Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/8d2e35-9fed-4fdf-9034-76ae812f076c/1/vvhRyxd_cvj6gfspORFqm5cyspM.roa
File: vvhRyxd_cvj6gfspORFqm5cyspM.roa (raw, json)
Hash identifier: MJGz5RsvF6W4qiWRCz/iAwsjIneW4uWhJCj96Ehdung=
Subject key identifier: BE:F8:51:CB:17:7F:72:F8:FA:81:FB:29:39:11:6A:9B:97:32:B2:93
Certificate issuer: /CN=4a54821a91b1dbdc73bdda34bced7107067964ad
Certificate serial: 0185701501EB78A0AF851D7E1B4434232CFA
Authority key identifier: 4A:54:82:1A:91:B1:DB:DC:73:BD:DA:34:BC:ED:71:07:06:79:64:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SlSCGpGx29xzvdo0vO1xBwZ5ZK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/8d2e35-9fed-4fdf-9034-76ae812f076c/1/vvhRyxd_cvj6gfspORFqm5cyspM.roa
Signing time: Mon 02 Jan 2023 01:25:03 +0000
ROA not before: Mon 02 Jan 2023 01:25:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43183
IP address blocks: 193.246.170.0/23 maxlen: 32
91.194.146.0/23 maxlen: 23
2001:67c:8ac::/48 maxlen: 128
2001:678:fbc::/48 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:01:eb:78:a0:af:85:1d:7e:1b:44:34:23:2c:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a54821a91b1dbdc73bdda34bced7107067964ad
Validity
Not Before: Jan 2 01:25:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bef851cb177f72f8fa81fb2939116a9b9732b293
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:99:40:95:35:42:ac:f4:4a:ab:c2:78:9a:7e:
cb:43:ac:f7:8a:8f:47:de:ed:2c:e5:46:a2:88:bf:
fc:6c:5e:9a:e5:0f:b1:af:40:ff:24:b4:ad:1a:12:
06:c8:a6:23:8b:14:ae:67:6f:9d:c3:f5:e8:c3:48:
a8:64:5f:68:58:31:89:25:b4:f9:4c:7d:a6:02:2b:
09:c5:15:2d:e8:ea:0f:28:de:dd:8d:d2:9e:3b:68:
a6:5d:61:a5:39:39:7e:d6:4d:b4:0e:b1:e0:35:68:
e7:fa:72:cb:b6:95:30:69:dd:dd:b0:e4:3a:08:7a:
12:27:a6:dd:6a:d1:17:60:1d:39:ff:02:c3:4c:52:
52:00:ae:6a:81:f6:93:0b:6c:f7:bf:93:a2:a8:1d:
c5:83:1d:83:98:f4:39:85:19:08:bc:d4:fb:41:6f:
be:69:54:27:49:65:e7:d5:aa:7e:d8:19:a2:0a:c8:
12:14:e1:2d:3b:0b:b5:15:fc:78:22:2c:38:85:10:
7d:7c:ea:a2:09:8a:4d:0c:f0:09:d4:c5:37:7b:6e:
8a:f3:9d:e8:00:c1:00:24:df:13:d7:42:32:e3:b4:
95:b8:2e:53:29:64:88:87:cd:fe:5a:b0:e7:bd:63:
63:82:53:e6:c4:47:24:0d:5d:17:5b:e6:fc:69:72:
4f:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:F8:51:CB:17:7F:72:F8:FA:81:FB:29:39:11:6A:9B:97:32:B2:93
X509v3 Authority Key Identifier:
keyid:4A:54:82:1A:91:B1:DB:DC:73:BD:DA:34:BC:ED:71:07:06:79:64:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SlSCGpGx29xzvdo0vO1xBwZ5ZK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/8d2e35-9fed-4fdf-9034-76ae812f076c/1/vvhRyxd_cvj6gfspORFqm5cyspM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/8d2e35-9fed-4fdf-9034-76ae812f076c/1/SlSCGpGx29xzvdo0vO1xBwZ5ZK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.146.0/23
