Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/396e8b-71d3-46bf-a244-d0622c4cd48d/1/UUkyEJfpKAlv-RI59MTmZIavb2k.roa
File: UUkyEJfpKAlv-RI59MTmZIavb2k.roa (raw, json)
Hash identifier: FmGwefeT/o7yI5R15z5FrinW4+AoWIJVXCz7qHxMdzI=
Subject key identifier: 51:49:32:10:97:E9:28:09:6F:F9:12:39:F4:C4:E6:64:86:AF:6F:69
Certificate issuer: /CN=24504c74c7127090a4cff85001f443149e128e60
Certificate serial: 018C670DF0F3BED2B174F6684D59263780C0
Authority key identifier: 24:50:4C:74:C7:12:70:90:A4:CF:F8:50:01:F4:43:14:9E:12:8E:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JFBMdMcScJCkz_hQAfRDFJ4SjmA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/396e8b-71d3-46bf-a244-d0622c4cd48d/1/UUkyEJfpKAlv-RI59MTmZIavb2k.roa
Signing time: Thu 14 Dec 2023 06:40:16 +0000
ROA not before: Thu 14 Dec 2023 06:40:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203775
IP address blocks: 185.124.32.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:67:0d:f0:f3:be:d2:b1:74:f6:68:4d:59:26:37:80:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24504c74c7127090a4cff85001f443149e128e60
Validity
Not Before: Dec 14 06:40:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5149321097e928096ff91239f4c4e66486af6f69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:67:20:0c:c9:f9:42:6f:c0:af:2d:6f:79:38:
1b:39:24:e1:d0:93:b2:ca:9e:a6:37:12:04:97:ac:
4e:34:27:c1:96:ba:5f:f0:78:6c:1b:55:1f:8b:aa:
6d:8b:f6:81:a9:16:2d:72:87:86:07:02:62:f9:4c:
23:6c:2d:9f:94:94:99:08:64:3d:f3:a2:4c:31:85:
4c:7a:f4:a9:8b:9e:78:45:66:3c:15:b8:94:e5:d4:
2e:41:59:cd:0b:30:b2:7d:45:5f:c7:55:f7:77:8e:
2a:9b:dd:a8:f5:7c:fb:7b:8d:81:f7:7c:a6:1b:b6:
95:01:7f:ae:51:8f:0c:95:50:a7:83:66:ca:73:ae:
d8:5e:8f:18:62:7d:5d:5f:10:57:b8:8e:53:ca:1e:
8e:c3:40:bc:d3:6a:cb:25:35:4e:ac:cb:e9:65:aa:
a0:85:70:08:03:ff:44:cd:61:8c:b3:aa:67:10:5e:
39:e7:ba:91:c5:18:ab:b2:75:a3:a0:c4:73:53:24:
65:7e:00:c1:48:b9:f4:ba:09:79:01:a7:6e:ce:18:
34:2a:61:2c:f5:95:4f:59:ab:6f:1e:ca:92:ef:72:
1e:99:ef:28:10:0c:e5:ba:e6:0c:f4:aa:2a:74:eb:
94:fb:b8:61:0f:9e:dc:de:06:8b:fc:d3:4e:21:34:
fa:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:49:32:10:97:E9:28:09:6F:F9:12:39:F4:C4:E6:64:86:AF:6F:69
X509v3 Authority Key Identifier:
keyid:24:50:4C:74:C7:12:70:90:A4:CF:F8:50:01:F4:43:14:9E:12:8E:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFBMdMcScJCkz_hQAfRDFJ4SjmA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/396e8b-71d3-46bf-a244-d0622c4cd48d/1/UUkyEJfpKAlv-RI59MTmZIavb2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/396e8b-71d3-46bf-a244-d0622c4cd48d/1/JFBMdMcScJCkz_hQAfRDFJ4SjmA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.32.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:c5:0c:ee:d6:24:d0:8d:4f:e0:3f:e1:af:ac:52:cd:92:d2:
2b:9b:ff:3e:6c:1c:b7:6f:e6:f4:98:b5:35:a5:e2:e5:0a:02:
85:5c:12:72:eb:b9:c0:94:57:35:a3:15:01:f1:3d:4b:55:f6:
86:5e:6e:2b:b9:e6:84:7c:ab:2a:46:f8:2b:d2:19:04:33:a6:
98:37:05:d1:58:4c:9c:fa:59:fe:b0:bd:90:af:43:f2:07:55:
49:fb:99:93:00:86:bc:03:af:51:fc:06:e3:6d:bc:a3:e0:e5:
cf:14:3e:45:64:da:bd:59:5f:07:ad:c6:ec:2d:8c:86:d7:c2:
40:71:24:63:3a:58:8d:cc:5c:46:07:04:b5:09:7c:c5:4c:ae:
0a:8a:14:23:d2:bf:12:9a:8a:01:9e:a9:ee:71:fd:4c:9b:e3:
e6:ad:cd:52:4e:e7:1b:06:22:99:90:ca:84:24:cd:59:0b:06:
b3:e3:99:2a:15:9b:77:cb:f8:8c:c3:d8:a4:53:76:b8:0e:2a:
dc:e4:8c:be:a9:8f:18:ea:74:2d:3f:dd:39:f5:82:52:94:0d:
eb:78:d1:08:c2:f0:20:ce:10:3c:02:6a:e9:11:2c:66:43:79:
f4:92:ef:ea:65:e7:7a:8a:7a:35:62:2f:fd:1f:98:de:68:ff:
9f:7e:e2:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxnDfDzvtKxdPZoTVkmN4DAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NTA0Yzc0YzcxMjcwOTBhNGNmZjg1MDAxZjQ0MzE0OWUx
MjhlNjAwHhcNMjMxMjE0MDY0MDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTQ5MzIxMDk3ZTkyODA5NmZmOTEyMzlmNGM0ZTY2NDg2YWY2ZjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmcgDMn5Qm/Ary1veTgbOSTh0JOy
yp6mNxIEl6xONCfBlrpf8HhsG1Ufi6pti/aBqRYtcoeGBwJi+UwjbC2flJSZCGQ9
86JMMYVMevSpi554RWY8FbiU5dQuQVnNCzCyfUVfx1X3d44qm92o9Xz7e42B93ym
G7aVAX+uUY8MlVCng2bKc67YXo8YYn1dXxBXuI5Tyh6Ow0C802rLJTVOrMvpZaqg
hXAIA/9EzWGMs6pnEF4557qRxRirsnWjoMRzUyRlfgDBSLn0ugl5Aaduzhg0KmEs
9ZVPWatvHsqS73Ieme8oEAzluuYM9KoqdOuU+7hhD57c3gaL/NNOITT6JQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFFJMhCX6SgJb/kSOfTE5mSGr29pMB8GA1UdIwQY
MBaAFCRQTHTHEnCQpM/4UAH0QxSeEo5gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkZCTWRNY1NjSkNrel9oUUFmUkRGSjRTam1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8zOTZlOGItNzFkMy00NmJmLWEyNDQt
ZDA2MjJjNGNkNDhkLzEvVVVreUVKZnBLQWx2LVJJNTlNVG1aSWF2YjJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8zOTZlOGItNzFkMy00NmJmLWEyNDQtZDA2MjJjNGNkNDhk
LzEvSkZCTWRNY1NjSkNrel9oUUFmUkRGSjRTam1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXwgMA0G
CSqGSIb3DQEBCwUAA4IBAQAKxQzu1iTQjU/gP+GvrFLNktIrm/8+bBy3b+b0mLU1
peLlCgKFXBJy67nAlFc1oxUB8T1LVfaGXm4rueaEfKsqRvgr0hkEM6aYNwXRWEyc
+ln+sL2Qr0PyB1VJ+5mTAIa8A69R/Abjbbyj4OXPFD5FZNq9WV8HrcbsLYyG18JA
cSRjOliNzFxGBwS1CXzFTK4KihQj0r8SmooBnqnucf1Mm+Pmrc1STucbBiKZkMqE
JM1ZCwaz45kqFZt3y/iMw9ikU3a4Dirc5Iy+qY8Y6nQtP9059YJSlA3reNEIwvAg
zhA8AmrpESxmQ3n0ku/qZed6ino1Yi/9H5jeaP+ffuL/
-----END CERTIFICATE-----
Generated at Tue May 6 18:18:56 2025 by rpki-client