Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/VrFurbJLRbV5QaqINW8DEQwxy0Q.roa
File: VrFurbJLRbV5QaqINW8DEQwxy0Q.roa (raw, json)
Hash identifier: PAwvl8muBlbt+s8nHt9upBVy8uvH5Qs6T0XzYgNtsYs=
Subject key identifier: 56:B1:6E:AD:B2:4B:45:B5:79:41:AA:88:35:6F:03:11:0C:31:CB:44
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018A09D84E5E76541E04DD8F0C1A7B691751
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/VrFurbJLRbV5QaqINW8DEQwxy0Q.roa
Signing time: Fri 18 Aug 2023 18:11:25 +0000
ROA not before: Fri 18 Aug 2023 18:11:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7029
IP address blocks: 109.111.32.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:09:d8:4e:5e:76:54:1e:04:dd:8f:0c:1a:7b:69:17:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Aug 18 18:11:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=56b16eadb24b45b57941aa88356f03110c31cb44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:67:d2:23:b1:76:24:f6:d8:92:0a:5c:c8:b0:
ca:45:92:8e:ac:9f:78:04:dd:c2:1d:ce:77:94:1b:
79:36:d2:2d:23:78:7b:e4:d9:9d:69:38:05:81:b4:
69:bc:81:76:db:b2:f3:09:8e:c2:2f:ea:2e:be:05:
f4:3f:76:fa:89:29:2f:db:97:9e:b6:ab:62:dc:ac:
39:49:63:1c:0a:bc:a5:a1:bc:a2:dd:60:9e:b9:f2:
6b:6e:79:a4:d9:20:24:e2:23:f0:c1:bc:72:ed:cb:
fc:92:b1:c7:fd:5f:a8:7d:4a:0b:52:19:43:ce:5f:
07:0d:6b:d8:d9:77:66:a6:ef:b8:5f:5b:1c:48:2c:
16:4e:a4:ea:1a:36:1b:92:44:4c:f8:9b:06:e4:26:
b7:94:1f:d6:f1:d1:e5:10:65:85:93:77:9b:58:a0:
1a:f6:54:8e:88:69:0c:81:34:64:db:4d:6b:2f:8c:
c7:b6:b6:11:ff:4d:e8:29:12:eb:58:55:92:9d:a8:
db:16:a4:c4:f2:f4:d4:91:84:5f:4f:34:06:d5:c0:
1e:c4:d3:5a:2a:04:5b:30:68:16:e8:56:fd:aa:0a:
85:ca:10:a2:d3:ec:6e:67:17:63:33:16:31:42:6a:
5f:c0:70:e1:bc:45:2e:d5:57:c3:84:ec:c7:26:21:
e8:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:B1:6E:AD:B2:4B:45:B5:79:41:AA:88:35:6F:03:11:0C:31:CB:44
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/VrFurbJLRbV5QaqINW8DEQwxy0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.111.32.0/20
Signature Algorithm: sha256WithRSAEncryption
67:fb:83:af:d8:30:a1:33:e0:cc:d2:f7:e3:f8:a1:b9:eb:da:
40:eb:18:ab:1f:93:ab:90:80:68:3e:5e:34:da:27:55:5f:3d:
08:f5:e4:fc:44:c3:f0:b0:14:0c:5b:15:d2:bc:e0:c9:49:b3:
b4:84:dd:b9:64:df:7f:8c:9f:35:11:5d:ca:13:5a:4e:fb:f5:
e5:e1:b7:75:06:39:08:59:bc:57:e0:0b:e0:e0:5b:67:c3:d9:
41:fc:f4:17:f7:08:4b:17:d9:37:f2:8b:ea:e7:fc:91:60:6c:
e4:20:44:6a:3f:55:46:2e:9f:bc:21:51:d7:62:71:02:05:ef:
e5:19:00:0c:3c:3e:77:be:90:0a:ad:f7:fa:b4:9c:53:67:ef:
37:8a:4b:72:24:42:37:aa:0e:64:35:f8:9b:16:16:f4:de:39:
da:a2:56:5e:c6:73:ae:c7:fd:dd:5b:4c:e4:3c:93:50:7c:db:
57:cb:9c:84:51:f0:28:1f:b5:a3:1a:05:ea:be:72:72:d2:b1:
a5:f8:5e:dc:78:0f:1c:48:52:7f:58:24:db:bc:c7:23:b6:e5:
b3:2e:dc:e6:c9:b9:50:f6:14:34:c2:76:7a:c5:3b:cf:b2:91:
44:2e:aa:ee:16:46:9c:85:aa:32:ea:c2:61:d8:48:18:c7:4d:
fe:a8:56:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYoJ2E5edlQeBN2PDBp7aRdRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjMwODE4MTgxMTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmIxNmVhZGIyNGI0NWI1Nzk0MWFhODgzNTZmMDMxMTBjMzFjYjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGfSI7F2JPbYkgpcyLDKRZKOrJ94
BN3CHc53lBt5NtItI3h75NmdaTgFgbRpvIF227LzCY7CL+ouvgX0P3b6iSkv25ee
tqti3Kw5SWMcCrylobyi3WCeufJrbnmk2SAk4iPwwbxy7cv8krHH/V+ofUoLUhlD
zl8HDWvY2Xdmpu+4X1scSCwWTqTqGjYbkkRM+JsG5Ca3lB/W8dHlEGWFk3ebWKAa
9lSOiGkMgTRk201rL4zHtrYR/03oKRLrWFWSnajbFqTE8vTUkYRfTzQG1cAexNNa
KgRbMGgW6Fb9qgqFyhCi0+xuZxdjMxYxQmpfwHDhvEUu1VfDhOzHJiHobwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFaxbq2yS0W1eUGqiDVvAxEMMctEMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvVnJGdXJiSkxSYlY1UWFxSU5XOERFUXd4eTBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEbW8gMA0G
CSqGSIb3DQEBCwUAA4IBAQBn+4Ov2DChM+DM0vfj+KG569pA6xirH5OrkIBoPl40
2idVXz0I9eT8RMPwsBQMWxXSvODJSbO0hN25ZN9/jJ81EV3KE1pO+/Xl4bd1BjkI
WbxX4Avg4Ftnw9lB/PQX9whLF9k38ovq5/yRYGzkIERqP1VGLp+8IVHXYnECBe/l
GQAMPD53vpAKrff6tJxTZ+83iktyJEI3qg5kNfibFhb03jnaolZexnOux/3dW0zk
PJNQfNtXy5yEUfAoH7WjGgXqvnJy0rGl+F7ceA8cSFJ/WCTbvMcjtuWzLtzmyblQ
9hQ0wnZ6xTvPspFELqruFkachaoy6sJh2EgYx03+qFZF
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:14:00 2025 by rpki-client