Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/386185-5acc-4fe1-9784-6b4afa40678d/1/VLvy29pRK2dw9itUttdJ-zvo6a4.roa
File: VLvy29pRK2dw9itUttdJ-zvo6a4.roa (raw, json)
Hash identifier: suPvlLdGDWM5PiMOZVh67b0GwC1ySq8z7CpiOIuLhJ0=
Subject key identifier: 54:BB:F2:DB:DA:51:2B:67:70:F6:2B:54:B6:D7:49:FB:3B:E8:E9:AE
Certificate issuer: /CN=107f7d0b64c98c99e8d08683505264d6b08bfd86
Certificate serial: 1312D163
Authority key identifier: 10:7F:7D:0B:64:C9:8C:99:E8:D0:86:83:50:52:64:D6:B0:8B:FD:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EH99C2TJjJno0IaDUFJk1rCL_YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/386185-5acc-4fe1-9784-6b4afa40678d/1/VLvy29pRK2dw9itUttdJ-zvo6a4.roa
Signing time: Sat 01 Jan 2022 07:53:12 +0000
ROA not before: Sat 01 Jan 2022 07:53:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57707
IP address blocks: 171.25.220.0/23 maxlen: 23
171.25.222.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 320000355 (0x1312d163)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=107f7d0b64c98c99e8d08683505264d6b08bfd86
Validity
Not Before: Jan 1 07:53:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=54bbf2dbda512b6770f62b54b6d749fb3be8e9ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:3a:31:7f:2a:28:6b:a2:02:5f:cb:1a:6d:60:
79:f6:a9:e9:5a:60:43:f8:d1:a8:98:9e:c2:65:ed:
fa:9c:96:db:3f:ba:8d:3e:48:8e:ce:48:bf:13:a8:
a5:08:76:3c:99:7b:30:80:20:b6:f5:82:bd:6b:5a:
24:7f:41:b1:5d:15:30:6c:d0:ae:bd:d7:07:0e:2c:
cb:ea:a2:8e:e5:c2:87:c7:90:5e:6a:bc:7f:f8:06:
e1:6a:35:18:14:c1:25:23:70:0c:bd:c2:09:5c:e1:
b3:be:aa:94:6d:33:10:b1:f4:16:47:10:96:03:09:
63:f0:d0:f1:e0:92:dc:4e:7f:f2:b7:a5:c8:73:a2:
de:6b:83:22:58:9f:70:c5:aa:cf:b8:d6:36:72:56:
fb:9e:9e:ea:e8:b5:e3:0b:b3:5a:ed:04:f2:88:7b:
06:6c:ae:f1:b2:6e:1a:eb:41:d2:0c:c9:3b:fe:f4:
58:c8:3a:fc:4f:e4:c6:8c:3b:b9:b8:84:9f:bc:14:
f8:48:6b:c2:e2:a8:20:8f:ae:78:19:31:de:bb:8b:
a3:01:f3:48:70:e1:9c:6f:25:41:e6:1c:02:a0:c9:
05:f1:97:ec:8b:4a:a0:ba:d5:df:f0:5a:65:b3:86:
07:47:63:4e:11:76:cd:69:34:a6:34:c5:37:96:da:
3a:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:BB:F2:DB:DA:51:2B:67:70:F6:2B:54:B6:D7:49:FB:3B:E8:E9:AE
X509v3 Authority Key Identifier:
keyid:10:7F:7D:0B:64:C9:8C:99:E8:D0:86:83:50:52:64:D6:B0:8B:FD:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EH99C2TJjJno0IaDUFJk1rCL_YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/386185-5acc-4fe1-9784-6b4afa40678d/1/VLvy29pRK2dw9itUttdJ-zvo6a4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/386185-5acc-4fe1-9784-6b4afa40678d/1/EH99C2TJjJno0IaDUFJk1rCL_YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.25.220.0-171.25.222.255
