Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/VOcVE9WCl-GeoGu-t3fIa2HPGXg.roa
File: VOcVE9WCl-GeoGu-t3fIa2HPGXg.roa (raw, json)
Hash identifier: aHq/o6sWQ3qLDV6Le0mPY6YyJ1akvmKf+cIAzLkGs9c=
Subject key identifier: 54:E7:15:13:D5:82:97:E1:9E:A0:6B:BE:B7:77:C8:6B:61:CF:19:78
Certificate issuer: /CN=56e3353d5f423ad4271c3261caa543140530bddb
Certificate serial: 01856D4A956C9421320B32EFF22BA7F2D701
Authority key identifier: 56:E3:35:3D:5F:42:3A:D4:27:1C:32:61:CA:A5:43:14:05:30:BD:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VuM1PV9COtQnHDJhyqVDFAUwvds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/VOcVE9WCl-GeoGu-t3fIa2HPGXg.roa
Signing time: Sun 01 Jan 2023 12:24:42 +0000
ROA not before: Sun 01 Jan 2023 12:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34757
IP address blocks: 5.44.168.0/23 maxlen: 24
109.111.176.0/20 maxlen: 24
193.238.128.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:95:6c:94:21:32:0b:32:ef:f2:2b:a7:f2:d7:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56e3353d5f423ad4271c3261caa543140530bddb
Validity
Not Before: Jan 1 12:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=54e71513d58297e19ea06bbeb777c86b61cf1978
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:0a:de:72:9f:72:56:cb:b0:f4:54:ae:ab:c5:
d7:df:26:ea:f2:db:57:c4:c6:0a:59:63:5e:04:4b:
84:a1:bd:dd:80:94:6a:76:31:de:5b:d1:06:73:9b:
06:04:14:0a:a0:92:e2:71:fc:25:e0:8b:3b:04:79:
54:51:fe:8f:af:5f:8f:6a:c4:e0:1d:14:39:1b:fa:
fe:68:21:e6:2e:63:36:66:f0:0a:60:af:c9:42:08:
ca:10:c6:28:1e:f9:47:0b:14:6e:a3:79:14:90:11:
12:9f:53:4d:8f:86:00:09:17:47:79:d5:a9:80:89:
91:87:9b:6c:95:6c:26:c0:e1:e5:ad:38:34:3e:78:
bf:0a:7f:d3:ef:b9:85:5d:ec:9f:14:58:0d:b9:36:
1f:d1:88:09:e1:76:17:3d:d6:f4:37:ab:d9:80:32:
5d:48:97:5d:c2:77:bb:a0:9d:c3:af:cc:7c:9c:35:
75:36:4f:a1:bc:c0:b5:ab:9e:83:74:25:66:73:cd:
fd:ec:c9:92:50:09:3e:39:19:1f:05:5c:6c:ea:7d:
9c:d5:57:ef:93:51:bf:a2:36:ca:4f:4d:ae:77:8f:
91:19:57:a6:df:a3:67:aa:af:bf:37:9b:df:11:d4:
29:9e:4d:7d:d8:71:e4:ce:78:a0:b5:a0:b7:f0:ef:
89:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:E7:15:13:D5:82:97:E1:9E:A0:6B:BE:B7:77:C8:6B:61:CF:19:78
X509v3 Authority Key Identifier:
keyid:56:E3:35:3D:5F:42:3A:D4:27:1C:32:61:CA:A5:43:14:05:30:BD:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VuM1PV9COtQnHDJhyqVDFAUwvds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/VOcVE9WCl-GeoGu-t3fIa2HPGXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/VuM1PV9COtQnHDJhyqVDFAUwvds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.168.0/23
109.111.176.0/20
