Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/VSMfPwbf_uAZ-Zra1fUs-v6UfMA.roa
File: VSMfPwbf_uAZ-Zra1fUs-v6UfMA.roa (raw, json)
Hash identifier: BbbIpAqR74oA1dvTrcDayLu6hRD4Ad/ar6hPWRo322M=
Subject key identifier: 55:23:1F:3F:06:DF:FE:E0:19:F9:9A:DA:D5:F5:2C:FA:FE:94:7C:C0
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 01899B57728FC2F9B8F57FD47811A7E339AC
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/VSMfPwbf_uAZ-Zra1fUs-v6UfMA.roa
Signing time: Fri 28 Jul 2023 07:12:26 +0000
ROA not before: Fri 28 Jul 2023 07:12:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 212.116.226.0/23 maxlen: 24
91.147.116.0/24 maxlen: 24
91.147.118.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:9b:57:72:8f:c2:f9:b8:f5:7f:d4:78:11:a7:e3:39:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: Jul 28 07:12:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=55231f3f06dffee019f99adad5f52cfafe947cc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:66:4a:4a:56:e8:f0:af:e1:53:d2:81:ee:09:
22:0e:7b:89:8e:37:c9:97:93:c8:e5:ce:16:72:60:
88:6e:03:f4:2d:49:fc:21:17:1f:db:b4:31:26:d8:
87:24:fa:35:8c:69:4f:aa:3a:45:fb:ba:68:09:48:
0e:b9:73:51:66:7a:1c:85:98:12:d9:c1:bd:29:3f:
91:24:79:63:31:7d:8a:cb:f5:77:34:04:c1:cd:8c:
a5:54:2f:48:82:05:a7:d0:05:69:46:f6:52:6a:09:
0f:28:f0:6c:17:a7:8e:a7:fa:4e:6e:a7:6d:85:45:
f3:b1:8d:37:56:50:e2:3f:0c:c4:22:4a:99:33:94:
c7:cf:26:f9:1e:fd:29:12:8c:12:2b:94:dd:3b:f2:
25:1b:56:e2:98:b7:2f:47:f4:02:72:86:d9:59:ef:
0b:fd:6f:70:45:62:ca:c1:40:34:a4:78:01:22:5a:
e3:9b:76:ac:5e:ce:50:41:d7:41:d5:e1:15:29:4f:
19:ad:b4:c6:7d:38:c4:c5:f3:e0:84:05:c2:8b:ec:
d4:53:cc:b4:0e:8b:38:26:d6:98:ef:a1:45:9d:51:
dc:4d:da:5e:38:65:46:66:5c:1e:1c:c2:e0:ee:8a:
eb:15:cf:50:28:11:d7:27:eb:f5:de:52:89:61:ca:
3d:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:23:1F:3F:06:DF:FE:E0:19:F9:9A:DA:D5:F5:2C:FA:FE:94:7C:C0
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/VSMfPwbf_uAZ-Zra1fUs-v6UfMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.116.0/24
91.147.118.0/24
212.116.226.0/23
Signature Algorithm: sha256WithRSAEncryption
a0:07:dd:0d:24:86:7d:8e:c7:ab:e8:be:0c:2e:bf:db:3b:20:
2d:b3:af:6d:4d:da:ab:b7:1b:e3:8a:5d:b4:20:20:b3:26:ac:
a4:47:bf:d5:90:61:39:09:93:4e:00:0b:0a:4f:7a:fb:ea:b9:
73:27:c5:05:3d:a3:11:c6:d1:48:15:85:16:9b:14:f5:14:ea:
6e:0c:12:fd:a7:07:b9:99:24:d5:2b:9b:28:12:11:11:93:10:
9c:a1:ae:f3:98:d6:bf:2e:e0:fb:1b:30:90:b7:45:fa:f1:1e:
b6:f6:8f:c0:cd:f3:b1:bd:68:5c:2a:ce:7a:d4:e1:6d:bc:06:
0a:ab:e2:c5:0a:3e:b5:b4:39:dd:e8:28:e2:0e:ec:62:12:cb:
23:23:b0:46:71:be:c7:52:b9:8b:6e:9b:cb:0c:31:44:06:c6:
12:48:47:4a:5f:f9:17:29:ce:1b:8a:83:8f:dc:74:f1:0d:42:
59:26:3c:19:9a:92:23:65:be:73:a7:51:a8:61:67:f0:f4:f1:
b1:7e:98:4b:b3:0d:4d:1e:83:58:d8:8e:d7:bf:21:f3:44:90:
4c:1e:58:fa:57:d0:74:42:66:fc:84:44:f6:b0:0f:03:76:ad:
3c:77:94:a8:c7:11:54:60:63:49:99:75:fe:b3:0c:fa:45:b9:
46:fb:95:3d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYmbV3KPwvm49X/UeBGn4zmsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjMwNzI4MDcxMjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTIzMWYzZjA2ZGZmZWUwMTlmOTlhZGFkNWY1MmNmYWZlOTQ3Y2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWZKSlbo8K/hU9KB7gkiDnuJjjfJ
l5PI5c4WcmCIbgP0LUn8IRcf27QxJtiHJPo1jGlPqjpF+7poCUgOuXNRZnochZgS
2cG9KT+RJHljMX2Ky/V3NATBzYylVC9IggWn0AVpRvZSagkPKPBsF6eOp/pObqdt
hUXzsY03VlDiPwzEIkqZM5THzyb5Hv0pEowSK5TdO/IlG1bimLcvR/QCcobZWe8L
/W9wRWLKwUA0pHgBIlrjm3asXs5QQddB1eEVKU8ZrbTGfTjExfPghAXCi+zUU8y0
Dos4JtaY76FFnVHcTdpeOGVGZlweHMLg7orrFc9QKBHXJ+v13lKJYco9DwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFUjHz8G3/7gGfma2tX1LPr+lHzAMB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEvVlNNZlB3YmZfdUFaLVpyYTFmVXMtdjZVZk1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW5N0AwQA
W5N2AwQB1HTiMA0GCSqGSIb3DQEBCwUAA4IBAQCgB90NJIZ9jser6L4MLr/bOyAt
s69tTdqrtxvjil20ICCzJqykR7/VkGE5CZNOAAsKT3r76rlzJ8UFPaMRxtFIFYUW
mxT1FOpuDBL9pwe5mSTVK5soEhERkxCcoa7zmNa/LuD7GzCQt0X68R629o/AzfOx
vWhcKs561OFtvAYKq+LFCj61tDnd6CjiDuxiEssjI7BGcb7HUrmLbpvLDDFEBsYS
SEdKX/kXKc4bioOP3HTxDUJZJjwZmpIjZb5zp1GoYWfw9PGxfphLsw1NHoNY2I7X
vyHzRJBMHlj6V9B0Qmb8hET2sA8Ddq08d5SoxxFUYGNJmXX+swz6RblG+5U9
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:52 2025 by rpki-client