Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/3347f7-5259-4238-adb6-835de0f5892e/1/VSCld7xV_ESVcZGevaTx4QnNQC8.roa
File: VSCld7xV_ESVcZGevaTx4QnNQC8.roa (raw, json)
Hash identifier: IpxegeIUhBhwj3qfBJLMnYztE5kX2L398OHa17zI1kI=
Subject key identifier: 55:20:A5:77:BC:55:FC:44:95:71:91:9E:BD:A4:F1:E1:09:CD:40:2F
Certificate issuer: /CN=c76e03ff7d0bfde32839c28fec81c6275c04d33f
Certificate serial: 0185C18FA1DAAEBC75276A5B7673FC3A07A6
Authority key identifier: C7:6E:03:FF:7D:0B:FD:E3:28:39:C2:8F:EC:81:C6:27:5C:04:D3:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x24D_30L_eMoOcKP7IHGJ1wE0z8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/3347f7-5259-4238-adb6-835de0f5892e/1/VSCld7xV_ESVcZGevaTx4QnNQC8.roa
Signing time: Tue 17 Jan 2023 21:08:13 +0000
ROA not before: Tue 17 Jan 2023 21:08:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200934
IP address blocks: 185.107.123.0/24 maxlen: 24
2a00:cb40:200::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c1:8f:a1:da:ae:bc:75:27:6a:5b:76:73:fc:3a:07:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c76e03ff7d0bfde32839c28fec81c6275c04d33f
Validity
Not Before: Jan 17 21:08:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5520a577bc55fc449571919ebda4f1e109cd402f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ab:f1:31:84:ab:83:cd:0d:2c:fd:70:dd:f3:
46:4c:61:38:de:5d:dd:c4:bd:4e:b9:e2:db:56:0e:
6e:49:13:d6:0c:41:2d:b0:bf:48:03:8c:a7:e2:fe:
dc:c8:fe:b9:0f:76:17:74:94:eb:2e:79:4f:fa:63:
38:e5:07:f3:1a:11:81:28:11:d4:b8:c1:8c:85:1c:
19:8d:7c:8d:df:67:31:8b:f7:d9:d4:82:c0:0e:70:
75:61:ec:e0:dc:7a:fd:a0:ee:f6:43:44:ae:b3:95:
7c:19:4c:55:9c:89:ce:6e:1f:da:63:f8:cb:f0:9c:
90:4c:33:05:81:46:47:4f:66:1a:79:29:11:88:82:
0f:7f:a0:54:85:5d:74:5f:06:a3:eb:ba:90:2e:89:
ae:89:50:b5:00:0a:1b:7d:90:1e:4d:0a:ab:68:8c:
94:a2:82:ea:d9:cd:2b:91:e8:64:fe:55:06:c0:e0:
a9:51:f8:84:be:8f:1e:df:db:ec:dd:70:13:d7:f4:
b8:ad:7e:18:83:41:c5:86:f6:12:f4:c7:03:96:54:
ab:37:98:87:6f:76:72:e1:eb:0a:15:30:bc:5e:16:
69:7e:de:a9:34:b5:80:57:90:79:a7:ea:e9:18:3c:
55:66:19:ce:0e:19:1e:7f:35:79:fe:db:e6:b2:9d:
55:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:20:A5:77:BC:55:FC:44:95:71:91:9E:BD:A4:F1:E1:09:CD:40:2F
X509v3 Authority Key Identifier:
keyid:C7:6E:03:FF:7D:0B:FD:E3:28:39:C2:8F:EC:81:C6:27:5C:04:D3:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x24D_30L_eMoOcKP7IHGJ1wE0z8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/3347f7-5259-4238-adb6-835de0f5892e/1/VSCld7xV_ESVcZGevaTx4QnNQC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/3347f7-5259-4238-adb6-835de0f5892e/1/x24D_30L_eMoOcKP7IHGJ1wE0z8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.107.123.0/24
