Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/8dd051-e2e7-496c-a9d0-fa266bb72f73/1/Vzpb4g03sRIh33Af0je0bOn1ZNQ.roa
File: Vzpb4g03sRIh33Af0je0bOn1ZNQ.roa (raw, json)
Hash identifier: gitwNuwjCUA/nTCHfz3vAfkkTx/vZDBWkKc/qfWQv3Y=
Subject key identifier: 57:3A:5B:E2:0D:37:B1:12:21:DF:70:1F:D2:37:B4:6C:E9:F5:64:D4
Certificate issuer: /CN=61a14553cacf103274d433e6b268066e01541b25
Certificate serial: 018728617CCB1B076564ED8BFBC78FD1DBED
Authority key identifier: 61:A1:45:53:CA:CF:10:32:74:D4:33:E6:B2:68:06:6E:01:54:1B:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YaFFU8rPEDJ01DPmsmgGbgFUGyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/8dd051-e2e7-496c-a9d0-fa266bb72f73/1/Vzpb4g03sRIh33Af0je0bOn1ZNQ.roa
Signing time: Tue 28 Mar 2023 13:21:30 +0000
ROA not before: Tue 28 Mar 2023 13:21:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201134
IP address blocks: 87.117.70.0/23 maxlen: 24
185.82.130.0/23 maxlen: 23
185.82.128.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:28:61:7c:cb:1b:07:65:64:ed:8b:fb:c7:8f:d1:db:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61a14553cacf103274d433e6b268066e01541b25
Validity
Not Before: Mar 28 13:21:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=573a5be20d37b11221df701fd237b46ce9f564d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:87:29:05:1d:23:e5:66:59:1a:bf:6e:98:94:
ea:74:4e:46:2c:35:b3:f9:f8:08:4c:70:d9:c6:83:
56:3f:58:b9:4f:77:9e:1d:88:95:ea:78:b5:ee:01:
d7:fb:57:0e:c9:06:de:a4:5f:f3:54:28:b2:f4:82:
a2:24:b0:15:f4:e6:93:e4:dd:b3:78:bc:36:c1:0e:
b0:43:3d:e0:77:05:87:2d:84:30:d3:a4:14:8d:ad:
0b:c9:b4:fb:99:be:9b:34:16:92:5a:d3:fa:d3:1f:
60:07:ad:dd:8b:1c:03:b1:25:3d:23:1e:e3:73:04:
43:05:70:ce:b3:22:db:cc:ab:c2:a4:38:98:1c:c5:
cd:2d:ba:2a:a6:c8:82:29:ee:d7:64:d5:fa:5d:69:
1f:80:98:3c:58:94:1b:0c:2c:80:49:51:dc:31:ae:
cf:82:8b:0b:51:e3:21:3c:e7:bc:c9:6b:59:6c:8a:
b1:33:67:9b:ad:c1:e0:82:ed:9c:08:b8:6a:94:c2:
07:cf:50:e6:8c:0e:5e:8f:ad:a1:21:6e:e6:b3:ea:
c2:18:17:57:8c:39:a1:e8:72:0d:3b:02:d5:ab:17:
61:d3:9c:89:d4:e2:57:a1:2c:2a:f4:de:65:2d:12:
18:e7:e7:07:a8:59:f9:2d:01:00:aa:8b:78:b2:60:
76:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:3A:5B:E2:0D:37:B1:12:21:DF:70:1F:D2:37:B4:6C:E9:F5:64:D4
X509v3 Authority Key Identifier:
keyid:61:A1:45:53:CA:CF:10:32:74:D4:33:E6:B2:68:06:6E:01:54:1B:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YaFFU8rPEDJ01DPmsmgGbgFUGyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8dd051-e2e7-496c-a9d0-fa266bb72f73/1/Vzpb4g03sRIh33Af0je0bOn1ZNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8dd051-e2e7-496c-a9d0-fa266bb72f73/1/YaFFU8rPEDJ01DPmsmgGbgFUGyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.117.70.0/23
