Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/0376a1-49d6-4a4d-8c2a-ed7915436b27/1/niUUyTX1HY25UooEy236XJT9mYY.roa
File: niUUyTX1HY25UooEy236XJT9mYY.roa (raw, json)
Hash identifier: aKFzcQiKk1hBw5gyipLBUH/lnf3iYqZMUTrkgumhxV8=
Subject key identifier: 9E:25:14:C9:35:F5:1D:8D:B9:52:8A:04:CB:6D:FA:5C:94:FD:99:86
Certificate issuer: /CN=1501c845f13dd4ad6e9dae470d5ff69c5cca3771
Certificate serial: 01856C53AE4D1D782DA2DA6014B66E4AC347
Authority key identifier: 15:01:C8:45:F1:3D:D4:AD:6E:9D:AE:47:0D:5F:F6:9C:5C:CA:37:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FQHIRfE91K1una5HDV_2nFzKN3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/0376a1-49d6-4a4d-8c2a-ed7915436b27/1/niUUyTX1HY25UooEy236XJT9mYY.roa
Signing time: Sun 01 Jan 2023 07:55:01 +0000
ROA not before: Sun 01 Jan 2023 07:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201877
IP address blocks: 83.139.194.0/24 maxlen: 24
83.139.200.0/24 maxlen: 24
83.139.209.0/24 maxlen: 24
83.139.211.0/24 maxlen: 24
83.139.210.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:ae:4d:1d:78:2d:a2:da:60:14:b6:6e:4a:c3:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1501c845f13dd4ad6e9dae470d5ff69c5cca3771
Validity
Not Before: Jan 1 07:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e2514c935f51d8db9528a04cb6dfa5c94fd9986
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:d0:f9:6b:50:61:59:67:fc:ac:be:0d:92:cd:
9e:32:57:26:89:47:56:2e:04:7f:fa:e8:6c:83:33:
c8:6d:12:87:ff:83:8e:03:2a:91:96:b3:82:5c:03:
ea:c7:44:59:4d:91:9e:15:b1:1f:56:82:b8:29:e6:
2f:d5:7f:8b:0b:c4:50:83:72:ca:27:fc:1e:e0:8a:
8b:c7:3c:b9:3d:f5:a2:16:1a:0c:79:dc:42:e3:1e:
47:8a:a5:38:14:ff:b7:cb:60:4c:95:38:57:ca:97:
91:98:55:45:ee:4f:d7:a4:5b:2a:e4:c1:57:23:57:
12:4b:38:ec:f8:66:09:41:dc:14:4e:0f:76:26:d0:
13:1e:1f:28:53:2c:3e:79:51:27:44:64:40:cb:88:
e7:db:46:df:34:91:d5:2f:ea:16:7f:57:f1:55:71:
2d:7a:c4:5d:be:42:77:2f:a6:88:d6:a0:34:8d:be:
04:91:3f:e7:9b:d6:96:80:48:76:8a:5e:6f:9c:35:
17:6b:0e:1d:e8:cc:25:9c:11:fc:02:71:d3:f5:50:
5d:f2:a7:33:25:8c:70:31:ce:7b:5b:bc:b3:3f:e2:
98:d1:38:88:f9:92:3d:85:df:1a:eb:e8:8e:ac:3c:
35:41:fd:3a:81:07:91:c2:1a:c2:91:ed:6c:c8:7b:
21:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:25:14:C9:35:F5:1D:8D:B9:52:8A:04:CB:6D:FA:5C:94:FD:99:86
X509v3 Authority Key Identifier:
keyid:15:01:C8:45:F1:3D:D4:AD:6E:9D:AE:47:0D:5F:F6:9C:5C:CA:37:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FQHIRfE91K1una5HDV_2nFzKN3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/0376a1-49d6-4a4d-8c2a-ed7915436b27/1/niUUyTX1HY25UooEy236XJT9mYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/0376a1-49d6-4a4d-8c2a-ed7915436b27/1/FQHIRfE91K1una5HDV_2nFzKN3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.139.194.0/24
