Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/18d059-3cb2-46bf-a588-fe95a9af3adc/1/UPtDsCxbWP-i7kpI1px0xapkJX0.roa
File: UPtDsCxbWP-i7kpI1px0xapkJX0.roa (raw, json)
Hash identifier: 0qKNqmFn++D68wrVSGUBtLeWZG90j4gknlZCbeAnx+s=
Subject key identifier: 50:FB:43:B0:2C:5B:58:FF:A2:EE:4A:48:D6:9C:74:C5:AA:64:25:7D
Certificate issuer: /CN=d57c7db04e78c221f3df2a2af082b518d962a8f0
Certificate serial: 01856D53EE3CE5CF0BFFFB0C136BC86F71DD
Authority key identifier: D5:7C:7D:B0:4E:78:C2:21:F3:DF:2A:2A:F0:82:B5:18:D9:62:A8:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Xx9sE54wiHz3yoq8IK1GNliqPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/18d059-3cb2-46bf-a588-fe95a9af3adc/1/UPtDsCxbWP-i7kpI1px0xapkJX0.roa
Signing time: Sun 01 Jan 2023 12:34:55 +0000
ROA not before: Sun 01 Jan 2023 12:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43380
IP address blocks: 91.206.3.0/24 maxlen: 24
2a0f:f4c0::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:ee:3c:e5:cf:0b:ff:fb:0c:13:6b:c8:6f:71:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d57c7db04e78c221f3df2a2af082b518d962a8f0
Validity
Not Before: Jan 1 12:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=50fb43b02c5b58ffa2ee4a48d69c74c5aa64257d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e4:37:97:22:c0:87:b6:38:01:60:e3:82:30:
03:86:8a:03:85:2b:75:92:fb:32:ce:c4:97:8d:57:
48:96:ec:2f:9a:11:d5:79:94:69:01:fb:08:da:ac:
d1:39:3e:82:fb:5c:73:dd:33:69:4b:8a:79:32:78:
bc:b3:5f:f4:c4:ce:4c:54:5b:8d:75:a7:c7:55:02:
1f:f5:b1:5e:a3:a4:6d:97:3f:77:01:9f:37:ef:dc:
3f:c9:cd:e0:f6:bd:95:dd:32:33:f2:72:0c:77:35:
d1:41:d1:95:a7:bc:27:47:2a:1f:84:4a:66:08:44:
70:c2:c1:4e:89:79:3f:68:cb:fb:8a:71:9d:97:a3:
df:d8:96:c1:26:a3:d2:3b:a0:fb:1f:55:ae:3a:50:
bf:0e:84:2e:da:f0:d7:28:aa:fa:7d:7b:d8:a0:74:
28:09:a1:39:42:99:d0:7e:48:72:f9:5e:01:74:41:
44:dc:32:20:f5:cf:f4:65:a0:35:87:42:b3:be:cd:
e2:b1:61:6f:07:b0:af:71:8c:93:46:f2:28:7a:2b:
2c:50:dc:e9:71:e0:aa:fa:ed:d1:9e:14:90:b7:48:
d2:9f:91:59:25:fb:95:26:fb:b6:04:3b:9c:59:c7:
d6:0d:4b:13:e4:41:d1:f6:12:2b:77:df:7c:04:12:
e3:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:FB:43:B0:2C:5B:58:FF:A2:EE:4A:48:D6:9C:74:C5:AA:64:25:7D
X509v3 Authority Key Identifier:
keyid:D5:7C:7D:B0:4E:78:C2:21:F3:DF:2A:2A:F0:82:B5:18:D9:62:A8:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Xx9sE54wiHz3yoq8IK1GNliqPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/18d059-3cb2-46bf-a588-fe95a9af3adc/1/UPtDsCxbWP-i7kpI1px0xapkJX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/18d059-3cb2-46bf-a588-fe95a9af3adc/1/1Xx9sE54wiHz3yoq8IK1GNliqPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.3.0/24
