Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/VVOp9v79z85U8JnNwmq3UJyaT9g.roa
File: VVOp9v79z85U8JnNwmq3UJyaT9g.roa (raw, json)
Hash identifier: w3i2lVOeXw+ZcRcR+CMOptL6FmPB5MIcZCY+UihTSzw=
Subject key identifier: 55:53:A9:F6:FE:FD:CF:CE:54:F0:99:CD:C2:6A:B7:50:9C:9A:4F:D8
Certificate issuer: /CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Certificate serial: 03E4ECC5
Authority key identifier: 23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/VVOp9v79z85U8JnNwmq3UJyaT9g.roa
Signing time: Sat 01 Jan 2022 06:57:57 +0000
ROA not before: Sat 01 Jan 2022 06:57:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39143
IP address blocks: 89.188.162.0/24 maxlen: 24
185.211.240.0/22 maxlen: 23
2a03:8641::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65334469 (0x3e4ecc5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Validity
Not Before: Jan 1 06:57:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5553a9f6fefdcfce54f099cdc26ab7509c9a4fd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:90:c0:78:de:0f:fe:67:1c:b1:16:d7:73:a4:
5e:f9:14:31:c8:32:cb:92:22:cc:dc:95:ec:09:e6:
cd:2b:9e:23:6d:85:e1:a2:19:88:01:3d:dd:bc:3a:
0b:97:12:f1:f8:fd:24:e7:93:2d:a1:ea:10:10:75:
8c:99:27:f5:3b:2d:1d:14:ed:fc:3e:7a:01:0b:c1:
0d:7b:80:a6:a6:59:ed:31:61:78:f7:dc:a0:c3:aa:
47:a1:aa:a8:14:3c:d7:7f:46:65:62:4e:4d:98:2b:
b5:3a:1c:ea:09:c8:95:f5:43:2b:65:d8:28:bd:eb:
91:87:70:a7:26:c3:f8:d5:04:60:bb:1c:43:a2:46:
b5:9c:70:6f:8e:5b:dd:f2:6a:47:a4:be:63:cc:52:
04:6d:72:2f:fb:f7:e7:71:2a:f9:87:de:6c:dc:18:
43:90:a8:02:71:18:7d:31:fa:0f:3e:5a:c9:b6:85:
2e:e2:4e:1a:22:68:e1:88:93:bc:12:1f:f6:ce:4d:
9d:93:49:8b:bf:37:c4:18:88:8c:92:01:e7:07:49:
81:1d:65:46:0a:d9:9a:11:60:1d:76:c3:f5:95:2b:
3e:11:a2:57:43:74:2e:7d:61:78:0d:7a:2e:fd:f5:
8b:7a:51:ad:78:f7:75:ef:51:88:55:b2:0e:ea:4f:
ed:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:53:A9:F6:FE:FD:CF:CE:54:F0:99:CD:C2:6A:B7:50:9C:9A:4F:D8
X509v3 Authority Key Identifier:
keyid:23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/VVOp9v79z85U8JnNwmq3UJyaT9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/I-PZK_4WYZylAMAyZ-_6mqfKDEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.188.162.0/24
185.211.240.0/22
IPv6:
2a03:8641::/32
Signature Algorithm: sha256WithRSAEncryption
6c:c6:c2:eb:26:73:89:61:1e:82:7b:5a:00:4c:64:de:e2:02:
55:25:ab:94:30:c7:8b:09:c3:41:88:8b:d9:7f:21:2a:18:72:
9a:47:a2:77:52:4f:2c:2f:91:64:17:d6:6d:38:35:36:13:ae:
30:4f:e2:e2:5c:b7:39:51:d0:11:64:f6:65:98:7f:60:e9:45:
36:3c:94:58:50:16:00:0a:ae:35:55:94:f5:1e:6d:e8:6a:04:
92:7b:29:9f:cc:06:c6:b4:9f:6e:c8:d5:a9:b7:15:87:38:20:
5b:7b:54:12:e5:08:d5:ac:0e:91:ce:a3:e1:6e:d4:05:48:92:
55:28:69:2a:4e:5b:ea:b5:67:8c:ff:bd:db:a4:f4:3b:0f:0d:
22:52:d1:b1:94:f7:5a:df:c0:55:ae:bb:a7:48:96:95:4c:7f:
fc:fc:39:a0:0c:2d:09:eb:aa:e6:0e:17:ea:d1:52:68:ac:bf:
a3:8f:c7:0d:93:74:a9:56:ec:23:0e:22:6b:a8:ae:8e:31:79:
10:0a:46:26:3e:b1:e4:59:95:34:a5:96:66:2c:d1:3f:be:0a:
e1:fb:25:3d:29:6a:e2:a8:60:d9:1c:5b:56:e4:0b:b0:6f:6d:
38:4b:34:92:f1:45:fd:99:d2:13:ec:9c:48:a7:b3:84:dc:11:
53:d6:1f:18
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEA+TsxTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
M2UzZDkyYmZlMTY2MTljYTUwMGMwMzI2N2VmZmE5YWE3Y2EwYzQ3MB4XDTIyMDEw
MTA2NTc1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTU1M2E5ZjZmZWZk
Y2ZjZTU0ZjA5OWNkYzI2YWI3NTA5YzlhNGZkODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJmQwHjeD/5nHLEW13OkXvkUMcgyy5IizNyV7AnmzSueI22F
4aIZiAE93bw6C5cS8fj9JOeTLaHqEBB1jJkn9TstHRTt/D56AQvBDXuApqZZ7TFh
ePfcoMOqR6GqqBQ8139GZWJOTZgrtToc6gnIlfVDK2XYKL3rkYdwpybD+NUEYLsc
Q6JGtZxwb45b3fJqR6S+Y8xSBG1yL/v353Eq+YfebNwYQ5CoAnEYfTH6Dz5aybaF
LuJOGiJo4YiTvBIf9s5NnZNJi783xBiIjJIB5wdJgR1lRgrZmhFgHXbD9ZUrPhGi
V0N0Ln1heA16Lv31i3pRrXj3de9RiFWyDupP7RkCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBRVU6n2/v3PzlTwmc3CardQnJpP2DAfBgNVHSMEGDAWgBQj49kr/hZhnKUA
wDJn7/qap8oMRzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ktUFpLXzRXWVp5bEFNQXlaLV82bXFmS0RFYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjAvOWMyYzkwLWM3ZDQtNDhiNy05YmFmLWYxYmYwYzMzYTkwOC8x
L1ZWT3A5djc5ejg1VThKbk53bXEzVUp5YVQ5Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAv
OWMyYzkwLWM3ZDQtNDhiNy05YmFmLWYxYmYwYzMzYTkwOC8xL0ktUFpLXzRXWVp5
bEFNQXlaLV82bXFmS0RFYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAFm8ogMEArnT8DANBAIAAjAHAwUA
KgOGQTANBgkqhkiG9w0BAQsFAAOCAQEAbMbC6yZziWEegntaAExk3uICVSWrlDDH
iwnDQYiL2X8hKhhymkeid1JPLC+RZBfWbTg1NhOuME/i4ly3OVHQEWT2ZZh/YOlF
NjyUWFAWAAquNVWU9R5t6GoEknspn8wGxrSfbsjVqbcVhzggW3tUEuUI1awOkc6j
4W7UBUiSVShpKk5b6rVnjP+926T0Ow8NIlLRsZT3Wt/AVa67p0iWlUx//Pw5oAwt
Ceuq5g4X6tFSaKy/o4/HDZN0qVbsIw4ia6iujjF5EApGJj6x5FmVNKWWZizRP74K
4fslPSlq4qhg2RxbVuQLsG9tOEs0kvFF/ZnSE+ycSKezhNwRU9YfGA==
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:15:15 2025 by rpki-client