Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/6ffcd2-5bf1-41e2-86a8-7bc1e4f56c88/1/VtHNqTWT2YG67YZOfeyhgA5edig.roa
File: VtHNqTWT2YG67YZOfeyhgA5edig.roa (raw, json)
Hash identifier: vpltok9nV+LjB60mj5+P4E+yk/B7VZ4V3FyBxC8biOw=
Subject key identifier: 56:D1:CD:A9:35:93:D9:81:BA:ED:86:4E:7D:EC:A1:80:0E:5E:76:28
Certificate issuer: /CN=d2bbc90555d6d0d3432babb95b60cdeeea580f58
Certificate serial: 018570B0A037FD44A4B14F57381B8234894B
Authority key identifier: D2:BB:C9:05:55:D6:D0:D3:43:2B:AB:B9:5B:60:CD:EE:EA:58:0F:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0rvJBVXW0NNDK6u5W2DN7upYD1g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/6ffcd2-5bf1-41e2-86a8-7bc1e4f56c88/1/VtHNqTWT2YG67YZOfeyhgA5edig.roa
Signing time: Mon 02 Jan 2023 04:15:01 +0000
ROA not before: Mon 02 Jan 2023 04:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213025
IP address blocks: 91.200.179.0/24 maxlen: 24
2a0a:d700::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:a0:37:fd:44:a4:b1:4f:57:38:1b:82:34:89:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2bbc90555d6d0d3432babb95b60cdeeea580f58
Validity
Not Before: Jan 2 04:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=56d1cda93593d981baed864e7deca1800e5e7628
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e6:6c:27:04:b8:dd:59:03:97:77:1e:df:ea:
44:c9:d4:29:e3:91:98:9b:e7:34:60:6c:b7:d4:58:
80:85:3d:05:7a:37:0a:92:ba:b1:63:60:9d:9a:30:
c7:4f:fd:d5:e1:55:2e:3e:9f:19:ef:03:42:36:77:
da:af:28:e1:fc:ad:f6:ef:3f:7a:d5:38:bf:9f:2b:
e6:02:07:47:1c:f4:9d:fc:17:40:40:21:80:87:bb:
59:91:bf:59:f4:33:23:eb:77:6f:0b:5b:8e:b0:83:
ae:d5:a8:90:98:93:23:0c:b5:95:ad:01:07:48:7b:
8a:b1:72:61:c0:d3:c7:9a:fa:41:18:b7:70:e6:62:
6a:99:cb:a9:b0:d4:ae:77:e1:57:21:36:2a:5c:e8:
29:e3:be:99:d3:2f:86:83:57:13:1d:44:a3:cc:8f:
95:f7:8e:c0:fb:7a:89:8d:db:74:5d:65:07:0a:dc:
e3:9c:b9:f0:93:cf:69:bb:be:f8:dc:f9:1d:b4:96:
00:87:1c:9b:24:5d:cd:f6:74:ac:d2:61:31:30:48:
e2:f5:fe:58:f5:c8:0c:7a:2d:67:a7:10:be:ca:cb:
96:6f:58:ac:4f:fd:63:40:a3:36:8b:a2:eb:4b:dd:
d9:0f:40:30:fd:7c:0f:b2:47:b9:35:55:88:07:3b:
e6:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:D1:CD:A9:35:93:D9:81:BA:ED:86:4E:7D:EC:A1:80:0E:5E:76:28
X509v3 Authority Key Identifier:
keyid:D2:BB:C9:05:55:D6:D0:D3:43:2B:AB:B9:5B:60:CD:EE:EA:58:0F:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0rvJBVXW0NNDK6u5W2DN7upYD1g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/6ffcd2-5bf1-41e2-86a8-7bc1e4f56c88/1/VtHNqTWT2YG67YZOfeyhgA5edig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/6ffcd2-5bf1-41e2-86a8-7bc1e4f56c88/1/0rvJBVXW0NNDK6u5W2DN7upYD1g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.179.0/24
