Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/Uq7EGofABezZD0d35_LEV9EyyDg.roa
File: Uq7EGofABezZD0d35_LEV9EyyDg.roa (raw, json)
Hash identifier: KqV+uBkuSuZ7wEJimC6XBUJfB1x+QcP0C7ZXMkDgqdw=
Subject key identifier: 52:AE:C4:1A:87:C0:05:EC:D9:0F:47:77:E7:F2:C4:57:D1:32:C8:38
Certificate issuer: /CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Certificate serial: 01856D664A832FA47923AADA2FB8DBE76DCF
Authority key identifier: 1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/Uq7EGofABezZD0d35_LEV9EyyDg.roa
Signing time: Sun 01 Jan 2023 12:54:58 +0000
ROA not before: Sun 01 Jan 2023 12:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200682
IP address blocks: 84.207.247.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:4a:83:2f:a4:79:23:aa:da:2f:b8:db:e7:6d:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Validity
Not Before: Jan 1 12:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52aec41a87c005ecd90f4777e7f2c457d132c838
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:0f:f7:86:07:8b:09:38:f7:f1:a2:ae:cd:62:
f4:19:20:55:7d:91:e9:7a:3b:90:be:c8:39:f2:fa:
01:16:dd:68:16:54:06:7a:73:4b:51:d5:bf:bb:b7:
32:15:3b:34:67:09:2c:7f:b9:eb:8a:1e:23:5a:87:
06:8b:f3:7d:d3:ce:62:af:c5:ce:1e:fb:b1:a8:85:
f1:8f:e6:3c:d1:04:da:f0:ea:65:32:d8:1f:b9:29:
93:b9:73:57:c9:79:bb:05:70:5d:d8:8f:15:d0:66:
ca:82:6a:92:14:e1:56:65:17:44:18:26:b6:38:8e:
2d:41:bb:60:78:30:f2:aa:72:0d:e6:f6:6b:32:03:
ff:1d:01:5c:df:9b:55:20:6f:c0:09:87:6a:9f:8f:
33:e7:ea:25:5f:fa:55:37:aa:b9:4f:41:9e:f8:54:
23:cb:75:3f:30:30:cb:9b:c7:60:ae:1b:1b:ce:6e:
5a:c5:07:13:d5:ec:35:84:a0:ee:f9:18:a3:57:ab:
10:15:2c:06:32:c8:02:cd:63:f5:20:96:3f:be:81:
aa:da:35:c9:aa:d1:84:13:aa:ea:f9:01:7d:e4:0b:
9a:fe:97:13:95:fd:51:6b:8d:fe:4a:f2:dc:bd:98:
32:ab:84:df:76:29:66:ea:99:6e:07:c5:96:6e:a0:
3a:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:AE:C4:1A:87:C0:05:EC:D9:0F:47:77:E7:F2:C4:57:D1:32:C8:38
X509v3 Authority Key Identifier:
keyid:1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/Uq7EGofABezZD0d35_LEV9EyyDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.207.247.0/24
Signature Algorithm: sha256WithRSAEncryption
75:6a:02:4d:fe:61:78:e6:4d:7f:1f:9c:dd:0a:17:ee:b5:6e:
b2:ae:a3:f8:75:fc:d3:ec:66:f2:4c:b2:f6:28:ae:a2:0f:f0:
5e:5b:01:5f:a0:1a:fd:b2:a1:fc:f3:0d:41:0c:45:3e:3f:7e:
1c:6a:b5:95:98:e3:23:1c:f4:c5:5c:aa:c4:6b:56:75:72:04:
49:af:6a:79:93:8b:cd:bd:e2:76:1f:06:ee:5c:14:39:ec:b2:
89:46:ac:b9:80:be:71:67:8d:51:72:bc:39:64:b1:ea:50:ec:
26:fe:aa:ef:2e:c6:ed:75:03:ba:df:44:56:32:82:8e:74:d5:
e8:ff:e1:54:2c:77:48:54:07:92:a6:b6:f3:de:18:06:7f:01:
fc:73:00:15:3c:13:b8:75:21:c2:bf:e4:5c:b9:85:cb:69:11:
7c:88:9e:07:c9:a4:a1:d3:1a:3e:89:76:c1:3a:c5:ec:d2:12:
65:76:6d:07:0b:eb:dc:e3:a4:87:5f:02:a7:82:00:a6:ce:55:
1f:5c:88:d8:f5:e0:69:19:e6:1e:6a:3d:57:05:66:d7:e8:3f:
58:57:a0:b4:e5:ec:0d:f0:c7:69:71:69:ba:95:76:ce:e1:5b:
81:32:9e:a5:05:b8:62:79:b1:17:e1:ea:39:63:94:f1:49:4f:
29:50:2e:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtZkqDL6R5I6raL7jb523PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZTkwZmRlOTc4NGE5MWQ5M2E3YTJhZjU5ZDRkMDQzZjEx
NzFmYmEwHhcNMjMwMTAxMTI1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmFlYzQxYTg3YzAwNWVjZDkwZjQ3NzdlN2YyYzQ1N2QxMzJjODM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQ/3hgeLCTj38aKuzWL0GSBVfZHp
ejuQvsg58voBFt1oFlQGenNLUdW/u7cyFTs0Zwksf7nrih4jWocGi/N9085ir8XO
HvuxqIXxj+Y80QTa8OplMtgfuSmTuXNXyXm7BXBd2I8V0GbKgmqSFOFWZRdEGCa2
OI4tQbtgeDDyqnIN5vZrMgP/HQFc35tVIG/ACYdqn48z5+olX/pVN6q5T0Ge+FQj
y3U/MDDLm8dgrhsbzm5axQcT1ew1hKDu+RijV6sQFSwGMsgCzWP1IJY/voGq2jXJ
qtGEE6rq+QF95Aua/pcTlf1Ra43+SvLcvZgyq4Tfdilm6pluB8WWbqA65wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFKuxBqHwAXs2Q9Hd+fyxFfRMsg4MB8GA1UdIwQY
MBaAFB/pD96XhKkdk6eir1nU0EPxFx+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQt
MjM3NzJlN2Y5MmUzLzEvVXE3RUdvZkFCZXpaRDBkMzVfTEVWOUV5eURnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQtMjM3NzJlN2Y5MmUz
LzEvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVM/3MA0G
CSqGSIb3DQEBCwUAA4IBAQB1agJN/mF45k1/H5zdChfutW6yrqP4dfzT7GbyTLL2
KK6iD/BeWwFfoBr9sqH88w1BDEU+P34carWVmOMjHPTFXKrEa1Z1cgRJr2p5k4vN
veJ2HwbuXBQ57LKJRqy5gL5xZ41Rcrw5ZLHqUOwm/qrvLsbtdQO630RWMoKOdNXo
/+FULHdIVAeSprbz3hgGfwH8cwAVPBO4dSHCv+RcuYXLaRF8iJ4HyaSh0xo+iXbB
OsXs0hJldm0HC+vc46SHXwKnggCmzlUfXIjY9eBpGeYeaj1XBWbX6D9YV6C05ewN
8MdpcWm6lXbO4VuBMp6lBbhiebEX4eo5Y5TxSU8pUC4f
-----END CERTIFICATE-----
Generated at Mon Apr 28 17:46:33 2025 by rpki-client