Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/uVOFBW6O_X-es9t2-3iYHkgsO98.roa
File: uVOFBW6O_X-es9t2-3iYHkgsO98.roa (raw, json)
Hash identifier: kaNZOAS73AGulpw2DqSrQSIm9w/lbQ1i4M7XpDd79Ws=
Subject key identifier: B9:53:85:05:6E:8E:FD:7F:9E:B3:DB:76:FB:78:98:1E:48:2C:3B:DF
Certificate issuer: /CN=3144e609e361913e3c3b0a78d7486aa45b562401
Certificate serial: 018571277AA3D6E91CD6BC401F20E9BA4D75
Authority key identifier: 31:44:E6:09:E3:61:91:3E:3C:3B:0A:78:D7:48:6A:A4:5B:56:24:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MUTmCeNhkT48Owp410hqpFtWJAE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/uVOFBW6O_X-es9t2-3iYHkgsO98.roa
Signing time: Mon 02 Jan 2023 06:24:50 +0000
ROA not before: Mon 02 Jan 2023 06:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204838
IP address blocks: 185.108.38.0/24 maxlen: 24
185.108.38.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:27:7a:a3:d6:e9:1c:d6:bc:40:1f:20:e9:ba:4d:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3144e609e361913e3c3b0a78d7486aa45b562401
Validity
Not Before: Jan 2 06:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b95385056e8efd7f9eb3db76fb78981e482c3bdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:5b:1d:d7:01:70:68:27:60:e3:1b:17:8f:10:
d8:ad:8a:6b:fb:0f:e3:30:3e:4f:d3:75:26:de:3d:
d1:da:9b:af:ef:46:f2:7e:fb:a5:f3:28:f6:e9:6d:
6d:a2:72:de:3a:d0:53:82:12:9b:99:b5:00:71:ce:
49:d6:1c:fa:44:08:d4:59:c9:aa:6a:76:45:e6:f7:
57:06:e5:a1:fe:1b:7e:89:35:19:be:73:a1:e7:40:
a8:81:0d:53:aa:24:68:1f:03:35:c9:46:2b:bd:a0:
5a:14:c6:74:4f:d5:f4:e5:01:33:a8:f2:6c:96:5c:
b1:31:e9:d1:60:fa:22:8c:84:30:c3:35:6a:00:7b:
0c:70:7a:8f:33:ca:4b:98:3d:ee:fe:37:68:cd:29:
df:31:47:a3:9d:3e:14:18:ef:94:17:f3:4b:b6:57:
c1:3d:fe:b1:d8:88:6b:6d:f2:be:84:ee:b1:39:e1:
04:9f:8d:41:31:01:6b:9e:56:a4:06:19:7b:19:fa:
de:d7:4e:7e:14:50:70:6c:fe:97:87:d4:13:91:90:
fc:50:f9:f3:ad:8b:ee:ad:55:c8:ff:d6:3f:d9:0d:
2e:f5:8d:74:82:a9:64:c9:0e:b3:7c:cb:dd:07:60:
b2:7b:74:4d:dd:48:b4:d9:77:61:aa:cc:3e:19:e2:
fe:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:53:85:05:6E:8E:FD:7F:9E:B3:DB:76:FB:78:98:1E:48:2C:3B:DF
X509v3 Authority Key Identifier:
keyid:31:44:E6:09:E3:61:91:3E:3C:3B:0A:78:D7:48:6A:A4:5B:56:24:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MUTmCeNhkT48Owp410hqpFtWJAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/uVOFBW6O_X-es9t2-3iYHkgsO98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/MUTmCeNhkT48Owp410hqpFtWJAE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.38.0/23
