Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/32fe0f-bcc9-42bc-9226-0bce80d4dff9/1/vgn-ZHx43JQxXTrIDB_YWZN07nY.roa
File: vgn-ZHx43JQxXTrIDB_YWZN07nY.roa (raw, json)
Hash identifier: wdrkRI+aeEzWc8UZ6c1MebrAXO7gRRkWfSytVOCoG+o=
Subject key identifier: BE:09:FE:64:7C:78:DC:94:31:5D:3A:C8:0C:1F:D8:59:93:74:EE:76
Certificate issuer: /CN=fff37e6144be7f5dd93adb9babd83d48d51894fd
Certificate serial: 138F56A0
Authority key identifier: FF:F3:7E:61:44:BE:7F:5D:D9:3A:DB:9B:AB:D8:3D:48:D5:18:94:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/__N-YUS-f13ZOtubq9g9SNUYlP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/32fe0f-bcc9-42bc-9226-0bce80d4dff9/1/vgn-ZHx43JQxXTrIDB_YWZN07nY.roa
Signing time: Sat 01 Jan 2022 14:05:58 +0000
ROA not before: Sat 01 Jan 2022 14:05:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13079
IP address blocks: 213.168.128.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 328160928 (0x138f56a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fff37e6144be7f5dd93adb9babd83d48d51894fd
Validity
Not Before: Jan 1 14:05:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=be09fe647c78dc94315d3ac80c1fd8599374ee76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ff:5f:50:9e:1e:c9:51:88:2e:0f:56:91:8c:
70:22:55:7e:be:c5:38:1f:fa:d7:7c:a8:a6:35:cd:
28:de:af:dd:de:1b:45:94:f8:a8:cc:00:ab:b9:6e:
5d:15:71:3d:fe:f1:69:7b:06:0d:12:19:3b:d8:1c:
24:11:16:50:32:60:1d:3c:26:46:ff:8d:8e:13:90:
e0:48:98:fe:ba:37:f8:73:6b:8f:7f:f8:96:69:11:
3e:41:8b:6f:cf:d3:e8:b1:88:ae:a3:cc:6a:29:c5:
8f:ec:e4:8f:d1:66:d0:63:40:56:51:db:a6:69:71:
b9:dd:4f:d5:13:5f:0e:b8:5d:e9:6f:ce:0f:28:81:
23:15:5b:62:2a:02:ba:2d:79:d3:8d:98:60:7b:b3:
00:7b:2a:44:53:6a:33:ed:a0:34:24:b8:09:9b:96:
78:be:94:b6:49:98:32:3d:84:32:b7:1e:27:3b:21:
35:4c:c6:1e:46:ed:19:0a:19:81:5a:46:0e:e1:97:
65:27:d3:26:5a:1a:68:f8:c3:64:12:4b:63:ed:65:
80:ef:00:bf:0b:4b:ed:4a:83:0b:50:8c:14:18:b3:
ac:e2:27:b2:b8:38:b7:ba:ff:5d:9c:26:6b:0d:03:
86:8c:3e:c7:c3:7d:eb:43:b4:91:66:82:89:98:7a:
5f:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:09:FE:64:7C:78:DC:94:31:5D:3A:C8:0C:1F:D8:59:93:74:EE:76
X509v3 Authority Key Identifier:
keyid:FF:F3:7E:61:44:BE:7F:5D:D9:3A:DB:9B:AB:D8:3D:48:D5:18:94:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/__N-YUS-f13ZOtubq9g9SNUYlP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/32fe0f-bcc9-42bc-9226-0bce80d4dff9/1/vgn-ZHx43JQxXTrIDB_YWZN07nY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/32fe0f-bcc9-42bc-9226-0bce80d4dff9/1/__N-YUS-f13ZOtubq9g9SNUYlP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.168.128.0/19
