Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/UkUPocBZoylr85s_jggR0FhMDHw.roa
File: UkUPocBZoylr85s_jggR0FhMDHw.roa (raw, json)
Hash identifier: V0khfNO/lhXfepPdvh2q9ZRIpM5Wa+uV4mVy3HStE44=
Subject key identifier: 52:45:0F:A1:C0:59:A3:29:6B:F3:9B:3F:8E:08:11:D0:58:4C:0C:7C
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 01863F08D308206EB6C1040444FDF10ADBA9
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/UkUPocBZoylr85s_jggR0FhMDHw.roa
Signing time: Sat 11 Feb 2023 05:53:08 +0000
ROA not before: Sat 11 Feb 2023 05:53:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210546
IP address blocks: 194.28.224.0/24 maxlen: 24
194.28.225.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:3f:08:d3:08:20:6e:b6:c1:04:04:44:fd:f1:0a:db:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Feb 11 05:53:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52450fa1c059a3296bf39b3f8e0811d0584c0c7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:a4:46:e1:87:a1:c8:a8:23:89:c4:2d:04:4f:
08:d6:be:01:f4:5a:ea:49:b7:12:1b:ec:fe:06:be:
3a:77:61:5f:18:d4:ab:4b:67:df:15:85:a0:14:63:
5c:9a:fd:d7:fe:02:8f:dc:a8:6b:33:1d:b8:34:ba:
22:f0:b8:cc:7a:5b:43:7a:de:5a:9e:22:93:92:75:
b3:2e:8a:27:e6:57:e1:cf:41:3b:ab:e0:53:e8:81:
1e:01:4b:61:3b:2a:79:39:d6:d5:8c:f7:56:25:c5:
a8:e4:e3:61:af:f9:38:a3:bc:98:39:59:9f:76:04:
11:19:11:44:43:76:46:e0:9b:2c:29:71:dd:47:b6:
6d:c8:fd:b0:70:9c:31:dc:7e:e4:95:a5:a8:dd:eb:
db:0d:53:cc:cb:ee:dd:8f:49:eb:95:64:a0:69:41:
40:9d:78:b0:a2:e3:3a:7e:24:ef:d6:a1:ea:e2:a5:
9f:01:16:cc:2b:95:37:08:7d:78:c0:a5:f6:fc:01:
6b:89:fe:2b:18:0b:d1:98:9a:bf:85:78:d4:9e:cc:
71:74:96:f6:6f:a8:b6:e9:58:a4:08:47:ec:8e:e4:
08:bf:9b:15:99:f8:25:74:d1:70:0a:eb:72:d0:7d:
63:11:c4:1b:00:5a:50:b0:ba:91:b8:c8:e8:a2:16:
da:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:45:0F:A1:C0:59:A3:29:6B:F3:9B:3F:8E:08:11:D0:58:4C:0C:7C
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/UkUPocBZoylr85s_jggR0FhMDHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.28.224.0/23
Signature Algorithm: sha256WithRSAEncryption
c8:66:6e:f3:dc:bc:64:8a:08:38:65:e3:92:e5:64:5b:9a:ed:
c2:6b:58:3c:d6:23:29:66:e6:f5:8e:00:99:79:52:56:0d:0f:
af:fb:75:e3:21:66:af:6a:b5:ee:4a:24:f8:f1:5e:ae:1e:57:
8b:76:cd:a4:b4:6c:dd:ae:0d:b4:15:31:51:c4:f5:85:78:8c:
07:7d:1d:69:f3:74:b4:98:e5:dc:7c:ec:da:ec:3b:d7:0a:69:
71:6d:11:3a:dd:f7:56:1e:2d:9e:f8:64:7b:bc:16:25:72:88:
37:7a:e9:93:7e:66:e0:51:8b:45:97:4e:25:b5:11:10:35:a8:
60:4a:d6:d8:2f:c3:89:07:b2:47:39:93:4e:17:86:e0:9b:8d:
af:c9:ca:b3:aa:ad:ec:26:82:26:68:90:2b:c9:25:e8:2d:f8:
b3:8d:c2:66:f3:67:1d:ec:3c:f5:62:26:7f:ca:8a:6d:3f:68:
22:b5:03:3a:78:4a:56:ea:c2:0a:31:58:16:0f:81:29:d9:d3:
8a:e7:9c:41:24:df:20:81:96:90:9e:61:38:52:01:33:df:5c:
9d:f5:be:8e:ae:e7:e4:9d:69:25:6b:f9:da:08:56:a0:e6:df:
98:a5:c0:7a:5e:df:7e:45:22:fc:1c:35:3e:6b:29:df:10:a5:
d4:b9:a2:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYY/CNMIIG62wQQERP3xCtupMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjMwMjExMDU1MzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjQ1MGZhMWMwNTlhMzI5NmJmMzliM2Y4ZTA4MTFkMDU4NGMwYzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqRG4YehyKgjicQtBE8I1r4B9Frq
SbcSG+z+Br46d2FfGNSrS2ffFYWgFGNcmv3X/gKP3KhrMx24NLoi8LjMeltDet5a
niKTknWzLoon5lfhz0E7q+BT6IEeAUthOyp5OdbVjPdWJcWo5ONhr/k4o7yYOVmf
dgQRGRFEQ3ZG4JssKXHdR7ZtyP2wcJwx3H7klaWo3evbDVPMy+7dj0nrlWSgaUFA
nXiwouM6fiTv1qHq4qWfARbMK5U3CH14wKX2/AFrif4rGAvRmJq/hXjUnsxxdJb2
b6i26VikCEfsjuQIv5sVmfgldNFwCuty0H1jEcQbAFpQsLqRuMjoohba+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFJFD6HAWaMpa/ObP44IEdBYTAx8MB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvVWtVUG9jQlpveWxyODVzX2pnZ1IwRmhNREh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwhzgMA0G
CSqGSIb3DQEBCwUAA4IBAQDIZm7z3Lxkigg4ZeOS5WRbmu3Ca1g81iMpZub1jgCZ
eVJWDQ+v+3XjIWavarXuSiT48V6uHleLds2ktGzdrg20FTFRxPWFeIwHfR1p83S0
mOXcfOza7DvXCmlxbRE63fdWHi2e+GR7vBYlcog3eumTfmbgUYtFl04ltREQNahg
StbYL8OJB7JHOZNOF4bgm42vycqzqq3sJoImaJArySXoLfizjcJm82cd7Dz1YiZ/
yoptP2gitQM6eEpW6sIKMVgWD4Ep2dOK55xBJN8ggZaQnmE4UgEz31yd9b6Orufk
nWkla/naCFag5t+YpcB6Xt9+RSL8HDU+aynfEKXUuaLF
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:45 2025 by rpki-client