Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/de9401-56bb-4813-8f88-fd11bb1cc82d/1/vkyW0BAoQ1HOYxsn-QA4IpoS9yc.roa
File: vkyW0BAoQ1HOYxsn-QA4IpoS9yc.roa (raw, json)
Hash identifier: PuQg9suddxLyTrRZciwhxfK9iiXYmCM7of+GWU7jsQg=
Subject key identifier: BE:4C:96:D0:10:28:43:51:CE:63:1B:27:F9:00:38:22:9A:12:F7:27
Certificate issuer: /CN=40aa949d31c66888cb4758f23dd5f312141dec4a
Certificate serial: 01856D81A849C9858F9B201DC898F235E40B
Authority key identifier: 40:AA:94:9D:31:C6:68:88:CB:47:58:F2:3D:D5:F3:12:14:1D:EC:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/de9401-56bb-4813-8f88-fd11bb1cc82d/1/vkyW0BAoQ1HOYxsn-QA4IpoS9yc.roa
Signing time: Sun 01 Jan 2023 13:24:51 +0000
ROA not before: Sun 01 Jan 2023 13:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47811
IP address blocks: 91.208.154.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:a8:49:c9:85:8f:9b:20:1d:c8:98:f2:35:e4:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40aa949d31c66888cb4758f23dd5f312141dec4a
Validity
Not Before: Jan 1 13:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be4c96d010284351ce631b27f90038229a12f727
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:27:53:ee:e6:05:00:24:ed:6e:a3:75:1f:d5:
a3:72:e4:64:7d:04:f2:fe:97:70:5e:65:bd:45:a8:
03:77:56:8c:11:bc:5b:c3:c6:f7:89:39:65:67:ac:
84:60:fb:02:74:e6:b4:64:90:45:82:ae:71:34:58:
16:a3:dd:6f:12:fb:1e:b9:be:21:39:8b:f6:ef:a5:
41:ae:ce:45:c4:3c:89:3d:1e:43:1a:2c:36:1c:0f:
37:d9:d8:89:48:65:7e:cc:49:60:e5:9d:14:89:6c:
72:22:0f:ca:ef:c1:f3:fd:af:f3:80:34:e6:14:23:
d5:41:dc:3d:19:80:f6:66:9c:29:df:61:f3:61:15:
26:cb:8a:12:17:10:8f:e4:1d:3e:8c:4f:5f:17:6b:
17:0b:f3:2e:e3:d3:4b:10:81:a5:b9:75:e2:be:11:
53:c7:ce:fc:e4:c9:bf:5d:c9:88:c1:38:e5:06:cb:
e4:7a:0a:87:65:a2:f0:f3:5e:ed:96:4e:bb:9d:87:
80:7d:de:b9:ad:97:64:00:0d:29:be:94:ab:b2:b4:
ed:0f:cc:bc:ad:b3:b7:02:49:6f:5c:76:5c:b1:bd:
94:58:41:a0:56:7a:87:4c:64:76:a6:60:29:a4:57:
41:13:3f:c6:80:68:a9:43:aa:7f:ec:de:99:80:20:
89:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:4C:96:D0:10:28:43:51:CE:63:1B:27:F9:00:38:22:9A:12:F7:27
X509v3 Authority Key Identifier:
keyid:40:AA:94:9D:31:C6:68:88:CB:47:58:F2:3D:D5:F3:12:14:1D:EC:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/de9401-56bb-4813-8f88-fd11bb1cc82d/1/vkyW0BAoQ1HOYxsn-QA4IpoS9yc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/de9401-56bb-4813-8f88-fd11bb1cc82d/1/QKqUnTHGaIjLR1jyPdXzEhQd7Eo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.154.0/24
Signature Algorithm: sha256WithRSAEncryption