Signature Algorithm: sha256WithRSAEncryption
cb:62:f5:b7:65:12:d5:07:11:b1:a1:f6:1f:b7:44:38:df:7f:
95:e8:27:bc:9b:13:37:09:82:0d:1f:00:49:5c:07:21:2a:89:
dd:28:9f:ba:6a:c0:24:c0:4c:98:76:f9:42:f1:3a:57:07:59:
b4:ab:e4:db:a9:e3:89:eb:e7:c4:ac:d0:7f:a2:92:7c:3c:5f:
b2:87:03:12:e8:ca:5c:0e:c6:ad:15:66:4f:17:85:e1:ad:92:
43:12:51:12:ef:96:8d:11:76:aa:9f:88:f5:15:42:f8:10:a8:
01:83:09:c9:17:51:f8:6c:9d:fb:45:a4:5e:0a:ef:c3:57:bc:
bd:29:50:9e:36:8c:17:27:cd:4c:39:42:ea:24:53:b1:75:40:
f5:0b:a9:21:09:a9:46:40:ce:8b:ed:62:99:a4:a9:a2:a1:42:
ab:37:e1:27:03:9c:32:9d:10:d8:24:1c:30:99:3d:6d:0f:eb:
cf:ef:87:dd:63:1c:01:60:b5:ec:b9:22:42:bd:bb:94:a9:c4:
57:58:e5:fe:cb:f0:f0:33:55:de:92:1d:c1:6d:1c:32:a4:07:
dc:7d:2e:12:b2:d5:a7:a4:70:44:49:26:ad:13:de:30:2c:fb:
1c:f2:da:2c:ec:23:f5:2c:3c:2f:e0:0d:fa:ee:3a:07:4b:f8:
6c:03:c2:bb
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEExLRYzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MDdmN2QwYjY0Yzk4Yzk5ZThkMDg2ODM1MDUyNjRkNmIwOGJmZDg2MB4XDTIyMDEw
MTA3NTMxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTRiYmYyZGJkYTUx
MmI2NzcwZjYyYjU0YjZkNzQ5ZmIzYmU4ZTlhZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN06MX8qKGuiAl/LGm1gefap6VpgQ/jRqJiewmXt+pyW2z+6
jT5Ijs5IvxOopQh2PJl7MIAgtvWCvWtaJH9BsV0VMGzQrr3XBw4sy+qijuXCh8eQ
Xmq8f/gG4Wo1GBTBJSNwDL3CCVzhs76qlG0zELH0FkcQlgMJY/DQ8eCS3E5/8rel
yHOi3muDIlifcMWqz7jWNnJW+56e6ui14wuzWu0E8oh7Bmyu8bJuGutB0gzJO/70
WMg6/E/kxow7ubiEn7wU+EhrwuKoII+ueBkx3ruLowHzSHDhnG8lQeYcAqDJBfGX
7ItKoLrV3/BaZbOGB0djThF2zWk0pjTFN5baOl0CAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBRUu/Lb2lErZ3D2K1S210n7O+jprjAfBgNVHSMEGDAWgBQQf30LZMmMmejQ
hoNQUmTWsIv9hjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VIOTlDMlRKakpubzBJYURVRkprMXJDTF9ZWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvMzg2MTg1LTVhY2MtNGZlMS05Nzg0LTZiNGFmYTQwNjc4ZC8x
L1ZMdnkyOXBSSzJkdzlpdFV0dGRKLXp2bzZhNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
Mzg2MTg1LTVhY2MtNGZlMS05Nzg0LTZiNGFmYTQwNjc4ZC8xL0VIOTlDMlRKakpu
bzBJYURVRkprMXJDTF9ZWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQCqxncAwQAqxneMA0GCSqGSIb3
DQEBCwUAA4IBAQDLYvW3ZRLVBxGxofYft0Q433+V6Ce8mxM3CYINHwBJXAchKond
KJ+6asAkwEyYdvlC8TpXB1m0q+TbqeOJ6+fErNB/opJ8PF+yhwMS6MpcDsatFWZP
F4XhrZJDElES75aNEXaqn4j1FUL4EKgBgwnJF1H4bJ37RaReCu/DV7y9KVCeNowX
J81MOULqJFOxdUD1C6khCalGQM6L7WKZpKmioUKrN+EnA5wynRDYJBwwmT1tD+vP
74fdYxwBYLXsuSJCvbuUqcRXWOX+y/DwM1Xekh3BbRwypAfcfS4SstWnpHBESSat
E94wLPsc8tos7CP1LDwv4A367joHS/hsA8K7
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:35 2025 by rpki-client