Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/e631bf-de95-4cff-b0dd-5cb2d7258b0d/1/USumEZTNMPFTL-Xc4r2zDoKnM0E.roa
File: USumEZTNMPFTL-Xc4r2zDoKnM0E.roa (raw, json)
Hash identifier: zxV55HMcSm27fxWNeB66p5IVGZ8VS95atjdWRiyacY8=
Subject key identifier: 51:2B:A6:11:94:CD:30:F1:53:2F:E5:DC:E2:BD:B3:0E:82:A7:33:41
Certificate issuer: /CN=a48da5209bd6cf90c6df6d7e6d63a63955bad4b5
Certificate serial: 018BAE90E301D6292BE74F3C493437BB8047
Authority key identifier: A4:8D:A5:20:9B:D6:CF:90:C6:DF:6D:7E:6D:63:A6:39:55:BA:D4:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pI2lIJvWz5DG321-bWOmOVW61LU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/e631bf-de95-4cff-b0dd-5cb2d7258b0d/1/USumEZTNMPFTL-Xc4r2zDoKnM0E.roa
Signing time: Wed 08 Nov 2023 10:53:32 +0000
ROA not before: Wed 08 Nov 2023 10:53:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206865
IP address blocks: 185.168.190.0/23 maxlen: 23
185.168.188.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ae:90:e3:01:d6:29:2b:e7:4f:3c:49:34:37:bb:80:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a48da5209bd6cf90c6df6d7e6d63a63955bad4b5
Validity
Not Before: Nov 8 10:53:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=512ba61194cd30f1532fe5dce2bdb30e82a73341
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:12:ef:4d:08:7f:5e:8e:ca:de:90:4d:0f:d5:
70:b8:f8:93:36:f4:b0:c2:e2:b3:08:ca:75:d1:95:
17:d8:a2:9f:73:3f:4e:cd:e6:d9:5a:56:77:2c:e2:
59:70:3e:82:31:75:cc:92:50:64:83:72:04:57:f8:
58:86:59:d8:4e:bf:1e:b7:25:93:89:4a:4d:ac:23:
76:be:38:0f:ae:7e:07:3e:0b:14:96:23:37:ee:42:
ba:75:d1:dd:67:c2:4b:93:e7:73:1c:95:87:e5:1e:
ad:fe:39:c2:d5:59:d1:cd:74:43:4f:43:07:da:97:
ad:f8:a0:63:f3:25:bf:7e:e2:af:76:15:2b:69:a8:
05:d3:c0:6c:59:55:98:82:e0:7b:d2:6f:24:d4:96:
95:6a:f9:e5:a5:3d:b7:19:2e:ac:67:b7:b9:75:52:
81:8d:08:9d:06:ca:e7:ca:a6:20:88:94:8d:5c:19:
6a:c5:c7:a0:79:2b:4c:f7:f4:d0:f3:3f:c5:84:26:
de:f0:88:cb:db:16:2c:d5:9a:b3:70:83:36:60:b4:
32:d4:6e:7c:32:91:30:c5:5c:c6:44:69:0e:f8:81:
22:db:5d:79:ef:81:c1:f2:0d:2f:ff:91:b6:68:55:
59:b4:9c:64:32:16:a3:09:74:4e:d2:d6:4d:dc:11:
06:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:2B:A6:11:94:CD:30:F1:53:2F:E5:DC:E2:BD:B3:0E:82:A7:33:41
X509v3 Authority Key Identifier:
keyid:A4:8D:A5:20:9B:D6:CF:90:C6:DF:6D:7E:6D:63:A6:39:55:BA:D4:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pI2lIJvWz5DG321-bWOmOVW61LU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/e631bf-de95-4cff-b0dd-5cb2d7258b0d/1/USumEZTNMPFTL-Xc4r2zDoKnM0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/e631bf-de95-4cff-b0dd-5cb2d7258b0d/1/pI2lIJvWz5DG321-bWOmOVW61LU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.168.188.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:b1:62:d9:aa:4d:2e:87:0f:f5:96:28:f0:05:b8:ed:9e:50:
29:56:2f:9a:26:5a:b8:d2:f5:1c:08:d4:6b:c4:51:8d:3a:70:
01:83:f8:7d:f5:8e:16:3e:8b:f1:00:e4:5d:fc:d7:ab:e0:19:
63:09:ed:b3:28:75:1e:35:f1:33:e3:63:0a:09:fd:d1:10:28:
d0:34:5d:66:fe:c1:a3:7b:09:53:9d:4e:1e:b3:c4:6b:9d:b6:
35:2e:5d:2d:fb:b5:bd:0e:4b:47:a8:46:d5:34:d2:82:d4:89:
c0:d6:75:ec:73:a2:ba:b7:a7:b8:01:24:31:e4:c1:02:5b:ab:
0e:c3:a8:b7:fc:f1:7c:8f:d6:a4:a3:86:be:23:9e:d7:5e:53:
d9:c7:6c:74:1b:aa:9b:d5:f1:5a:6a:69:87:5a:a6:ea:53:38:
1c:52:df:2b:08:f2:6e:09:5e:23:20:ac:63:a8:2b:39:8f:46:
1b:30:11:4a:7b:a5:99:bf:ff:94:af:46:12:48:24:a2:49:9a:
be:fa:9a:8c:b5:ed:e2:99:dc:1a:8f:3e:62:cc:71:32:7b:0a:
5e:8e:37:44:66:31:e1:33:63:a8:7e:97:56:06:c8:c4:19:47:
2b:29:c0:fe:e8:96:20:69:4e:e3:e6:c4:6b:a3:58:c1:5e:d3:
ed:0f:65:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuukOMB1ikr5088STQ3u4BHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0OGRhNTIwOWJkNmNmOTBjNmRmNmQ3ZTZkNjNhNjM5NTVi
YWQ0YjUwHhcNMjMxMTA4MTA1MzMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTJiYTYxMTk0Y2QzMGYxNTMyZmU1ZGNlMmJkYjMwZTgyYTczMzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRLvTQh/Xo7K3pBND9VwuPiTNvSw
wuKzCMp10ZUX2KKfcz9OzebZWlZ3LOJZcD6CMXXMklBkg3IEV/hYhlnYTr8etyWT
iUpNrCN2vjgPrn4HPgsUliM37kK6ddHdZ8JLk+dzHJWH5R6t/jnC1VnRzXRDT0MH
2pet+KBj8yW/fuKvdhUraagF08BsWVWYguB70m8k1JaVavnlpT23GS6sZ7e5dVKB
jQidBsrnyqYgiJSNXBlqxcegeStM9/TQ8z/FhCbe8IjL2xYs1ZqzcIM2YLQy1G58
MpEwxVzGRGkO+IEi211574HB8g0v/5G2aFVZtJxkMhajCXRO0tZN3BEGlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFErphGUzTDxUy/l3OK9sw6CpzNBMB8GA1UdIwQY
MBaAFKSNpSCb1s+Qxt9tfm1jpjlVutS1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEkybElKdld6NURHMzIxLWJXT21PVlc2MUxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9lNjMxYmYtZGU5NS00Y2ZmLWIwZGQt
NWNiMmQ3MjU4YjBkLzEvVVN1bUVaVE5NUEZUTC1YYzRyMnpEb0tuTTBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9lNjMxYmYtZGU5NS00Y2ZmLWIwZGQtNWNiMmQ3MjU4YjBk
LzEvcEkybElKdld6NURHMzIxLWJXT21PVlc2MUxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuai8MA0G
CSqGSIb3DQEBCwUAA4IBAQB6sWLZqk0uhw/1lijwBbjtnlApVi+aJlq40vUcCNRr
xFGNOnABg/h99Y4WPovxAORd/Ner4BljCe2zKHUeNfEz42MKCf3RECjQNF1m/sGj
ewlTnU4es8RrnbY1Ll0t+7W9DktHqEbVNNKC1InA1nXsc6K6t6e4ASQx5MECW6sO
w6i3/PF8j9ako4a+I57XXlPZx2x0G6qb1fFaammHWqbqUzgcUt8rCPJuCV4jIKxj
qCs5j0YbMBFKe6WZv/+Ur0YSSCSiSZq++pqMte3imdwajz5izHEyewpejjdEZjHh
M2OofpdWBsjEGUcrKcD+6JYgaU7j5sRro1jBXtPtD2Wb
-----END CERTIFICATE-----
Generated at Sun Apr 27 22:13:59 2025 by rpki-client