83.139.200.0/24
83.139.209.0-83.139.211.255
Signature Algorithm: sha256WithRSAEncryption
00:5f:02:fe:ec:65:23:aa:4a:64:cb:cc:7c:6d:5c:f4:94:89:
51:f4:e6:0e:d1:5d:c0:bd:51:98:17:61:2d:17:b1:19:ac:53:
03:c2:77:2c:a0:62:94:05:7b:a9:dc:b5:2a:62:1a:8a:2c:45:
d2:14:82:57:a3:bf:f7:12:e9:ef:c8:84:26:7a:f7:42:ef:2f:
2a:cc:7a:05:e7:7b:d2:47:71:f1:b4:c5:97:38:e5:11:85:31:
a1:ac:bc:77:5c:c3:ef:22:41:ac:48:45:78:6c:f9:69:6a:17:
c1:ee:4c:49:19:59:81:23:27:74:d6:22:8a:c0:c6:12:5c:02:
e6:0a:5f:8a:83:f9:c4:ee:e1:fd:a7:c3:1d:9a:40:03:7d:f0:
97:39:c6:89:c4:91:ee:f6:3c:b7:d3:a0:44:2a:09:f2:61:04:
8d:a7:8a:6a:de:4a:26:02:16:2e:de:93:94:1b:cd:86:6e:d6:
e7:1b:a4:d2:1d:05:34:61:79:60:c1:be:cc:05:a8:1b:11:da:
51:eb:2d:8c:6d:ae:27:70:81:bd:fe:df:8e:97:f5:f9:5f:a2:
6a:99:b2:0b:ae:e7:3d:a9:ed:87:4e:2c:23:55:a4:ee:bf:8b:
d7:a1:87:9e:9b:7c:6c:b5:c5:8b:e9:bd:91:a8:70:dc:be:ff:
44:8b:e2:7a
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVsU65NHXgtotpgFLZuSsNHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1MDFjODQ1ZjEzZGQ0YWQ2ZTlkYWU0NzBkNWZmNjljNWNj
YTM3NzEwHhcNMjMwMTAxMDc1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTI1MTRjOTM1ZjUxZDhkYjk1MjhhMDRjYjZkZmE1Yzk0ZmQ5OTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktD5a1BhWWf8rL4Nks2eMlcmiUdW
LgR/+uhsgzPIbRKH/4OOAyqRlrOCXAPqx0RZTZGeFbEfVoK4KeYv1X+LC8RQg3LK
J/we4IqLxzy5PfWiFhoMedxC4x5HiqU4FP+3y2BMlThXypeRmFVF7k/XpFsq5MFX
I1cSSzjs+GYJQdwUTg92JtATHh8oUyw+eVEnRGRAy4jn20bfNJHVL+oWf1fxVXEt
esRdvkJ3L6aI1qA0jb4EkT/nm9aWgEh2il5vnDUXaw4d6MwlnBH8AnHT9VBd8qcz
JYxwMc57W7yzP+KY0TiI+ZI9hd8a6+iOrDw1Qf06gQeRwhrCke1syHshOQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJ4lFMk19R2NuVKKBMtt+lyU/ZmGMB8GA1UdIwQY
MBaAFBUByEXxPdStbp2uRw1f9pxcyjdxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlFISVJmRTkxSzF1bmE1SERWXzJuRnpLTjNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8wMzc2YTEtNDlkNi00YTRkLThjMmEt
ZWQ3OTE1NDM2YjI3LzEvbmlVVXlUWDFIWTI1VW9vRXkyMzZYSlQ5bVlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8wMzc2YTEtNDlkNi00YTRkLThjMmEtZWQ3OTE1NDM2YjI3
LzEvRlFISVJmRTkxSzF1bmE1SERWXzJuRnpLTjNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAU4vCAwQA
U4vIMAwDBABTi9EDBAJTi9AwDQYJKoZIhvcNAQELBQADggEBAABfAv7sZSOqSmTL
zHxtXPSUiVH05g7RXcC9UZgXYS0XsRmsUwPCdyygYpQFe6nctSpiGoosRdIUglej
v/cS6e/IhCZ690LvLyrMegXne9JHcfG0xZc45RGFMaGsvHdcw+8iQaxIRXhs+Wlq
F8HuTEkZWYEjJ3TWIorAxhJcAuYKX4qD+cTu4f2nwx2aQAN98Jc5xonEke72PLfT
oEQqCfJhBI2nimreSiYCFi7ek5QbzYZu1ucbpNIdBTRheWDBvswFqBsR2lHrLYxt
ridwgb3+346X9flfomqZsguu5z2p7YdOLCNVpO6/i9ehh56bfGy1xYvpvZGocNy+
/0SL4no=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:50 2025 by rpki-client