Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/6222f1-f4dc-4704-b946-1906a4a1f993/1/ukcDUX5H8ON01lh92slun9ARMa8.roa
File: ukcDUX5H8ON01lh92slun9ARMa8.roa (raw, json)
Hash identifier: aOKXc+oX/+H5c4AYY8Cd5jBkx+e4VL9NzqczdWATmiA=
Subject key identifier: BA:47:03:51:7E:47:F0:E3:74:D6:58:7D:DA:C9:6E:9F:D0:11:31:AF
Certificate issuer: /CN=be9fc3884705c4aedcfe7a4d17ddb752e1fe6198
Certificate serial: 0185724C781C783CAEB6481806696F52807D
Authority key identifier: BE:9F:C3:88:47:05:C4:AE:DC:FE:7A:4D:17:DD:B7:52:E1:FE:61:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vp_DiEcFxK7c_npNF923UuH-YZg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/6222f1-f4dc-4704-b946-1906a4a1f993/1/ukcDUX5H8ON01lh92slun9ARMa8.roa
Signing time: Mon 02 Jan 2023 11:44:52 +0000
ROA not before: Mon 02 Jan 2023 11:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212737
IP address blocks: 2001:67c:2de0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:4c:78:1c:78:3c:ae:b6:48:18:06:69:6f:52:80:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be9fc3884705c4aedcfe7a4d17ddb752e1fe6198
Validity
Not Before: Jan 2 11:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ba4703517e47f0e374d6587ddac96e9fd01131af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:39:d6:7a:88:85:80:21:ef:fb:5b:7b:d2:a5:
cd:dd:5b:6c:21:f9:40:e9:b0:40:b9:ca:4e:03:77:
98:73:00:58:95:ea:17:fa:27:90:88:41:79:c3:2b:
56:81:4b:16:7e:b9:ec:25:e9:b4:0f:8e:17:bf:2b:
01:43:7c:6d:6c:fe:93:2e:5a:8b:e9:fb:65:b7:1d:
f9:d6:e6:a8:30:3f:8c:0c:3c:3d:95:20:00:75:05:
bf:c2:13:6e:ca:e3:03:5e:a0:ae:2b:8d:cd:b2:9c:
0e:3a:3f:26:a3:b9:38:60:ca:a7:b9:16:86:79:a1:
37:20:79:2e:48:0b:65:cb:f5:8a:2a:ab:eb:94:00:
b9:d9:e5:2d:ad:0a:1a:14:46:27:04:ae:3d:1e:b1:
c3:41:00:99:bb:48:3e:a0:5c:37:71:99:ba:de:88:
c9:da:86:8d:4b:d3:fa:8c:b5:0b:d7:8e:da:c4:34:
a8:b5:50:95:b5:eb:f9:d2:d5:68:f4:ed:83:4e:18:
f2:56:7e:f1:32:a4:48:4d:47:44:3b:b2:4b:2b:f8:
e4:25:02:7f:0c:20:e4:c3:07:23:db:eb:63:77:95:
f9:fb:a2:e2:74:b1:7e:96:32:a2:fa:87:d1:a3:2b:
c8:60:60:7d:c1:57:f6:7c:3f:27:15:5c:37:3c:fd:
bd:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:47:03:51:7E:47:F0:E3:74:D6:58:7D:DA:C9:6E:9F:D0:11:31:AF
X509v3 Authority Key Identifier:
keyid:BE:9F:C3:88:47:05:C4:AE:DC:FE:7A:4D:17:DD:B7:52:E1:FE:61:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vp_DiEcFxK7c_npNF923UuH-YZg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/6222f1-f4dc-4704-b946-1906a4a1f993/1/ukcDUX5H8ON01lh92slun9ARMa8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/6222f1-f4dc-4704-b946-1906a4a1f993/1/vp_DiEcFxK7c_npNF923UuH-YZg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2de0::/48
