Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/_UqfNpn_B32vWxIM7ENpGWzD_3I.roa
File: _UqfNpn_B32vWxIM7ENpGWzD_3I.roa (raw, json)
Hash identifier: TrSFJTSLAB1y2qi0ubmCO/wzMnSOro4IJZ5EpP2ftu8=
Subject key identifier: FD:4A:9F:36:99:FF:07:7D:AF:5B:12:0C:EC:43:69:19:6C:C3:FF:72
Certificate issuer: /CN=a4e7205f5d41257a6bb95f900eec0a1123e75164
Certificate serial: 01857070595D362BF132735546FFF738D3C6
Authority key identifier: A4:E7:20:5F:5D:41:25:7A:6B:B9:5F:90:0E:EC:0A:11:23:E7:51:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pOcgX11BJXpruV-QDuwKESPnUWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/_UqfNpn_B32vWxIM7ENpGWzD_3I.roa
Signing time: Mon 02 Jan 2023 03:04:49 +0000
ROA not before: Mon 02 Jan 2023 03:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196976
IP address blocks: 91.133.32.0/19 maxlen: 19
2a04:3100::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:59:5d:36:2b:f1:32:73:55:46:ff:f7:38:d3:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4e7205f5d41257a6bb95f900eec0a1123e75164
Validity
Not Before: Jan 2 03:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd4a9f3699ff077daf5b120cec4369196cc3ff72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:4e:be:e5:a5:44:00:c9:f3:e1:cb:7b:2a:ff:
f3:a7:69:37:af:c9:90:43:f2:66:cd:0b:42:8f:96:
32:21:10:5d:3f:4e:91:97:65:9e:04:3f:89:41:f5:
de:e6:65:16:f6:a4:94:1b:47:b1:b5:8a:37:9d:08:
f1:6c:93:03:56:84:65:c7:3c:d9:39:67:37:81:4f:
4e:51:71:83:83:11:0e:15:69:11:e5:ea:27:2f:2e:
17:ca:14:fc:fe:90:ab:cb:d0:f5:78:3e:07:0e:9a:
53:5f:29:8a:46:86:ea:52:2a:ff:28:b1:fd:1b:c7:
eb:13:61:fc:92:c7:f8:16:84:b6:a4:43:51:4d:12:
b4:c6:55:62:73:5e:3e:87:26:e3:8e:19:71:90:69:
fa:5d:fe:c9:59:5b:a7:a5:9e:b3:dd:a6:8e:7b:f1:
13:07:63:f5:6e:1a:84:43:ef:9d:0e:ad:d1:d7:cb:
a1:f6:1f:d2:e2:a0:94:89:f7:46:82:52:95:1c:e8:
73:f3:70:1b:c4:d6:aa:ed:8d:36:b6:1e:a2:b5:a1:
28:07:1d:cc:b2:45:5e:4c:03:2b:d3:f7:00:4c:dc:
96:48:39:91:4f:90:27:01:11:05:64:fd:23:52:18:
2d:cc:b9:13:ba:37:64:15:1f:94:1c:9c:37:c9:a8:
79:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:4A:9F:36:99:FF:07:7D:AF:5B:12:0C:EC:43:69:19:6C:C3:FF:72
X509v3 Authority Key Identifier:
keyid:A4:E7:20:5F:5D:41:25:7A:6B:B9:5F:90:0E:EC:0A:11:23:E7:51:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pOcgX11BJXpruV-QDuwKESPnUWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/_UqfNpn_B32vWxIM7ENpGWzD_3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/pOcgX11BJXpruV-QDuwKESPnUWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.133.32.0/19
IPv6:
2a04:3100::/29
