Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/0fd5f4-56c0-48ba-b02b-d138a9c4e43f/1/VZeAqpv38WS3O1yTJ47j3QwT_sY.roa
File: VZeAqpv38WS3O1yTJ47j3QwT_sY.roa (raw, json)
Hash identifier: cdRnTCoQCnz1va1IgSDdSPHPUqog8Zvw49lLQxAVLHo=
Subject key identifier: 55:97:80:AA:9B:F7:F1:64:B7:3B:5C:93:27:8E:E3:DD:0C:13:FE:C6
Certificate issuer: /CN=ea93edfc2aa748e4981050ec06e3a66920265e17
Certificate serial: 018751AD7581992B4CB6FBE10043482930B8
Authority key identifier: EA:93:ED:FC:2A:A7:48:E4:98:10:50:EC:06:E3:A6:69:20:26:5E:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6pPt_CqnSOSYEFDsBuOmaSAmXhc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/0fd5f4-56c0-48ba-b02b-d138a9c4e43f/1/VZeAqpv38WS3O1yTJ47j3QwT_sY.roa
Signing time: Wed 05 Apr 2023 13:48:54 +0000
ROA not before: Wed 05 Apr 2023 13:48:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198949
IP address blocks: 132.72.0.0/16 maxlen: 16
132.73.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:51:ad:75:81:99:2b:4c:b6:fb:e1:00:43:48:29:30:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea93edfc2aa748e4981050ec06e3a66920265e17
Validity
Not Before: Apr 5 13:48:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=559780aa9bf7f164b73b5c93278ee3dd0c13fec6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:d4:be:4c:cc:c8:16:6c:c4:92:51:02:fb:e4:
3c:60:2f:b0:46:7f:12:c1:3d:71:f6:06:c5:03:d0:
38:08:b1:b4:ca:a2:b2:8e:73:04:1b:80:cc:39:af:
11:b3:bf:5d:34:67:9b:21:82:8c:31:ea:5c:b8:33:
28:20:fb:0d:b2:b2:a7:f0:30:2d:2c:7a:88:5a:87:
8d:36:69:e1:ec:ae:43:bb:df:a1:14:e5:f0:1b:8e:
0e:4b:df:2b:6a:0c:be:8e:b4:93:8e:03:4f:ae:de:
7f:25:bb:a1:13:7b:6e:f0:7f:95:6a:77:f4:c5:67:
84:8a:e3:72:df:ee:c6:e3:d2:e7:ca:e2:60:21:f3:
b2:b5:70:bb:fe:78:19:9a:75:30:ec:f5:f5:80:f8:
87:c1:6b:d6:9b:4e:01:97:5e:81:c3:0d:8b:b4:e4:
43:63:fd:ca:f1:4b:ca:0a:fc:d9:13:e3:ef:4b:45:
97:3e:30:71:7d:28:7c:12:a9:54:9a:4b:c8:13:8c:
ce:ea:c7:8d:92:28:c5:26:f8:58:b8:e5:06:7e:36:
5a:d0:ab:71:c5:94:5d:5a:1a:f4:02:f2:84:86:f9:
47:43:d9:a4:f1:bd:e5:50:54:22:b2:a9:5d:87:f6:
f7:28:23:5a:18:4e:6d:bc:60:43:7b:49:46:08:c8:
31:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:97:80:AA:9B:F7:F1:64:B7:3B:5C:93:27:8E:E3:DD:0C:13:FE:C6
X509v3 Authority Key Identifier:
keyid:EA:93:ED:FC:2A:A7:48:E4:98:10:50:EC:06:E3:A6:69:20:26:5E:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6pPt_CqnSOSYEFDsBuOmaSAmXhc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/0fd5f4-56c0-48ba-b02b-d138a9c4e43f/1/VZeAqpv38WS3O1yTJ47j3QwT_sY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/0fd5f4-56c0-48ba-b02b-d138a9c4e43f/1/6pPt_CqnSOSYEFDsBuOmaSAmXhc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
