Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/8cdd49-c094-4c6a-918c-0aa463cdfca0/1/UMTIQ1UAg6VD6vnjtsgcD7HdQt0.roa
File: UMTIQ1UAg6VD6vnjtsgcD7HdQt0.roa (raw, json)
Hash identifier: 5LuQNMDxPYOeZLabGvXV7Fp7re+d/S1pvYVdzaK00lU=
Subject key identifier: 50:C4:C8:43:55:00:83:A5:43:EA:F9:E3:B6:C8:1C:0F:B1:DD:42:DD
Certificate issuer: /CN=e7c07db9880133c5cdce005bca111b552cd14c53
Certificate serial: 018B94545214B11B3F1DBB4E4D452A0B582E
Authority key identifier: E7:C0:7D:B9:88:01:33:C5:CD:CE:00:5B:CA:11:1B:55:2C:D1:4C:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/58B9uYgBM8XNzgBbyhEbVSzRTFM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/8cdd49-c094-4c6a-918c-0aa463cdfca0/1/UMTIQ1UAg6VD6vnjtsgcD7HdQt0.roa
Signing time: Fri 03 Nov 2023 08:37:15 +0000
ROA not before: Fri 03 Nov 2023 08:37:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202539
IP address blocks: 45.12.200.0/24 maxlen: 24
2001:67c:1160::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:94:54:52:14:b1:1b:3f:1d:bb:4e:4d:45:2a:0b:58:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7c07db9880133c5cdce005bca111b552cd14c53
Validity
Not Before: Nov 3 08:37:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=50c4c843550083a543eaf9e3b6c81c0fb1dd42dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:81:14:5d:4f:20:7d:c8:24:c3:3d:64:14:90:
12:f5:0c:2b:10:fe:27:96:e9:3c:da:26:e2:94:07:
04:11:0d:26:51:68:5f:cf:11:05:86:3b:d7:2a:bf:
b1:2e:c0:e4:32:5f:67:80:e3:ea:58:05:21:d1:7d:
3b:d5:ee:c8:93:85:e2:36:1c:1c:5d:92:e8:e6:b3:
43:a9:73:fb:b4:fa:c9:d8:7a:ab:ba:84:ec:8c:3b:
fa:9c:6b:2e:50:5f:f2:cd:fb:50:d2:aa:cf:0a:e6:
44:13:aa:35:8c:77:06:59:a4:8a:c0:dc:99:28:89:
6c:d8:d7:3e:12:d3:e4:1e:3c:77:b8:f2:71:83:eb:
3f:af:5d:2e:21:da:4e:94:b5:a7:6a:b1:55:6e:9d:
e1:7b:5a:ee:87:1d:eb:b3:43:2d:d5:66:e3:32:5a:
c1:40:c2:a0:c6:05:66:44:ba:cc:58:f9:d4:1f:77:
92:b7:8e:0b:37:7b:f3:e4:2d:e8:72:02:ee:c1:a6:
84:f2:6d:29:f4:f7:47:8b:2f:f6:77:88:14:df:42:
e9:38:1f:6f:cd:2c:2a:e0:26:42:23:53:18:54:6a:
a9:81:ef:7e:34:70:11:a3:61:f3:03:95:e9:7c:fc:
31:4e:7a:8b:16:24:14:b9:42:f7:a7:ac:1d:bc:7b:
01:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:C4:C8:43:55:00:83:A5:43:EA:F9:E3:B6:C8:1C:0F:B1:DD:42:DD
X509v3 Authority Key Identifier:
keyid:E7:C0:7D:B9:88:01:33:C5:CD:CE:00:5B:CA:11:1B:55:2C:D1:4C:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/58B9uYgBM8XNzgBbyhEbVSzRTFM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/8cdd49-c094-4c6a-918c-0aa463cdfca0/1/UMTIQ1UAg6VD6vnjtsgcD7HdQt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/8cdd49-c094-4c6a-918c-0aa463cdfca0/1/58B9uYgBM8XNzgBbyhEbVSzRTFM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.200.0/24
