Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/6e1961-3da6-47c1-9b6d-dbb64a6835ad/1/vr4HP0LG5hBbUkNgt2lvupAVhKo.roa
File: vr4HP0LG5hBbUkNgt2lvupAVhKo.roa (raw, json)
Hash identifier: KJHM6VwJgvFKsG0unNdlrHeoZa0hzJnJLabW7/Der3k=
Subject key identifier: BE:BE:07:3F:42:C6:E6:10:5B:52:43:60:B7:69:6F:BA:90:15:84:AA
Certificate issuer: /CN=18b889f0ddbb52801e2d2e7a2ebe1167cad34c06
Certificate serial: 0185720C645614B9EB6A5728C9C4F63C1932
Authority key identifier: 18:B8:89:F0:DD:BB:52:80:1E:2D:2E:7A:2E:BE:11:67:CA:D3:4C:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GLiJ8N27UoAeLS56Lr4RZ8rTTAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/6e1961-3da6-47c1-9b6d-dbb64a6835ad/1/vr4HP0LG5hBbUkNgt2lvupAVhKo.roa
Signing time: Mon 02 Jan 2023 10:34:52 +0000
ROA not before: Mon 02 Jan 2023 10:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42316
IP address blocks: 185.187.160.0/22 maxlen: 24
45.159.128.0/22 maxlen: 24
176.113.47.0/24 maxlen: 24
2a0b:a880::/29 maxlen: 48
2a0c:9280::/29 maxlen: 48
2a0f:7680::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:64:56:14:b9:eb:6a:57:28:c9:c4:f6:3c:19:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18b889f0ddbb52801e2d2e7a2ebe1167cad34c06
Validity
Not Before: Jan 2 10:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bebe073f42c6e6105b524360b7696fba901584aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:20:bd:73:2e:c9:31:a0:96:81:c4:1e:6a:85:
51:06:eb:41:10:cc:f8:64:43:36:b9:59:2e:84:d2:
6c:8e:b2:4e:df:1f:43:37:67:27:d7:6f:08:d6:ee:
2f:11:1c:a4:36:fe:bd:4e:10:d9:4d:75:2e:64:ab:
36:b0:74:93:b8:81:b0:fd:ef:5a:9e:4a:6b:d6:84:
6d:bb:fa:57:92:eb:ea:bb:b3:9e:19:de:a2:88:a0:
67:62:4f:76:02:73:11:ac:ce:18:2a:86:34:0f:3e:
7f:ed:0f:c8:8d:c7:95:b6:f4:23:67:97:dd:d0:80:
34:18:35:fd:fc:45:b6:45:8d:77:2d:dc:f5:c2:b3:
23:f7:d6:3c:e1:b7:df:6b:4a:6e:6a:7e:ec:ba:57:
3c:50:29:25:46:94:78:e4:dd:14:28:66:bb:19:3a:
58:4c:ff:0f:5b:71:1e:aa:67:a6:e3:d7:58:6b:5f:
ab:70:f5:ae:77:c0:4b:c9:ec:45:0e:e0:b2:52:50:
3e:ce:a3:a4:6e:7c:a4:ca:f0:fb:52:ca:71:b5:ff:
ec:11:96:e0:93:3a:ae:e3:c5:41:53:b0:3f:52:43:
bd:f6:04:03:e4:88:ce:ec:d3:7e:b0:92:ca:f8:d8:
9f:50:77:42:64:24:67:91:ba:0e:76:c8:b6:a4:5a:
36:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:BE:07:3F:42:C6:E6:10:5B:52:43:60:B7:69:6F:BA:90:15:84:AA
X509v3 Authority Key Identifier:
keyid:18:B8:89:F0:DD:BB:52:80:1E:2D:2E:7A:2E:BE:11:67:CA:D3:4C:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GLiJ8N27UoAeLS56Lr4RZ8rTTAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/6e1961-3da6-47c1-9b6d-dbb64a6835ad/1/vr4HP0LG5hBbUkNgt2lvupAVhKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/6e1961-3da6-47c1-9b6d-dbb64a6835ad/1/GLiJ8N27UoAeLS56Lr4RZ8rTTAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.128.0/22
