Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/417c1d-a2e4-44a6-af24-d4f5027600ae/1/Uzm76zhLq8VtlLnzwKYhc32eLZU.roa
File: Uzm76zhLq8VtlLnzwKYhc32eLZU.roa (raw, json)
Hash identifier: iPs8aNzWXvOg5+4mXwt4ykuGgTvglpPZyodPFjJKDZQ=
Subject key identifier: 53:39:BB:EB:38:4B:AB:C5:6D:94:B9:F3:C0:A6:21:73:7D:9E:2D:95
Certificate issuer: /CN=e5d272a8dc041f5adc7abd00d64d3f32c204dab2
Certificate serial: 01857321E7F7C50CA7BB799B56F4A79A2AEC
Authority key identifier: E5:D2:72:A8:DC:04:1F:5A:DC:7A:BD:00:D6:4D:3F:32:C2:04:DA:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5dJyqNwEH1rcer0A1k0_MsIE2rI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/417c1d-a2e4-44a6-af24-d4f5027600ae/1/Uzm76zhLq8VtlLnzwKYhc32eLZU.roa
Signing time: Mon 02 Jan 2023 15:37:59 +0000
ROA not before: Mon 02 Jan 2023 15:37:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 133861
IP address blocks: 194.41.36.0/24 maxlen: 24
194.41.37.0/24 maxlen: 24
194.41.58.0/24 maxlen: 24
194.41.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:21:e7:f7:c5:0c:a7:bb:79:9b:56:f4:a7:9a:2a:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5d272a8dc041f5adc7abd00d64d3f32c204dab2
Validity
Not Before: Jan 2 15:37:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5339bbeb384babc56d94b9f3c0a621737d9e2d95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:d8:96:a9:69:62:e1:9e:d7:a1:8f:86:7a:7f:
65:d3:6c:8a:28:45:25:19:46:11:92:58:d1:a0:bb:
94:47:0a:a7:e0:21:84:1c:db:5f:7f:f4:76:7a:3c:
e7:a2:b2:69:90:d8:1e:f1:76:a9:d6:48:ec:45:ba:
f3:fe:1a:1c:89:7e:d0:1a:06:8d:e2:2a:e9:da:b2:
f2:ff:02:98:2b:52:19:09:81:45:18:d2:d5:0c:95:
d9:65:68:d2:b8:08:c4:23:19:b2:99:a9:94:b6:cd:
46:1e:7b:6f:d1:1b:f5:fc:22:c5:ae:e8:4b:ba:2e:
4a:7f:68:79:7d:f9:eb:d0:58:b5:d0:48:dc:c9:7a:
9a:da:70:8c:0f:19:ca:f7:f6:b1:46:da:51:39:2c:
83:75:24:fd:7f:9b:55:c4:07:7b:8c:68:eb:06:ba:
cf:5e:35:8b:00:77:2f:7b:6d:cc:49:11:7b:88:be:
a5:09:e4:f4:d1:28:e2:61:c1:0c:b6:c0:4d:fa:84:
60:f6:65:b9:76:94:b6:d2:a5:26:27:c3:ae:3f:d2:
b9:35:74:b9:e4:4d:f6:5a:3f:b0:2f:58:c0:23:b2:
db:1d:ca:1d:ca:18:47:f6:c6:5b:c0:db:ef:a1:22:
d9:0a:81:90:c1:ce:ad:d0:8c:4c:9a:db:e5:3d:b5:
f5:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:39:BB:EB:38:4B:AB:C5:6D:94:B9:F3:C0:A6:21:73:7D:9E:2D:95
X509v3 Authority Key Identifier:
keyid:E5:D2:72:A8:DC:04:1F:5A:DC:7A:BD:00:D6:4D:3F:32:C2:04:DA:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5dJyqNwEH1rcer0A1k0_MsIE2rI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/417c1d-a2e4-44a6-af24-d4f5027600ae/1/Uzm76zhLq8VtlLnzwKYhc32eLZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/417c1d-a2e4-44a6-af24-d4f5027600ae/1/5dJyqNwEH1rcer0A1k0_MsIE2rI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.41.36.0/23
