Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/uwwc9tE61cn7ISH1eUWeMCA5Q_A.roa
File: uwwc9tE61cn7ISH1eUWeMCA5Q_A.roa (raw, json)
Hash identifier: Y/3xYO4Ck40TDgqcTG2Lh75Bsf2uafr0iSAAbtKyGss=
Subject key identifier: BB:0C:1C:F6:D1:3A:D5:C9:FB:21:21:F5:79:45:9E:30:20:39:43:F0
Certificate issuer: /CN=a4327c56e941171ea3beba26ebb9e23f4df5bcf3
Certificate serial: 018BA8F9AB8AD49BF69D9105C23243C19299
Authority key identifier: A4:32:7C:56:E9:41:17:1E:A3:BE:BA:26:EB:B9:E2:3F:4D:F5:BC:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/uwwc9tE61cn7ISH1eUWeMCA5Q_A.roa
Signing time: Tue 07 Nov 2023 08:50:16 +0000
ROA not before: Tue 07 Nov 2023 08:50:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21263
IP address blocks: 149.238.32.0/19 maxlen: 19
149.238.160.0/19 maxlen: 19
192.112.208.0/24 maxlen: 24
149.238.192.0/19 maxlen: 19
149.238.0.0/19 maxlen: 19
149.238.224.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a8:f9:ab:8a:d4:9b:f6:9d:91:05:c2:32:43:c1:92:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4327c56e941171ea3beba26ebb9e23f4df5bcf3
Validity
Not Before: Nov 7 08:50:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb0c1cf6d13ad5c9fb2121f579459e30203943f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:10:d2:69:ef:2d:f1:b4:db:58:c1:45:fb:aa:
34:b0:60:6f:2b:3d:72:53:b4:a8:71:af:24:75:18:
36:fc:82:c5:da:66:23:05:ff:f7:fc:d3:7e:16:8f:
02:56:9c:eb:ae:a9:e9:d8:9d:ff:24:c5:0a:16:5b:
59:43:c9:c3:0b:06:08:4d:c9:e1:41:6c:2b:6a:52:
7c:28:ba:88:05:b4:a6:c6:8c:06:09:4a:9c:9d:04:
66:d1:e2:8e:cd:f1:d3:64:38:5b:ba:8b:01:25:03:
ac:ab:d4:d0:ba:15:93:4c:15:21:4a:96:53:34:25:
96:43:d9:11:42:4f:42:a1:60:bf:27:04:46:45:86:
ed:70:29:8e:68:43:22:96:db:12:7a:82:f9:9f:1d:
fd:46:18:51:4d:ea:46:8e:80:45:84:10:1b:97:56:
6c:52:1f:98:05:2c:7f:34:b4:89:19:27:d6:4f:1d:
77:cf:69:92:66:47:c1:70:d1:b3:dd:cc:ca:27:6d:
8d:9d:fc:e0:72:05:f8:8c:5f:4a:6c:f4:63:39:f6:
39:95:39:35:3b:b2:04:57:f1:1f:47:90:95:e1:3a:
7c:c3:22:1c:3a:a7:7d:01:b7:10:bb:57:0b:ae:6b:
15:43:77:29:b8:79:55:2a:f3:ad:c6:63:e3:7e:b5:
53:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:0C:1C:F6:D1:3A:D5:C9:FB:21:21:F5:79:45:9E:30:20:39:43:F0
X509v3 Authority Key Identifier:
keyid:A4:32:7C:56:E9:41:17:1E:A3:BE:BA:26:EB:B9:E2:3F:4D:F5:BC:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/uwwc9tE61cn7ISH1eUWeMCA5Q_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/pDJ8VulBFx6jvrom67niP031vPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.238.0.0/18
149.238.160.0-149.238.255.255
