Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/vvhaBQ6xMOL1ARzXMucNw9xmxa8.roa
File: vvhaBQ6xMOL1ARzXMucNw9xmxa8.roa (raw, json)
Hash identifier: 4wAHcePimdV5Ob5oznFwf8uhDiD4ilmTQi77wv4LcMA=
Subject key identifier: BE:F8:5A:05:0E:B1:30:E2:F5:01:1C:D7:32:E7:0D:C3:DC:66:C5:AF
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 0A047414
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/vvhaBQ6xMOL1ARzXMucNw9xmxa8.roa
Signing time: Thu 24 Mar 2022 18:36:49 +0000
ROA not before: Thu 24 Mar 2022 18:36:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 45051
IP address blocks: 91.203.170.0/24 maxlen: 24
91.203.168.0/24 maxlen: 24
91.203.168.0/22 maxlen: 22
91.203.169.0/24 maxlen: 24
91.203.171.0/24 maxlen: 24
212.75.224.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 168064020 (0xa047414)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Mar 24 18:36:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bef85a050eb130e2f5011cd732e70dc3dc66c5af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:8c:ae:25:e4:bf:6a:be:97:1e:ec:31:7d:ef:
9c:ba:0b:3b:38:5e:86:30:95:d9:00:6a:7c:41:cb:
b7:da:d2:2a:29:3e:a1:27:17:f9:f7:60:b1:81:14:
ef:18:ce:2c:86:a6:22:9a:cb:60:0e:80:b8:0f:af:
05:a5:c1:31:79:52:d2:79:16:0e:7f:f3:ac:4e:d0:
40:6d:df:c9:c8:aa:cb:35:67:8c:fb:bb:c3:e8:83:
2a:2f:b1:ed:b1:84:3e:7b:0d:39:d4:32:cb:60:f8:
a7:1b:c7:19:c2:c5:bf:6c:2f:99:33:f7:e2:a2:b4:
fa:7e:60:0d:be:50:d2:67:89:40:33:f4:17:02:e2:
a5:bf:57:e3:3b:31:a3:fd:94:ff:7b:ef:fa:ff:a1:
a5:d5:e3:16:cb:4e:4e:c0:13:e8:65:95:af:e2:b4:
57:54:e0:71:76:5e:59:f5:ba:95:f2:f3:d5:e4:03:
f9:a1:82:ae:44:a9:37:93:a2:d1:d8:da:10:fe:5b:
f2:f8:5d:8a:d3:5e:11:92:c4:07:d8:5f:6f:26:9c:
55:95:2b:59:1d:12:92:59:bd:51:30:62:2c:a1:48:
ed:e2:21:b1:cc:20:6f:fd:d8:71:e2:1a:8f:0d:38:
12:78:1e:61:21:3e:af:01:50:e1:10:cd:72:d6:b6:
7d:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:F8:5A:05:0E:B1:30:E2:F5:01:1C:D7:32:E7:0D:C3:DC:66:C5:AF
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/vvhaBQ6xMOL1ARzXMucNw9xmxa8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.203.168.0/22
212.75.224.0/19
Signature Algorithm: sha256WithRSAEncryption
d8:8c:1a:95:22:b7:a4:7d:8f:3b:67:61:a2:4d:33:0d:32:50:
80:6b:c6:41:e7:87:b4:88:1f:0e:50:fd:77:36:c0:49:f6:92:
45:09:15:a4:5e:68:bd:38:75:1c:13:04:41:71:6c:cf:f1:5a:
f9:b7:ad:cd:4d:f5:45:17:37:d3:43:81:a4:fb:84:c5:8d:fd:
e4:82:76:50:66:04:1c:bf:b8:cb:e4:79:69:52:af:2d:a0:c0:
6a:15:7b:6a:50:7d:66:61:18:d1:e2:e1:f8:fe:46:09:be:fd:
37:64:2b:1b:be:6c:b3:c2:fa:6a:a8:b2:42:aa:33:2a:33:0c:
69:02:18:45:8d:14:86:ca:11:4b:f1:6c:49:7b:26:12:1a:a8:
3b:55:80:50:f7:b3:69:ae:1a:a5:d0:13:a3:c9:0f:be:96:de:
cb:87:b4:3b:df:e0:40:1e:50:c0:bf:25:87:64:42:e5:4e:50:
54:a2:65:05:5e:3a:62:ee:10:a0:51:07:2b:e5:67:b6:f3:e5:
cf:ae:56:0c:aa:0a:17:db:a0:fc:38:7d:d0:4d:46:1a:59:20:
5a:d7:2b:38:92:a6:75:9a:42:9e:6f:4e:a6:09:b6:c0:86:4d:
cb:8e:f5:00:b7:16:85:65:ac:f8:34:80:50:3e:96:12:37:bc:
08:6f:09:75
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECgR0FDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ODAyYjk1Y2U2MjM5ZDUyNmMzNWFlN2E4ZTJjZWI0OGFlYjgyYjVmMB4XDTIyMDMy
NDE4MzY0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmVmODVhMDUwZWIx
MzBlMmY1MDExY2Q3MzJlNzBkYzNkYzY2YzVhZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOiMriXkv2q+lx7sMX3vnLoLOzhehjCV2QBqfEHLt9rSKik+
oScX+fdgsYEU7xjOLIamIprLYA6AuA+vBaXBMXlS0nkWDn/zrE7QQG3fyciqyzVn
jPu7w+iDKi+x7bGEPnsNOdQyy2D4pxvHGcLFv2wvmTP34qK0+n5gDb5Q0meJQDP0
FwLipb9X4zsxo/2U/3vv+v+hpdXjFstOTsAT6GWVr+K0V1TgcXZeWfW6lfLz1eQD
+aGCrkSpN5Oi0djaEP5b8vhditNeEZLEB9hfbyacVZUrWR0Sklm9UTBiLKFI7eIh
scwgb/3YceIajw04EngeYSE+rwFQ4RDNcta2fbMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBS++FoFDrEw4vUBHNcy5w3D3GbFrzAfBgNVHSMEGDAWgBQIArlc5iOdUmw1
rnqOLOtIrrgrXzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NBSzVYT1lqblZKc05hNTZqaXpyU0s2NEsxOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTQvMTBlOTY1LTc0MDktNDRkOC05NTAyLWNmMGFhM2VjYWQyOC8x
L3Z2aGFCUTZ4TU9MMUFSelhNdWNOdzl4bXhhOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTQv
MTBlOTY1LTc0MDktNDRkOC05NTAyLWNmMGFhM2VjYWQyOC8xL0NBSzVYT1lqblZK
c05hNTZqaXpyU0s2NEsxOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAlvLqAMEBdRL4DANBgkqhkiG9w0B
AQsFAAOCAQEA2IwalSK3pH2PO2dhok0zDTJQgGvGQeeHtIgfDlD9dzbASfaSRQkV
pF5ovTh1HBMEQXFsz/Fa+betzU31RRc300OBpPuExY395IJ2UGYEHL+4y+R5aVKv
LaDAahV7alB9ZmEY0eLh+P5GCb79N2QrG75ss8L6aqiyQqozKjMMaQIYRY0UhsoR
S/FsSXsmEhqoO1WAUPezaa4apdATo8kPvpbey4e0O9/gQB5QwL8lh2RC5U5QVKJl
BV46Yu4QoFEHK+VntvPlz65WDKoKF9ug/Dh90E1GGlkgWtcrOJKmdZpCnm9Opgm2
wIZNy471ALcWhWWs+DSAUD6WEje8CG8JdQ==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:42:23 2025 by rpki-client