132.72.0.0/15
Signature Algorithm: sha256WithRSAEncryption
79:a2:51:e9:0f:a0:5a:28:26:02:5a:d1:21:3a:76:0f:c4:8a:
20:ef:48:06:d6:70:1c:9a:7f:ea:a4:dd:a1:b9:9c:2c:e6:cb:
9a:14:72:40:b1:a3:4e:21:d5:1e:bf:64:0f:c6:30:db:e2:60:
a0:dc:de:d5:83:b4:8d:d6:01:af:5b:6e:89:ac:10:e0:57:e7:
10:87:14:c4:42:04:af:94:b8:0f:61:d4:25:f5:81:0c:67:ef:
00:c4:50:60:c9:68:97:2a:73:f0:1c:d2:ff:2c:36:fc:63:9b:
25:30:23:23:d6:00:5d:16:b5:99:5f:76:4c:c0:4c:e1:a0:74:
ca:47:3b:16:ef:4d:29:0f:01:61:b7:24:7f:79:d4:e3:f1:d7:
86:12:50:f6:42:5e:10:f3:22:c6:f0:cd:e7:62:fd:1a:91:60:
4d:0d:83:7e:70:a6:c4:fe:7d:1b:23:1c:dc:77:c0:72:9e:36:
3c:8a:4d:68:e0:9a:94:77:29:40:a5:31:ef:f5:7f:5e:d7:26:
3c:50:42:df:65:89:77:f1:3b:9a:e7:81:90:0c:f1:20:cd:73:
b5:cf:d3:da:7c:65:ae:3b:57:d6:a6:ce:c9:8b:12:50:c2:eb:
4f:ac:a0:dc:e2:a0:02:a1:ec:f6:38:88:89:a7:b8:7b:bc:06:
04:2f:03:45
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYdRrXWBmStMtvvhAENIKTC4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhOTNlZGZjMmFhNzQ4ZTQ5ODEwNTBlYzA2ZTNhNjY5MjAy
NjVlMTcwHhcNMjMwNDA1MTM0ODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTk3ODBhYTliZjdmMTY0YjczYjVjOTMyNzhlZTNkZDBjMTNmZWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndS+TMzIFmzEklEC++Q8YC+wRn8S
wT1x9gbFA9A4CLG0yqKyjnMEG4DMOa8Rs79dNGebIYKMMepcuDMoIPsNsrKn8DAt
LHqIWoeNNmnh7K5Du9+hFOXwG44OS98ragy+jrSTjgNPrt5/JbuhE3tu8H+Vanf0
xWeEiuNy3+7G49LnyuJgIfOytXC7/ngZmnUw7PX1gPiHwWvWm04Bl16Bww2LtORD
Y/3K8UvKCvzZE+PvS0WXPjBxfSh8EqlUmkvIE4zO6seNkijFJvhYuOUGfjZa0Ktx
xZRdWhr0AvKEhvlHQ9mk8b3lUFQisqldh/b3KCNaGE5tvGBDe0lGCMgxjwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFFWXgKqb9/FktztckyeO490ME/7GMB8GA1UdIwQY
MBaAFOqT7fwqp0jkmBBQ7AbjpmkgJl4XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnBQdF9DcW5TT1NZRUZEc0J1T21hU0FtWGhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8wZmQ1ZjQtNTZjMC00OGJhLWIwMmIt
ZDEzOGE5YzRlNDNmLzEvVlplQXFwdjM4V1MzTzF5VEo0N2ozUXdUX3NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8wZmQ1ZjQtNTZjMC00OGJhLWIwMmItZDEzOGE5YzRlNDNm
LzEvNnBQdF9DcW5TT1NZRUZEc0J1T21hU0FtWGhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBhEgwDQYJ
KoZIhvcNAQELBQADggEBAHmiUekPoFooJgJa0SE6dg/EiiDvSAbWcByaf+qk3aG5
nCzmy5oUckCxo04h1R6/ZA/GMNviYKDc3tWDtI3WAa9bbomsEOBX5xCHFMRCBK+U
uA9h1CX1gQxn7wDEUGDJaJcqc/Ac0v8sNvxjmyUwIyPWAF0WtZlfdkzATOGgdMpH
OxbvTSkPAWG3JH951OPx14YSUPZCXhDzIsbwzedi/RqRYE0Ng35wpsT+fRsjHNx3
wHKeNjyKTWjgmpR3KUClMe/1f17XJjxQQt9liXfxO5rngZAM8SDNc7XP09p8Za47
V9amzsmLElDC60+soNzioAKh7PY4iImnuHu8BgQvA0U=
-----END CERTIFICATE-----
Generated at Fri Apr 18 16:13:30 2025 by rpki-client