194.41.58.0/23
Signature Algorithm: sha256WithRSAEncryption
37:a9:1c:45:1b:17:42:e1:9d:e2:d3:e4:19:bb:c4:67:44:7c:
ed:49:50:a1:0d:39:61:37:87:2c:4f:6a:16:10:e1:7c:5e:ba:
47:e7:ac:a4:e9:81:6b:41:a8:62:b3:c3:c3:7f:bf:0c:2b:80:
59:cf:c8:4d:2e:2a:fd:ab:c5:d8:e4:68:f5:73:fc:8f:e1:4e:
20:eb:de:a0:1e:ec:30:39:83:94:f9:2c:2e:0b:90:86:df:1b:
1e:76:75:90:5b:56:26:a4:49:d5:93:aa:f9:77:07:61:40:3e:
33:f7:ed:6e:2d:e7:69:0a:58:45:d0:f3:a5:a6:b8:4a:81:f7:
8b:8a:ac:72:e8:17:f3:23:3c:a8:d7:94:80:03:4a:59:55:f4:
6d:13:9f:41:5c:31:7c:88:e6:fc:7e:eb:a6:b2:52:e1:bb:da:
4b:8d:b4:8d:f1:94:1e:49:16:58:79:dc:27:5c:ff:cb:b5:9e:
14:d2:1b:5c:10:25:e5:e0:d5:37:f3:a1:a5:d6:37:52:99:a0:
fb:00:0c:f3:b7:b9:d5:e3:69:15:68:15:2a:e6:0c:d8:1a:e8:
3f:d1:f9:21:41:24:5e:b5:b0:59:5b:05:8e:74:80:e1:2c:12:
31:8b:4a:06:4c:88:dc:95:49:17:70:8a:f3:2c:2a:c2:aa:c1:
d3:47:40:af
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVzIef3xQynu3mbVvSnmirsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ZDI3MmE4ZGMwNDFmNWFkYzdhYmQwMGQ2NGQzZjMyYzIw
NGRhYjIwHhcNMjMwMTAyMTUzNzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzM5YmJlYjM4NGJhYmM1NmQ5NGI5ZjNjMGE2MjE3MzdkOWUyZDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNiWqWli4Z7XoY+Gen9l02yKKEUl
GUYRkljRoLuURwqn4CGEHNtff/R2ejznorJpkNge8Xap1kjsRbrz/hociX7QGgaN
4irp2rLy/wKYK1IZCYFFGNLVDJXZZWjSuAjEIxmymamUts1GHntv0Rv1/CLFruhL
ui5Kf2h5ffnr0Fi10EjcyXqa2nCMDxnK9/axRtpROSyDdST9f5tVxAd7jGjrBrrP
XjWLAHcve23MSRF7iL6lCeT00SjiYcEMtsBN+oRg9mW5dpS20qUmJ8OuP9K5NXS5
5E32Wj+wL1jAI7LbHcodyhhH9sZbwNvvoSLZCoGQwc6t0IxMmtvlPbX1dQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFM5u+s4S6vFbZS588CmIXN9ni2VMB8GA1UdIwQY
MBaAFOXScqjcBB9a3Hq9ANZNPzLCBNqyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWRKeXFOd0VIMXJjZXIwQTFrMF9Nc0lFMnJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi80MTdjMWQtYTJlNC00NGE2LWFmMjQt
ZDRmNTAyNzYwMGFlLzEvVXptNzZ6aExxOFZ0bExuendLWWhjMzJlTFpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi80MTdjMWQtYTJlNC00NGE2LWFmMjQtZDRmNTAyNzYwMGFl
LzEvNWRKeXFOd0VIMXJjZXIwQTFrMF9Nc0lFMnJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwikkAwQB
wik6MA0GCSqGSIb3DQEBCwUAA4IBAQA3qRxFGxdC4Z3i0+QZu8RnRHztSVChDTlh
N4csT2oWEOF8XrpH56yk6YFrQahis8PDf78MK4BZz8hNLir9q8XY5Gj1c/yP4U4g
696gHuwwOYOU+SwuC5CG3xsednWQW1YmpEnVk6r5dwdhQD4z9+1uLedpClhF0POl
prhKgfeLiqxy6BfzIzyo15SAA0pZVfRtE59BXDF8iOb8fuumslLhu9pLjbSN8ZQe
SRZYedwnXP/LtZ4U0htcECXl4NU386Gl1jdSmaD7AAzzt7nV42kVaBUq5gzYGug/
0fkhQSRetbBZWwWOdIDhLBIxi0oGTIjclUkXcIrzLCrCqsHTR0Cv
-----END CERTIFICATE-----
Generated at Tue Apr 29 12:11:30 2025 by rpki-client