IPv6:
2001:67c:1160::/48
Signature Algorithm: sha256WithRSAEncryption
66:68:e6:58:a8:b1:9b:08:a4:9b:84:20:70:29:92:8f:20:f5:
13:18:45:0b:c5:3f:ee:e0:a9:73:24:78:0a:23:55:e2:86:7e:
61:3c:24:c1:16:ba:67:0f:18:b5:11:87:82:73:9e:bd:77:4a:
27:9d:1e:77:d9:52:6a:a7:76:bf:03:40:bf:c0:d3:97:b8:87:
b5:0b:66:f5:99:2a:85:73:b6:ce:c7:ba:b5:e9:35:4f:ce:61:
37:b5:7c:1b:85:d9:0b:b3:d0:70:c8:44:7c:76:65:d8:0c:78:
5f:4f:2b:ae:09:d2:d4:7b:eb:8f:7e:6d:94:e0:bd:6d:36:c1:
c0:5a:b0:c5:3c:cf:0a:6d:e7:64:c4:de:81:6f:08:14:42:a5:
3c:e3:01:da:14:79:5b:a0:14:6f:9b:fe:b6:bb:77:4e:93:7a:
33:1b:92:a1:31:cf:df:6c:5b:a0:66:56:66:9f:fe:83:4b:39:
f1:ac:c5:08:43:ca:ee:09:25:fa:45:2c:4b:f2:2e:0e:b6:92:
56:1d:d8:23:2e:f4:fa:a5:17:63:fc:78:91:d7:b6:a8:c8:6b:
4c:72:6d:7c:26:1a:27:4f:ed:00:c9:c9:f0:ab:ba:8c:1e:ab:
66:e9:c0:3b:9c:47:e0:30:60:b8:ea:98:f6:de:8d:c4:a6:69:
ba:bd:23:ce
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuUVFIUsRs/HbtOTUUqC1guMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3YzA3ZGI5ODgwMTMzYzVjZGNlMDA1YmNhMTExYjU1MmNk
MTRjNTMwHhcNMjMxMTAzMDgzNzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGM0Yzg0MzU1MDA4M2E1NDNlYWY5ZTNiNmM4MWMwZmIxZGQ0MmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYEUXU8gfcgkwz1kFJAS9QwrEP4n
luk82ibilAcEEQ0mUWhfzxEFhjvXKr+xLsDkMl9ngOPqWAUh0X071e7Ik4XiNhwc
XZLo5rNDqXP7tPrJ2HqruoTsjDv6nGsuUF/yzftQ0qrPCuZEE6o1jHcGWaSKwNyZ
KIls2Nc+EtPkHjx3uPJxg+s/r10uIdpOlLWnarFVbp3he1ruhx3rs0Mt1WbjMlrB
QMKgxgVmRLrMWPnUH3eSt44LN3vz5C3ocgLuwaaE8m0p9PdHiy/2d4gU30LpOB9v
zSwq4CZCI1MYVGqpge9+NHARo2HzA5XpfPwxTnqLFiQUuUL3p6wdvHsBDQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFDEyENVAIOlQ+r547bIHA+x3ULdMB8GA1UdIwQY
MBaAFOfAfbmIATPFzc4AW8oRG1Us0UxTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNThCOXVZZ0JNOFhOemdCYnloRWJWU3pSVEZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi84Y2RkNDktYzA5NC00YzZhLTkxOGMt
MGFhNDYzY2RmY2EwLzEvVU1USVExVUFnNlZENnZuanRzZ2NEN0hkUXQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi84Y2RkNDktYzA5NC00YzZhLTkxOGMtMGFhNDYzY2RmY2Ew
LzEvNThCOXVZZ0JNOFhOemdCYnloRWJWU3pSVEZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALQzIMA8E
AgACMAkDBwAgAQZ8EWAwDQYJKoZIhvcNAQELBQADggEBAGZo5liosZsIpJuEIHAp
ko8g9RMYRQvFP+7gqXMkeAojVeKGfmE8JMEWumcPGLURh4Jznr13SiedHnfZUmqn
dr8DQL/A05e4h7ULZvWZKoVzts7HurXpNU/OYTe1fBuF2Quz0HDIRHx2ZdgMeF9P
K64J0tR7649+bZTgvW02wcBasMU8zwpt52TE3oFvCBRCpTzjAdoUeVugFG+b/ra7
d06TejMbkqExz99sW6BmVmaf/oNLOfGsxQhDyu4JJfpFLEvyLg62klYd2CMu9Pql
F2P8eJHXtqjIa0xybXwmGidP7QDJyfCruoweq2bpwDucR+AwYLjqmPbejcSmabq9
I84=
-----END CERTIFICATE-----
Generated at Mon May 12 11:27:32 2025 by rpki-client