Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/UMACOS5I4iF529rbxM4EuTj1nYc.roa
File: UMACOS5I4iF529rbxM4EuTj1nYc.roa (raw, json)
Hash identifier: Bhqp1K64WYqsO7XB5pFgTscWpAWXZsBgIp5A5UMyW1g=
Subject key identifier: 50:C0:02:39:2E:48:E2:21:79:DB:DA:DB:C4:CE:04:B9:38:F5:9D:87
Certificate issuer: /CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Certificate serial: 01898BF8823A3240FC45348B1EEDCA784634
Authority key identifier: F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/UMACOS5I4iF529rbxM4EuTj1nYc.roa
Signing time: Tue 25 Jul 2023 07:34:26 +0000
ROA not before: Tue 25 Jul 2023 07:34:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210906
IP address blocks: 45.113.238.0/24 maxlen: 24
209.35.99.0/24 maxlen: 24
193.36.76.0/24 maxlen: 24
193.36.86.0/24 maxlen: 24
194.29.67.0/24 maxlen: 24
194.29.70.0/24 maxlen: 24
194.29.80.0/24 maxlen: 24
193.200.96.0/23 maxlen: 23
89.32.204.0/24 maxlen: 24
89.47.34.0/24 maxlen: 24
43.245.119.0/24 maxlen: 24
86.104.215.0/24 maxlen: 24
193.36.172.0/24 maxlen: 24
89.33.83.0/24 maxlen: 24
194.26.149.0/24 maxlen: 24
86.104.227.0/24 maxlen: 24
162.218.158.0/24 maxlen: 24
162.218.157.0/24 maxlen: 24
212.102.116.0/24 maxlen: 24
147.185.217.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8b:f8:82:3a:32:40:fc:45:34:8b:1e:ed:ca:78:46:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Validity
Not Before: Jul 25 07:34:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=50c002392e48e22179dbdadbc4ce04b938f59d87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:94:a8:80:2b:67:fb:81:6c:0f:17:3f:a4:8d:
96:78:c8:4f:b9:cd:a5:fe:11:9a:f7:5b:c2:a0:f8:
fc:34:d2:a3:23:b6:41:9f:1d:10:1a:eb:b4:ce:20:
49:51:eb:fd:0a:11:a5:b2:7e:6a:06:fe:dd:64:19:
c6:07:d1:69:4e:ec:ce:9c:50:8d:f2:48:66:bf:dc:
3f:fd:38:4d:0c:49:8e:59:90:5e:c5:2d:d4:c7:b7:
72:dd:04:a5:5a:d9:81:3d:59:d9:6a:a7:a4:df:a9:
49:7e:d5:2b:f3:05:07:e1:4e:ba:e3:01:de:ea:97:
1e:ad:9a:5a:f9:f3:06:cf:1d:9d:04:8c:c1:7d:87:
56:b8:98:d4:68:7a:75:70:cf:25:8d:2c:ef:4f:07:
d9:43:2d:27:56:f3:e3:4a:c6:bb:32:2f:9e:bf:1b:
04:ce:68:cc:ce:76:8e:70:9c:bb:99:14:20:57:0f:
cb:f7:8b:64:9f:a8:fe:26:79:8c:24:53:7e:3c:2e:
0a:1c:dc:4e:a4:4f:bf:7b:20:a4:26:23:df:66:2d:
cd:42:0e:6f:a6:5f:c1:c5:2b:8a:b9:bd:ce:9e:8e:
5d:76:71:0c:8a:70:17:b5:8e:b2:ec:35:2b:0e:b0:
6a:2d:f5:8e:03:dd:f6:33:c2:bf:9c:1e:c3:0c:2b:
8f:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:C0:02:39:2E:48:E2:21:79:DB:DA:DB:C4:CE:04:B9:38:F5:9D:87
X509v3 Authority Key Identifier:
keyid:F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/UMACOS5I4iF529rbxM4EuTj1nYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.245.119.0/24
45.113.238.0/24
86.104.215.0/24
86.104.227.0/24
89.32.204.0/24
89.33.83.0/24
89.47.34.0/24