Signature Algorithm: sha256WithRSAEncryption
2e:0f:77:bd:31:f7:01:4b:6a:2e:fb:5e:b2:b9:61:87:ba:7c:
6d:7f:b0:7d:23:39:80:ca:7c:a4:c4:47:06:ad:fc:68:4c:f7:
83:38:47:ed:2a:17:a6:47:3f:de:8f:83:93:0c:66:ac:a9:02:
ae:c5:ac:be:e3:31:78:8a:d5:04:f5:98:90:be:c5:2a:ca:2e:
2a:93:b8:f0:63:60:6c:c7:9b:ba:2a:bf:ce:5f:c4:bc:c0:15:
73:2b:96:7b:c2:58:1b:c4:1e:b5:fa:e9:16:49:32:83:23:88:
2c:94:66:bb:e4:ee:69:21:14:90:c1:21:ef:c1:87:9a:5e:52:
de:61:c2:80:d2:9a:a7:b9:49:a3:7c:f8:42:61:5d:27:63:57:
36:26:bc:ab:0a:07:89:e2:36:3b:56:e3:b8:55:b8:5c:a3:91:
e0:b5:97:86:7a:68:c9:c2:91:d8:fc:7e:2b:49:a6:95:c1:65:
3d:ff:08:e7:6b:16:bf:8d:3b:8e:b0:1a:0f:50:7e:90:7b:ec:
45:a0:42:f4:cc:53:0c:43:3f:7e:17:bc:38:ac:7a:aa:fb:12:
a3:b5:b7:34:07:4b:06:3d:c5:20:94:9d:e8:83:f2:1b:12:2a:
20:6c:7c:97:90:58:a0:7e:ae:63:88:ec:11:6f:b2:1f:c5:ef:
7c:ac:a4:ac
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwcFldNivxMnNVRv/3ONPGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZTcyMDVmNWQ0MTI1N2E2YmI5NWY5MDBlZWMwYTExMjNl
NzUxNjQwHhcNMjMwMTAyMDMwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDRhOWYzNjk5ZmYwNzdkYWY1YjEyMGNlYzQzNjkxOTZjYzNmZjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi06+5aVEAMnz4ct7Kv/zp2k3r8mQ
Q/JmzQtCj5YyIRBdP06Rl2WeBD+JQfXe5mUW9qSUG0extYo3nQjxbJMDVoRlxzzZ
OWc3gU9OUXGDgxEOFWkR5eonLy4XyhT8/pCry9D1eD4HDppTXymKRobqUir/KLH9
G8frE2H8ksf4FoS2pENRTRK0xlVic14+hybjjhlxkGn6Xf7JWVunpZ6z3aaOe/ET
B2P1bhqEQ++dDq3R18uh9h/S4qCUifdGglKVHOhz83AbxNaq7Y02th6itaEoBx3M
skVeTAMr0/cATNyWSDmRT5AnAREFZP0jUhgtzLkTujdkFR+UHJw3yah5qwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFP1KnzaZ/wd9r1sSDOxDaRlsw/9yMB8GA1UdIwQY
MBaAFKTnIF9dQSV6a7lfkA7sChEj51FkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE9jZ1gxMUJKWHBydVYtUUR1d0tFU1BuVVdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9mNzYxYmQtNWMzYS00ZDJmLThjZDkt
M2U1OWNlNDQ1YjFjLzEvX1VxZk5wbl9CMzJ2V3hJTTdFTnBHV3pEXzNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9mNzYxYmQtNWMzYS00ZDJmLThjZDktM2U1OWNlNDQ1YjFj
LzEvcE9jZ1gxMUJKWHBydVYtUUR1d0tFU1BuVVdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFW4UgMA0E
AgACMAcDBQMqBDEAMA0GCSqGSIb3DQEBCwUAA4IBAQAuD3e9MfcBS2ou+16yuWGH
unxtf7B9IzmAynykxEcGrfxoTPeDOEftKhemRz/ej4OTDGasqQKuxay+4zF4itUE
9ZiQvsUqyi4qk7jwY2Bsx5u6Kr/OX8S8wBVzK5Z7wlgbxB61+ukWSTKDI4gslGa7
5O5pIRSQwSHvwYeaXlLeYcKA0pqnuUmjfPhCYV0nY1c2JryrCgeJ4jY7VuO4Vbhc
o5HgtZeGemjJwpHY/H4rSaaVwWU9/wjnaxa/jTuOsBoPUH6Qe+xFoEL0zFMMQz9+
F7w4rHqq+xKjtbc0B0sGPcUglJ3og/IbEiogbHyXkFigfq5jiOwRb7Ifxe98rKSs
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:35 2025 by rpki-client