Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/bb4b8f-b6a2-4d00-9612-17edb98bbb08/1/VL69VZWkU7QJNmFGP6HJy2eeJls.roa
File: VL69VZWkU7QJNmFGP6HJy2eeJls.roa (raw, json)
Hash identifier: IierNMgZ64uatXpZWATIelMaRpFMKvOdW+vuvLelxH0=
Subject key identifier: 54:BE:BD:55:95:A4:53:B4:09:36:61:46:3F:A1:C9:CB:67:9E:26:5B
Certificate issuer: /CN=c588a079e4ceb6bb24c23c5271e4583e1cf2f9a9
Certificate serial: 01826E7D5B5FCE189BB8CAD4BFCBF0E3D184
Authority key identifier: C5:88:A0:79:E4:CE:B6:BB:24:C2:3C:52:71:E4:58:3E:1C:F2:F9:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xYigeeTOtrskwjxSceRYPhzy-ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/bb4b8f-b6a2-4d00-9612-17edb98bbb08/1/VL69VZWkU7QJNmFGP6HJy2eeJls.roa
Signing time: Fri 05 Aug 2022 14:51:25 +0000
ROA not before: Fri 05 Aug 2022 14:51:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42083
IP address blocks: 185.208.100.0/24 maxlen: 24
185.208.101.0/24 maxlen: 24
185.208.102.0/24 maxlen: 24
185.208.103.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:6e:7d:5b:5f:ce:18:9b:b8:ca:d4:bf:cb:f0:e3:d1:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c588a079e4ceb6bb24c23c5271e4583e1cf2f9a9
Validity
Not Before: Aug 5 14:51:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=54bebd5595a453b4093661463fa1c9cb679e265b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:f1:1d:20:32:e4:85:b4:87:0d:aa:21:06:64:
95:3d:0c:7e:19:fb:ef:89:bc:b7:b3:bf:2a:30:1f:
b1:0d:a3:bd:1f:23:44:54:39:d6:8e:b9:e4:69:86:
0f:8d:ff:12:50:50:d4:63:e5:e9:32:f0:3b:05:dc:
5c:37:9f:ea:b4:9b:59:73:4a:de:37:c4:b9:aa:7f:
3d:74:5f:db:0e:78:7c:69:39:64:43:c4:ee:00:6b:
45:0a:bc:de:57:0d:f2:0a:39:ef:c0:6c:6b:c0:ac:
29:88:df:72:95:bc:74:6c:8f:e6:c9:3a:96:fd:64:
cb:32:a9:8f:89:d0:d0:da:a4:f6:0b:e0:fe:f9:97:
54:98:34:7e:d7:47:1f:bf:4b:f2:23:50:ea:e2:8e:
8f:ad:08:63:c6:ad:69:b6:7e:4a:b6:21:34:46:95:
ac:5c:e9:87:f4:9b:fe:c1:1d:64:9d:86:7e:2b:3d:
8e:0d:d0:b9:12:c1:0a:fd:12:d2:6a:73:51:23:fa:
10:e6:ea:ba:57:1c:5a:92:bc:80:98:29:bf:18:14:
9a:aa:bd:08:d6:fd:fd:03:8c:55:b5:80:b3:14:0c:
e6:7f:a2:27:47:df:da:21:cf:1a:50:f8:11:63:40:
ae:c0:85:0a:04:5a:e7:b6:98:0f:6f:38:a8:ce:00:
fe:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:BE:BD:55:95:A4:53:B4:09:36:61:46:3F:A1:C9:CB:67:9E:26:5B
X509v3 Authority Key Identifier:
keyid:C5:88:A0:79:E4:CE:B6:BB:24:C2:3C:52:71:E4:58:3E:1C:F2:F9:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xYigeeTOtrskwjxSceRYPhzy-ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/bb4b8f-b6a2-4d00-9612-17edb98bbb08/1/VL69VZWkU7QJNmFGP6HJy2eeJls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/bb4b8f-b6a2-4d00-9612-17edb98bbb08/1/xYigeeTOtrskwjxSceRYPhzy-ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.208.100.0/22
