTTnRvZMo
LyoJBFIr1+RelRZrzfqE80dnNj9qi6Zv/2iSRl8gXi6RykDwa+PSNmnl4IRD2/sY
SqmXcbZymBs6Ru9QZMQ8uLpljI72serMLAZfTLpyM0plBIdrRwU7BA0gmic/4L0F
NgYZQbE7iRM5sf/jjQssQ/Gqynwyxuu+4e54JtpbO7vtJTcDF5OQUGZuv5Qr7ogh
Fb+YG291UcGr8Y6hp5/CumPAPBPwnnqd0mCrk4jBFwbFe+GSQLcG1WZ9WpWSsPuM
J8qbiKeKiy4i5IP4edfSqGuH9s4nhn1X9DX1Hod9JkDPCYCqDKkK
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:24 2025 by rpki-client