193.238.128.0/22
Signature Algorithm: sha256WithRSAEncryption
94:6a:30:1a:56:8b:fa:2a:a7:9e:1a:aa:a9:52:95:0e:a9:db:
3d:55:85:81:a1:bd:e8:85:5d:3a:5d:1e:8f:25:f3:8f:54:2d:
ae:30:02:b3:5a:d2:58:1a:3c:f6:76:32:18:36:58:86:0a:f4:
5f:fb:fd:0c:07:ae:16:e2:f3:d9:4e:0b:2b:06:ba:98:26:a3:
50:38:95:c8:92:ad:1d:20:c5:b5:71:dd:1c:c4:77:c2:46:83:
a2:76:36:08:6e:52:f5:69:68:0a:58:3a:c0:4f:0a:7f:d5:61:
db:b9:2f:93:ce:04:7b:f2:d1:a5:42:0b:a6:4c:72:9d:13:3f:
d8:6e:1c:cf:90:cf:88:08:de:8a:87:d5:9b:fa:25:52:f4:8a:
3d:d6:16:20:c6:cd:91:2a:02:2e:5b:70:2a:3e:fb:21:a4:68:
bb:71:0b:bb:53:49:e5:5a:97:01:fb:fb:fa:81:ed:73:e6:bd:
14:87:4a:e4:f4:3e:d3:69:23:e1:7e:f9:fc:e3:3c:32:38:7f:
ad:27:38:80:9e:ae:85:e9:fc:05:a1:25:91:51:dd:72:b5:ef:
69:5f:9d:04:81:09:13:29:a8:4a:4a:e1:eb:e1:88:5f:1c:45:
18:55:83:cd:72:b7:aa:b0:df:bb:1a:a5:10:85:0f:e6:63:27:
3f:b6:97:df
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtSpVslCEyCzLv8iun8tcBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2ZTMzNTNkNWY0MjNhZDQyNzFjMzI2MWNhYTU0MzE0MDUz
MGJkZGIwHhcNMjMwMTAxMTIyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGU3MTUxM2Q1ODI5N2UxOWVhMDZiYmViNzc3Yzg2YjYxY2YxOTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQrecp9yVsuw9FSuq8XX3ybq8ttX
xMYKWWNeBEuEob3dgJRqdjHeW9EGc5sGBBQKoJLicfwl4Is7BHlUUf6Pr1+PasTg
HRQ5G/r+aCHmLmM2ZvAKYK/JQgjKEMYoHvlHCxRuo3kUkBESn1NNj4YACRdHedWp
gImRh5tslWwmwOHlrTg0Pni/Cn/T77mFXeyfFFgNuTYf0YgJ4XYXPdb0N6vZgDJd
SJddwne7oJ3Dr8x8nDV1Nk+hvMC1q56DdCVmc8397MmSUAk+ORkfBVxs6n2c1Vfv
k1G/ojbKT02ud4+RGVem36Nnqq+/N5vfEdQpnk192HHkznigtaC38O+JQQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFTnFRPVgpfhnqBrvrd3yGthzxl4MB8GA1UdIwQY
MBaAFFbjNT1fQjrUJxwyYcqlQxQFML3bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnVNMVBWOUNPdFFuSERKaHlxVkRGQVV3dmRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82MTA5ZDYtMGE4YS00YmY2LWEwZTIt
ZTUyZGEzYjg2NzU0LzEvVk9jVkU5V0NsLUdlb0d1LXQzZklhMkhQR1hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82MTA5ZDYtMGE4YS00YmY2LWEwZTItZTUyZGEzYjg2NzU0
LzEvVnVNMVBWOUNPdFFuSERKaHlxVkRGQVV3dmRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBBSyoAwQE
bW+wAwQCwe6AMA0GCSqGSIb3DQEBCwUAA4IBAQCUajAaVov6KqeeGqqpUpUOqds9
VYWBob3ohV06XR6PJfOPVC2uMAKzWtJYGjz2djIYNliGCvRf+/0MB64W4vPZTgsr
BrqYJqNQOJXIkq0dIMW1cd0cxHfCRoOidjYIblL1aWgKWDrATwp/1WHbuS+TzgR7
8tGlQgumTHKdEz/YbhzPkM+ICN6Kh9Wb+iVS9Io91hYgxs2RKgIuW3AqPvshpGi7
cQu7U0nlWpcB+/v6ge1z5r0Uh0rk9D7TaSPhfvn84zwyOH+tJziAnq6F6fwFoSWR
Ud1yte9pX50EgQkTKahKSuHr4YhfHEUYVYPNcreqsN+7GqUQhQ/mYyc/tpff
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:44 2025 by rpki-client