192.112.208.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:e0:62:c0:c2:4e:10:05:0a:8f:c2:c3:4c:a8:f8:dd:c0:a1:
be:0c:67:68:84:1d:53:10:0a:2d:f8:bd:9f:50:ce:f5:84:fa:
d1:5c:af:b9:70:07:1c:ea:44:00:30:73:dd:63:57:ff:5c:3d:
7e:5c:6f:e5:48:70:3e:a4:d1:45:e9:57:41:3d:19:e9:68:dc:
57:44:a9:04:35:e7:d8:76:9a:d1:a3:f8:0d:e7:47:02:fd:29:
45:26:7a:cb:bd:ce:5c:94:ba:5b:26:b7:f2:b4:e7:5c:45:b5:
da:c5:c2:e5:43:42:e7:3a:d9:d1:c0:d0:f9:75:83:df:77:b9:
10:d9:57:af:9a:64:e6:38:e4:79:ff:7a:5f:33:e3:1b:52:57:
0f:86:62:29:d7:fc:b3:35:e4:f6:b2:85:89:b2:af:22:bb:e7:
11:bc:95:25:3b:2b:f9:8c:31:28:7a:93:f9:de:34:97:ea:b6:
02:27:b1:8a:82:ba:75:6d:cf:13:a4:d8:ab:98:da:db:eb:33:
ab:e4:03:df:7c:ec:ae:af:cd:9b:96:88:87:7d:c5:5e:8d:ac:
93:3d:89:f6:bc:d8:11:eb:8c:9c:07:63:85:54:af:2e:be:4e:
3e:62:07:ba:ca:42:51:11:20:e3:84:33:d1:f1:69:c7:11:44:
62:a0:50:bf
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYuo+auK1Jv2nZEFwjJDwZKZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MzI3YzU2ZTk0MTE3MWVhM2JlYmEyNmViYjllMjNmNGRm
NWJjZjMwHhcNMjMxMTA3MDg1MDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjBjMWNmNmQxM2FkNWM5ZmIyMTIxZjU3OTQ1OWUzMDIwMzk0M2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgxDSae8t8bTbWMFF+6o0sGBvKz1y
U7Soca8kdRg2/ILF2mYjBf/3/NN+Fo8CVpzrrqnp2J3/JMUKFltZQ8nDCwYITcnh
QWwralJ8KLqIBbSmxowGCUqcnQRm0eKOzfHTZDhbuosBJQOsq9TQuhWTTBUhSpZT
NCWWQ9kRQk9CoWC/JwRGRYbtcCmOaEMiltsSeoL5nx39RhhRTepGjoBFhBAbl1Zs
Uh+YBSx/NLSJGSfWTx13z2mSZkfBcNGz3czKJ22NnfzgcgX4jF9KbPRjOfY5lTk1
O7IEV/EfR5CV4Tp8wyIcOqd9AbcQu1cLrmsVQ3cpuHlVKvOtxmPjfrVT+wIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFLsMHPbROtXJ+yEh9XlFnjAgOUPwMB8GA1UdIwQY
MBaAFKQyfFbpQRceo766Juu54j9N9bzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcERKOFZ1bEJGeDZqdnJvbTY3bmlQMDMxdlBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS85YTQ4MzMtNmRhNC00ZGRhLWI3YWIt
MjhjMzQzY2U5ZDVkLzEvdXd3Yzl0RTYxY243SVNIMWVVV2VNQ0E1UV9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS85YTQ4MzMtNmRhNC00ZGRhLWI3YWItMjhjMzQzY2U5ZDVk
LzEvcERKOFZ1bEJGeDZqdnJvbTY3bmlQMDMxdlBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAATAZAwQGle4AMAsD
BAWV7qADAwCV7gMEAMBw0DANBgkqhkiG9w0BAQsFAAOCAQEASuBiwMJOEAUKj8LD
TKj43cChvgxnaIQdUxAKLfi9n1DO9YT60VyvuXAHHOpEADBz3WNX/1w9flxv5Uhw
PqTRRelXQT0Z6WjcV0SpBDXn2Haa0aP4DedHAv0pRSZ6y73OXJS6Wya38rTnXEW1
2sXC5UNC5zrZ0cDQ+XWD33e5ENlXr5pk5jjkef96XzPjG1JXD4ZiKdf8szXk9rKF
ibKvIrvnEbyVJTsr+YwxKHqT+d40l+q2AiexioK6dW3PE6TYq5ja2+szq+QD33zs
rq/Nm5aIh33FXo2skz2J9rzYEeuMnAdjhVSvLr5OPmIHuspCUREg44Qz0fFpxxFE
YqBQvw==
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:34:42 2025 by rpki-client