Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/442e17-4198-435b-96f4-6467f44b43bf/1/VhAKqzYCzS4lXwLvbsXElzCRyxM.roa
File: VhAKqzYCzS4lXwLvbsXElzCRyxM.roa (raw, json)
Hash identifier: DHH93MO+AaUiLt7hxKS6EfsJVaBkZ/0/5u9GZtlEkXk=
Subject key identifier: 56:10:0A:AB:36:02:CD:2E:25:5F:02:EF:6E:C5:C4:97:30:91:CB:13
Certificate issuer: /CN=df904155ee3acfe3fea8bbfee86e97c58c8991f4
Certificate serial: 018714C991739795690CB676E03E2A410C5E
Authority key identifier: DF:90:41:55:EE:3A:CF:E3:FE:A8:BB:FE:E8:6E:97:C5:8C:89:91:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/35BBVe46z-P-qLv-6G6XxYyJkfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/442e17-4198-435b-96f4-6467f44b43bf/1/VhAKqzYCzS4lXwLvbsXElzCRyxM.roa
Signing time: Fri 24 Mar 2023 18:02:46 +0000
ROA not before: Fri 24 Mar 2023 18:02:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44356
IP address blocks: 79.99.192.0/21 maxlen: 24
31.13.152.0/21 maxlen: 24
2a00:1538::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:14:c9:91:73:97:95:69:0c:b6:76:e0:3e:2a:41:0c:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df904155ee3acfe3fea8bbfee86e97c58c8991f4
Validity
Not Before: Mar 24 18:02:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=56100aab3602cd2e255f02ef6ec5c4973091cb13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:ac:b0:86:f0:bb:df:99:73:92:e6:13:27:c6:
dd:23:bf:c2:ba:0a:f0:34:6a:33:13:70:f0:cc:d6:
4c:6b:29:f6:be:9e:06:e0:5d:b6:1e:ee:18:82:8d:
0d:29:2d:05:46:4c:8f:9e:d2:5d:aa:42:60:f5:73:
e8:9c:7c:ee:4f:72:7d:ae:96:d6:a4:53:32:ba:db:
73:29:c6:29:8e:df:a8:fc:6c:4a:45:4d:3e:fe:26:
ec:ed:00:3c:dc:20:cf:68:10:8c:e2:7f:09:ea:dc:
b6:9c:3f:a7:f9:74:90:de:56:a4:bf:75:67:4d:bd:
25:27:0c:5a:96:8d:e8:ff:d0:8f:6f:e2:36:ea:0e:
8f:47:ac:45:be:a4:10:79:c9:39:85:27:9e:30:1b:
25:d0:c4:f6:23:2b:59:47:b7:a1:ce:22:1a:aa:a0:
39:52:94:17:39:bf:64:09:63:33:f3:c0:00:89:d2:
10:a3:43:5d:91:98:72:de:27:23:4f:4e:c8:59:0d:
58:7e:2c:23:e3:13:10:83:40:86:39:0c:44:31:e8:
1f:ec:60:4c:68:d4:af:b9:66:10:09:5a:f1:95:0a:
57:b4:7a:d3:9a:19:a8:e6:44:d3:d8:27:cf:b7:19:
c3:69:2e:ac:f4:a2:c7:5a:c9:a8:3b:35:d5:a4:66:
82:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:10:0A:AB:36:02:CD:2E:25:5F:02:EF:6E:C5:C4:97:30:91:CB:13
X509v3 Authority Key Identifier:
keyid:DF:90:41:55:EE:3A:CF:E3:FE:A8:BB:FE:E8:6E:97:C5:8C:89:91:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/35BBVe46z-P-qLv-6G6XxYyJkfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/442e17-4198-435b-96f4-6467f44b43bf/1/VhAKqzYCzS4lXwLvbsXElzCRyxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/442e17-4198-435b-96f4-6467f44b43bf/1/35BBVe46z-P-qLv-6G6XxYyJkfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.152.0/21
