Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/VtrD6TiV_opReItX89P68sP8--4.roa
File: VtrD6TiV_opReItX89P68sP8--4.roa (raw, json)
Hash identifier: 2iX8wq3uWsFwvbDa3sZfHupW3UWE+0i+VHcURmwGGmA=
Subject key identifier: 56:DA:C3:E9:38:95:FE:8A:51:78:8B:57:F3:D3:FA:F2:C3:FC:FB:EE
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018B6669E02AE450C573E60E70EB6605E28B
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/VtrD6TiV_opReItX89P68sP8--4.roa
Signing time: Wed 25 Oct 2023 10:38:16 +0000
ROA not before: Wed 25 Oct 2023 10:38:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210542
IP address blocks: 176.221.16.0/22 maxlen: 24
37.128.250.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:66:69:e0:2a:e4:50:c5:73:e6:0e:70:eb:66:05:e2:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Oct 25 10:38:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=56dac3e93895fe8a51788b57f3d3faf2c3fcfbee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4b:54:e2:2c:92:3b:c9:8d:06:dc:92:87:4e:
01:52:9c:55:90:a2:af:17:67:b0:3f:ac:b1:fb:84:
da:d8:06:3a:72:ff:d9:1a:bb:4f:76:d9:a1:cd:a0:
83:3d:c0:e8:5d:7b:46:62:42:d6:fe:f4:5f:12:16:
92:ca:19:50:68:36:87:9d:29:03:d9:41:4f:74:f2:
03:14:8c:5c:c5:c3:85:f1:7d:7b:1d:5f:7f:f0:12:
a6:a3:9e:b0:c0:5c:c6:43:eb:7d:85:d4:29:e2:7e:
3e:7e:76:4b:07:3f:e7:76:a6:8f:e0:3a:97:dd:2d:
7e:f6:db:00:24:db:c9:36:7a:fb:9e:48:db:84:5f:
ad:3b:19:c0:7e:72:84:92:b5:ef:3e:86:88:27:bd:
38:f7:f6:13:f7:01:f8:65:2c:89:0b:0c:c6:3b:da:
c7:ff:f4:fd:49:a1:22:32:b4:d1:2b:05:36:44:6e:
20:11:4e:0c:94:77:b5:1d:48:d7:48:3a:e5:41:bf:
05:c1:0b:b8:22:69:b8:cc:30:5b:50:56:5e:82:7d:
2f:41:db:0e:fb:5a:1c:bb:6d:17:28:fc:c0:35:a0:
9e:10:89:10:8c:66:fe:a4:3d:c2:bb:1b:ad:a4:13:
e1:a4:bc:13:52:36:ab:c4:2a:dd:0a:3b:4a:f4:2d:
0a:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:DA:C3:E9:38:95:FE:8A:51:78:8B:57:F3:D3:FA:F2:C3:FC:FB:EE
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/VtrD6TiV_opReItX89P68sP8--4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.250.0/23
176.221.16.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:94:19:1a:18:9d:7b:15:49:1b:c5:69:27:69:7d:b3:4c:0c:
b7:0d:a1:e7:05:7f:4b:46:9c:4f:58:33:e2:f8:af:53:6a:62:
63:3d:10:5b:b5:8f:8a:83:65:b1:0e:be:90:fa:54:71:00:58:
b1:1d:1d:5a:92:fe:09:31:3e:a8:ee:52:e1:76:4e:28:26:0a:
3a:6f:76:b4:fc:55:0e:bf:74:c7:a3:97:68:01:ad:19:ad:ad:
71:42:50:43:07:05:bf:b0:22:de:45:29:0b:29:33:4b:6b:eb:
01:8c:95:40:bc:1e:ea:1a:b5:49:82:f7:fd:a0:9f:c5:65:a1:
27:cb:c9:fa:2b:e4:cb:09:51:64:8a:a5:90:3b:b6:6e:a9:92:
b9:5b:1b:e0:48:b6:bd:26:07:d1:4f:af:e8:d5:7f:74:e8:6c:
87:85:11:65:c6:15:86:aa:06:50:76:6a:5f:1d:88:8d:a2:0b:
38:2a:73:5b:5c:d0:4b:a4:70:11:c4:68:9f:58:40:fa:0b:a6:
22:02:d1:74:0c:1a:f3:ad:36:ab:b7:b2:0b:b3:db:81:70:e4:
43:a8:de:e3:4b:96:90:86:d3:a0:b9:ab:bd:ed:c8:3d:a7:91:
9a:4d:3f:6e:19:c3:79:42:4f:38:00:2b:9e:ea:5a:b7:2d:82:
b4:37:e6:37
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYtmaeAq5FDFc+YOcOtmBeKLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjMxMDI1MTAzODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmRhYzNlOTM4OTVmZThhNTE3ODhiNTdmM2QzZmFmMmMzZmNmYmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0tU4iySO8mNBtySh04BUpxVkKKv
F2ewP6yx+4Ta2AY6cv/ZGrtPdtmhzaCDPcDoXXtGYkLW/vRfEhaSyhlQaDaHnSkD
2UFPdPIDFIxcxcOF8X17HV9/8BKmo56wwFzGQ+t9hdQp4n4+fnZLBz/ndqaP4DqX
3S1+9tsAJNvJNnr7nkjbhF+tOxnAfnKEkrXvPoaIJ7049/YT9wH4ZSyJCwzGO9rH
//T9SaEiMrTRKwU2RG4gEU4MlHe1HUjXSDrlQb8FwQu4Imm4zDBbUFZegn0vQdsO
+1ocu20XKPzANaCeEIkQjGb+pD3CuxutpBPhpLwTUjarxCrdCjtK9C0K2wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFbaw+k4lf6KUXiLV/PT+vLD/PvuMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvVnRyRDZUaVZfb3BSZUl0WDg5UDY4c1A4LS00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBJYD6AwQC
sN0QMA0GCSqGSIb3DQEBCwUAA4IBAQB7lBkaGJ17FUkbxWknaX2zTAy3DaHnBX9L
RpxPWDPi+K9TamJjPRBbtY+Kg2WxDr6Q+lRxAFixHR1akv4JMT6o7lLhdk4oJgo6
b3a0/FUOv3THo5doAa0Zra1xQlBDBwW/sCLeRSkLKTNLa+sBjJVAvB7qGrVJgvf9
oJ/FZaEny8n6K+TLCVFkiqWQO7ZuqZK5WxvgSLa9JgfRT6/o1X906GyHhRFlxhWG
qgZQdmpfHYiNogs4KnNbXNBLpHARxGifWED6C6YiAtF0DBrzrTart7ILs9uBcORD
qN7jS5aQhtOguau97cg9p5GaTT9uGcN5Qk84ACue6lq3LYK0N+Y3
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:21:58 2025 by rpki-client