68:7e:9b:a7:7c:b5:f5:58:38:c7:86:44:a9:c8:f7:a0:dc:8c:
ea:e3:5a:20:de:a1:35:31:2d:ab:c7:0f:19:b2:8a:99:bf:c1:
bc:05:d5:8d:24:72:bb:e7:8f:b6:0d:91:ad:7b:b6:3a:e0:78:
a2:93:29:7c:c9:4e:9c:fe:e2:2c:01:71:1e:75:76:65:a5:8a:
6f:eb:35:ec:a4:35:b1:4d:60:c4:ef:70:99:4d:1f:4e:6a:ad:
81:42:ff:8b:d4:ad:a3:10:65:32:64:ce:e5:c6:00:d8:9a:00:
e6:33:a6:22:12:ae:7a:64:56:31:b5:9b:e9:9c:7c:45:72:66:
08:28:f1:8d:9e:54:ed:f8:d6:8b:61:2e:65:c5:ca:17:9f:3b:
0d:55:fb:cb:c7:bb:77:6a:c7:32:01:e1:16:35:19:d9:14:36:
75:c0:fe:74:77:42:43:3b:51:1e:f3:bb:3c:73:59:92:01:d1:
9a:2e:d2:f4:8d:df:2c:42:9c:8e:ec:01:6f:e8:ab:ff:9f:e0:
76:ca:c4:13:4e:cc:8d:f7:b4:37:14:31:34:ec:92:6f:7a:38:
8c:d0:a0:96:5f:d5:52:bc:a8:b7:c1:62:5b:ab:9d:0c:bb:b0:
db:2b:4f:05:49:15:cf:89:7e:35:12:51:24:7c:4a:b1:6d:d6:
b4:53:df:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtgahJyYWPmyAdyJjyNeQLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYWE5NDlkMzFjNjY4ODhjYjQ3NThmMjNkZDVmMzEyMTQx
ZGVjNGEwHhcNMjMwMTAxMTMyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTRjOTZkMDEwMjg0MzUxY2U2MzFiMjdmOTAwMzgyMjlhMTJmNzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzSdT7uYFACTtbqN1H9WjcuRkfQTy
/pdwXmW9RagDd1aMEbxbw8b3iTllZ6yEYPsCdOa0ZJBFgq5xNFgWo91vEvseub4h
OYv276VBrs5FxDyJPR5DGiw2HA832diJSGV+zElg5Z0UiWxyIg/K78Hz/a/zgDTm
FCPVQdw9GYD2Zpwp32HzYRUmy4oSFxCP5B0+jE9fF2sXC/Mu49NLEIGluXXivhFT
x8785Mm/XcmIwTjlBsvkegqHZaLw817tlk67nYeAfd65rZdkAA0pvpSrsrTtD8y8
rbO3AklvXHZcsb2UWEGgVnqHTGR2pmAppFdBEz/GgGipQ6p/7N6ZgCCJwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL5MltAQKENRzmMbJ/kAOCKaEvcnMB8GA1UdIwQY
MBaAFECqlJ0xxmiIy0dY8j3V8xIUHexKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUtxVW5USEdhSWpMUjFqeVBkWHpFaFFkN0VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9kZTk0MDEtNTZiYi00ODEzLThmODgt
ZmQxMWJiMWNjODJkLzEvdmt5VzBCQW9RMUhPWXhzbi1RQTRJcG9TOXljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9kZTk0MDEtNTZiYi00ODEzLThmODgtZmQxMWJiMWNjODJk
LzEvUUtxVW5USEdhSWpMUjFqeVBkWHpFaFFkN0VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9CaMA0G
CSqGSIb3DQEBCwUAA4IBAQBofpunfLX1WDjHhkSpyPeg3Izq41og3qE1MS2rxw8Z
soqZv8G8BdWNJHK754+2DZGte7Y64Hiikyl8yU6c/uIsAXEedXZlpYpv6zXspDWx
TWDE73CZTR9Oaq2BQv+L1K2jEGUyZM7lxgDYmgDmM6YiEq56ZFYxtZvpnHxFcmYI
KPGNnlTt+NaLYS5lxcoXnzsNVfvLx7t3ascyAeEWNRnZFDZ1wP50d0JDO1Ee87s8
c1mSAdGaLtL0jd8sQpyO7AFv6Kv/n+B2ysQTTsyN97Q3FDE07JJvejiM0KCWX9VS
vKi3wWJbq50Mu7DbK08FSRXPiX41ElEkfEqxbda0U9/+
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:04:39 2025 by rpki-client