Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/UfpzstpCvZxkQELEVTRo-JUja8g.roa
File: UfpzstpCvZxkQELEVTRo-JUja8g.roa (raw, json)
Hash identifier: GaiCYitc4dYAthMOUBKOON78yT6VZe+99ocQ3HRVK7U=
Subject key identifier: 51:FA:73:B2:DA:42:BD:9C:64:40:42:C4:55:34:68:F8:95:23:6B:C8
Certificate issuer: /CN=4acfac8645a3c6f10042dc4a74d700d9d06af17a
Certificate serial: 01856EC220B69A069721A60CF8DE5490A3D1
Authority key identifier: 4A:CF:AC:86:45:A3:C6:F1:00:42:DC:4A:74:D7:00:D9:D0:6A:F1:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/UfpzstpCvZxkQELEVTRo-JUja8g.roa
Signing time: Sun 01 Jan 2023 19:14:54 +0000
ROA not before: Sun 01 Jan 2023 19:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211680
IP address blocks: 185.180.143.0/24 maxlen: 24
2a10:3c0:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:20:b6:9a:06:97:21:a6:0c:f8:de:54:90:a3:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4acfac8645a3c6f10042dc4a74d700d9d06af17a
Validity
Not Before: Jan 1 19:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=51fa73b2da42bd9c644042c4553468f895236bc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:4e:a1:19:e6:2c:36:f4:2a:be:c6:6b:5d:fa:
bc:84:4e:5b:3e:e2:d4:bb:be:78:32:27:7f:d9:51:
e2:a0:f7:87:bc:05:a3:e7:6b:fc:30:8c:d3:c4:99:
fa:f6:95:48:51:f1:1c:4c:a1:e5:dd:10:fc:a9:28:
c8:44:52:da:b6:a2:43:3b:a7:ac:c7:d3:7e:8c:ff:
19:0f:97:98:00:23:42:ea:98:65:5b:00:b0:3c:c7:
dd:99:08:90:c1:6c:02:47:47:95:de:35:80:e5:58:
6f:03:9d:d5:69:db:bd:9c:e5:d2:96:24:66:26:85:
81:22:cd:4c:e1:ee:4a:c4:99:c0:eb:51:30:8e:0a:
b7:4d:20:f6:9b:15:07:50:89:87:a2:9c:c6:c5:7b:
b6:26:d6:9e:84:0c:5e:dd:0e:0a:d1:61:74:08:bf:
27:36:3f:9f:74:8b:15:6f:83:7d:14:14:2b:1c:7e:
2d:c4:de:b3:6a:64:08:54:8b:f0:32:cc:b3:e4:ea:
d2:80:9d:ac:c0:17:67:8d:37:74:d2:77:f5:5b:17:
e6:3f:d7:b0:35:09:0c:fa:f9:a4:7f:63:59:df:d8:
1c:a6:3e:d9:7c:b7:9b:29:d2:aa:45:72:f9:59:73:
0b:9c:da:94:a0:06:64:35:d2:9b:46:5f:b3:cb:2b:
64:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:FA:73:B2:DA:42:BD:9C:64:40:42:C4:55:34:68:F8:95:23:6B:C8
X509v3 Authority Key Identifier:
keyid:4A:CF:AC:86:45:A3:C6:F1:00:42:DC:4A:74:D7:00:D9:D0:6A:F1:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/UfpzstpCvZxkQELEVTRo-JUja8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.180.143.0/24
IPv6:
2a10:3c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
90:68:42:a5:90:1f:57:65:4d:fd:c4:48:d9:e2:ab:e5:1b:4e:
72:d2:da:68:29:21:a9:eb:71:4b:10:58:80:09:6c:3c:da:80:
