Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/623561-0715-4277-a0be-3411c6fb4fca/1/uxzAY0S57ZSFNWU8YJoagQxqafk.roa
File: uxzAY0S57ZSFNWU8YJoagQxqafk.roa (raw, json)
Hash identifier: bfwSWSajDFHC4tPj3KnwVPJYPivKwO9d5XLhpKX7Wss=
Subject key identifier: BB:1C:C0:63:44:B9:ED:94:85:35:65:3C:60:9A:1A:81:0C:6A:69:F9
Certificate issuer: /CN=7abe11843dbe80340b2460fc160ec6b9b88f222a
Certificate serial: 01882018AB5E1FA7C68C32E9BF78E07AAC36
Authority key identifier: 7A:BE:11:84:3D:BE:80:34:0B:24:60:FC:16:0E:C6:B9:B8:8F:22:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/er4RhD2-gDQLJGD8Fg7GubiPIio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/623561-0715-4277-a0be-3411c6fb4fca/1/uxzAY0S57ZSFNWU8YJoagQxqafk.roa
Signing time: Mon 15 May 2023 15:47:47 +0000
ROA not before: Mon 15 May 2023 15:47:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51369
IP address blocks: 212.233.68.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:20:18:ab:5e:1f:a7:c6:8c:32:e9:bf:78:e0:7a:ac:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7abe11843dbe80340b2460fc160ec6b9b88f222a
Validity
Not Before: May 15 15:47:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb1cc06344b9ed948535653c609a1a810c6a69f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7d:0c:68:b7:50:4d:7d:ed:8f:00:c6:cb:5f:
e3:57:f5:19:1e:69:6e:b1:e4:2e:c4:f9:49:2e:fe:
d3:61:e2:e8:20:b9:1f:8d:9e:fb:ce:2a:bc:b1:28:
0d:50:f5:89:ea:70:1d:dc:86:79:a5:c4:7e:4c:f1:
f9:61:54:f5:9c:17:9c:d1:cb:33:16:10:67:cf:0f:
26:68:16:b3:74:d7:c2:80:cc:69:20:a8:0d:fd:0c:
15:23:b0:85:f3:0f:4c:8d:2d:58:70:3d:9a:a8:6d:
a2:bf:a3:04:90:3a:ac:49:5b:b4:38:5a:7c:ac:cc:
14:94:05:9b:f3:c2:83:17:85:d8:e4:56:df:a1:b3:
36:b9:a0:42:75:fa:ea:e1:0f:aa:8e:4e:46:1e:c4:
13:91:25:13:df:a5:1e:bc:88:a5:39:78:91:f2:d0:
a6:94:36:fa:d4:73:fb:8c:14:2c:dd:d0:59:b1:45:
34:14:e7:61:f1:36:5c:41:8f:1c:ac:2d:5a:2e:6e:
4c:37:15:c0:a4:f4:10:3f:3b:22:4e:77:36:05:21:
d7:44:e4:0f:4b:f3:46:bd:41:6f:fb:65:01:e3:c1:
4d:61:c6:e0:64:dc:3b:a5:cd:20:e2:39:68:46:53:
bd:32:8a:85:b4:a2:03:d0:15:58:fb:4a:cf:9d:9c:
4a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:1C:C0:63:44:B9:ED:94:85:35:65:3C:60:9A:1A:81:0C:6A:69:F9
X509v3 Authority Key Identifier:
keyid:7A:BE:11:84:3D:BE:80:34:0B:24:60:FC:16:0E:C6:B9:B8:8F:22:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/er4RhD2-gDQLJGD8Fg7GubiPIio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/623561-0715-4277-a0be-3411c6fb4fca/1/uxzAY0S57ZSFNWU8YJoagQxqafk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/623561-0715-4277-a0be-3411c6fb4fca/1/er4RhD2-gDQLJGD8Fg7GubiPIio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.233.68.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:05:13:97:94:93:1d:d8:79:80:26:ad:14:e1:69:ab:36:df:
f7:48:a8:3f:34:b0:fa:ce:38:f0:1c:2a:cd:52:b5:8b:70:64:
87:57:81:b7:6e:d1:c7:30:74:51:1b:8d:28:a4:67:bf:06:73:
f3:3c:e8:51:7a:0c:9a:41:f9:3b:60:fe:19:8e:83:6b:05:55:
6f:29:91:fd:11:5b:ed:a9:03:9c:94:23:93:b4:28:82:be:ab:
eb:18:60:fd:7a:21:f2:54:83:a4:d2:26:1a:c9:b1:b7:36:7b:
5b:e1:06:b8:b9:58:be:8e:29:39:01:64:e0:6a:02:d3:67:3f:
4e:57:4d:ab:da:83:75:5b:1f:af:79:7c:36:7e:bb:0f:4e:cf:
dd:1d:c1:04:14:4f:7f:89:61:5f:e0:4e:ff:0e:14:2d:54:59:
a5:b3:f2:3a:9c:6a:a0:13:9b:94:f9:38:20:9c:46:d2:b6:4b:
b0:96:bd:d2:21:d0:77:15:ad:53:7b:6d:21:b5:2c:54:4d:6c:
a5:b9:a0:b7:af:d2:df:96:8f:1d:63:2a:4d:d6:f1:80:15:db:
83:c2:bf:96:34:8a:9c:20:1a:ef:33:09:56:e1:61:9e:b0:f6:
7d:a8:1a:ed:53:64:1e:85:bc:99:a3:8e:ea:1d:98:8a:70:d7:
c7:24:de:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYggGKteH6fGjDLpv3jgeqw2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhYmUxMTg0M2RiZTgwMzQwYjI0NjBmYzE2MGVjNmI5Yjg4
ZjIyMmEwHhcNMjMwNTE1MTU0NzQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjFjYzA2MzQ0YjllZDk0ODUzNTY1M2M2MDlhMWE4MTBjNmE2OWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArn0MaLdQTX3tjwDGy1/jV/UZHmlu
seQuxPlJLv7TYeLoILkfjZ77ziq8sSgNUPWJ6nAd3IZ5pcR+TPH5YVT1nBec0csz
FhBnzw8maBazdNfCgMxpIKgN/QwVI7CF8w9MjS1YcD2aqG2iv6MEkDqsSVu0OFp8
rMwUlAWb88KDF4XY5FbfobM2uaBCdfrq4Q+qjk5GHsQTkSUT36UevIilOXiR8tCm
lDb61HP7jBQs3dBZsUU0FOdh8TZcQY8crC1aLm5MNxXApPQQPzsiTnc2BSHXROQP
S/NGvUFv+2UB48FNYcbgZNw7pc0g4jloRlO9MoqFtKID0BVY+0rPnZxK7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLscwGNEue2UhTVlPGCaGoEMamn5MB8GA1UdIwQY
MBaAFHq+EYQ9voA0CyRg/BYOxrm4jyIqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXI0UmhEMi1nRFFMSkdEOEZnN0d1YmlQSWlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi82MjM1NjEtMDcxNS00Mjc3LWEwYmUt
MzQxMWM2ZmI0ZmNhLzEvdXh6QVkwUzU3WlNGTldVOFlKb2FnUXhxYWZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi82MjM1NjEtMDcxNS00Mjc3LWEwYmUtMzQxMWM2ZmI0ZmNh
LzEvZXI0UmhEMi1nRFFMSkdEOEZnN0d1YmlQSWlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1OlEMA0G
CSqGSIb3DQEBCwUAA4IBAQAvBROXlJMd2HmAJq0U4WmrNt/3SKg/NLD6zjjwHCrN
UrWLcGSHV4G3btHHMHRRG40opGe/BnPzPOhRegyaQfk7YP4ZjoNrBVVvKZH9EVvt
qQOclCOTtCiCvqvrGGD9eiHyVIOk0iYaybG3Nntb4Qa4uVi+jik5AWTgagLTZz9O
V02r2oN1Wx+veXw2frsPTs/dHcEEFE9/iWFf4E7/DhQtVFmls/I6nGqgE5uU+Tgg
nEbStkuwlr3SIdB3Fa1Te20htSxUTWyluaC3r9Lflo8dYypN1vGAFduDwr+WNIqc
IBrvMwlW4WGesPZ9qBrtU2QehbyZo47qHZiKcNfHJN6z
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:37:13 2025 by rpki-client