Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/VvWDAt9ZD_02KrmSaMB7LGvp7Is.roa
File: VvWDAt9ZD_02KrmSaMB7LGvp7Is.roa (raw, json)
Hash identifier: f70Bw6mXZgSu0eDpzk3hZFlur1sgj8yE+aR8o94rDpA=
Subject key identifier: 56:F5:83:02:DF:59:0F:FD:36:2A:B9:92:68:C0:7B:2C:6B:E9:EC:8B
Certificate issuer: /CN=3fedd85c1eccb5ff4ba930117a7329099c0ff2eb
Certificate serial: 0187B7DC9E0582C416F0F1E875BEFEC09227
Authority key identifier: 3F:ED:D8:5C:1E:CC:B5:FF:4B:A9:30:11:7A:73:29:09:9C:0F:F2:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/VvWDAt9ZD_02KrmSaMB7LGvp7Is.roa
Signing time: Tue 25 Apr 2023 10:01:41 +0000
ROA not before: Tue 25 Apr 2023 10:01:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6810
IP address blocks: 85.130.192.0/19 maxlen: 24
85.130.192.0/18 maxlen: 24
85.130.128.0/18 maxlen: 24
31.168.36.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b7:dc:9e:05:82:c4:16:f0:f1:e8:75:be:fe:c0:92:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fedd85c1eccb5ff4ba930117a7329099c0ff2eb
Validity
Not Before: Apr 25 10:01:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=56f58302df590ffd362ab99268c07b2c6be9ec8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:8a:c6:9c:67:0f:80:c5:b0:0e:f8:5b:a1:4a:
fe:16:41:10:d8:a2:ca:74:dd:e8:4d:46:37:16:e9:
67:cd:46:71:f3:33:6a:48:40:7e:23:e0:58:75:31:
46:4e:ea:ad:97:d4:e2:96:5e:9c:89:8e:42:a4:50:
97:57:3d:fb:3e:65:f6:ea:e0:be:5d:1b:7b:50:8d:
3e:35:30:9b:6e:34:8a:2c:b7:25:54:7e:4c:5d:1d:
13:97:6e:5a:e5:2f:73:fe:59:3c:da:9d:d6:82:34:
50:b8:6c:0c:09:b3:7a:39:92:03:9b:b7:aa:22:c9:
17:6b:46:ab:92:2c:51:77:41:1b:c9:6e:9f:59:60:
39:45:0c:a8:d8:a8:1c:66:8f:0c:1a:dd:50:23:02:
39:ac:b7:6d:cc:82:7c:b6:80:3f:a1:23:45:8b:eb:
60:f5:71:61:ab:ca:e3:ce:16:e0:7e:9c:87:aa:26:
d2:9d:00:38:9b:94:1e:77:c8:6f:99:ae:7f:41:46:
58:21:e0:71:94:fc:d4:c5:c2:98:18:bb:64:50:9f:
a8:b6:96:0a:5b:14:d3:dd:4c:7a:06:b4:19:62:c8:
ed:80:8a:55:c2:06:ac:64:c8:17:2b:fe:c3:a7:19:
88:69:00:34:49:eb:d1:f9:e2:36:1d:a3:28:f0:e5:
66:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:F5:83:02:DF:59:0F:FD:36:2A:B9:92:68:C0:7B:2C:6B:E9:EC:8B
X509v3 Authority Key Identifier:
keyid:3F:ED:D8:5C:1E:CC:B5:FF:4B:A9:30:11:7A:73:29:09:9C:0F:F2:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/VvWDAt9ZD_02KrmSaMB7LGvp7Is.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/P-3YXB7Mtf9LqTARenMpCZwP8us.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.168.36.0/23
85.130.128.0/17
Signature Algorithm: sha256WithRSAEncryption