IPv6:
2a0f:f4c0::/32
Signature Algorithm: sha256WithRSAEncryption
7b:4e:fd:0a:e5:b9:37:44:3d:98:16:e8:cb:71:1b:7a:88:de:
86:3d:15:80:1a:f3:e2:b2:a7:4f:e5:52:0d:ce:37:49:a9:ae:
0d:81:ac:c4:67:38:c5:d7:70:1f:1b:c6:02:ef:3f:bb:1d:ce:
ae:95:ab:0e:b0:61:23:7b:12:59:d0:94:d2:14:37:50:7d:c5:
75:dc:c2:7c:6a:bf:c0:69:44:81:c0:43:3d:5a:21:4b:63:4f:
ce:66:b5:64:5b:c9:4d:97:39:54:c5:60:ec:8e:ba:b1:48:45:
a9:56:5e:bd:3c:b0:4e:ed:2f:71:66:bd:34:38:40:61:64:5c:
90:45:32:df:73:44:5b:55:f9:23:76:37:93:51:0f:9e:c6:c9:
08:a3:e8:2a:6b:75:90:40:e6:fe:6f:9f:52:1c:57:c3:9e:9c:
37:2e:0c:cc:c2:7f:2a:aa:5b:db:79:6f:02:c8:9f:e6:2a:45:
f8:6f:4c:8b:e8:85:16:bb:c2:8c:07:ef:de:58:76:c5:e8:ad:
81:c0:4a:1c:71:24:4b:48:83:65:99:38:63:38:08:f9:7a:df:
15:09:91:39:a5:c2:d4:50:1c:7d:ce:25:91:cb:31:de:bb:a6:
df:92:75:1a:4d:2e:27:93:29:44:66:42:22:03:a8:88:5c:30:
bc:04:55:81
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtU+485c8L//sME2vIb3HdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1N2M3ZGIwNGU3OGMyMjFmM2RmMmEyYWYwODJiNTE4ZDk2
MmE4ZjAwHhcNMjMwMTAxMTIzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGZiNDNiMDJjNWI1OGZmYTJlZTRhNDhkNjljNzRjNWFhNjQyNTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOQ3lyLAh7Y4AWDjgjADhooDhSt1
kvsyzsSXjVdIluwvmhHVeZRpAfsI2qzROT6C+1xz3TNpS4p5Mni8s1/0xM5MVFuN
dafHVQIf9bFeo6Rtlz93AZ8379w/yc3g9r2V3TIz8nIMdzXRQdGVp7wnRyofhEpm
CERwwsFOiXk/aMv7inGdl6Pf2JbBJqPSO6D7H1WuOlC/DoQu2vDXKKr6fXvYoHQo
CaE5QpnQfkhy+V4BdEFE3DIg9c/0ZaA1h0Kzvs3isWFvB7CvcYyTRvIoeissUNzp
ceCq+u3RnhSQt0jSn5FZJfuVJvu2BDucWcfWDUsT5EHR9hIrd998BBLjlQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFD7Q7AsW1j/ou5KSNacdMWqZCV9MB8GA1UdIwQY
MBaAFNV8fbBOeMIh898qKvCCtRjZYqjwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVh4OXNFNTR3aUh6M3lvcThJSzFHTmxpcVBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi8xOGQwNTktM2NiMi00NmJmLWE1ODgt
ZmU5NWE5YWYzYWRjLzEvVVB0RHNDeGJXUC1pN2twSTFweDB4YXBrSlgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi8xOGQwNTktM2NiMi00NmJmLWE1ODgtZmU5NWE5YWYzYWRj
LzEvMVh4OXNFNTR3aUh6M3lvcThJSzFHTmxpcVBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW84DMA0E
AgACMAcDBQAqD/TAMA0GCSqGSIb3DQEBCwUAA4IBAQB7Tv0K5bk3RD2YFujLcRt6
iN6GPRWAGvPisqdP5VINzjdJqa4NgazEZzjF13AfG8YC7z+7Hc6ulasOsGEjexJZ
0JTSFDdQfcV13MJ8ar/AaUSBwEM9WiFLY0/OZrVkW8lNlzlUxWDsjrqxSEWpVl69
PLBO7S9xZr00OEBhZFyQRTLfc0RbVfkjdjeTUQ+exskIo+gqa3WQQOb+b59SHFfD
npw3LgzMwn8qqlvbeW8CyJ/mKkX4b0yL6IUWu8KMB+/eWHbF6K2BwEoccSRLSINl
mThjOAj5et8VCZE5pcLUUBx9ziWRyzHeu6bfknUaTS4nkylEZkIiA6iIXDC8BFWB
-----END CERTIFICATE-----
Generated at Sun May 4 03:43:01 2025 by rpki-client