Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/95fa61-17fb-4890-9598-1d3a1e9b7545/1/VLRmnzCAzIO6gcMlEjbHY8CnE0k.roa
File: VLRmnzCAzIO6gcMlEjbHY8CnE0k.roa (raw, json)
Hash identifier: gtYFRToCvlPxrdH+u+mFTKUvlNJgB1ay6JMOInOjbpg=
Subject key identifier: 54:B4:66:9F:30:80:CC:83:BA:81:C3:25:12:36:C7:63:C0:A7:13:49
Certificate issuer: /CN=2d2f9339fbb8cb33c522751c530f3a20a753547c
Certificate serial: 0188672D57F47C81F12700B1A1D56A501722
Authority key identifier: 2D:2F:93:39:FB:B8:CB:33:C5:22:75:1C:53:0F:3A:20:A7:53:54:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LS-TOfu4yzPFInUcUw86IKdTVHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/95fa61-17fb-4890-9598-1d3a1e9b7545/1/VLRmnzCAzIO6gcMlEjbHY8CnE0k.roa
Signing time: Mon 29 May 2023 11:03:24 +0000
ROA not before: Mon 29 May 2023 11:03:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200449
IP address blocks: 185.104.208.0/22 maxlen: 24
2a06:3340::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:67:2d:57:f4:7c:81:f1:27:00:b1:a1:d5:6a:50:17:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d2f9339fbb8cb33c522751c530f3a20a753547c
Validity
Not Before: May 29 11:03:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=54b4669f3080cc83ba81c3251236c763c0a71349
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:7a:66:32:86:9b:1e:93:28:5c:84:36:21:03:
99:b4:5d:a1:7a:f8:87:f0:55:d1:55:00:af:8a:d0:
1a:3a:01:c9:e8:84:38:99:45:72:6d:81:e7:e4:47:
b3:c2:6c:da:1b:c8:06:d4:78:c4:6c:7c:f6:70:78:
0c:08:08:f5:b9:52:b3:fc:eb:57:5f:d4:7b:e7:68:
9a:73:20:ff:64:5f:1d:3b:93:5a:71:ef:43:8b:2a:
b1:15:f3:66:f0:3a:1a:1b:85:0b:02:6e:5e:7e:66:
8a:82:1a:c0:48:e5:1c:dc:ae:0f:9a:48:37:65:53:
84:78:44:16:08:9c:f5:4e:de:29:a1:ca:53:73:91:
ea:37:a5:ad:38:d9:f7:d4:34:6b:e4:b9:1e:59:a6:
2c:90:78:28:56:1f:4f:d7:ac:9c:b3:c1:d3:88:31:
ea:dd:9b:20:49:b1:4b:d7:4a:79:f2:89:29:5f:65:
d1:a3:b8:73:6f:be:73:25:85:37:b6:ad:68:d9:9d:
59:c6:39:a5:fb:41:58:40:18:1d:74:47:9f:71:d0:
ca:8c:9e:a4:52:11:37:bf:a6:40:72:a8:ab:d1:7f:
7c:8a:30:0f:a6:cc:f0:c9:74:dd:42:e9:b8:aa:97:
08:fc:43:9a:53:74:dc:fe:c0:1b:bb:5c:d5:34:52:
29:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:B4:66:9F:30:80:CC:83:BA:81:C3:25:12:36:C7:63:C0:A7:13:49
X509v3 Authority Key Identifier:
keyid:2D:2F:93:39:FB:B8:CB:33:C5:22:75:1C:53:0F:3A:20:A7:53:54:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LS-TOfu4yzPFInUcUw86IKdTVHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/95fa61-17fb-4890-9598-1d3a1e9b7545/1/VLRmnzCAzIO6gcMlEjbHY8CnE0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/95fa61-17fb-4890-9598-1d3a1e9b7545/1/LS-TOfu4yzPFInUcUw86IKdTVHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.208.0/22
