Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/e7e635-f256-4001-b071-b94eb9e6b9eb/1/UYoWnNSFqW2aL5vX_aO4BU1IJEg.roa
File: UYoWnNSFqW2aL5vX_aO4BU1IJEg.roa (raw, json)
Hash identifier: krvMB+1HQbYPhcYm05xO9GL7PDZjEKaw65IBIPsHHqA=
Subject key identifier: 51:8A:16:9C:D4:85:A9:6D:9A:2F:9B:D7:FD:A3:B8:05:4D:48:24:48
Certificate issuer: /CN=7ddf809131ee56531939d05f607271bdf01d19b5
Certificate serial: 0185729F04CA9B87E1EF97CE314BAA8056B5
Authority key identifier: 7D:DF:80:91:31:EE:56:53:19:39:D0:5F:60:72:71:BD:F0:1D:19:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fd-AkTHuVlMZOdBfYHJxvfAdGbU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/e7e635-f256-4001-b071-b94eb9e6b9eb/1/UYoWnNSFqW2aL5vX_aO4BU1IJEg.roa
Signing time: Mon 02 Jan 2023 13:15:02 +0000
ROA not before: Mon 02 Jan 2023 13:15:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35360
IP address blocks: 45.66.4.0/22 maxlen: 24
2a09:5fc0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9f:04:ca:9b:87:e1:ef:97:ce:31:4b:aa:80:56:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ddf809131ee56531939d05f607271bdf01d19b5
Validity
Not Before: Jan 2 13:15:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=518a169cd485a96d9a2f9bd7fda3b8054d482448
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b2:9f:5d:9c:58:1a:d8:68:db:5e:63:de:a8:
f3:24:07:df:d9:87:66:d0:83:d1:7a:bb:a6:41:e5:
6c:77:54:9f:ad:32:7e:52:31:ef:80:1d:ef:90:98:
a8:f8:02:93:22:3d:ff:dc:ee:64:7b:30:1e:86:e1:
91:69:65:38:0b:9a:5f:41:96:5b:ac:aa:6f:a7:5d:
36:4c:03:4e:d9:4a:52:38:51:d2:27:33:cc:c3:12:
12:09:53:b5:0d:20:f6:08:2f:de:60:fe:cc:81:01:
8d:8c:69:b3:e7:e3:e8:d2:77:ab:93:02:cd:77:82:
36:91:93:ee:31:08:dd:0c:62:48:6b:72:69:e7:f6:
9a:9c:c4:17:12:e5:6c:90:25:a2:b5:59:e1:8f:b7:
ab:85:21:ee:50:7f:e7:65:77:97:65:d3:8b:d0:26:
3b:82:49:db:15:37:04:f0:06:ae:f7:f7:6f:83:c3:
80:b5:19:62:03:84:5a:e0:94:97:55:78:60:7d:bc:
38:39:ee:b8:dc:c1:8b:83:6e:a7:96:b6:be:b2:9b:
a8:c0:7f:6f:5c:74:5f:27:55:a4:eb:e9:da:21:15:
3b:1e:ac:3d:1f:3f:c0:f6:57:71:19:64:83:1e:1d:
91:7c:64:aa:de:82:58:e0:2f:5b:c3:b5:7c:45:a0:
3e:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:8A:16:9C:D4:85:A9:6D:9A:2F:9B:D7:FD:A3:B8:05:4D:48:24:48
X509v3 Authority Key Identifier:
keyid:7D:DF:80:91:31:EE:56:53:19:39:D0:5F:60:72:71:BD:F0:1D:19:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd-AkTHuVlMZOdBfYHJxvfAdGbU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/e7e635-f256-4001-b071-b94eb9e6b9eb/1/UYoWnNSFqW2aL5vX_aO4BU1IJEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/e7e635-f256-4001-b071-b94eb9e6b9eb/1/fd-AkTHuVlMZOdBfYHJxvfAdGbU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.4.0/22
