Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/c5467b-3962-4b74-ae0d-34473bc91d80/1/U7vLPglzFPAtJrZ-6hegmNOPMGE.roa
File: U7vLPglzFPAtJrZ-6hegmNOPMGE.roa (raw, json)
Hash identifier: sKWKWvV12pw2S+h+5S0edvCAj/6/NMG8evB5W5MiTDU=
Subject key identifier: 53:BB:CB:3E:09:73:14:F0:2D:26:B6:7E:EA:17:A0:98:D3:8F:30:61
Certificate issuer: /CN=7f35d5ae417f45ee8505d76ceaa1b34c458394a0
Certificate serial: 01856EB904B91E9C2313C8A5BE1BE5B8B1E4
Authority key identifier: 7F:35:D5:AE:41:7F:45:EE:85:05:D7:6C:EA:A1:B3:4C:45:83:94:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fzXVrkF_Re6FBdds6qGzTEWDlKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/c5467b-3962-4b74-ae0d-34473bc91d80/1/U7vLPglzFPAtJrZ-6hegmNOPMGE.roa
Signing time: Sun 01 Jan 2023 19:04:57 +0000
ROA not before: Sun 01 Jan 2023 19:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50554
IP address blocks: 139.28.112.0/22 maxlen: 24
185.3.176.0/22 maxlen: 24
89.106.160.0/21 maxlen: 24
2a00:1bc8::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b9:04:b9:1e:9c:23:13:c8:a5:be:1b:e5:b8:b1:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f35d5ae417f45ee8505d76ceaa1b34c458394a0
Validity
Not Before: Jan 1 19:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53bbcb3e097314f02d26b67eea17a098d38f3061
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:98:f4:83:13:04:a1:f4:ad:90:97:7c:ee:a8:
ee:62:36:4e:5d:17:81:b7:80:77:22:3d:2a:98:c9:
c6:03:8f:2f:57:a6:d6:21:b4:57:ed:74:d1:83:a8:
d1:05:06:65:bc:3f:82:be:b5:eb:6d:6d:67:ad:85:
e0:b8:d9:07:31:cf:25:48:63:25:c8:55:59:6e:b7:
7a:a4:f3:0f:f5:a3:93:1a:6a:7f:51:36:7a:fb:ef:
fd:8a:63:51:87:8c:46:56:f0:72:a8:89:73:51:19:
7a:b6:bb:56:6c:50:23:5b:45:67:d1:4e:40:98:30:
44:49:02:79:a7:88:dc:ae:c4:8e:5c:30:6c:0f:fa:
4e:32:3d:c5:90:90:31:9b:23:a3:5d:47:38:6a:23:
fd:6e:8b:c4:cc:1c:b8:f8:9c:99:48:09:bd:48:e2:
c9:35:54:21:d5:0c:91:df:f4:28:57:37:b1:f3:36:
89:32:34:df:ab:91:33:ff:e1:b4:2c:51:f7:14:e5:
f2:7c:d3:f8:43:39:97:63:ec:3f:99:3b:60:63:d5:
62:58:b1:6d:70:f1:b8:eb:58:5d:9d:19:71:b8:09:
b9:eb:f0:01:84:89:d0:77:b2:0c:35:79:2b:08:a2:
b6:10:68:a0:a6:d1:42:39:c6:54:19:b9:fa:22:54:
c9:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:BB:CB:3E:09:73:14:F0:2D:26:B6:7E:EA:17:A0:98:D3:8F:30:61
X509v3 Authority Key Identifier:
keyid:7F:35:D5:AE:41:7F:45:EE:85:05:D7:6C:EA:A1:B3:4C:45:83:94:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fzXVrkF_Re6FBdds6qGzTEWDlKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/c5467b-3962-4b74-ae0d-34473bc91d80/1/U7vLPglzFPAtJrZ-6hegmNOPMGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/c5467b-3962-4b74-ae0d-34473bc91d80/1/fzXVrkF_Re6FBdds6qGzTEWDlKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.106.160.0/21
