Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/ba9674-e571-4e35-ab20-e5d507a826bf/1/UTs6zu_XvOieh0It2TjY37aa1gI.roa
File: UTs6zu_XvOieh0It2TjY37aa1gI.roa (raw, json)
Hash identifier: 8+UZ9zaKH7k6jfh4SNwYpBA/qTqr7uSnfNQ//U/+hZ8=
Subject key identifier: 51:3B:3A:CE:EF:D7:BC:E8:9E:87:42:2D:D9:38:D8:DF:B6:9A:D6:02
Certificate issuer: /CN=99a2c2ecf58c44b35a0da2957ff4dca2e60b686a
Certificate serial: 0DFE3E26
Authority key identifier: 99:A2:C2:EC:F5:8C:44:B3:5A:0D:A2:95:7F:F4:DC:A2:E6:0B:68:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/maLC7PWMRLNaDaKVf_TcouYLaGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/ba9674-e571-4e35-ab20-e5d507a826bf/1/UTs6zu_XvOieh0It2TjY37aa1gI.roa
Signing time: Tue 08 Mar 2022 14:00:55 +0000
ROA not before: Tue 08 Mar 2022 14:00:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28836
IP address blocks: 194.213.114.0/24 maxlen: 24
194.213.114.0/23 maxlen: 23
194.213.115.0/24 maxlen: 24
185.194.84.0/22 maxlen: 22
185.194.84.0/24 maxlen: 24
185.194.84.0/23 maxlen: 23
185.194.85.0/24 maxlen: 24
185.194.86.0/23 maxlen: 23
91.230.171.0/24 maxlen: 24
91.230.170.0/23 maxlen: 23
91.230.170.0/24 maxlen: 24
91.230.176.0/22 maxlen: 22
91.230.176.0/23 maxlen: 23
91.230.176.0/24 maxlen: 24
91.230.177.0/24 maxlen: 24
91.230.178.0/24 maxlen: 24
91.230.178.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 234765862 (0xdfe3e26)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99a2c2ecf58c44b35a0da2957ff4dca2e60b686a
Validity
Not Before: Mar 8 14:00:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=513b3aceefd7bce89e87422dd938d8dfb69ad602
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:71:fc:4b:b6:a8:36:bc:28:f2:3f:29:02:2d:
26:6d:cc:94:ac:0e:94:d7:7e:3d:ba:f9:42:99:bb:
78:22:1a:75:d3:93:b3:df:27:12:d9:f4:b0:10:9b:
4d:0d:94:d1:4e:3e:ee:8a:23:79:f3:2c:33:e6:4c:
09:9d:34:72:06:1d:d7:2a:09:a5:d3:7e:61:79:81:
7e:3d:ef:22:ea:37:5c:32:fb:66:39:7e:f2:a5:c8:
86:2f:f7:62:f0:dd:11:f8:81:4d:0a:7e:86:aa:76:
a3:fd:a3:26:6d:9d:0e:b3:09:75:34:34:4b:3d:91:
7e:cb:ec:a5:05:14:d8:3b:c1:19:d5:9a:d1:c4:3e:
a1:37:d0:d6:eb:23:13:21:79:5b:2c:bd:da:a6:20:
73:14:34:b1:7c:8b:b8:e1:df:9b:de:67:88:2f:fc:
ff:90:27:6f:e5:71:a8:36:6f:a6:4c:77:10:49:eb:
00:bf:56:5b:3c:6c:3f:be:a3:c4:db:2b:64:db:cb:
5e:63:eb:12:a4:1c:af:f8:4a:95:cf:ee:1c:cf:e1:
b0:d3:a9:0f:ad:8e:06:f2:9a:67:fa:e0:65:e8:b1:
35:37:0a:c3:ea:70:ec:1e:fd:6d:cc:4d:b2:4f:d9:
f5:85:67:ef:fa:bd:d4:18:df:c1:a5:6b:8c:a1:5b:
6a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:3B:3A:CE:EF:D7:BC:E8:9E:87:42:2D:D9:38:D8:DF:B6:9A:D6:02
X509v3 Authority Key Identifier:
keyid:99:A2:C2:EC:F5:8C:44:B3:5A:0D:A2:95:7F:F4:DC:A2:E6:0B:68:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/maLC7PWMRLNaDaKVf_TcouYLaGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/ba9674-e571-4e35-ab20-e5d507a826bf/1/UTs6zu_XvOieh0It2TjY37aa1gI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/ba9674-e571-4e35-ab20-e5d507a826bf/1/maLC7PWMRLNaDaKVf_TcouYLaGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.170.0/23