Signature Algorithm: sha256WithRSAEncryption
a8:cc:9a:5d:70:7d:70:b8:28:66:20:a4:65:a2:e7:33:13:f4:
0e:1e:f7:43:16:f6:3b:d0:a7:6f:df:74:90:98:a9:98:e2:d9:
71:2c:99:49:4d:03:da:b0:86:af:2c:2d:71:be:d1:55:0b:79:
57:c8:9d:06:46:02:24:ff:e4:c0:e3:38:b6:25:a6:41:12:e5:
43:c9:31:4b:ba:2e:6a:ad:bf:fc:61:cb:60:4a:3f:71:15:47:
61:59:f7:b1:f5:38:f6:0b:c9:32:1b:f6:dd:be:60:bf:73:e6:
94:e2:fc:cc:66:53:72:d5:78:35:f9:52:9a:db:3a:bf:ab:af:
4a:71:db:0a:40:54:27:86:9d:61:3b:93:71:c5:c3:43:74:2c:
de:37:aa:ae:c6:8d:25:87:42:44:ac:de:cc:1b:1c:24:5a:26:
62:1a:1c:87:c6:cc:25:b4:50:30:87:5d:05:22:eb:d9:97:7d:
85:9b:e2:db:a3:6b:c1:52:47:71:f6:2c:62:54:9a:87:34:6b:
ef:3c:1a:e0:65:57:4b:05:fc:58:29:76:c1:82:78:fa:f4:af:
20:b3:2b:06:a5:df:6c:3b:33:9a:02:18:52:47:13:69:2b:a3:
a0:73:4c:92:1f:8a:60:c3:9f:e9:be:0f:0d:51:98:b9:7e:97:
ff:1b:fa:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxJ3qj1ukc1rxAHyDpuk11MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxNDRlNjA5ZTM2MTkxM2UzYzNiMGE3OGQ3NDg2YWE0NWI1
NjI0MDEwHhcNMjMwMTAyMDYyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTUzODUwNTZlOGVmZDdmOWViM2RiNzZmYjc4OTgxZTQ4MmMzYmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVsd1wFwaCdg4xsXjxDYrYpr+w/j
MD5P03Um3j3R2puv70byfvul8yj26W1tonLeOtBTghKbmbUAcc5J1hz6RAjUWcmq
anZF5vdXBuWh/ht+iTUZvnOh50CogQ1TqiRoHwM1yUYrvaBaFMZ0T9X05QEzqPJs
llyxMenRYPoijIQwwzVqAHsMcHqPM8pLmD3u/jdozSnfMUejnT4UGO+UF/NLtlfB
Pf6x2IhrbfK+hO6xOeEEn41BMQFrnlakBhl7Gfre105+FFBwbP6Xh9QTkZD8UPnz
rYvurVXI/9Y/2Q0u9Y10gqlkyQ6zfMvdB2Cye3RN3Ui02Xdhqsw+GeL+SQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLlThQVujv1/nrPbdvt4mB5ILDvfMB8GA1UdIwQY
MBaAFDFE5gnjYZE+PDsKeNdIaqRbViQBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVVUbUNlTmhrVDQ4T3dwNDEwaHFwRnRXSkFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9jYWEyYjYtODdlOC00ZTI0LWE0NDYt
Nzc1ODg4YTg3MTk0LzEvdVZPRkJXNk9fWC1lczl0Mi0zaVlIa2dzTzk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9jYWEyYjYtODdlOC00ZTI0LWE0NDYtNzc1ODg4YTg3MTk0
LzEvTVVUbUNlTmhrVDQ4T3dwNDEwaHFwRnRXSkFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuWwmMA0G
CSqGSIb3DQEBCwUAA4IBAQCozJpdcH1wuChmIKRlouczE/QOHvdDFvY70Kdv33SQ
mKmY4tlxLJlJTQPasIavLC1xvtFVC3lXyJ0GRgIk/+TA4zi2JaZBEuVDyTFLui5q
rb/8YctgSj9xFUdhWfex9Tj2C8kyG/bdvmC/c+aU4vzMZlNy1Xg1+VKa2zq/q69K
cdsKQFQnhp1hO5NxxcNDdCzeN6quxo0lh0JErN7MGxwkWiZiGhyHxswltFAwh10F
IuvZl32Fm+Lbo2vBUkdx9ixiVJqHNGvvPBrgZVdLBfxYKXbBgnj69K8gsysGpd9s
OzOaAhhSRxNpK6Ogc0ySH4pgw5/pvg8NUZi5fpf/G/pp
-----END CERTIFICATE-----
Generated at Sat May 3 21:40:05 2025 by rpki-client