79.99.192.0/21
IPv6:
2a00:1538::/32
Signature Algorithm: sha256WithRSAEncryption
8f:f7:88:3f:ed:99:08:29:96:35:68:20:cf:7e:2d:0f:70:83:
5f:13:89:d2:f6:6c:73:d0:81:ab:78:f1:98:aa:ce:dc:1e:a0:
e7:25:ca:39:43:1f:42:0f:eb:f5:20:fe:1e:c4:54:16:f3:5f:
0e:44:3f:f9:51:d2:c3:b9:f1:c7:21:56:d6:0a:d1:2e:8f:45:
36:71:04:ac:ea:66:78:6c:06:59:a2:e3:9d:10:ca:6d:ed:a0:
36:19:1a:cf:12:00:d9:8e:5d:b8:80:ed:61:c9:23:6c:ac:30:
50:f2:d1:f0:bf:09:c5:59:3d:09:c7:ba:4d:c5:72:15:1d:5b:
96:69:11:24:1c:32:10:97:75:f1:74:b2:28:20:9a:39:d4:a5:
b8:e2:34:b8:b2:17:da:f5:20:21:72:b7:32:36:4e:0e:6e:ef:
38:8b:52:a3:43:3d:82:cc:d2:29:b1:be:1c:1b:c9:f9:7a:cf:
71:1f:37:9f:04:6f:9b:49:01:c3:67:7e:dd:4f:2a:52:0a:57:
b1:9c:9a:15:b5:32:38:9f:0c:c3:a7:1b:78:e3:cb:f1:f1:34:
10:5d:42:f7:83:95:85:7d:a0:2d:f4:b7:03:fd:a7:c7:ef:db:
e4:82:82:12:87:84:dd:5e:2b:c7:32:b0:af:1e:14:90:a8:60:
45:f3:b7:39
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYcUyZFzl5VpDLZ24D4qQQxeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmOTA0MTU1ZWUzYWNmZTNmZWE4YmJmZWU4NmU5N2M1OGM4
OTkxZjQwHhcNMjMwMzI0MTgwMjQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjEwMGFhYjM2MDJjZDJlMjU1ZjAyZWY2ZWM1YzQ5NzMwOTFjYjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhaywhvC735lzkuYTJ8bdI7/Cugrw
NGozE3DwzNZMayn2vp4G4F22Hu4Ygo0NKS0FRkyPntJdqkJg9XPonHzuT3J9rpbW
pFMyuttzKcYpjt+o/GxKRU0+/ibs7QA83CDPaBCM4n8J6ty2nD+n+XSQ3lakv3Vn
Tb0lJwxalo3o/9CPb+I26g6PR6xFvqQQeck5hSeeMBsl0MT2IytZR7ehziIaqqA5
UpQXOb9kCWMz88AAidIQo0NdkZhy3icjT07IWQ1Yfiwj4xMQg0CGOQxEMegf7GBM
aNSvuWYQCVrxlQpXtHrTmhmo5kTT2CfPtxnDaS6s9KLHWsmoOzXVpGaCUwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFYQCqs2As0uJV8C727FxJcwkcsTMB8GA1UdIwQY
MBaAFN+QQVXuOs/j/qi7/uhul8WMiZH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzVCQlZlNDZ6LVAtcUx2LTZHNlh4WXlKa2ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS80NDJlMTctNDE5OC00MzViLTk2ZjQt
NjQ2N2Y0NGI0M2JmLzEvVmhBS3F6WUN6UzRsWHdMdmJzWEVsekNSeXhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS80NDJlMTctNDE5OC00MzViLTk2ZjQtNjQ2N2Y0NGI0M2Jm
LzEvMzVCQlZlNDZ6LVAtcUx2LTZHNlh4WXlKa2ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDHw2YAwQD
T2PAMA0EAgACMAcDBQAqABU4MA0GCSqGSIb3DQEBCwUAA4IBAQCP94g/7ZkIKZY1
aCDPfi0PcINfE4nS9mxz0IGrePGYqs7cHqDnJco5Qx9CD+v1IP4exFQW818ORD/5
UdLDufHHIVbWCtEuj0U2cQSs6mZ4bAZZouOdEMpt7aA2GRrPEgDZjl24gO1hySNs
rDBQ8tHwvwnFWT0Jx7pNxXIVHVuWaREkHDIQl3XxdLIoIJo51KW44jS4shfa9SAh
crcyNk4Obu84i1KjQz2CzNIpsb4cG8n5es9xHzefBG+bSQHDZ37dTypSClexnJoV
tTI4nwzDpxt448vx8TQQXUL3g5WFfaAt9LcD/afH79vkgoISh4TdXivHMrCvHhSQ
qGBF87c5
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:04:27 2025 by rpki-client