193.246.170.0/23
IPv6:
2001:678:fbc::/48
2001:67c:8ac::/48
Signature Algorithm: sha256WithRSAEncryption
37:94:cf:be:7d:69:bc:e3:d5:f0:ed:e3:0f:30:62:67:5a:bc:
44:c5:cd:48:57:b9:67:07:d5:a4:41:c6:23:95:c1:ca:1d:d6:
1b:a0:35:27:75:70:c4:fc:f2:be:97:25:c2:16:f3:12:27:2b:
fe:04:45:17:3f:a1:b5:a1:7e:e4:10:c6:8e:69:3c:3d:2b:37:
82:1d:5e:0d:44:d4:80:d3:13:2a:f7:c8:98:73:07:40:10:2d:
4e:04:fb:e6:da:d6:12:5a:99:d5:e1:90:5a:ca:05:41:96:6d:
64:6a:5d:6b:22:6a:67:ec:20:93:94:b6:6b:05:63:6d:6f:55:
16:bc:18:43:f2:76:25:46:4c:53:e6:35:30:de:ff:92:21:1f:
2e:ae:42:f1:12:d2:65:69:91:3e:06:7d:ac:29:13:67:50:0e:
05:db:2a:bd:ad:27:ef:59:94:a7:1a:fb:62:95:00:77:ba:c4:
34:29:31:2a:9c:4a:58:22:e5:28:d7:77:b9:fa:bf:cc:93:3e:
ca:ac:03:fa:90:8d:a0:5a:c5:bc:93:ad:9d:26:75:a0:55:37:
8c:4e:34:f9:e7:ec:cb:64:ef:ce:8d:f7:da:6a:68:eb:5d:4a:
8d:47:e2:24:95:65:d3:85:ed:bf:82:c9:1c:fb:e1:a1:af:2b:
ff:5a:33:c1
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVwFQHreKCvhR1+G0Q0Iyz6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNTQ4MjFhOTFiMWRiZGM3M2JkZGEzNGJjZWQ3MTA3MDY3
OTY0YWQwHhcNMjMwMTAyMDEyNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWY4NTFjYjE3N2Y3MmY4ZmE4MWZiMjkzOTExNmE5Yjk3MzJiMjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJlAlTVCrPRKq8J4mn7LQ6z3io9H
3u0s5UaiiL/8bF6a5Q+xr0D/JLStGhIGyKYjixSuZ2+dw/Xow0ioZF9oWDGJJbT5
TH2mAisJxRUt6OoPKN7djdKeO2imXWGlOTl+1k20DrHgNWjn+nLLtpUwad3dsOQ6
CHoSJ6bdatEXYB05/wLDTFJSAK5qgfaTC2z3v5OiqB3Fgx2DmPQ5hRkIvNT7QW++
aVQnSWXn1ap+2BmiCsgSFOEtOwu1Ffx4Iiw4hRB9fOqiCYpNDPAJ1MU3e26K853o
AMEAJN8T10Iy47SVuC5TKWSIh83+WrDnvWNjglPmxEckDV0XW+b8aXJPKwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFL74UcsXf3L4+oH7KTkRapuXMrKTMB8GA1UdIwQY
MBaAFEpUghqRsdvcc73aNLztcQcGeWStMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2xTQ0dwR3gyOXh6dmRvMHZPMXhCd1o1WkswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi84ZDJlMzUtOWZlZC00ZmRmLTkwMzQt
NzZhZTgxMmYwNzZjLzEvdnZoUnl4ZF9jdmo2Z2ZzcE9SRnFtNWN5c3BNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi84ZDJlMzUtOWZlZC00ZmRmLTkwMzQtNzZhZTgxMmYwNzZj
LzEvU2xTQ0dwR3gyOXh6dmRvMHZPMXhCd1o1WkswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQBW8KSAwQB
wfaqMBgEAgACMBIDBwAgAQZ4D7wDBwAgAQZ8CKwwDQYJKoZIhvcNAQELBQADggEB
ADeUz759abzj1fDt4w8wYmdavETFzUhXuWcH1aRBxiOVwcod1hugNSd1cMT88r6X
JcIW8xInK/4ERRc/obWhfuQQxo5pPD0rN4IdXg1E1IDTEyr3yJhzB0AQLU4E++ba
1hJamdXhkFrKBUGWbWRqXWsiamfsIJOUtmsFY21vVRa8GEPydiVGTFPmNTDe/5Ih
Hy6uQvES0mVpkT4GfawpE2dQDgXbKr2tJ+9ZlKca+2KVAHe6xDQpMSqcSlgi5SjX
d7n6v8yTPsqsA/qQjaBaxbyTrZ0mdaBVN4xONPnn7Mtk786N99pqaOtdSo1H4iSV
ZdOF7b+CyRz74aGvK/9aM8E=
-----END CERTIFICATE-----
Generated at Tue Apr 22 17:03:01 2025 by rpki-client