147.185.217.0/24
162.218.157.0-162.218.158.255
193.36.76.0/24
193.36.86.0/24
193.36.172.0/24
193.200.96.0/23
194.26.149.0/24
194.29.67.0/24
194.29.70.0/24
194.29.80.0/24
209.35.99.0/24
212.102.116.0/24
Signature Algorithm: sha256WithRSAEncryption
06:57:70:1a:bd:8a:e9:91:a1:a3:14:03:24:02:71:c6:f8:d5:
d8:df:09:29:eb:55:4a:36:e0:00:c5:64:a4:b1:e2:b2:6a:ac:
0f:c2:1d:54:64:76:c8:cd:fd:6e:b9:c3:6a:47:25:11:a0:9a:
b6:aa:35:8b:d2:30:17:e0:ac:f2:ab:19:b6:a3:21:2b:66:25:
b2:f9:05:cc:4e:af:b7:30:15:f1:92:b0:e1:71:ef:cb:5a:cd:
ab:c7:63:a0:c3:54:b5:95:4d:8f:75:e2:57:8a:32:59:01:f8:
4d:b3:a5:a7:9a:c6:2b:3b:a9:4b:9f:eb:90:21:78:54:5b:0b:
7c:63:a7:65:97:42:b4:7f:5d:3d:f6:8c:b7:ee:05:8a:b7:78:
18:a3:33:c3:ed:98:65:16:e3:d9:50:69:25:8f:cc:c8:5f:48:
42:d7:63:fd:a0:09:d4:d7:8e:87:16:fc:50:70:77:1c:2d:8b:
a7:0a:ad:fe:4b:6c:e0:dc:1a:34:74:a5:1c:5c:1d:60:34:d6:
27:71:4e:f7:b8:15:42:53:e9:35:d2:26:9f:13:77:12:20:92:
22:d8:d7:2d:f8:d6:87:98:d9:e4:0c:54:81:d1:71:19:1d:c4:
2b:3c:68:39:1d:73:84:07:29:dd:94:d7:38:56:3e:d8:7e:0b:
ea:12:bc:36
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYmL+II6MkD8RTSLHu3KeEY0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZmIzMmQyMjY2YjFmOWJjZTU3Y2FjOThiYzAyNDdmMmM5
MTk3ZjIwHhcNMjMwNzI1MDczNDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGMwMDIzOTJlNDhlMjIxNzlkYmRhZGJjNGNlMDRiOTM4ZjU5ZDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5SogCtn+4FsDxc/pI2WeMhPuc2l
/hGa91vCoPj8NNKjI7ZBnx0QGuu0ziBJUev9ChGlsn5qBv7dZBnGB9FpTuzOnFCN
8khmv9w//ThNDEmOWZBexS3Ux7dy3QSlWtmBPVnZaqek36lJftUr8wUH4U664wHe
6pcerZpa+fMGzx2dBIzBfYdWuJjUaHp1cM8ljSzvTwfZQy0nVvPjSsa7Mi+evxsE
zmjMznaOcJy7mRQgVw/L94tkn6j+JnmMJFN+PC4KHNxOpE+/eyCkJiPfZi3NQg5v
pl/BxSuKub3Ono5ddnEMinAXtY6y7DUrDrBqLfWOA932M8K/nB7DDCuPSQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFFDAAjkuSOIhedva28TOBLk49Z2HMB8GA1UdIwQY
MBaAFPX7MtImax+bzlfKyYvAJH8skZfyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAt
MmQxNDNkN2I4NTNjLzEvVU1BQ09TNUk0aUY1MjlyYnhNNEV1VGoxblljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAtMmQxNDNkN2I4NTNj
LzEvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEACv1
dwMEAC1x7gMEAFZo1wMEAFZo4wMEAFkgzAMEAFkhUwMEAFkvIgMEAJO52TAMAwQA
otqdAwQAotqeAwQAwSRMAwQAwSRWAwQAwSSsAwQBwchgAwQAwhqVAwQAwh1DAwQA
wh1GAwQAwh1QAwQA0SNjAwQA1GZ0MA0GCSqGSIb3DQEBCwUAA4IBAQAGV3AavYrp
kaGjFAMkAnHG+NXY3wkp61VKNuAAxWSkseKyaqwPwh1UZHbIzf1uucNqRyURoJq2
qjWL0jAX4Kzyqxm2oyErZiWy+QXMTq+3MBXxkrDhce/LWs2rx2Ogw1S1lU2PdeJX
ijJZAfhNs6WnmsYrO6lLn+uQIXhUWwt8Y6dll0K0f1099oy37gWKt3gYozPD7Zhl
FuPZUGklj8zIX0hC12P9oAnU146HFvxQcHccLYunCq3+S2zg3Bo0dKUcXB1gNNYn
cU73uBVCU+k10iafE3cSIJIi2Nct+NaHmNnkDFSB0XEZHcQrPGg5HXOEByndlNc4
Vj7YfgvqErw2
-----END CERTIFICATE-----
Generated at Sun Jun 15 20:45:27 2025 by rpki-client