IPv6:
2a0a:d700::/32
Signature Algorithm: sha256WithRSAEncryption
46:76:b8:91:eb:e1:81:4e:14:ab:7e:38:d7:fd:3d:02:da:ed:
50:ca:fa:d0:70:2c:ce:8e:6a:8f:2f:69:6b:42:f7:3c:2e:e1:
e8:02:f4:63:1b:44:8a:33:7b:a6:be:cd:d0:7e:8a:ab:5f:7b:
c5:38:9b:1b:ad:26:51:88:22:46:fb:05:2d:df:4f:6f:39:cf:
0f:28:b4:a5:3e:7e:f9:0a:eb:dd:7d:70:d6:76:30:20:79:6e:
5e:4b:be:51:b5:81:30:d2:6b:78:ef:52:8a:17:c0:e4:52:ca:
e0:5a:c3:d6:74:63:a3:e0:a2:47:40:c1:61:a9:ba:92:62:90:
3c:10:5e:9c:94:05:3a:cc:9b:78:96:a7:38:ff:ad:f6:12:b2:
d2:3b:2a:db:7c:ca:1c:fd:24:ae:b6:a5:b5:49:6d:d8:e7:98:
08:28:06:12:74:8d:6f:0c:b7:33:83:3d:23:4f:67:de:b3:85:
8d:2d:08:8c:48:12:54:f4:fd:1a:4b:92:03:02:3c:c5:68:1a:
a2:d7:56:0c:40:eb:77:b2:9d:3b:17:f6:72:c8:e4:67:6c:0c:
ce:14:a3:17:d1:9f:e1:6a:91:e5:83:33:09:60:df:b9:73:e7:
35:a5:3e:6e:f4:a9:2e:ad:f7:e3:66:81:f0:ce:c2:24:76:b1:
31:8c:90:72
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwsKA3/USksU9XOBuCNIlLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYmJjOTA1NTVkNmQwZDM0MzJiYWJiOTViNjBjZGVlZWE1
ODBmNTgwHhcNMjMwMTAyMDQxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmQxY2RhOTM1OTNkOTgxYmFlZDg2NGU3ZGVjYTE4MDBlNWU3NjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteZsJwS43VkDl3ce3+pEydQp45GY
m+c0YGy31FiAhT0FejcKkrqxY2CdmjDHT/3V4VUuPp8Z7wNCNnfaryjh/K327z96
1Ti/nyvmAgdHHPSd/BdAQCGAh7tZkb9Z9DMj63dvC1uOsIOu1aiQmJMjDLWVrQEH
SHuKsXJhwNPHmvpBGLdw5mJqmcupsNSud+FXITYqXOgp476Z0y+Gg1cTHUSjzI+V
947A+3qJjdt0XWUHCtzjnLnwk89pu7743PkdtJYAhxybJF3N9nSs0mExMEji9f5Y
9cgMei1npxC+ysuWb1isT/1jQKM2i6LrS93ZD0Aw/XwPske5NVWIBzvmAQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFbRzak1k9mBuu2GTn3soYAOXnYoMB8GA1UdIwQY
MBaAFNK7yQVV1tDTQyuruVtgze7qWA9YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHJ2SkJWWFcwTk5ESzZ1NVcyRE43dXBZRDFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC82ZmZjZDItNWJmMS00MWUyLTg2YTgt
N2JjMWU0ZjU2Yzg4LzEvVnRITnFUV1QyWUc2N1laT2ZleWhnQTVlZGlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC82ZmZjZDItNWJmMS00MWUyLTg2YTgtN2JjMWU0ZjU2Yzg4
LzEvMHJ2SkJWWFcwTk5ESzZ1NVcyRE43dXBZRDFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW8izMA0E
AgACMAcDBQAqCtcAMA0GCSqGSIb3DQEBCwUAA4IBAQBGdriR6+GBThSrfjjX/T0C
2u1QyvrQcCzOjmqPL2lrQvc8LuHoAvRjG0SKM3umvs3QfoqrX3vFOJsbrSZRiCJG
+wUt309vOc8PKLSlPn75CuvdfXDWdjAgeW5eS75RtYEw0mt471KKF8DkUsrgWsPW
dGOj4KJHQMFhqbqSYpA8EF6clAU6zJt4lqc4/632ErLSOyrbfMoc/SSutqW1SW3Y
55gIKAYSdI1vDLczgz0jT2fes4WNLQiMSBJU9P0aS5IDAjzFaBqi11YMQOt3sp07
F/ZyyORnbAzOFKMX0Z/hapHlgzMJYN+5c+c1pT5u9KkurffjZoHwzsIkdrExjJBy
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:03:48 2025 by rpki-client