68:42:bb:f7:f8:b4:5f:77:a0:f1:a7:c0:0b:31:42:83:ef:bf:
e2:9f:2b:26:d6:8a:36:2a:cc:6f:42:07:4a:dc:ac:74:e7:23:
ef:86:77:83:05:4c:32:64:72:54:b1:02:c4:bb:42:cb:7f:09:
32:1f:8d:f6:8d:47:58:50:ac:a2:46:fa:a5:a0:76:68:fd:04:
b7:38:54:26:16:48:1f:6d:e0:aa:15:27:86:91:ad:23:1c:4f:
7a:c7:99:c8:bf:81:d3:f2:99:ee:9c:6c:91:b8:9f:54:1d:60:
4b:99:f7:7f:1e:21:d9:a1:ea:8c:8c:5b:21:12:e3:b5:6e:47:
d2:9e:63:66:c8:dd:30:2d:ea:7b:a5:d1:c6:d9:87:71:b8:d4:
63:ed:75:99:d1:d9:46:df:02:d8:51:58:e1:be:dc:41:35:fe:
fc:69:af:48:c6:32:cb:67:fe:48:ee:3c:eb:4b:af:81:8b:d0:
43:af:a3:f1:44:a2:a7:a3:c0:39:a5:2e:06:0a:e4:33:cc:18:
88:70:31:bb:31:1e:ec:f6:2b:cc:6a:65:e6:4f:5c:cc:c3:65:
34:f6:ee:20:3c:58:d3:12:47:54:c9:97:3d:ae:92:88:e7:3b:
65:bb:ed:18:33:2a:1b:38:4a:79:0c:e6:aa:1f:e3:98:db:83:
61:ef:ad:52
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYe33J4FgsQW8PHodb7+wJInMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZWRkODVjMWVjY2I1ZmY0YmE5MzAxMTdhNzMyOTA5OWMw
ZmYyZWIwHhcNMjMwNDI1MTAwMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmY1ODMwMmRmNTkwZmZkMzYyYWI5OTI2OGMwN2IyYzZiZTllYzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYrGnGcPgMWwDvhboUr+FkEQ2KLK
dN3oTUY3FulnzUZx8zNqSEB+I+BYdTFGTuqtl9Till6ciY5CpFCXVz37PmX26uC+
XRt7UI0+NTCbbjSKLLclVH5MXR0Tl25a5S9z/lk82p3WgjRQuGwMCbN6OZIDm7eq
IskXa0arkixRd0EbyW6fWWA5RQyo2KgcZo8MGt1QIwI5rLdtzIJ8toA/oSNFi+tg
9XFhq8rjzhbgfpyHqibSnQA4m5Qed8hvma5/QUZYIeBxlPzUxcKYGLtkUJ+otpYK
WxTT3Ux6BrQZYsjtgIpVwgasZMgXK/7DpxmIaQA0SevR+eI2HaMo8OVmaQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFb1gwLfWQ/9Niq5kmjAeyxr6eyLMB8GA1UdIwQY
MBaAFD/t2FwezLX/S6kwEXpzKQmcD/LrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUC0zWVhCN010ZjlMcVRBUmVuTXBDWndQOHVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80MWMzMjEtMzQ3ZS00YzNlLWFmZmQt
ZTJiNTI3NzI4ZTk2LzEvVnZXREF0OVpEXzAyS3JtU2FNQjdMR3ZwN0lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80MWMzMjEtMzQ3ZS00YzNlLWFmZmQtZTJiNTI3NzI4ZTk2
LzEvUC0zWVhCN010ZjlMcVRBUmVuTXBDWndQOHVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBH6gkAwQH
VYKAMA0GCSqGSIb3DQEBCwUAA4IBAQBoQrv3+LRfd6Dxp8ALMUKD77/inysm1oo2
KsxvQgdK3Kx05yPvhneDBUwyZHJUsQLEu0LLfwkyH432jUdYUKyiRvqloHZo/QS3
OFQmFkgfbeCqFSeGka0jHE96x5nIv4HT8pnunGyRuJ9UHWBLmfd/HiHZoeqMjFsh
EuO1bkfSnmNmyN0wLep7pdHG2YdxuNRj7XWZ0dlG3wLYUVjhvtxBNf78aa9IxjLL
Z/5I7jzrS6+Bi9BDr6PxRKKno8A5pS4GCuQzzBiIcDG7MR7s9ivMamXmT1zMw2U0
9u4gPFjTEkdUyZc9rpKI5ztlu+0YMyobOEp5DOaqH+OY24Nh761S
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:29:47 2025 by rpki-client