Signature Algorithm: sha256WithRSAEncryption
1f:97:06:45:43:65:33:5b:d4:b9:7e:36:f3:ab:90:4a:10:2b:
b3:0d:fe:66:df:45:ce:5e:23:f8:35:6e:6f:a1:94:98:94:0f:
78:07:2d:41:da:56:09:e1:3e:00:47:f3:7d:7e:6c:9b:75:ba:
6b:42:d9:4b:39:0e:0a:47:8b:a4:b0:89:dd:ba:fa:ca:84:42:
8d:34:3b:1f:a3:b0:ec:78:9d:74:a0:1a:3a:b5:28:5f:d2:2d:
64:1b:ab:76:58:35:38:5b:3b:b9:8d:e9:c2:f4:8d:6b:6b:36:
2d:4b:f5:39:84:d0:0e:f4:38:c9:1d:a9:bf:81:3b:94:d8:95:
55:53:30:e7:8a:c4:fe:01:41:28:89:61:32:0c:99:80:f5:df:
a3:d2:b5:26:ea:c0:1a:07:34:ca:fe:fd:75:77:b1:e6:11:27:
15:c4:92:54:77:e5:24:4a:0b:8c:2e:6d:d8:31:53:96:d0:b7:
53:c7:15:44:67:2c:5b:c3:0e:1a:a1:e7:16:fd:e8:76:6b:e6:
3d:cf:43:e0:00:ed:fe:67:67:a7:e8:bb:77:45:40:1d:e1:a8:
de:36:9d:fd:21:df:55:cc:8e:43:08:de:09:9a:a3:b7:3a:04:
0c:ff:3b:17:c4:ac:2e:83:69:aa:d0:6f:7f:83:be:34:3f:0b:
cb:94:4a:7d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEE49WoDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZmYzN2U2MTQ0YmU3ZjVkZDkzYWRiOWJhYmQ4M2Q0OGQ1MTg5NGZkMB4XDTIyMDEw
MTE0MDU1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmUwOWZlNjQ3Yzc4
ZGM5NDMxNWQzYWM4MGMxZmQ4NTk5Mzc0ZWU3NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJT/X1CeHslRiC4PVpGMcCJVfr7FOB/613yopjXNKN6v3d4b
RZT4qMwAq7luXRVxPf7xaXsGDRIZO9gcJBEWUDJgHTwmRv+NjhOQ4EiY/ro3+HNr
j3/4lmkRPkGLb8/T6LGIrqPMainFj+zkj9Fm0GNAVlHbpmlxud1P1RNfDrhd6W/O
DyiBIxVbYioCui15042YYHuzAHsqRFNqM+2gNCS4CZuWeL6UtkmYMj2EMrceJzsh
NUzGHkbtGQoZgVpGDuGXZSfTJloaaPjDZBJLY+1lgO8AvwtL7UqDC1CMFBizrOIn
srg4t7r/XZwmaw0Dhow+x8N960O0kWaCiZh6X/0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS+Cf5kfHjclDFdOsgMH9hZk3TudjAfBgNVHSMEGDAWgBT/835hRL5/Xdk6
25ur2D1I1RiU/TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19fTi1ZVVMtZjEzWk90dWJxOWc5U05VWWxQMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvMzJmZTBmLWJjYzktNDJiYy05MjI2LTBiY2U4MGQ0ZGZmOS8x
L3Znbi1aSHg0M0pReFhUcklEQl9ZV1pOMDduWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
MzJmZTBmLWJjYzktNDJiYy05MjI2LTBiY2U4MGQ0ZGZmOS8xL19fTi1ZVVMtZjEz
Wk90dWJxOWc5U05VWWxQMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBdWogDANBgkqhkiG9w0BAQsFAAOC
AQEAH5cGRUNlM1vUuX4286uQShArsw3+Zt9Fzl4j+DVub6GUmJQPeActQdpWCeE+
AEfzfX5sm3W6a0LZSzkOCkeLpLCJ3br6yoRCjTQ7H6Ow7HiddKAaOrUoX9ItZBur
dlg1OFs7uY3pwvSNa2s2LUv1OYTQDvQ4yR2pv4E7lNiVVVMw54rE/gFBKIlhMgyZ
gPXfo9K1JurAGgc0yv79dXex5hEnFcSSVHflJEoLjC5t2DFTltC3U8cVRGcsW8MO
GqHnFv3odmvmPc9D4ADt/mdnp+i7d0VAHeGo3jad/SHfVcyOQwjeCZqjtzoEDP87
F8SsLoNpqtBvf4O+ND8Ly5RKfQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:18 2025 by rpki-client