Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/c01306-66f5-4209-8c88-2db691b1d4ab/1/VdTfrM4MRxsNrS0PmEHNo0URWRM.roa
File: VdTfrM4MRxsNrS0PmEHNo0URWRM.roa (raw, json)
Hash identifier: S7a1G+wZhlicTLXGOoQPyW1xwAnxXJAHhLDDn+e2new=
Subject key identifier: 55:D4:DF:AC:CE:0C:47:1B:0D:AD:2D:0F:98:41:CD:A3:45:11:59:13
Certificate issuer: /CN=8300996c08890bd5e1e6dd0528217d28f9d09355
Certificate serial: 01856F94A25EBFE286C77C7B4F4D5D72353B
Authority key identifier: 83:00:99:6C:08:89:0B:D5:E1:E6:DD:05:28:21:7D:28:F9:D0:93:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gwCZbAiJC9Xh5t0FKCF9KPnQk1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/c01306-66f5-4209-8c88-2db691b1d4ab/1/VdTfrM4MRxsNrS0PmEHNo0URWRM.roa
Signing time: Sun 01 Jan 2023 23:04:49 +0000
ROA not before: Sun 01 Jan 2023 23:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197422
IP address blocks: 185.119.168.0/22 maxlen: 24
91.224.148.0/23 maxlen: 24
2a03:7220::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:a2:5e:bf:e2:86:c7:7c:7b:4f:4d:5d:72:35:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8300996c08890bd5e1e6dd0528217d28f9d09355
Validity
Not Before: Jan 1 23:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=55d4dfacce0c471b0dad2d0f9841cda345115913
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:e4:78:08:a9:9a:71:c5:ed:f7:fe:ff:ef:0c:
4d:d6:18:0b:67:ad:31:19:70:b0:fc:d3:36:57:34:
60:2b:0f:87:c1:a9:aa:9b:a9:bf:12:00:aa:38:d1:
1f:0a:0e:3b:a2:7c:4a:c9:cb:41:dc:81:29:99:3c:
e3:33:6b:9a:d8:e2:a5:2a:47:c2:4c:a7:73:90:ba:
e8:7f:8b:f4:9c:e9:1a:b1:ba:2f:50:2f:7e:fc:a7:
3b:80:04:a3:05:3e:3f:8e:4a:38:8d:92:73:f9:c0:
33:0f:04:9e:89:4d:27:06:fa:d2:63:d0:5d:cb:83:
4f:05:87:09:49:6b:6b:53:00:6a:e1:b7:fd:42:37:
72:42:84:f9:b2:95:60:0a:51:a4:51:65:f6:bd:dc:
e9:44:1f:c2:68:04:45:95:65:03:b4:8b:bc:02:77:
83:81:ca:4c:65:21:49:04:3e:bb:5c:ba:ff:90:70:
bb:eb:1f:93:9c:fa:d2:86:80:fb:13:ba:22:6f:8a:
70:ce:6b:78:cc:51:a5:4d:1d:13:a0:6f:a2:a7:94:
2e:a1:ad:fb:4e:c9:ee:1f:f2:56:40:b7:4b:81:35:
8b:6e:bb:2d:8e:b0:53:3d:4d:d9:ea:b8:ab:5e:cc:
5a:77:66:dd:31:8c:3c:8c:b0:af:c5:75:99:4f:99:
b9:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:D4:DF:AC:CE:0C:47:1B:0D:AD:2D:0F:98:41:CD:A3:45:11:59:13
X509v3 Authority Key Identifier:
keyid:83:00:99:6C:08:89:0B:D5:E1:E6:DD:05:28:21:7D:28:F9:D0:93:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gwCZbAiJC9Xh5t0FKCF9KPnQk1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/c01306-66f5-4209-8c88-2db691b1d4ab/1/VdTfrM4MRxsNrS0PmEHNo0URWRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/c01306-66f5-4209-8c88-2db691b1d4ab/1/gwCZbAiJC9Xh5t0FKCF9KPnQk1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.148.0/23
