Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/vT68ConB9FeinvNV077G-5uV0Og.roa
File: vT68ConB9FeinvNV077G-5uV0Og.roa (raw, json)
Hash identifier: YTBMUZS4U7BbqfUMVMvsGKqGy9KEgQc1ipZEG0MD8p0=
Subject key identifier: BD:3E:BC:0A:89:C1:F4:57:A2:9E:F3:55:D3:BE:C6:FB:9B:95:D0:E8
Certificate issuer: /CN=320b24a740f2e61632050adc146c1ee6a3e686c5
Certificate serial: 01856D81BEFD8F83C0FFF1C36F392C6A8099
Authority key identifier: 32:0B:24:A7:40:F2:E6:16:32:05:0A:DC:14:6C:1E:E6:A3:E6:86:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/vT68ConB9FeinvNV077G-5uV0Og.roa
Signing time: Sun 01 Jan 2023 13:24:57 +0000
ROA not before: Sun 01 Jan 2023 13:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3241
IP address blocks: 5.179.30.0/24 maxlen: 24
5.179.31.0/24 maxlen: 24
5.179.29.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:be:fd:8f:83:c0:ff:f1:c3:6f:39:2c:6a:80:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=320b24a740f2e61632050adc146c1ee6a3e686c5
Validity
Not Before: Jan 1 13:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd3ebc0a89c1f457a29ef355d3bec6fb9b95d0e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ba:70:ad:ba:12:64:b0:74:e7:fd:21:2a:91:
e3:30:91:3a:ae:2e:3c:56:1c:3b:04:07:7a:53:5e:
a5:23:63:7c:e4:b8:dc:86:8e:5c:9a:ac:ff:05:35:
d6:f9:54:ff:8e:0c:7c:58:4b:41:4e:15:2b:86:e0:
cc:de:41:33:7e:d3:c5:38:e1:39:dd:94:74:46:2a:
2e:69:71:55:cb:a6:c0:45:8f:21:6e:3a:19:e2:62:
24:7f:be:9a:22:29:07:12:0e:f2:4a:c2:72:a1:f3:
26:8a:0c:9a:f1:48:5b:2f:1e:ff:b0:af:44:0b:70:
ed:a3:a8:59:68:30:62:b7:18:47:73:d5:ae:ab:a4:
de:22:26:cb:bc:1b:3b:8e:7e:f3:0b:a7:39:32:a2:
fb:9f:3e:e0:da:0d:21:5c:d0:e9:90:9c:90:b6:55:
91:bb:56:3d:57:ed:ae:75:25:d9:0e:3a:60:34:8b:
f5:ab:ec:a8:a8:90:3d:72:8c:a8:78:f0:5f:91:0d:
28:59:77:cf:21:a8:f7:b6:5b:93:31:45:19:a4:c0:
1c:4d:d9:90:0e:76:96:c0:11:04:68:87:c5:e3:0e:
72:16:a7:eb:de:97:e9:76:d8:d5:8b:66:68:33:06:
37:58:fc:2a:59:69:cf:27:0e:68:17:80:d8:10:30:
65:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:3E:BC:0A:89:C1:F4:57:A2:9E:F3:55:D3:BE:C6:FB:9B:95:D0:E8
X509v3 Authority Key Identifier:
keyid:32:0B:24:A7:40:F2:E6:16:32:05:0A:DC:14:6C:1E:E6:A3:E6:86:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/vT68ConB9FeinvNV077G-5uV0Og.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.179.29.0-5.179.31.255
Signature Algorithm: sha256WithRSAEncryption
14:7a:f8:41:9b:97:fe:2f:f2:d6:7b:7b:f8:c2:9a:56:64:b2:
07:20:42:03:72:97:b6:48:ed:63:c4:e5:12:c8:87:0b:87:b3:
a3:8d:b9:55:41:cc:99:80:c5:f0:e7:5a:a4:a9:d8:86:d5:26:
d7:4d:79:5c:fb:be:f2:74:1e:30:a9:fc:7e:7f:24:c1:bb:2a:
a5:fd:b4:47:b9:ef:b7:75:99:52:10:c1:d7:88:31:b2:bc:64:
5a:01:4d:97:4f:76:d7:e5:06:8e:32:84:9c:18:48:19:08:6b:
90:af:cb:30:04:53:cf:76:1f:4e:d9:6c:bb:c2:25:69:fb:94:
df:10:91:f1:57:ce:5a:f7:4f:fb:0b:9f:19:ea:45:4e:80:56:
d3:af:8a:09:7a:af:4d:16:2a:41:6b:de:02:50:55:71:58:f0:
db:39:22:2d:67:ce:ea:13:63:09:35:db:0f:ee:35:35:35:a7:
11:08:e5:f0:7f:86:7b:a2:3f:e4:14:25:08:57:b9:c3:7d:07:
91:53:3e:53:79:73:f3:57:99:54:32:da:49:29:4f:47:70:80:
a2:84:4b:fa:dc:ed:25:37:d2:08:91:d9:f1:d5:75:db:55:cb:
7e:98:0f:0f:a7:ef:d4:e6:df:c0:00:3d:2c:8d:05:20:b2:3a:
19:30:dd:45
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVtgb79j4PA//HDbzksaoCZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMGIyNGE3NDBmMmU2MTYzMjA1MGFkYzE0NmMxZWU2YTNl
Njg2YzUwHhcNMjMwMTAxMTMyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDNlYmMwYTg5YzFmNDU3YTI5ZWYzNTVkM2JlYzZmYjliOTVkMGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7pwrboSZLB05/0hKpHjMJE6ri48
Vhw7BAd6U16lI2N85Ljcho5cmqz/BTXW+VT/jgx8WEtBThUrhuDM3kEzftPFOOE5
3ZR0RiouaXFVy6bARY8hbjoZ4mIkf76aIikHEg7ySsJyofMmigya8UhbLx7/sK9E
C3Dto6hZaDBitxhHc9Wuq6TeIibLvBs7jn7zC6c5MqL7nz7g2g0hXNDpkJyQtlWR
u1Y9V+2udSXZDjpgNIv1q+yoqJA9coyoePBfkQ0oWXfPIaj3tluTMUUZpMAcTdmQ
DnaWwBEEaIfF4w5yFqfr3pfpdtjVi2ZoMwY3WPwqWWnPJw5oF4DYEDBlCwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFL0+vAqJwfRXop7zVdO+xvubldDoMB8GA1UdIwQY
MBaAFDILJKdA8uYWMgUK3BRsHuaj5obFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWdza3AwRHk1aFl5QlFyY0ZHd2U1cVBtaHNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy85YzI3ZTQtZDdiMS00M2MxLWEzOGYt
OTQ5MTRmNWRkYjNjLzEvdlQ2OENvbkI5RmVpbnZOVjA3N0ctNXVWME9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy85YzI3ZTQtZDdiMS00M2MxLWEzOGYtOTQ5MTRmNWRkYjNj
LzEvTWdza3AwRHk1aFl5QlFyY0ZHd2U1cVBtaHNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAFsx0D
BAUFswAwDQYJKoZIhvcNAQELBQADggEBABR6+EGbl/4v8tZ7e/jCmlZksgcgQgNy
l7ZI7WPE5RLIhwuHs6ONuVVBzJmAxfDnWqSp2IbVJtdNeVz7vvJ0HjCp/H5/JMG7
KqX9tEe577d1mVIQwdeIMbK8ZFoBTZdPdtflBo4yhJwYSBkIa5CvyzAEU892H07Z
bLvCJWn7lN8QkfFXzlr3T/sLnxnqRU6AVtOvigl6r00WKkFr3gJQVXFY8Ns5Ii1n
zuoTYwk12w/uNTU1pxEI5fB/hnuiP+QUJQhXucN9B5FTPlN5c/NXmVQy2kkpT0dw
gKKES/rc7SU30giR2fHVddtVy36YDw+n79Tm38AAPSyNBSCyOhkw3UU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:51 2025 by rpki-client