Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/vs-5ceqoNCUua_3Ao3hrh63z3l0.roa
File: vs-5ceqoNCUua_3Ao3hrh63z3l0.roa (raw, json)
Hash identifier: 54sLJtuyEq8Q1i0tnsAMm9ff+kCicM1nDEeZoynmMDE=
Subject key identifier: BE:CF:B9:71:EA:A8:34:25:2E:6B:FD:C0:A3:78:6B:87:AD:F3:DE:5D
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 01856D8B11A2EE3E311E50F3AF8B1BA9C060
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/vs-5ceqoNCUua_3Ao3hrh63z3l0.roa
Signing time: Sun 01 Jan 2023 13:35:08 +0000
ROA not before: Sun 01 Jan 2023 13:35:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204510
IP address blocks: 194.209.28.0/24 maxlen: 24
194.209.4.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8b:11:a2:ee:3e:31:1e:50:f3:af:8b:1b:a9:c0:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 13:35:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=becfb971eaa834252e6bfdc0a3786b87adf3de5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:06:c4:c8:2c:57:bc:eb:28:5f:05:1d:2c:d4:
60:d3:14:a4:15:d0:c0:41:8b:69:3a:e5:19:62:26:
52:a3:30:39:10:46:8d:13:a9:9a:b8:b5:86:8c:f9:
47:e8:30:62:94:bc:8e:56:80:50:cb:9d:bf:20:eb:
c5:4c:73:33:e9:3a:a8:b3:76:51:ea:ec:93:57:9e:
db:ba:2c:08:23:d3:35:80:da:98:d5:0b:12:18:73:
23:c6:d4:ea:32:35:3a:48:6a:a1:ee:9b:5c:38:e9:
ff:1a:2d:2f:61:04:ea:47:33:5b:72:ef:39:a4:ec:
07:85:01:21:02:ad:86:e0:c7:38:4c:53:e8:7a:f4:
1f:0d:55:b0:f8:b1:b2:68:b4:02:64:a7:17:62:87:
45:bb:66:2a:c0:eb:07:a2:c0:ca:ca:f5:e1:ea:6b:
f1:f0:cb:85:9e:e2:c6:fc:eb:25:fd:ca:88:85:2f:
99:a1:9f:c8:7c:54:fe:08:83:19:ba:60:b3:08:30:
53:a6:c5:d8:da:60:95:a5:32:0d:bf:21:ef:a7:ed:
75:b4:96:57:f6:11:1b:e6:4c:12:ed:d7:70:c7:03:
bb:b1:50:2f:f5:41:01:bd:10:ff:42:72:c4:05:52:
48:4d:9d:47:d8:b4:b0:e6:cb:d2:7b:02:65:3f:7a:
fe:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:CF:B9:71:EA:A8:34:25:2E:6B:FD:C0:A3:78:6B:87:AD:F3:DE:5D
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/vs-5ceqoNCUua_3Ao3hrh63z3l0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.209.4.0/24
194.209.28.0/24
Signature Algorithm: sha256WithRSAEncryption
15:44:16:6a:c1:78:bf:09:63:80:95:d4:19:d0:48:0a:9f:b8:
d6:a2:ba:be:ff:60:5a:4b:d2:f0:4e:b4:2a:46:1f:ed:58:6a:
df:59:e8:05:20:3f:49:90:7c:b4:a2:b6:b6:ac:22:80:6f:6f:
98:19:c3:48:b7:aa:a8:64:fd:60:51:49:f2:cf:ed:a8:d5:76:
c0:bc:1b:26:33:a8:87:97:e4:f6:ac:eb:85:3b:dd:ac:09:af:
57:78:36:20:38:11:92:ea:8e:ef:da:30:c0:6a:79:88:f8:de:
4b:e2:6e:fe:80:c4:24:cc:9c:f7:4a:01:b9:b6:fd:67:ac:96:
15:ff:84:ad:35:fc:9a:ae:05:ae:da:83:82:c2:8b:a6:13:d5:
1b:b4:c9:54:f5:fd:bc:97:4f:0e:23:d2:49:33:2a:42:1f:8d:
2a:42:c1:82:c0:ee:6c:e8:96:36:fa:fc:f6:10:d3:89:4b:4e:
d9:ad:b0:46:cc:fe:88:be:f8:9f:1f:c3:b5:db:7c:f7:25:fe:
1e:a3:70:09:9f:5f:ae:c3:51:51:e1:16:db:c0:23:86:69:70:
4b:0b:ac:d4:6d:d4:07:1a:ba:68:fc:ee:9d:f6:ba:d9:60:47:
15:c4:5b:cc:25:63:73:ed:af:3e:dd:25:39:57:e1:b0:96:84:
33:38:a5:e9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtixGi7j4xHlDzr4sbqcBgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjMwMTAxMTMzNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWNmYjk3MWVhYTgzNDI1MmU2YmZkYzBhMzc4NmI4N2FkZjNkZTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgbEyCxXvOsoXwUdLNRg0xSkFdDA
QYtpOuUZYiZSozA5EEaNE6mauLWGjPlH6DBilLyOVoBQy52/IOvFTHMz6Tqos3ZR
6uyTV57buiwII9M1gNqY1QsSGHMjxtTqMjU6SGqh7ptcOOn/Gi0vYQTqRzNbcu85
pOwHhQEhAq2G4Mc4TFPoevQfDVWw+LGyaLQCZKcXYodFu2YqwOsHosDKyvXh6mvx
8MuFnuLG/Osl/cqIhS+ZoZ/IfFT+CIMZumCzCDBTpsXY2mCVpTINvyHvp+11tJZX
9hEb5kwS7ddwxwO7sVAv9UEBvRD/QnLEBVJITZ1H2LSw5svSewJlP3r+0QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL7PuXHqqDQlLmv9wKN4a4et895dMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvdnMtNWNlcW9OQ1V1YV8zQW8zaHJoNjN6M2wwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwtEEAwQA
wtEcMA0GCSqGSIb3DQEBCwUAA4IBAQAVRBZqwXi/CWOAldQZ0EgKn7jWorq+/2Ba
S9LwTrQqRh/tWGrfWegFID9JkHy0ora2rCKAb2+YGcNIt6qoZP1gUUnyz+2o1XbA
vBsmM6iHl+T2rOuFO92sCa9XeDYgOBGS6o7v2jDAanmI+N5L4m7+gMQkzJz3SgG5
tv1nrJYV/4StNfyargWu2oOCwoumE9UbtMlU9f28l08OI9JJMypCH40qQsGCwO5s
6JY2+vz2ENOJS07ZrbBGzP6IvvifH8O123z3Jf4eo3AJn1+uw1FR4RbbwCOGaXBL
C6zUbdQHGrpo/O6d9rrZYEcVxFvMJWNz7a8+3SU5V+GwloQzOKXp
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:52:44 2025 by rpki-client