139.28.112.0/22
185.3.176.0/22
IPv6:
2a00:1bc8::/29
Signature Algorithm: sha256WithRSAEncryption
4c:db:02:ed:20:dd:89:0a:79:07:81:35:61:be:78:d6:ad:81:
17:23:30:3e:97:f7:1c:9a:49:bb:38:96:ca:d8:00:f6:fa:db:
26:32:5b:be:53:43:f1:5c:c9:26:f0:cb:af:ae:94:69:08:4b:
3e:58:35:13:a2:ed:62:0f:27:63:6b:8e:e4:5b:ab:fb:f8:e1:
05:8d:d7:55:8b:cd:91:97:f1:c9:b0:a1:76:9b:b9:cd:f1:50:
35:43:6b:24:2a:a5:2b:5f:b7:55:f3:5d:3f:69:a6:b8:c2:2a:
e6:70:d6:6b:93:f7:0f:82:c8:eb:16:0f:19:8c:fa:c6:38:d8:
78:32:d4:83:e9:67:db:41:40:70:15:cb:79:67:e4:cf:56:dc:
0f:fb:d2:39:75:0b:93:b3:e2:bd:56:5f:ad:97:19:28:31:a7:
34:75:5e:ba:0e:67:d5:5c:80:25:d8:dc:09:bb:a3:e9:a3:46:
5a:7b:6a:25:76:cb:2f:bb:34:29:b1:1d:49:ba:0c:db:25:16:
20:7c:33:5e:5a:e3:c0:3b:85:fa:4c:e1:47:f2:90:01:dc:43:
d8:22:59:b1:aa:fb:3b:3b:05:b5:59:20:e3:64:40:78:8a:48:
73:2a:7b:12:dd:39:5f:65:86:13:cc:61:64:58:40:5d:02:58:
25:b4:f0:ca
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVuuQS5HpwjE8ilvhvluLHkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmMzVkNWFlNDE3ZjQ1ZWU4NTA1ZDc2Y2VhYTFiMzRjNDU4
Mzk0YTAwHhcNMjMwMTAxMTkwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2JiY2IzZTA5NzMxNGYwMmQyNmI2N2VlYTE3YTA5OGQzOGYzMDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJj0gxMEofStkJd87qjuYjZOXReB
t4B3Ij0qmMnGA48vV6bWIbRX7XTRg6jRBQZlvD+CvrXrbW1nrYXguNkHMc8lSGMl
yFVZbrd6pPMP9aOTGmp/UTZ6++/9imNRh4xGVvByqIlzURl6trtWbFAjW0Vn0U5A
mDBESQJ5p4jcrsSOXDBsD/pOMj3FkJAxmyOjXUc4aiP9bovEzBy4+JyZSAm9SOLJ
NVQh1QyR3/QoVzex8zaJMjTfq5Ez/+G0LFH3FOXyfNP4QzmXY+w/mTtgY9ViWLFt
cPG461hdnRlxuAm56/ABhInQd7IMNXkrCKK2EGigptFCOcZUGbn6IlTJEQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFO7yz4JcxTwLSa2fuoXoJjTjzBhMB8GA1UdIwQY
MBaAFH811a5Bf0XuhQXXbOqhs0xFg5SgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnpYVnJrRl9SZTZGQmRkczZxR3pURVdEbEtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9jNTQ2N2ItMzk2Mi00Yjc0LWFlMGQt
MzQ0NzNiYzkxZDgwLzEvVTd2TFBnbHpGUEF0SnJaLTZoZWdtTk9QTUdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9jNTQ2N2ItMzk2Mi00Yjc0LWFlMGQtMzQ0NzNiYzkxZDgw
LzEvZnpYVnJrRl9SZTZGQmRkczZxR3pURVdEbEtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDWWqgAwQC
ixxwAwQCuQOwMA0EAgACMAcDBQMqABvIMA0GCSqGSIb3DQEBCwUAA4IBAQBM2wLt
IN2JCnkHgTVhvnjWrYEXIzA+l/ccmkm7OJbK2AD2+tsmMlu+U0PxXMkm8MuvrpRp
CEs+WDUTou1iDydja47kW6v7+OEFjddVi82Rl/HJsKF2m7nN8VA1Q2skKqUrX7dV
810/aaa4wirmcNZrk/cPgsjrFg8ZjPrGONh4MtSD6WfbQUBwFct5Z+TPVtwP+9I5
dQuTs+K9Vl+tlxkoMac0dV66DmfVXIAl2NwJu6Ppo0Zae2oldssvuzQpsR1Jugzb
JRYgfDNeWuPAO4X6TOFH8pAB3EPYIlmxqvs7OwW1WSDjZEB4ikhzKnsS3TlfZYYT
zGFkWEBdAlgltPDK
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:54 2025 by rpki-client