b5:29:8a:81:8c:33:68:aa:e5:4b:09:74:49:ca:7a:88:e3:2d:
c4:1a:0b:82:b4:0b:3c:10:74:50:06:34:1b:10:ff:8a:d8:13:
0e:5e:22:bd:4d:c6:ce:7f:5e:0a:2c:16:64:d8:b8:ff:86:93:
0c:64:d2:22:65:21:4b:1e:1f:21:74:18:68:97:d8:fd:47:3e:
72:61:71:b5:61:85:b7:54:14:67:8d:16:f2:2b:12:43:b1:4d:
0d:04:44:aa:8b:05:bc:3a:96:54:24:b8:2b:b0:c4:71:e6:50:
d4:7f:be:cb:91:ba:1a:1f:64:8d:2b:01:cc:49:5f:30:93:da:
a0:f1:28:8a:47:33:3c:85:18:7c:74:ea:de:72:4f:ad:d1:de:
cc:db:12:0d:1e:da:18:4c:c3:9d:00:36:b0:ab:26:5d:43:b8:
9c:ba:b1:a1:95:8b:77:d8:eb:47:d4:7f:9c:db:30:2a:0e:1d:
b8:9c:28:17:c4:38:e0:b2:44:45:a6:d5:a0:ad:2e:8c:a4:99:
59:04:c4:9b:c9:29:ef:fe:2a:53:7c:74:27:78:f6:17:64:25:
f4:5f:97:68
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVuwiC2mgaXIaYM+N5UkKPRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhY2ZhYzg2NDVhM2M2ZjEwMDQyZGM0YTc0ZDcwMGQ5ZDA2
YWYxN2EwHhcNMjMwMTAxMTkxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWZhNzNiMmRhNDJiZDljNjQ0MDQyYzQ1NTM0NjhmODk1MjM2YmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzU6hGeYsNvQqvsZrXfq8hE5bPuLU
u754Mid/2VHioPeHvAWj52v8MIzTxJn69pVIUfEcTKHl3RD8qSjIRFLatqJDO6es
x9N+jP8ZD5eYACNC6phlWwCwPMfdmQiQwWwCR0eV3jWA5VhvA53Vadu9nOXSliRm
JoWBIs1M4e5KxJnA61Ewjgq3TSD2mxUHUImHopzGxXu2JtaehAxe3Q4K0WF0CL8n
Nj+fdIsVb4N9FBQrHH4txN6zamQIVIvwMsyz5OrSgJ2swBdnjTd00nf1WxfmP9ew
NQkM+vmkf2NZ39gcpj7ZfLebKdKqRXL5WXMLnNqUoAZkNdKbRl+zyytkgwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFH6c7LaQr2cZEBCxFU0aPiVI2vIMB8GA1UdIwQY
MBaAFErPrIZFo8bxAELcSnTXANnQavF6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3Mtc2hrV2p4dkVBUXR4S2ROY0EyZEJxOFhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8yYzE3Y2ItNDc0Mi00NGNmLTg5MWYt
N2JmODI3N2Q4YTJmLzEvVWZwenN0cEN2WnhrUUVMRVZUUm8tSlVqYThnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8yYzE3Y2ItNDc0Mi00NGNmLTg5MWYtN2JmODI3N2Q4YTJm
LzEvU3Mtc2hrV2p4dkVBUXR4S2ROY0EyZEJxOFhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAubSPMA8E
AgACMAkDBwAqEAPAAAEwDQYJKoZIhvcNAQELBQADggEBAJBoQqWQH1dlTf3ESNni
q+UbTnLS2mgpIanrcUsQWIAJbDzagLUpioGMM2iq5UsJdEnKeojjLcQaC4K0CzwQ
dFAGNBsQ/4rYEw5eIr1Nxs5/XgosFmTYuP+Gkwxk0iJlIUseHyF0GGiX2P1HPnJh
cbVhhbdUFGeNFvIrEkOxTQ0ERKqLBbw6llQkuCuwxHHmUNR/vsuRuhofZI0rAcxJ
XzCT2qDxKIpHMzyFGHx06t5yT63R3szbEg0e2hhMw50ANrCrJl1DuJy6saGVi3fY
60fUf5zbMCoOHbicKBfEOOCyREWm1aCtLoykmVkExJvJKe/+KlN8dCd49hdkJfRf
l2g=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:20:01 2025 by rpki-client