Signature Algorithm: sha256WithRSAEncryption
51:53:a7:12:8d:62:36:0c:05:78:ec:a5:f8:98:b0:15:c0:54:
c8:b3:e4:57:31:f0:57:09:fb:0d:df:34:57:90:fa:41:6c:a6:
44:6c:00:54:72:d1:bc:0e:b2:6d:0b:e3:67:4e:fd:ce:ba:43:
74:02:b8:4b:28:c8:6b:9f:72:40:87:b4:6f:78:57:9c:16:01:
76:6b:c3:9c:06:30:1c:fc:84:a6:d8:af:72:6b:bc:de:48:aa:
4b:92:4c:84:d8:b6:9c:16:b6:1a:54:46:76:21:65:22:33:00:
f4:14:77:88:89:8d:82:68:f8:2d:1d:53:24:28:97:7a:5f:ab:
c5:0a:bb:34:65:b9:50:42:3e:3b:49:eb:ed:cc:e2:c1:a1:9a:
ae:14:02:a7:55:6e:d0:93:31:5e:b7:72:66:61:1d:5f:9c:30:
a8:91:92:6d:6f:02:c6:f3:f1:17:67:5e:e0:81:67:65:99:15:
8f:5a:54:2e:42:48:cb:c6:2f:8f:3d:6a:c5:ef:86:98:2e:81:
64:98:ff:61:88:92:2c:af:97:d4:9b:ff:36:ae:c2:22:c5:33:
b1:83:f7:37:8e:ad:01:53:9d:95:51:96:49:ba:8b:13:77:ba:
57:53:1b:1c:b0:5e:68:05:8d:ba:8e:cd:24:7c:3c:8d:23:88:
df:b2:f9:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJufVtfzhibuMrUv8vw49GEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1ODhhMDc5ZTRjZWI2YmIyNGMyM2M1MjcxZTQ1ODNlMWNm
MmY5YTkwHhcNMjIwODA1MTQ1MTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGJlYmQ1NTk1YTQ1M2I0MDkzNjYxNDYzZmExYzljYjY3OWUyNjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/EdIDLkhbSHDaohBmSVPQx+Gfvv
iby3s78qMB+xDaO9HyNEVDnWjrnkaYYPjf8SUFDUY+XpMvA7BdxcN5/qtJtZc0re
N8S5qn89dF/bDnh8aTlkQ8TuAGtFCrzeVw3yCjnvwGxrwKwpiN9ylbx0bI/myTqW
/WTLMqmPidDQ2qT2C+D++ZdUmDR+10cfv0vyI1Dq4o6PrQhjxq1ptn5KtiE0RpWs
XOmH9Jv+wR1knYZ+Kz2ODdC5EsEK/RLSanNRI/oQ5uq6VxxakryAmCm/GBSaqr0I
1v39A4xVtYCzFAzmf6InR9/aIc8aUPgRY0CuwIUKBFrntpgPbziozgD+BwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFS+vVWVpFO0CTZhRj+hyctnniZbMB8GA1UdIwQY
MBaAFMWIoHnkzra7JMI8UnHkWD4c8vmpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFlpZ2VlVE90cnNrd2p4U2NlUllQaHp5LWFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9iYjRiOGYtYjZhMi00ZDAwLTk2MTIt
MTdlZGI5OGJiYjA4LzEvVkw2OVZaV2tVN1FKTm1GR1A2SEp5MmVlSmxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9iYjRiOGYtYjZhMi00ZDAwLTk2MTItMTdlZGI5OGJiYjA4
LzEveFlpZ2VlVE90cnNrd2p4U2NlUllQaHp5LWFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudBkMA0G
CSqGSIb3DQEBCwUAA4IBAQBRU6cSjWI2DAV47KX4mLAVwFTIs+RXMfBXCfsN3zRX
kPpBbKZEbABUctG8DrJtC+NnTv3OukN0ArhLKMhrn3JAh7RveFecFgF2a8OcBjAc
/ISm2K9ya7zeSKpLkkyE2LacFrYaVEZ2IWUiMwD0FHeIiY2CaPgtHVMkKJd6X6vF
Crs0ZblQQj47SevtzOLBoZquFAKnVW7QkzFet3JmYR1fnDCokZJtbwLG8/EXZ17g
gWdlmRWPWlQuQkjLxi+PPWrF74aYLoFkmP9hiJIsr5fUm/82rsIixTOxg/c3jq0B
U52VUZZJuosTd7pXUxscsF5oBY26js0kfDyNI4jfsvnL
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:46 2025 by rpki-client