Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7613bd-0349-420d-8808-0a26e6e57f20/1/VtzgldyHlS--WLCXin2TlqYaoSM.roa
File: VtzgldyHlS--WLCXin2TlqYaoSM.roa (raw, json)
Hash identifier: grYS9HzsJMRUaS0Bkk9uSDEBD15X6pTDoetBvlfIOoo=
Subject key identifier: 56:DC:E0:95:DC:87:95:2F:BE:58:B0:97:8A:7D:93:96:A6:1A:A1:23
Certificate issuer: /CN=788b7e4c045cdae78b5bf43f2c53f1a94d9e159e
Certificate serial: 01857246B378EB044968A2F82665452682B3
Authority key identifier: 78:8B:7E:4C:04:5C:DA:E7:8B:5B:F4:3F:2C:53:F1:A9:4D:9E:15:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eIt-TARc2ueLW_Q_LFPxqU2eFZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7613bd-0349-420d-8808-0a26e6e57f20/1/VtzgldyHlS--WLCXin2TlqYaoSM.roa
Signing time: Mon 02 Jan 2023 11:38:34 +0000
ROA not before: Mon 02 Jan 2023 11:38:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47193
IP address blocks: 91.203.208.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:b3:78:eb:04:49:68:a2:f8:26:65:45:26:82:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=788b7e4c045cdae78b5bf43f2c53f1a94d9e159e
Validity
Not Before: Jan 2 11:38:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=56dce095dc87952fbe58b0978a7d9396a61aa123
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e9:cc:5d:24:21:0c:88:4a:10:49:69:49:ee:
62:30:09:b7:40:fc:d7:70:71:58:11:d3:1a:d4:f5:
b7:fd:57:a3:62:67:07:c1:33:94:a8:e3:c8:8c:b3:
c3:66:68:fa:3a:e3:92:a0:7a:80:ff:23:3a:8f:ee:
08:46:f8:38:24:9d:6f:bb:5a:99:16:f6:43:52:b5:
7f:2f:d6:1c:b0:fb:41:05:3b:51:9a:ba:4f:1f:c4:
77:04:76:da:83:f2:13:5a:23:1b:a5:43:75:d3:03:
97:c1:33:de:3a:6e:c1:87:b7:c8:2f:74:fb:06:69:
75:aa:8f:5f:8a:0b:1a:ce:b5:bc:60:62:a3:b6:ad:
fd:78:dc:1f:8b:44:ba:fa:ec:0f:0a:22:f7:12:04:
98:05:dc:c3:2d:52:6e:4d:f1:28:89:1c:7b:96:ff:
04:24:dd:7c:b2:d2:7f:56:59:ce:bd:ad:3a:50:02:
62:8f:70:2c:de:45:4e:c7:9b:6d:d8:2f:2e:c6:e2:
1a:9f:a4:ed:4a:28:92:fa:20:2a:89:ca:c8:f9:cb:
cf:c2:3e:9f:52:26:37:c8:ca:ca:9f:c0:ac:83:3c:
c5:9e:a0:af:fa:22:74:32:73:bb:3a:d5:a2:f4:22:
e8:8c:01:80:d4:56:89:f6:60:24:6a:80:43:0d:02:
9b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:DC:E0:95:DC:87:95:2F:BE:58:B0:97:8A:7D:93:96:A6:1A:A1:23
X509v3 Authority Key Identifier:
keyid:78:8B:7E:4C:04:5C:DA:E7:8B:5B:F4:3F:2C:53:F1:A9:4D:9E:15:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eIt-TARc2ueLW_Q_LFPxqU2eFZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7613bd-0349-420d-8808-0a26e6e57f20/1/VtzgldyHlS--WLCXin2TlqYaoSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7613bd-0349-420d-8808-0a26e6e57f20/1/eIt-TARc2ueLW_Q_LFPxqU2eFZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.203.208.0/22
