Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/2a84e9-68b3-4e3f-b615-a0ad61d194a1/1/vLgwyUpKzeaFRSLRnNVAyIz-Uiw.roa
File: vLgwyUpKzeaFRSLRnNVAyIz-Uiw.roa (raw, json)
Hash identifier: VOBSrlH+vskriNEHHho1uGw7nIiGRJGJMVhhWLHjNKs=
Subject key identifier: BC:B8:30:C9:4A:4A:CD:E6:85:45:22:D1:9C:D5:40:C8:8C:FE:52:2C
Certificate issuer: /CN=c330acdf041b5dcc7e5ec6cf8ff8bd0648e8670c
Certificate serial: 01856D01C21BDBCA52DAAC73F7833358BC64
Authority key identifier: C3:30:AC:DF:04:1B:5D:CC:7E:5E:C6:CF:8F:F8:BD:06:48:E8:67:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wzCs3wQbXcx-XsbPj_i9BkjoZww.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/2a84e9-68b3-4e3f-b615-a0ad61d194a1/1/vLgwyUpKzeaFRSLRnNVAyIz-Uiw.roa
Signing time: Sun 01 Jan 2023 11:05:09 +0000
ROA not before: Sun 01 Jan 2023 11:05:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207858
IP address blocks: 193.28.255.0/24 maxlen: 24
193.29.4.0/24 maxlen: 24
193.29.1.0/24 maxlen: 24
193.29.8.0/24 maxlen: 24
2a0f:7a40::/31 maxlen: 31
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:c2:1b:db:ca:52:da:ac:73:f7:83:33:58:bc:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c330acdf041b5dcc7e5ec6cf8ff8bd0648e8670c
Validity
Not Before: Jan 1 11:05:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bcb830c94a4acde6854522d19cd540c88cfe522c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:64:40:e8:14:4f:2e:9b:4f:49:8d:fe:a9:08:
69:f4:8c:08:cc:af:7f:a6:d6:34:1c:f1:75:46:53:
b8:23:cc:75:db:4e:88:9d:f5:1d:ac:76:58:4d:d1:
6f:f5:c6:dc:d3:e8:01:0b:5e:f7:02:3e:ef:2c:ff:
00:d7:68:d6:fd:88:29:48:1a:b8:e4:da:f3:97:8f:
d0:ef:59:06:4b:54:46:cf:58:b8:4c:3d:e8:86:38:
01:d9:98:fe:2e:7a:a9:5c:f6:e0:38:47:51:4b:0c:
01:d6:7d:0a:92:a9:23:9b:b0:c4:17:bf:f2:2f:8d:
79:75:6d:54:58:d1:ce:7e:8c:1b:41:a7:f8:57:50:
b3:28:c5:0b:c9:90:57:71:93:bb:97:15:fa:84:ef:
c6:ac:c9:ef:3d:7f:e9:b5:91:ad:56:ba:97:e6:94:
3b:b4:06:fd:86:4c:2a:ce:33:5c:05:22:1f:c1:08:
ea:22:3e:69:74:ee:ca:ee:bc:f0:0b:3f:d5:36:e3:
47:c8:6d:37:99:07:0b:83:04:f6:cd:47:aa:d2:87:
b5:d0:50:b6:bf:50:ac:ec:db:1b:e4:31:86:b2:eb:
f9:99:6f:2e:2f:65:42:d3:78:c4:5e:c8:2e:d8:11:
c3:76:f0:4f:78:4c:18:db:fe:87:5e:6d:e2:0a:f7:
a2:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:B8:30:C9:4A:4A:CD:E6:85:45:22:D1:9C:D5:40:C8:8C:FE:52:2C
X509v3 Authority Key Identifier:
keyid:C3:30:AC:DF:04:1B:5D:CC:7E:5E:C6:CF:8F:F8:BD:06:48:E8:67:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wzCs3wQbXcx-XsbPj_i9BkjoZww.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/2a84e9-68b3-4e3f-b615-a0ad61d194a1/1/vLgwyUpKzeaFRSLRnNVAyIz-Uiw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/2a84e9-68b3-4e3f-b615-a0ad61d194a1/1/wzCs3wQbXcx-XsbPj_i9BkjoZww.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.28.255.0/24