IPv6:
2a00:cb40:200::/48
Signature Algorithm: sha256WithRSAEncryption
66:89:d9:a4:fd:70:6d:e6:7a:dd:9c:e9:0d:a0:f7:bb:34:3f:
33:87:d9:b5:2d:eb:dd:61:e5:9a:da:bc:8b:62:75:77:c9:d2:
b0:81:1a:a8:3a:be:51:f5:45:73:3c:e2:6e:e3:4c:e6:52:17:
ba:2b:c3:25:f2:e0:a7:fe:a2:50:f6:b8:40:48:8e:0e:2c:82:
96:55:18:67:38:2e:8e:ff:92:2f:a5:02:4f:03:a1:7e:f1:77:
27:02:01:ea:86:d8:19:45:31:fb:48:1f:14:c7:4a:39:28:f1:
c5:f2:9c:96:0b:a6:61:49:b9:e5:0c:bb:55:06:f9:61:2a:18:
4d:22:86:7b:b6:e0:ab:cb:45:c1:85:f4:11:68:ee:36:4e:73:
a2:2f:46:0c:51:c1:4a:d4:ea:b8:12:b0:64:39:68:16:10:e9:
fc:7c:07:10:49:cc:61:eb:cf:d8:ce:75:36:e1:97:65:08:f4:
6d:06:1c:7b:34:82:6c:a2:26:f6:03:2d:92:57:f0:dc:e8:77:
b1:88:4f:4b:de:3c:fc:4c:9c:06:8d:35:89:25:04:e5:63:c3:
9a:99:35:3e:2b:d9:e1:55:bf:0b:62:7e:6c:0c:36:02:1a:90:
d6:f0:19:84:2e:46:c7:7e:95:e7:dd:bb:53:62:c4:29:82:c9:
08:24:96:a8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYXBj6Harrx1J2pbdnP8OgemMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NmUwM2ZmN2QwYmZkZTMyODM5YzI4ZmVjODFjNjI3NWMw
NGQzM2YwHhcNMjMwMTE3MjEwODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTIwYTU3N2JjNTVmYzQ0OTU3MTkxOWViZGE0ZjFlMTA5Y2Q0MDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqvxMYSrg80NLP1w3fNGTGE43l3d
xL1OueLbVg5uSRPWDEEtsL9IA4yn4v7cyP65D3YXdJTrLnlP+mM45QfzGhGBKBHU
uMGMhRwZjXyN32cxi/fZ1ILADnB1Yezg3Hr9oO72Q0Sus5V8GUxVnInObh/aY/jL
8JyQTDMFgUZHT2YaeSkRiIIPf6BUhV10Xwaj67qQLomuiVC1AAobfZAeTQqraIyU
ooLq2c0rkehk/lUGwOCpUfiEvo8e39vs3XAT1/S4rX4Yg0HFhvYS9McDllSrN5iH
b3Zy4esKFTC8XhZpft6pNLWAV5B5p+rpGDxVZhnODhkefzV5/tvmsp1VBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFUgpXe8VfxElXGRnr2k8eEJzUAvMB8GA1UdIwQY
MBaAFMduA/99C/3jKDnCj+yBxidcBNM/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDI0RF8zMExfZU1vT2NLUDdJSEdKMXdFMHo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8zMzQ3ZjctNTI1OS00MjM4LWFkYjYt
ODM1ZGUwZjU4OTJlLzEvVlNDbGQ3eFZfRVNWY1pHZXZhVHg0UW5OUUM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8zMzQ3ZjctNTI1OS00MjM4LWFkYjYtODM1ZGUwZjU4OTJl
LzEveDI0RF8zMExfZU1vT2NLUDdJSEdKMXdFMHo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuWt7MA8E
AgACMAkDBwAqAMtAAgAwDQYJKoZIhvcNAQELBQADggEBAGaJ2aT9cG3met2c6Q2g
97s0PzOH2bUt691h5ZravItidXfJ0rCBGqg6vlH1RXM84m7jTOZSF7orwyXy4Kf+
olD2uEBIjg4sgpZVGGc4Lo7/ki+lAk8DoX7xdycCAeqG2BlFMftIHxTHSjko8cXy
nJYLpmFJueUMu1UG+WEqGE0ihnu24KvLRcGF9BFo7jZOc6IvRgxRwUrU6rgSsGQ5
aBYQ6fx8BxBJzGHrz9jOdTbhl2UI9G0GHHs0gmyiJvYDLZJX8Nzod7GIT0vePPxM
nAaNNYklBOVjw5qZNT4r2eFVvwtifmwMNgIakNbwGYQuRsd+lefdu1NixCmCyQgk
lqg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:11 2025 by rpki-client