Signature Algorithm: sha256WithRSAEncryption
93:e0:da:af:a8:32:45:d2:e6:37:2d:1f:79:81:ee:0e:48:66:
b1:ad:11:b5:c0:71:c8:a9:07:8b:88:e8:18:5a:a7:b9:04:f4:
32:66:9d:9d:cd:b4:68:19:06:64:2e:bb:bc:71:87:fa:ba:80:
9f:5a:c0:4e:4c:0b:6d:19:20:63:5e:c7:0c:1b:e1:61:4e:e0:
5c:12:37:65:d9:ca:a4:fc:8d:3f:41:6f:13:8a:5e:19:4f:5e:
88:d5:64:b1:cc:58:7b:93:8d:7e:fd:2a:f8:74:39:c2:4b:dc:
49:49:1d:cc:47:da:36:c8:84:6f:98:e3:c3:9e:58:32:88:26:
ba:ac:d1:27:4c:7a:ab:8e:3f:56:7c:cf:ed:8d:90:58:f2:3f:
e4:eb:46:f8:26:a1:7e:26:01:1e:d4:79:d5:29:86:60:8d:63:
0c:66:2c:48:66:c7:a1:8c:98:65:e1:da:81:ef:6d:42:e2:c3:
a4:25:6c:0c:db:61:19:a2:74:a8:0b:f0:ff:69:76:ff:d4:74:
19:5f:18:9e:fe:83:b8:75:da:7d:dd:4c:f6:11:ee:a8:a6:87:
07:2f:65:6f:02:33:69:4b:b1:c9:fa:a7:f1:0a:26:46:dc:ab:
42:de:39:8a:46:8a:47:2f:57:af:8f:49:e3:92:49:0b:b5:8e:
f5:8c:1d:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyRrN46wRJaKL4JmVFJoKzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4OGI3ZTRjMDQ1Y2RhZTc4YjViZjQzZjJjNTNmMWE5NGQ5
ZTE1OWUwHhcNMjMwMTAyMTEzODM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmRjZTA5NWRjODc5NTJmYmU1OGIwOTc4YTdkOTM5NmE2MWFhMTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3OnMXSQhDIhKEElpSe5iMAm3QPzX
cHFYEdMa1PW3/VejYmcHwTOUqOPIjLPDZmj6OuOSoHqA/yM6j+4IRvg4JJ1vu1qZ
FvZDUrV/L9YcsPtBBTtRmrpPH8R3BHbag/ITWiMbpUN10wOXwTPeOm7Bh7fIL3T7
Bml1qo9figsazrW8YGKjtq39eNwfi0S6+uwPCiL3EgSYBdzDLVJuTfEoiRx7lv8E
JN18stJ/VlnOva06UAJij3As3kVOx5tt2C8uxuIan6TtSiiS+iAqicrI+cvPwj6f
UiY3yMrKn8CsgzzFnqCv+iJ0MnO7OtWi9CLojAGA1FaJ9mAkaoBDDQKbfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFbc4JXch5Uvvliwl4p9k5amGqEjMB8GA1UdIwQY
MBaAFHiLfkwEXNrni1v0PyxT8alNnhWeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUl0LVRBUmMydWVMV19RX0xGUHhxVTJlRlo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83NjEzYmQtMDM0OS00MjBkLTg4MDgt
MGEyNmU2ZTU3ZjIwLzEvVnR6Z2xkeUhsUy0tV0xDWGluMlRscVlhb1NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83NjEzYmQtMDM0OS00MjBkLTg4MDgtMGEyNmU2ZTU3ZjIw
LzEvZUl0LVRBUmMydWVMV19RX0xGUHhxVTJlRlo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8vQMA0G
CSqGSIb3DQEBCwUAA4IBAQCT4NqvqDJF0uY3LR95ge4OSGaxrRG1wHHIqQeLiOgY
Wqe5BPQyZp2dzbRoGQZkLru8cYf6uoCfWsBOTAttGSBjXscMG+FhTuBcEjdl2cqk
/I0/QW8Til4ZT16I1WSxzFh7k41+/Sr4dDnCS9xJSR3MR9o2yIRvmOPDnlgyiCa6
rNEnTHqrjj9WfM/tjZBY8j/k60b4JqF+JgEe1HnVKYZgjWMMZixIZsehjJhl4dqB
721C4sOkJWwM22EZonSoC/D/aXb/1HQZXxie/oO4ddp93Uz2Ee6opocHL2VvAjNp
S7HJ+qfxCiZG3KtC3jmKRopHL1evj0njkkkLtY71jB1H
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:23:41 2025 by rpki-client