IPv6:
2a06:3340::/29
Signature Algorithm: sha256WithRSAEncryption
2f:cb:f3:88:4f:8f:f7:d5:79:5f:33:a8:8b:53:4f:3d:2a:0b:
d2:34:43:f4:79:88:3c:74:d0:ff:6a:3a:dc:02:2d:95:f3:ec:
e4:7d:29:ff:cc:cc:ce:bf:9c:32:1e:71:bb:aa:54:b7:1d:9e:
13:a7:3a:e5:12:a9:60:2f:7e:0a:e2:8f:25:87:16:d1:79:7b:
e8:aa:c0:2a:1a:90:09:e4:ce:8b:df:1a:e7:e2:c0:57:e7:3c:
ba:ae:f0:04:5d:e2:56:2f:a0:96:bd:fd:87:92:e9:03:3c:88:
61:74:90:c5:33:29:ea:43:69:93:aa:b8:f2:62:f9:15:0f:92:
32:64:ae:51:93:94:3d:f1:d7:81:eb:b6:b7:1d:0a:a8:62:10:
29:ec:88:0f:31:ea:9e:53:25:62:2d:12:f2:fd:05:df:83:d4:
9a:b9:7b:72:55:bc:32:7e:59:99:6b:01:88:29:81:08:ca:ce:
75:d7:fe:ba:da:f5:3d:4b:92:21:1d:3c:aa:a2:93:3f:21:b5:
76:69:28:15:69:d9:23:df:5c:29:21:6b:4c:c8:a6:56:aa:9c:
1f:eb:ab:67:21:49:64:2f:e6:97:4a:fb:05:31:26:7d:4d:22:
57:32:bd:dc:60:d1:1c:9b:f1:2d:9f:1c:dd:97:94:c7:c9:dd:
c9:5f:79:6f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYhnLVf0fIHxJwCxodVqUBciMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMmY5MzM5ZmJiOGNiMzNjNTIyNzUxYzUzMGYzYTIwYTc1
MzU0N2MwHhcNMjMwNTI5MTEwMzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGI0NjY5ZjMwODBjYzgzYmE4MWMzMjUxMjM2Yzc2M2MwYTcxMzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgHpmMoabHpMoXIQ2IQOZtF2heviH
8FXRVQCvitAaOgHJ6IQ4mUVybYHn5EezwmzaG8gG1HjEbHz2cHgMCAj1uVKz/OtX
X9R752iacyD/ZF8dO5Nace9DiyqxFfNm8DoaG4ULAm5efmaKghrASOUc3K4Pmkg3
ZVOEeEQWCJz1Tt4pocpTc5HqN6WtONn31DRr5LkeWaYskHgoVh9P16ycs8HTiDHq
3ZsgSbFL10p58okpX2XRo7hzb75zJYU3tq1o2Z1Zxjml+0FYQBgddEefcdDKjJ6k
UhE3v6ZAcqir0X98ijAPpszwyXTdQum4qpcI/EOaU3Tc/sAbu1zVNFIpNQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFS0Zp8wgMyDuoHDJRI2x2PApxNJMB8GA1UdIwQY
MBaAFC0vkzn7uMszxSJ1HFMPOiCnU1R8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFMtVE9mdTR5elBGSW5VY1V3ODZJS2RUVkh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi85NWZhNjEtMTdmYi00ODkwLTk1OTgt
MWQzYTFlOWI3NTQ1LzEvVkxSbW56Q0F6SU82Z2NNbEVqYkhZOENuRTBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi85NWZhNjEtMTdmYi00ODkwLTk1OTgtMWQzYTFlOWI3NTQ1
LzEvTFMtVE9mdTR5elBGSW5VY1V3ODZJS2RUVkh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWjQMA0E
AgACMAcDBQMqBjNAMA0GCSqGSIb3DQEBCwUAA4IBAQAvy/OIT4/31XlfM6iLU089
KgvSNEP0eYg8dND/ajrcAi2V8+zkfSn/zMzOv5wyHnG7qlS3HZ4TpzrlEqlgL34K
4o8lhxbReXvoqsAqGpAJ5M6L3xrn4sBX5zy6rvAEXeJWL6CWvf2HkukDPIhhdJDF
MynqQ2mTqrjyYvkVD5IyZK5Rk5Q98deB67a3HQqoYhAp7IgPMeqeUyViLRLy/QXf
g9SauXtyVbwyflmZawGIKYEIys511/662vU9S5IhHTyqopM/IbV2aSgVadkj31wp
IWtMyKZWqpwf66tnIUlkL+aXSvsFMSZ9TSJXMr3cYNEcm/Etnxzdl5THyd3JX3lv
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:38:52 2025 by rpki-client