Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/VnHa0LYWuohciLOz9AO1aMVbQJ0.roa
File: VnHa0LYWuohciLOz9AO1aMVbQJ0.roa (raw, json)
Hash identifier: u8s4F7esFvTL//OtwVHkDFqNvAUHv7UMexF3SuYF2CI=
Subject key identifier: 56:71:DA:D0:B6:16:BA:88:5C:88:B3:B3:F4:03:B5:68:C5:5B:40:9D
Certificate issuer: /CN=76670236cd0e038684a33194bde7d4b95adc66f7
Certificate serial: 01856F5DE55AECCA5CB9373B230A2069E7F2
Authority key identifier: 76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/VnHa0LYWuohciLOz9AO1aMVbQJ0.roa
Signing time: Sun 01 Jan 2023 22:05:02 +0000
ROA not before: Sun 01 Jan 2023 22:05:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206766
IP address blocks: 45.153.72.0/23 maxlen: 23
185.183.160.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:e5:5a:ec:ca:5c:b9:37:3b:23:0a:20:69:e7:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76670236cd0e038684a33194bde7d4b95adc66f7
Validity
Not Before: Jan 1 22:05:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5671dad0b616ba885c88b3b3f403b568c55b409d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:8c:56:b6:7c:e4:9a:3f:31:f9:ad:c4:05:ac:
0c:4b:01:30:bd:e8:b5:5a:a2:a2:82:05:62:ba:ec:
6d:c7:55:34:8c:1e:4f:38:8e:24:79:8e:38:d7:b7:
16:a9:7b:56:d8:ec:a2:a8:c5:c1:6e:05:fb:b2:ca:
ec:7c:bd:5f:a6:38:65:5d:65:71:da:79:06:62:c1:
50:e9:b5:28:98:9e:12:c0:c4:e9:53:b4:80:02:49:
bb:43:20:78:ee:45:b5:3e:e3:89:5e:59:f7:fa:00:
1a:d9:ef:c4:e0:39:e6:88:86:b0:ca:ad:78:19:90:
d6:28:66:06:9c:bf:21:2a:64:31:7d:0e:8b:14:57:
fc:c4:2e:76:d7:0e:6c:46:8e:c9:9b:3f:e0:03:2f:
f9:f4:64:f0:53:20:b8:ba:63:de:5c:99:9f:9b:bc:
b9:d1:86:e3:9f:ac:2c:3b:94:f3:f3:30:ed:b1:8e:
d2:41:d1:d2:28:73:bb:1d:b1:fd:6a:e0:cd:ff:e6:
0c:03:24:f6:0e:e6:e9:87:0e:bd:21:ad:34:55:ca:
80:8b:29:b8:ad:f2:44:db:84:04:95:26:bd:f1:15:
f2:6f:4b:f9:b7:ac:6f:5f:07:1b:4a:01:8a:fd:64:
ef:35:b3:1e:06:c9:78:93:48:a6:cc:13:fa:34:2e:
6c:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:71:DA:D0:B6:16:BA:88:5C:88:B3:B3:F4:03:B5:68:C5:5B:40:9D
X509v3 Authority Key Identifier:
keyid:76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/VnHa0LYWuohciLOz9AO1aMVbQJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.72.0/23
185.183.160.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:7c:79:f8:f5:c4:1a:b9:56:38:21:cc:4d:d1:f0:62:9f:ad:
16:c7:5e:93:66:7d:93:c4:34:50:a9:04:d8:d2:ed:53:6f:8c:
bd:4e:cf:f7:6c:fb:66:6a:fc:eb:d0:76:19:a3:ac:9d:1c:d1:
58:f3:6c:57:0b:c0:35:61:5c:53:f9:c7:3d:28:4c:27:0d:6e:
c5:54:3a:7d:84:50:19:a2:5e:72:cc:25:f1:21:d8:04:a3:15:
75:46:85:d1:07:b0:b2:22:d3:34:b5:8e:77:21:49:cc:a9:2c:
5e:c0:1a:30:0e:8c:57:dc:a1:cf:d2:87:42:0c:00:ac:0e:29:
44:97:a5:64:66:da:fd:7b:a4:83:f9:b5:2d:65:af:5f:38:36:
39:30:49:74:ea:e9:bc:a8:46:b6:cb:67:21:a3:0c:b9:ed:82:
72:13:42:47:a5:1f:d2:d4:13:a1:e7:8f:5d:50:28:c6:cb:e9:
d6:d6:04:89:8a:17:ba:5d:2e:a3:a7:bb:ba:fc:f6:8c:52:5e:
f6:83:77:5e:d4:89:3d:a5:e9:29:58:1a:53:70:d6:eb:41:8a:
db:67:af:6a:89:f8:7c:84:6c:e4:0b:86:9b:12:9a:96:68:24:
f4:ad:31:b8:20:9f:10:54:6e:81:a8:00:e4:86:9e:ae:d2:82:
7b:e6:0c:84
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvXeVa7MpcuTc7IwogaefyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NjcwMjM2Y2QwZTAzODY4NGEzMzE5NGJkZTdkNGI5NWFk
YzY2ZjcwHhcNMjMwMTAxMjIwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjcxZGFkMGI2MTZiYTg4NWM4OGIzYjNmNDAzYjU2OGM1NWI0MDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoxWtnzkmj8x+a3EBawMSwEwvei1
WqKiggViuuxtx1U0jB5POI4keY4417cWqXtW2OyiqMXBbgX7ssrsfL1fpjhlXWVx
2nkGYsFQ6bUomJ4SwMTpU7SAAkm7QyB47kW1PuOJXln3+gAa2e/E4DnmiIawyq14
GZDWKGYGnL8hKmQxfQ6LFFf8xC521w5sRo7Jmz/gAy/59GTwUyC4umPeXJmfm7y5
0Ybjn6wsO5Tz8zDtsY7SQdHSKHO7HbH9auDN/+YMAyT2Dubphw69Ia00VcqAiym4
rfJE24QElSa98RXyb0v5t6xvXwcbSgGK/WTvNbMeBsl4k0imzBP6NC5sZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFZx2tC2FrqIXIizs/QDtWjFW0CdMB8GA1UdIwQY
MBaAFHZnAjbNDgOGhKMxlL3n1Lla3Gb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgt
YmE0ZmMyMzQ2ODNlLzEvVm5IYTBMWVd1b2hjaUxPejlBTzFhTVZiUUowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgtYmE0ZmMyMzQ2ODNl
LzEvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLZlIAwQC
ubegMA0GCSqGSIb3DQEBCwUAA4IBAQBrfHn49cQauVY4IcxN0fBin60Wx16TZn2T
xDRQqQTY0u1Tb4y9Ts/3bPtmavzr0HYZo6ydHNFY82xXC8A1YVxT+cc9KEwnDW7F
VDp9hFAZol5yzCXxIdgEoxV1RoXRB7CyItM0tY53IUnMqSxewBowDoxX3KHP0odC
DACsDilEl6VkZtr9e6SD+bUtZa9fODY5MEl06um8qEa2y2chowy57YJyE0JHpR/S
1BOh549dUCjGy+nW1gSJihe6XS6jp7u6/PaMUl72g3de1Ik9pekpWBpTcNbrQYrb
Z69qifh8hGzkC4abEpqWaCT0rTG4IJ8QVG6BqADkhp6u0oJ75gyE
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:28:40 2025 by rpki-client