185.82.128.0/22
Signature Algorithm: sha256WithRSAEncryption
51:21:9a:de:53:8f:4d:a8:24:ee:46:06:aa:1a:d0:a2:a7:f9:
a0:a1:ad:89:19:93:89:d6:6d:52:54:80:ed:7e:21:46:79:6b:
57:7b:ae:3b:70:fd:46:bb:c8:ab:90:b6:26:7f:9f:df:e5:7a:
82:de:5c:c3:cc:d3:49:b7:85:69:b5:e1:47:00:c6:90:05:7a:
bd:8e:00:fc:39:00:20:6b:d2:af:d3:66:37:0b:99:84:25:b6:
25:31:c6:da:d9:70:3e:06:64:e1:6e:4b:69:6e:4f:34:4a:42:
55:0f:26:89:e8:d5:c6:21:8c:fb:7f:e7:4e:ef:66:40:1f:78:
50:ea:00:46:b3:1d:75:4a:a9:1e:d1:20:c4:84:10:9d:3f:2f:
4b:5f:27:d0:37:84:f6:b8:d7:4f:19:12:9e:99:3d:66:53:84:
88:da:e0:6c:54:06:7b:68:87:9f:17:0e:83:f4:4c:d2:9d:ab:
30:f4:84:86:c1:de:a3:62:fc:b9:5a:02:a9:d4:79:05:83:7c:
1d:f2:4b:67:c7:dc:a4:ef:d3:60:da:8b:70:20:dd:98:23:8f:
e7:21:b6:66:0f:35:03:29:e8:2e:76:d2:82:b6:88:13:0e:a3:
e9:30:63:65:56:98:38:a5:9f:f9:77:7c:a4:93:1d:ab:a4:0c:
d1:07:9d:aa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYcoYXzLGwdlZO2L+8eP0dvtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYTE0NTUzY2FjZjEwMzI3NGQ0MzNlNmIyNjgwNjZlMDE1
NDFiMjUwHhcNMjMwMzI4MTMyMTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzNhNWJlMjBkMzdiMTEyMjFkZjcwMWZkMjM3YjQ2Y2U5ZjU2NGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh4cpBR0j5WZZGr9umJTqdE5GLDWz
+fgITHDZxoNWP1i5T3eeHYiV6ni17gHX+1cOyQbepF/zVCiy9IKiJLAV9OaT5N2z
eLw2wQ6wQz3gdwWHLYQw06QUja0LybT7mb6bNBaSWtP60x9gB63dixwDsSU9Ix7j
cwRDBXDOsyLbzKvCpDiYHMXNLboqpsiCKe7XZNX6XWkfgJg8WJQbDCyASVHcMa7P
gosLUeMhPOe8yWtZbIqxM2ebrcHggu2cCLhqlMIHz1DmjA5ej62hIW7ms+rCGBdX
jDmh6HINOwLVqxdh05yJ1OJXoSwq9N5lLRIY5+cHqFn5LQEAqot4smB2/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFc6W+INN7ESId9wH9I3tGzp9WTUMB8GA1UdIwQY
MBaAFGGhRVPKzxAydNQz5rJoBm4BVBslMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWFGRlU4clBFREowMURQbXNtZ0diZ0ZVR3lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC84ZGQwNTEtZTJlNy00OTZjLWE5ZDAt
ZmEyNjZiYjcyZjczLzEvVnpwYjRnMDNzUkloMzNBZjBqZTBiT24xWk5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC84ZGQwNTEtZTJlNy00OTZjLWE5ZDAtZmEyNjZiYjcyZjcz
LzEvWWFGRlU4clBFREowMURQbXNtZ0diZ0ZVR3lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBV3VGAwQC
uVKAMA0GCSqGSIb3DQEBCwUAA4IBAQBRIZreU49NqCTuRgaqGtCip/mgoa2JGZOJ
1m1SVIDtfiFGeWtXe647cP1Gu8irkLYmf5/f5XqC3lzDzNNJt4VpteFHAMaQBXq9
jgD8OQAga9Kv02Y3C5mEJbYlMcba2XA+BmThbktpbk80SkJVDyaJ6NXGIYz7f+dO
72ZAH3hQ6gBGsx11Sqke0SDEhBCdPy9LXyfQN4T2uNdPGRKemT1mU4SI2uBsVAZ7
aIefFw6D9EzSnasw9ISGwd6jYvy5WgKp1HkFg3wd8ktnx9yk79Ng2otwIN2YI4/n
IbZmDzUDKegudtKCtogTDqPpMGNlVpg4pZ/5d3ykkx2rpAzRB52q
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:58 2025 by rpki-client