Signature Algorithm: sha256WithRSAEncryption
0c:2f:0f:7a:f5:9a:6d:ba:9c:7f:4c:e3:a6:c6:ab:0f:d1:17:
35:aa:7c:fd:50:b5:bd:6d:7f:68:e1:dc:1e:be:72:44:16:1b:
b2:06:68:9a:44:67:aa:bb:6d:d1:27:a2:7b:53:35:93:28:d9:
2b:b9:09:fc:d9:5e:d9:5a:44:5c:cb:73:94:a1:1f:ba:0a:aa:
26:16:ed:21:48:ad:2b:00:bc:09:c4:6e:ff:46:6d:f3:41:13:
b0:13:02:86:39:24:cd:f5:70:37:a5:63:80:5c:e7:82:a9:7a:
87:3c:12:00:89:db:cd:d3:69:23:dd:61:30:9d:b2:0d:90:1a:
11:27:00:75:9e:42:8c:6b:98:fc:b2:d7:d2:31:e3:2a:fa:df:
5b:14:a7:af:1b:6d:fd:49:23:26:9e:68:81:dc:b3:cb:be:3e:
38:94:80:0c:1d:0a:a1:43:21:a2:8f:43:80:a3:4c:ef:db:59:
4e:e7:52:89:72:54:b6:6a:bd:05:a1:2a:57:ee:bc:bb:1f:7e:
7b:e7:e3:ee:99:ef:e2:f4:56:58:ec:c3:f0:3e:99:35:68:4c:
49:b2:e2:7f:d0:27:63:d6:66:1d:65:c4:05:eb:ef:e4:c4:ad:
b4:1c:4a:3e:11:ba:81:24:d4:a6:e8:70:69:e4:2b:75:81:15:
69:34:0d:91
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyTHgceDyutkgYBmlvUoB9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlOWZjMzg4NDcwNWM0YWVkY2ZlN2E0ZDE3ZGRiNzUyZTFm
ZTYxOTgwHhcNMjMwMTAyMTE0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTQ3MDM1MTdlNDdmMGUzNzRkNjU4N2RkYWM5NmU5ZmQwMTEzMWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTnWeoiFgCHv+1t70qXN3VtsIflA
6bBAucpOA3eYcwBYleoX+ieQiEF5wytWgUsWfrnsJem0D44XvysBQ3xtbP6TLlqL
6ftltx351uaoMD+MDDw9lSAAdQW/whNuyuMDXqCuK43NspwOOj8mo7k4YMqnuRaG
eaE3IHkuSAtly/WKKqvrlAC52eUtrQoaFEYnBK49HrHDQQCZu0g+oFw3cZm63ojJ
2oaNS9P6jLUL147axDSotVCVtev50tVo9O2DThjyVn7xMqRITUdEO7JLK/jkJQJ/
DCDkwwcj2+tjd5X5+6LidLF+ljKi+ofRoyvIYGB9wVf2fD8nFVw3PP29PQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLpHA1F+R/DjdNZYfdrJbp/QETGvMB8GA1UdIwQY
MBaAFL6fw4hHBcSu3P56TRfdt1Lh/mGYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnBfRGlFY0Z4SzdjX25wTkY5MjNVdUgtWVpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC82MjIyZjEtZjRkYy00NzA0LWI5NDYt
MTkwNmE0YTFmOTkzLzEvdWtjRFVYNUg4T04wMWxoOTJzbHVuOUFSTWE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC82MjIyZjEtZjRkYy00NzA0LWI5NDYtMTkwNmE0YTFmOTkz
LzEvdnBfRGlFY0Z4SzdjX25wTkY5MjNVdUgtWVpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfC3g
MA0GCSqGSIb3DQEBCwUAA4IBAQAMLw969Zptupx/TOOmxqsP0Rc1qnz9ULW9bX9o
4dwevnJEFhuyBmiaRGequ23RJ6J7UzWTKNkruQn82V7ZWkRcy3OUoR+6CqomFu0h
SK0rALwJxG7/Rm3zQROwEwKGOSTN9XA3pWOAXOeCqXqHPBIAidvN02kj3WEwnbIN
kBoRJwB1nkKMa5j8stfSMeMq+t9bFKevG239SSMmnmiB3LPLvj44lIAMHQqhQyGi
j0OAo0zv21lO51KJclS2ar0FoSpX7ry7H3575+Pume/i9FZY7MPwPpk1aExJsuJ/
0Cdj1mYdZcQF6+/kxK20HEo+EbqBJNSm6HBp5Ct1gRVpNA2R
-----END CERTIFICATE-----
Generated at Sat May 3 11:43:01 2025 by rpki-client