193.29.1.0/24
193.29.4.0/24
193.29.8.0/24
IPv6:
2a0f:7a40::/31
Signature Algorithm: sha256WithRSAEncryption
42:f1:17:fe:ea:57:f1:0c:93:2e:fd:38:77:24:9d:94:ad:c0:
aa:bd:26:f5:69:66:2a:0a:81:05:7f:dd:01:6f:4e:0c:53:34:
a5:01:8c:b7:18:94:21:99:e2:b3:92:39:54:c0:c9:a7:97:13:
c3:d5:a7:40:6c:f8:43:87:8c:a8:e1:0e:35:45:4b:9b:22:1f:
e2:8a:e7:f9:29:6f:4b:b4:c2:3b:a4:37:60:19:91:45:06:45:
b6:18:0c:52:af:44:bd:45:f4:1c:81:49:24:4c:81:2e:f7:5f:
23:c4:23:c4:29:7e:ed:56:30:19:f5:26:af:a4:4d:7e:dc:a9:
3f:06:05:9d:61:9a:d8:86:f8:01:a3:4d:af:33:b1:11:77:c1:
31:19:66:8e:f9:13:e2:e4:83:e5:60:7f:5a:f1:6f:c2:6b:7c:
5d:af:30:20:cd:40:cf:fc:5f:f0:a0:1b:2a:72:37:c1:88:ad:
34:88:92:bd:a9:60:7c:0c:60:44:de:7b:a6:e0:c9:48:0e:3e:
39:c3:f6:10:4d:82:1a:cc:f5:9a:1d:e9:29:79:9c:15:2a:68:
9b:3a:9e:30:78:aa:1d:b3:48:54:bf:f1:4d:50:ab:ed:ea:59:
b3:77:ca:44:0a:63:11:21:68:1e:6d:86:68:b8:5d:93:45:8d:
97:e2:f6:df
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVtAcIb28pS2qxz94MzWLxkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzMzBhY2RmMDQxYjVkY2M3ZTVlYzZjZjhmZjhiZDA2NDhl
ODY3MGMwHhcNMjMwMTAxMTEwNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2I4MzBjOTRhNGFjZGU2ODU0NTIyZDE5Y2Q1NDBjODhjZmU1MjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmRA6BRPLptPSY3+qQhp9IwIzK9/
ptY0HPF1RlO4I8x1206InfUdrHZYTdFv9cbc0+gBC173Aj7vLP8A12jW/YgpSBq4
5Nrzl4/Q71kGS1RGz1i4TD3ohjgB2Zj+LnqpXPbgOEdRSwwB1n0Kkqkjm7DEF7/y
L415dW1UWNHOfowbQaf4V1CzKMULyZBXcZO7lxX6hO/GrMnvPX/ptZGtVrqX5pQ7
tAb9hkwqzjNcBSIfwQjqIj5pdO7K7rzwCz/VNuNHyG03mQcLgwT2zUeq0oe10FC2
v1Cs7Nsb5DGGsuv5mW8uL2VC03jEXsgu2BHDdvBPeEwY2/6HXm3iCveiwQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLy4MMlKSs3mhUUi0ZzVQMiM/lIsMB8GA1UdIwQY
MBaAFMMwrN8EG13Mfl7Gz4/4vQZI6GcMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3pDczN3UWJYY3gtWHNiUGpfaTlCa2pvWnd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8yYTg0ZTktNjhiMy00ZTNmLWI2MTUt
YTBhZDYxZDE5NGExLzEvdkxnd3lVcEt6ZWFGUlNMUm5OVkF5SXotVWl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8yYTg0ZTktNjhiMy00ZTNmLWI2MTUtYTBhZDYxZDE5NGEx
LzEvd3pDczN3UWJYY3gtWHNiUGpfaTlCa2pvWnd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwRz/AwQA
wR0BAwQAwR0EAwQAwR0IMA0EAgACMAcDBQEqD3pAMA0GCSqGSIb3DQEBCwUAA4IB
AQBC8Rf+6lfxDJMu/Th3JJ2UrcCqvSb1aWYqCoEFf90Bb04MUzSlAYy3GJQhmeKz
kjlUwMmnlxPD1adAbPhDh4yo4Q41RUubIh/iiuf5KW9LtMI7pDdgGZFFBkW2GAxS
r0S9RfQcgUkkTIEu918jxCPEKX7tVjAZ9SavpE1+3Kk/BgWdYZrYhvgBo02vM7ER
d8ExGWaO+RPi5IPlYH9a8W/Ca3xdrzAgzUDP/F/woBsqcjfBiK00iJK9qWB8DGBE
3num4MlIDj45w/YQTYIazPWaHekpeZwVKmibOp4weKods0hUv/FNUKvt6lmzd8pE
CmMRIWgebYZouF2TRY2X4vbf
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:51 2025 by rpki-client