Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/bc1d14-15c8-48fd-9ec3-969c94de89a5/1/Uuw3p5uZ6OfgV_kgtnKvh_w0_00.roa
File: Uuw3p5uZ6OfgV_kgtnKvh_w0_00.roa (raw, json)
Hash identifier: RDw8LlWtYlg+aWp6ZdGXroNpz8+9QIlN/ywW5DRWpNQ=
Subject key identifier: 52:EC:37:A7:9B:99:E8:E7:E0:57:F9:20:B6:72:AF:87:FC:34:FF:4D
Certificate issuer: /CN=2452ab1d2d29bac9d52eb479de64c0700fc6724f
Certificate serial: 03E61D44
Authority key identifier: 24:52:AB:1D:2D:29:BA:C9:D5:2E:B4:79:DE:64:C0:70:0F:C6:72:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JFKrHS0pusnVLrR53mTAcA_Gck8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/bc1d14-15c8-48fd-9ec3-969c94de89a5/1/Uuw3p5uZ6OfgV_kgtnKvh_w0_00.roa
Signing time: Sat 01 Jan 2022 16:10:33 +0000
ROA not before: Sat 01 Jan 2022 16:10:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47201
IP address blocks: 79.98.125.0/24 maxlen: 24
79.98.121.0/24 maxlen: 24
79.98.122.0/24 maxlen: 24
79.98.123.0/24 maxlen: 24
79.98.124.0/24 maxlen: 24
79.98.120.0/24 maxlen: 24
2a00:d30:122::/48 maxlen: 48
2a00:d30:125::/48 maxlen: 48
2a00:d30:120::/48 maxlen: 48
2a00:d30:123::/48 maxlen: 48
2a00:d30:121::/48 maxlen: 48
2a00:d30:124::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65412420 (0x3e61d44)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2452ab1d2d29bac9d52eb479de64c0700fc6724f
Validity
Not Before: Jan 1 16:10:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=52ec37a79b99e8e7e057f920b672af87fc34ff4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:33:eb:ab:8c:b4:73:33:ad:84:ba:c0:7d:f4:
25:7a:38:9b:dc:ba:89:0e:a6:c9:91:14:cf:35:81:
1e:56:03:93:40:3e:42:51:85:fc:11:dd:65:61:04:
4e:e7:b7:c2:2f:25:28:95:7a:6a:a2:6d:d9:6a:a0:
d3:e8:9b:b4:34:1a:8a:6d:54:76:20:02:72:5c:84:
7b:d5:a4:f5:c5:a4:8a:1c:77:a4:ca:0f:5e:83:f3:
bc:2b:a9:75:c5:24:78:41:e3:e2:27:9e:8b:3e:8d:
86:cc:70:ae:ed:fd:ba:e6:7e:86:95:99:eb:17:9e:
e9:9a:74:6c:ce:98:3f:37:54:bd:73:60:38:3c:f9:
4d:ba:6f:49:59:31:f0:a0:4d:05:2a:46:40:3d:8c:
82:36:9b:c4:d6:31:b7:f7:2b:d5:df:d9:b3:dd:9e:
d0:0f:0c:41:78:06:ba:82:02:fc:39:0d:7a:dc:b9:
be:43:7e:9b:3f:7d:7a:a9:be:21:ab:49:d6:96:77:
b7:bd:98:fc:47:d3:6a:84:a8:75:04:48:4c:c3:05:
2c:b1:18:17:44:02:69:45:1c:8f:99:75:7c:67:82:
28:b5:35:09:af:65:92:c5:9b:f8:31:1f:a0:61:03:
13:b1:34:f8:1d:6a:f5:ac:f0:9a:7f:7c:1d:01:3c:
41:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:EC:37:A7:9B:99:E8:E7:E0:57:F9:20:B6:72:AF:87:FC:34:FF:4D
X509v3 Authority Key Identifier:
keyid:24:52:AB:1D:2D:29:BA:C9:D5:2E:B4:79:DE:64:C0:70:0F:C6:72:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFKrHS0pusnVLrR53mTAcA_Gck8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/bc1d14-15c8-48fd-9ec3-969c94de89a5/1/Uuw3p5uZ6OfgV_kgtnKvh_w0_00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/bc1d14-15c8-48fd-9ec3-969c94de89a5/1/JFKrHS0pusnVLrR53mTAcA_Gck8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.120.0-79.98.125.255