91.230.176.0/22
185.194.84.0/22
194.213.114.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:7b:94:6e:76:2b:61:7c:24:4f:4c:b9:85:e2:6f:86:db:40:
c0:f7:02:ea:69:5e:5f:fd:02:a1:0a:c1:be:6e:6c:07:33:0f:
24:be:fe:05:14:dc:d0:96:82:40:54:43:e5:c5:39:55:96:ef:
51:0d:ad:d3:68:6a:bb:53:ca:50:46:aa:f5:91:d5:23:67:77:
d7:38:20:0a:d9:00:d6:b1:41:50:57:ab:44:28:d8:a0:74:d5:
08:24:37:b3:c3:9b:d0:d9:70:91:2c:91:4b:62:ab:dc:49:52:
06:06:f3:a9:8d:6a:74:69:c4:b2:81:c1:63:2f:ea:b2:b0:c2:
52:ad:1a:3a:37:ca:97:62:7e:20:7f:af:fd:78:6d:05:da:7c:
b8:e8:c9:48:f1:04:1f:02:38:19:38:11:b2:aa:af:df:c1:d8:
0f:46:06:9e:58:d5:f9:96:fe:74:83:00:b2:13:9e:c3:1c:0f:
cf:69:cf:c8:57:b5:bb:a1:fc:51:36:ed:5a:84:e0:39:f3:83:
62:be:d2:0c:68:b4:24:e8:52:3c:53:0b:68:53:5c:a4:bc:f2:
43:90:6e:b4:8c:6c:ac:95:2e:60:7f:a9:c4:82:86:aa:74:fa:
e4:0a:e6:dc:b2:0e:a0:50:21:7a:a3:4d:13:ca:44:2c:d9:db:
0f:34:e7:1a
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEDf4+JjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OWEyYzJlY2Y1OGM0NGIzNWEwZGEyOTU3ZmY0ZGNhMmU2MGI2ODZhMB4XDTIyMDMw
ODE0MDA1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTEzYjNhY2VlZmQ3
YmNlODllODc0MjJkZDkzOGQ4ZGZiNjlhZDYwMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALZx/Eu2qDa8KPI/KQItJm3MlKwOlNd+Pbr5Qpm7eCIaddOT
s98nEtn0sBCbTQ2U0U4+7oojefMsM+ZMCZ00cgYd1yoJpdN+YXmBfj3vIuo3XDL7
Zjl+8qXIhi/3YvDdEfiBTQp+hqp2o/2jJm2dDrMJdTQ0Sz2RfsvspQUU2DvBGdWa
0cQ+oTfQ1usjEyF5Wyy92qYgcxQ0sXyLuOHfm95niC/8/5Anb+VxqDZvpkx3EEnr
AL9WWzxsP76jxNsrZNvLXmPrEqQcr/hKlc/uHM/hsNOpD62OBvKaZ/rgZeixNTcK
w+pw7B79bcxNsk/Z9YVn7/q91BjfwaVrjKFbasUCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBRROzrO79e86J6HQi3ZONjftprWAjAfBgNVHSMEGDAWgBSZosLs9YxEs1oN
opV/9Nyi5gtoajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21hTEM3UFdNUkxOYURhS1ZmX1Rjb3VZTGFHby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjYvYmE5Njc0LWU1NzEtNGUzNS1hYjIwLWU1ZDUwN2E4MjZiZi8x
L1VUczZ6dV9Ydk9pZWgwSXQyVGpZMzdhYTFnSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYv
YmE5Njc0LWU1NzEtNGUzNS1hYjIwLWU1ZDUwN2E4MjZiZi8xL21hTEM3UFdNUkxO
YURhS1ZmX1Rjb3VZTGFHby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAVvmqgMEAlvmsAMEArnCVAMEAcLV
cjANBgkqhkiG9w0BAQsFAAOCAQEAHXuUbnYrYXwkT0y5heJvhttAwPcC6mleX/0C
oQrBvm5sBzMPJL7+BRTc0JaCQFRD5cU5VZbvUQ2t02hqu1PKUEaq9ZHVI2d31zgg
CtkA1rFBUFerRCjYoHTVCCQ3s8Ob0NlwkSyRS2Kr3ElSBgbzqY1qdGnEsoHBYy/q
srDCUq0aOjfKl2J+IH+v/XhtBdp8uOjJSPEEHwI4GTgRsqqv38HYD0YGnljV+Zb+
dIMAshOewxwPz2nPyFe1u6H8UTbtWoTgOfODYr7SDGi0JOhSPFMLaFNcpLzyQ5Bu
tIxsrJUuYH+pxIKGqnT65Arm3LIOoFAheqNNE8pELNnbDzTnGg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:48:14 2025 by rpki-client