176.113.47.0/24
185.187.160.0/22
IPv6:
2a0b:a880::/29
2a0c:9280::/29
2a0f:7680::/29
Signature Algorithm: sha256WithRSAEncryption
16:05:3d:6c:e8:2a:3b:ce:6e:20:af:8e:ba:1a:51:95:0c:6a:
71:fb:b2:ff:a2:ac:c5:bc:06:f3:87:e0:21:7b:4e:39:03:99:
08:51:30:63:6a:0c:6e:7f:3b:84:42:1c:e8:b9:52:f9:94:75:
70:91:5f:44:92:f5:66:d8:c2:ba:56:51:e4:f7:80:05:ba:b7:
98:5b:82:35:bf:ef:cf:2a:b4:0c:59:cc:19:c2:51:ff:37:40:
ac:25:12:c0:c2:3e:4b:0d:96:76:3b:63:64:c9:e8:86:3f:ef:
b8:74:2d:3b:c7:dd:56:d1:1f:52:1e:cb:90:80:2b:49:a4:0d:
67:ac:c7:57:4f:7a:c5:3f:2e:99:65:7c:73:ad:a0:19:17:da:
59:b7:a3:d7:6b:45:c8:e1:e2:6c:40:55:be:4d:46:b7:c3:89:
48:a0:e9:8f:7e:58:20:4f:f9:23:8c:c5:99:3b:fd:f8:83:ff:
62:8a:33:0e:83:82:73:26:89:13:fc:9c:e0:88:d8:78:71:6a:
6d:a4:0e:c1:14:58:c9:2b:12:10:3b:e6:f3:6f:eb:56:1f:0f:
9a:a0:e0:c6:8b:65:d5:3f:be:eb:37:41:6f:38:41:90:22:c8:
91:f4:a5:99:0a:91:52:81:f8:6e:5c:a4:75:eb:cd:70:86:7d:
fd:ac:93:e7
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYVyDGRWFLnralcoycT2PBkyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4Yjg4OWYwZGRiYjUyODAxZTJkMmU3YTJlYmUxMTY3Y2Fk
MzRjMDYwHhcNMjMwMTAyMTAzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWJlMDczZjQyYzZlNjEwNWI1MjQzNjBiNzY5NmZiYTkwMTU4NGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiC9cy7JMaCWgcQeaoVRButBEMz4
ZEM2uVkuhNJsjrJO3x9DN2cn128I1u4vERykNv69ThDZTXUuZKs2sHSTuIGw/e9a
nkpr1oRtu/pXkuvqu7OeGd6iiKBnYk92AnMRrM4YKoY0Dz5/7Q/IjceVtvQjZ5fd
0IA0GDX9/EW2RY13Ldz1wrMj99Y84bffa0puan7sulc8UCklRpR45N0UKGa7GTpY
TP8PW3Eeqmem49dYa1+rcPWud8BLyexFDuCyUlA+zqOkbnykyvD7Uspxtf/sEZbg
kzqu48VBU7A/UkO99gQD5IjO7NN+sJLK+NifUHdCZCRnkboOdsi2pFo26wIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFL6+Bz9CxuYQW1JDYLdpb7qQFYSqMB8GA1UdIwQY
MBaAFBi4ifDdu1KAHi0uei6+EWfK00wGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0xpSjhOMjdVb0FlTFM1NkxyNFJaOHJUVEFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC82ZTE5NjEtM2RhNi00N2MxLTliNmQt
ZGJiNjRhNjgzNWFkLzEvdnI0SFAwTEc1aEJiVWtOZ3QybHZ1cEFWaEtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC82ZTE5NjEtM2RhNi00N2MxLTliNmQtZGJiNjRhNjgzNWFk
LzEvR0xpSjhOMjdVb0FlTFM1NkxyNFJaOHJUVEFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAYBAIAATASAwQCLZ+AAwQA
sHEvAwQCubugMBsEAgACMBUDBQMqC6iAAwUDKgySgAMFAyoPdoAwDQYJKoZIhvcN
AQELBQADggEBABYFPWzoKjvObiCvjroaUZUManH7sv+irMW8BvOH4CF7TjkDmQhR
MGNqDG5/O4RCHOi5UvmUdXCRX0SS9WbYwrpWUeT3gAW6t5hbgjW/788qtAxZzBnC
Uf83QKwlEsDCPksNlnY7Y2TJ6IY/77h0LTvH3VbRH1Iey5CAK0mkDWesx1dPesU/
LpllfHOtoBkX2lm3o9drRcjh4mxAVb5NRrfDiUig6Y9+WCBP+SOMxZk7/fiD/2KK
Mw6DgnMmiRP8nOCI2Hhxam2kDsEUWMkrEhA75vNv61YfD5qg4MaLZdU/vus3QW84
QZAiyJH0pZkKkVKB+G5cpHXrzXCGff2sk+c=
-----END CERTIFICATE-----
Generated at Tue Mar 11 05:05:26 2025 by rpki-client