185.119.168.0/22
IPv6:
2a03:7220::/29
Signature Algorithm: sha256WithRSAEncryption
4b:db:62:fe:66:14:1b:8f:16:e6:81:8b:a2:47:df:e2:a7:02:
6c:8c:44:6e:55:e8:74:f1:71:e8:97:6d:f1:9b:39:d1:fc:e4:
41:71:ac:55:bd:6c:9c:28:bb:6d:7d:7e:ef:ec:ca:77:ea:4f:
34:aa:d2:bd:ac:3d:90:b0:c6:07:06:9a:0f:6b:9a:b0:b5:ef:
37:cb:cd:4a:99:ab:d1:0f:d2:16:fb:51:2c:5d:18:62:e4:37:
46:b8:ae:41:c4:45:c6:e1:f9:c9:d4:a1:11:77:9d:3b:a0:8d:
16:72:e0:f2:b7:b7:51:47:69:3d:26:ca:8c:ea:08:f2:d8:0f:
c7:da:bb:c8:cb:49:e9:fb:60:4e:39:37:26:07:e6:45:ce:c7:
14:b7:cd:48:7d:af:5e:f7:f6:a5:29:16:ea:22:0c:2c:df:4e:
b6:86:ff:d9:d7:09:4f:24:6e:ae:66:8b:fc:51:48:94:36:58:
75:10:af:03:f7:2c:f9:78:6e:04:d1:ba:9d:2e:c9:ba:c4:a4:
e4:20:db:b1:d4:2a:bb:2d:6d:76:be:9f:d3:78:1b:80:4d:aa:
46:f0:24:ba:b4:1c:6c:b2:c2:2e:19:4d:e8:18:dc:c6:67:65:
84:f3:e8:35:52:d9:be:74:94:18:76:e4:a9:42:86:18:0c:99:
39:ea:21:f7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvlKJev+KGx3x7T01dcjU7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMDA5OTZjMDg4OTBiZDVlMWU2ZGQwNTI4MjE3ZDI4Zjlk
MDkzNTUwHhcNMjMwMTAxMjMwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWQ0ZGZhY2NlMGM0NzFiMGRhZDJkMGY5ODQxY2RhMzQ1MTE1OTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAieR4CKmaccXt9/7/7wxN1hgLZ60x
GXCw/NM2VzRgKw+Hwamqm6m/EgCqONEfCg47onxKyctB3IEpmTzjM2ua2OKlKkfC
TKdzkLrof4v0nOkasbovUC9+/Kc7gASjBT4/jko4jZJz+cAzDwSeiU0nBvrSY9Bd
y4NPBYcJSWtrUwBq4bf9QjdyQoT5spVgClGkUWX2vdzpRB/CaARFlWUDtIu8AneD
gcpMZSFJBD67XLr/kHC76x+TnPrShoD7E7oib4pwzmt4zFGlTR0ToG+ip5Quoa37
TsnuH/JWQLdLgTWLbrstjrBTPU3Z6rirXsxad2bdMYw8jLCvxXWZT5m5rQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFXU36zODEcbDa0tD5hBzaNFEVkTMB8GA1UdIwQY
MBaAFIMAmWwIiQvV4ebdBSghfSj50JNVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3dDWmJBaUpDOVhoNXQwRktDRjlLUG5RazFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9jMDEzMDYtNjZmNS00MjA5LThjODgt
MmRiNjkxYjFkNGFiLzEvVmRUZnJNNE1SeHNOclMwUG1FSE5vMFVSV1JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9jMDEzMDYtNjZmNS00MjA5LThjODgtMmRiNjkxYjFkNGFi
LzEvZ3dDWmJBaUpDOVhoNXQwRktDRjlLUG5RazFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBW+CUAwQC
uXeoMA0EAgACMAcDBQMqA3IgMA0GCSqGSIb3DQEBCwUAA4IBAQBL22L+ZhQbjxbm
gYuiR9/ipwJsjERuVeh08XHol23xmznR/ORBcaxVvWycKLttfX7v7Mp36k80qtK9
rD2QsMYHBpoPa5qwte83y81KmavRD9IW+1EsXRhi5DdGuK5BxEXG4fnJ1KERd507
oI0WcuDyt7dRR2k9JsqM6gjy2A/H2rvIy0np+2BOOTcmB+ZFzscUt81Ifa9e9/al
KRbqIgws3062hv/Z1wlPJG6uZov8UUiUNlh1EK8D9yz5eG4E0bqdLsm6xKTkINux
1Cq7LW12vp/TeBuATapG8CS6tBxsssIuGU3oGNzGZ2WE8+g1Utm+dJQYduSpQoYY
DJk56iH3
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:52:42 2025 by rpki-client