IPv6:
2a00:d30:120::-2a00:d30:125:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
01:12:99:79:a0:4b:6e:8e:78:dd:65:2a:f7:0d:e0:92:d7:a3:
57:4e:9b:4a:8b:f0:f2:bb:0e:12:a2:66:c1:11:4c:d7:e8:52:
36:81:6b:df:f3:40:29:73:3f:66:c8:dc:df:d6:c0:be:54:4a:
45:e7:e5:62:0c:a8:b7:3b:02:2d:2e:77:ec:40:34:53:e6:f3:
6d:26:e2:72:8c:70:b1:f1:fa:fa:d7:c6:41:88:4e:8b:64:cf:
30:75:9d:32:fc:0f:77:3e:32:2b:09:fb:74:1d:83:e2:6a:89:
2f:88:67:7e:45:37:57:bb:d6:d6:25:15:c2:50:bf:44:49:32:
11:5c:bd:a8:ef:83:ab:54:48:e8:e9:60:43:60:7e:f6:76:03:
74:b6:14:76:a9:c0:ee:90:a9:92:2e:90:73:5e:96:a1:db:42:
60:85:c4:0f:0d:e2:47:7d:4f:3e:8b:8e:57:73:29:e9:4e:75:
b5:67:de:cb:34:48:d1:c0:3a:ef:09:75:26:02:b8:9e:81:14:
a8:fb:e0:fa:df:5e:3f:a0:0a:cd:99:89:12:e2:a4:78:55:86:
53:2e:68:b3:9b:5c:93:b8:82:db:32:2c:9f:5e:b5:b6:2e:cc:
d1:8f:10:32:b4:dc:41:80:16:fd:26:05:0e:2b:39:29:12:a9:
4c:1e:f8:51
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEA+YdRDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NDUyYWIxZDJkMjliYWM5ZDUyZWI0NzlkZTY0YzA3MDBmYzY3MjRmMB4XDTIyMDEw
MTE2MTAzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTJlYzM3YTc5Yjk5
ZThlN2UwNTdmOTIwYjY3MmFmODdmYzM0ZmY0ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANcz66uMtHMzrYS6wH30JXo4m9y6iQ6myZEUzzWBHlYDk0A+
QlGF/BHdZWEETue3wi8lKJV6aqJt2Wqg0+ibtDQaim1UdiACclyEe9Wk9cWkihx3
pMoPXoPzvCupdcUkeEHj4ieeiz6Nhsxwru39uuZ+hpWZ6xee6Zp0bM6YPzdUvXNg
ODz5TbpvSVkx8KBNBSpGQD2MgjabxNYxt/cr1d/Zs92e0A8MQXgGuoIC/DkNety5
vkN+mz99eqm+IatJ1pZ3t72Y/EfTaoSodQRITMMFLLEYF0QCaUUcj5l1fGeCKLU1
Ca9lksWb+DEfoGEDE7E0+B1q9azwmn98HQE8QVsCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBRS7Denm5no5+BX+SC2cq+H/DT/TTAfBgNVHSMEGDAWgBQkUqsdLSm6ydUu
tHneZMBwD8ZyTzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pGS3JIUzBwdXNuVkxyUjUzbVRBY0FfR2NrOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTkvYmMxZDE0LTE1YzgtNDhmZC05ZWMzLTk2OWM5NGRlODlhNS8x
L1V1dzNwNXVaNk9mZ1Zfa2d0bkt2aF93MF8wMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTkv
YmMxZDE0LTE1YzgtNDhmZC05ZWMzLTk2OWM5NGRlODlhNS8xL0pGS3JIUzBwdXNu
VkxyUjUzbVRBY0FfR2NrOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwFAQCAAEwDjAMAwQDT2J4AwQBT2J8MBoEAgACMBQw
EgMHBSoADTABIAMHASoADTABJDANBgkqhkiG9w0BAQsFAAOCAQEAARKZeaBLbo54
3WUq9w3gktejV06bSovw8rsOEqJmwRFM1+hSNoFr3/NAKXM/Zsjc39bAvlRKRefl
YgyotzsCLS537EA0U+bzbSbicoxwsfH6+tfGQYhOi2TPMHWdMvwPdz4yKwn7dB2D
4mqJL4hnfkU3V7vW1iUVwlC/REkyEVy9qO+Dq1RI6OlgQ2B+9nYDdLYUdqnA7pCp
ki6Qc16WodtCYIXEDw3iR31PPouOV3Mp6U51tWfeyzRI0cA67wl1JgK4noEUqPvg
+t9eP6AKzZmJEuKkeFWGUy5os5tck7iC2zIsn161ti7M0Y8QMrTcQYAW/SYFDis5
KRKpTB74UQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:52 2025 by rpki-client