Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/97a9aa-6970-49c8-8d0a-2b3ddbcb7238/1/vb3BL7n9U39luQktzGd1DdircJg.roa
File: vb3BL7n9U39luQktzGd1DdircJg.roa (raw, json)
Hash identifier: NWXvYQSK04hzWPqxWtdgtizo7vqo0jqil+ZjHiWVflg=
Subject key identifier: BD:BD:C1:2F:B9:FD:53:7F:65:B9:09:2D:CC:67:75:0D:D8:AB:70:98
Certificate issuer: /CN=aafa45a62c5e850ab9c8726a59a9bfa992d371b2
Certificate serial: 018572D5ADB6FD4C565D89A5D8E2FCF2DA12
Authority key identifier: AA:FA:45:A6:2C:5E:85:0A:B9:C8:72:6A:59:A9:BF:A9:92:D3:71:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qvpFpixehQq5yHJqWam_qZLTcbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/97a9aa-6970-49c8-8d0a-2b3ddbcb7238/1/vb3BL7n9U39luQktzGd1DdircJg.roa
Signing time: Mon 02 Jan 2023 14:14:44 +0000
ROA not before: Mon 02 Jan 2023 14:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39614
IP address blocks: 185.228.176.0/22 maxlen: 24
213.139.240.0/22 maxlen: 24
2a09:7180::/29 maxlen: 48
2a0c:1d00::/30 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:d5:ad:b6:fd:4c:56:5d:89:a5:d8:e2:fc:f2:da:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aafa45a62c5e850ab9c8726a59a9bfa992d371b2
Validity
Not Before: Jan 2 14:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bdbdc12fb9fd537f65b9092dcc67750dd8ab7098
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ee:b6:aa:e2:2d:a0:92:13:f2:3a:20:9c:27:
14:d2:24:6a:f5:67:9d:43:5b:4a:4c:89:a4:75:55:
79:6e:8e:22:ec:da:dd:fc:6f:d0:25:e4:5e:5b:3b:
82:e1:a5:72:9d:56:dd:a1:83:0e:34:be:b3:16:d6:
76:6a:8e:9a:b6:7f:62:d6:95:ff:cb:06:14:98:7b:
17:77:c0:8a:c1:9a:56:0d:23:6e:39:56:16:fa:f9:
23:c4:5f:31:68:61:f6:3f:7b:aa:40:68:9a:40:d0:
cf:ac:24:9c:6e:81:dc:37:03:17:84:9b:98:14:e3:
cb:c6:9a:a4:f9:bd:62:c3:a6:c1:bb:11:58:e6:ab:
23:e2:84:69:72:31:9a:2d:93:ec:87:02:14:3e:bd:
86:51:5f:3c:b4:3a:55:d7:18:cd:d8:72:1d:0c:a6:
f7:4f:f3:5b:ac:76:f7:01:36:d7:0e:96:a0:bd:b4:
43:58:6f:e1:69:c1:26:9c:7f:08:7e:6b:1a:d4:a0:
9d:0a:72:cf:ce:ae:33:98:c4:f9:ac:2d:f5:84:78:
91:4d:f5:11:7b:71:ca:c6:d3:06:eb:9e:05:9c:b6:
ff:e2:67:0a:2f:80:2b:01:aa:ad:af:9d:92:25:8c:
8f:b4:87:5a:01:a1:90:71:e5:53:8c:d9:c4:03:ec:
52:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:BD:C1:2F:B9:FD:53:7F:65:B9:09:2D:CC:67:75:0D:D8:AB:70:98
X509v3 Authority Key Identifier:
keyid:AA:FA:45:A6:2C:5E:85:0A:B9:C8:72:6A:59:A9:BF:A9:92:D3:71:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qvpFpixehQq5yHJqWam_qZLTcbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/97a9aa-6970-49c8-8d0a-2b3ddbcb7238/1/vb3BL7n9U39luQktzGd1DdircJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/97a9aa-6970-49c8-8d0a-2b3ddbcb7238/1/qvpFpixehQq5yHJqWam_qZLTcbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.176.0/22