IPv6:
2a09:5fc0::/29
Signature Algorithm: sha256WithRSAEncryption
12:c8:5d:6f:9d:e5:c5:56:39:f2:d4:82:52:69:56:db:fc:fb:
26:1b:67:a0:a1:b7:ba:b7:7f:2e:c0:0e:76:eb:c6:f4:2c:79:
d2:93:df:62:ac:0a:f2:5c:ca:db:b5:7b:6c:8e:54:3d:47:a4:
10:81:6d:37:ef:9f:7a:bb:4e:cf:88:04:2b:ed:59:eb:c9:cb:
ca:e2:5e:50:12:2b:7f:31:90:f3:9d:d8:6d:16:7f:4f:d2:c5:
96:23:b1:23:fe:00:de:f2:24:bf:2a:38:32:e0:5c:59:18:4d:
f3:31:43:ae:cf:9a:01:52:4d:dd:a7:87:c0:29:ac:02:4d:9c:
63:21:c5:35:6d:aa:94:8a:95:f0:2a:c2:dd:39:ce:7e:04:d2:
cc:8d:10:3a:3c:f0:54:d8:01:15:cb:9c:27:e6:c7:bb:8b:ae:
0e:b3:ec:50:07:78:75:a4:d0:a6:14:fb:9e:a5:08:76:c3:20:
db:e7:83:da:8d:69:7f:7c:9e:88:b7:0b:1b:eb:32:2e:2c:ba:
95:73:31:00:81:36:56:62:19:9a:c3:d9:69:65:fe:15:72:f6:
c4:73:77:f9:87:3c:b1:28:08:4e:08:22:83:cc:f1:10:14:0d:
56:bf:da:bb:8a:8f:5d:72:2a:8c:dc:db:53:a6:61:36:3f:4a:
7a:6d:fe:1d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVynwTKm4fh75fOMUuqgFa1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZGY4MDkxMzFlZTU2NTMxOTM5ZDA1ZjYwNzI3MWJkZjAx
ZDE5YjUwHhcNMjMwMTAyMTMxNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MThhMTY5Y2Q0ODVhOTZkOWEyZjliZDdmZGEzYjgwNTRkNDgyNDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLKfXZxYGtho215j3qjzJAff2Ydm
0IPRerumQeVsd1SfrTJ+UjHvgB3vkJio+AKTIj3/3O5kezAehuGRaWU4C5pfQZZb
rKpvp102TANO2UpSOFHSJzPMwxISCVO1DSD2CC/eYP7MgQGNjGmz5+Po0nerkwLN
d4I2kZPuMQjdDGJIa3Jp5/aanMQXEuVskCWitVnhj7erhSHuUH/nZXeXZdOL0CY7
gknbFTcE8Aau9/dvg8OAtRliA4Ra4JSXVXhgfbw4Oe643MGLg26nlra+spuowH9v
XHRfJ1Wk6+naIRU7Hqw9Hz/A9ldxGWSDHh2RfGSq3oJY4C9bw7V8RaA+KQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFGKFpzUhaltmi+b1/2juAVNSCRIMB8GA1UdIwQY
MBaAFH3fgJEx7lZTGTnQX2Bycb3wHRm1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmQtQWtUSHVWbE1aT2RCZllISnh2ZkFkR2JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9lN2U2MzUtZjI1Ni00MDAxLWIwNzEt
Yjk0ZWI5ZTZiOWViLzEvVVlvV25OU0ZxVzJhTDV2WF9hTzRCVTFJSkVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9lN2U2MzUtZjI1Ni00MDAxLWIwNzEtYjk0ZWI5ZTZiOWVi
LzEvZmQtQWtUSHVWbE1aT2RCZllISnh2ZkFkR2JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLUIEMA0E
AgACMAcDBQMqCV/AMA0GCSqGSIb3DQEBCwUAA4IBAQASyF1vneXFVjny1IJSaVbb
/PsmG2egobe6t38uwA5268b0LHnSk99irAryXMrbtXtsjlQ9R6QQgW037596u07P
iAQr7VnrycvK4l5QEit/MZDzndhtFn9P0sWWI7Ej/gDe8iS/Kjgy4FxZGE3zMUOu
z5oBUk3dp4fAKawCTZxjIcU1baqUipXwKsLdOc5+BNLMjRA6PPBU2AEVy5wn5se7
i64Os+xQB3h1pNCmFPuepQh2wyDb54PajWl/fJ6Itwsb6zIuLLqVczEAgTZWYhma
w9lpZf4VcvbEc3f5hzyxKAhOCCKDzPEQFA1Wv9q7io9dciqM3NtTpmE2P0p6bf4d
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:18 2025 by rpki-client