213.139.240.0/22
IPv6:
2a09:7180::/29
2a0c:1d00::/30
Signature Algorithm: sha256WithRSAEncryption
0a:4d:1c:7b:c2:68:07:76:9d:7c:59:07:fb:9f:af:e9:21:f8:
46:eb:5e:fb:7d:0c:63:f0:aa:1c:0e:0d:c0:e0:d1:4b:f7:6a:
94:59:e4:f3:9f:1b:0e:3c:19:f3:e3:8d:91:cd:a2:e6:6d:41:
84:53:84:48:79:f5:d8:9e:90:bf:68:92:ec:27:d3:12:da:62:
6b:a5:27:37:16:60:72:67:9e:44:c7:95:ef:54:14:f0:da:99:
87:50:c1:a6:d9:05:ee:cb:36:d1:1b:56:91:79:ae:a4:0d:73:
a0:00:0a:2c:04:02:95:4e:6b:33:27:7b:6a:bb:71:52:01:db:
37:37:4b:4d:45:fb:3c:84:6c:43:6b:e9:ed:bd:9a:07:5e:7a:
86:df:b1:8b:ce:0d:6d:7b:44:fc:df:5f:7d:13:0f:ca:ba:a3:
1b:58:cd:cf:1e:a5:cd:54:2d:be:9a:ee:c6:9f:8f:31:69:d8:
09:00:4f:6d:7d:45:d3:18:3a:fd:56:0a:13:4b:dd:b4:4f:63:
48:b1:10:01:bf:7e:79:d5:74:84:c8:0e:46:53:e8:81:33:9b:
6b:c1:d7:7e:69:6d:d6:d5:de:eb:cb:cf:07:65:b9:7e:17:df:
a7:b7:f0:5b:da:56:40:3b:87:6c:48:fe:4e:4b:02:25:fb:c6:
f1:e8:c7:87
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVy1a22/UxWXYml2OL88toSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhZmE0NWE2MmM1ZTg1MGFiOWM4NzI2YTU5YTliZmE5OTJk
MzcxYjIwHhcNMjMwMTAyMTQxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGJkYzEyZmI5ZmQ1MzdmNjViOTA5MmRjYzY3NzUwZGQ4YWI3MDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhO62quItoJIT8jognCcU0iRq9Wed
Q1tKTImkdVV5bo4i7Nrd/G/QJeReWzuC4aVynVbdoYMONL6zFtZ2ao6atn9i1pX/
ywYUmHsXd8CKwZpWDSNuOVYW+vkjxF8xaGH2P3uqQGiaQNDPrCScboHcNwMXhJuY
FOPLxpqk+b1iw6bBuxFY5qsj4oRpcjGaLZPshwIUPr2GUV88tDpV1xjN2HIdDKb3
T/NbrHb3ATbXDpagvbRDWG/hacEmnH8Ifmsa1KCdCnLPzq4zmMT5rC31hHiRTfUR
e3HKxtMG654FnLb/4mcKL4ArAaqtr52SJYyPtIdaAaGQceVTjNnEA+xS4wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFL29wS+5/VN/ZbkJLcxndQ3Yq3CYMB8GA1UdIwQY
MBaAFKr6RaYsXoUKuchyalmpv6mS03GyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXZwRnBpeGVoUXE1eUhKcVdhbV9xWkxUY2JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy85N2E5YWEtNjk3MC00OWM4LThkMGEt
MmIzZGRiY2I3MjM4LzEvdmIzQkw3bjlVMzlsdVFrdHpHZDFEZGlyY0pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy85N2E5YWEtNjk3MC00OWM4LThkMGEtMmIzZGRiY2I3MjM4
LzEvcXZwRnBpeGVoUXE1eUhKcVdhbV9xWkxUY2JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCueSwAwQC
1YvwMBQEAgACMA4DBQMqCXGAAwUCKgwdADANBgkqhkiG9w0BAQsFAAOCAQEACk0c
e8JoB3adfFkH+5+v6SH4Rute+30MY/CqHA4NwODRS/dqlFnk858bDjwZ8+ONkc2i
5m1BhFOESHn12J6Qv2iS7CfTEtpia6UnNxZgcmeeRMeV71QU8NqZh1DBptkF7ss2
0RtWkXmupA1zoAAKLAQClU5rMyd7artxUgHbNzdLTUX7PIRsQ2vp7b2aB156ht+x
i84NbXtE/N9ffRMPyrqjG1jNzx6lzVQtvpruxp+PMWnYCQBPbX1F0xg6/VYKE0vd
tE9jSLEQAb9+edV0hMgORlPogTOba8HXfmlt1tXe68vPB2W5fhffp7fwW9pWQDuH
bEj+TksCJfvG8ejHhw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:11:15 2025 by rpki-client