Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/a29b95-ccb3-467b-ab7a-ac5b61493e01/1/VHLEgsz2u4VyN4XjT1Es7yORG34.roa
File: VHLEgsz2u4VyN4XjT1Es7yORG34.roa (raw, json)
Hash identifier: hQVAN4GZEP9gTu+qGFcsgcl3voxMSetGRiLnlAz1ERY=
Subject key identifier: 54:72:C4:82:CC:F6:BB:85:72:37:85:E3:4F:51:2C:EF:23:91:1B:7E
Certificate issuer: /CN=ccbf95b47ab2b99c222bfe54521efd1ab67d267f
Certificate serial: 0615929D
Authority key identifier: CC:BF:95:B4:7A:B2:B9:9C:22:2B:FE:54:52:1E:FD:1A:B6:7D:26:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zL-VtHqyuZwiK_5UUh79GrZ9Jn8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/a29b95-ccb3-467b-ab7a-ac5b61493e01/1/VHLEgsz2u4VyN4XjT1Es7yORG34.roa
Signing time: Sat 01 Jan 2022 01:58:58 +0000
ROA not before: Sat 01 Jan 2022 01:58:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 213.170.202.0/24 maxlen: 24
213.170.203.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102077085 (0x615929d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccbf95b47ab2b99c222bfe54521efd1ab67d267f
Validity
Not Before: Jan 1 01:58:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5472c482ccf6bb85723785e34f512cef23911b7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:14:f1:fa:0e:59:fa:01:7a:e5:b5:55:9e:d5:
51:3a:56:7c:ee:cb:b6:63:12:2e:3a:8d:77:fc:36:
7f:1e:5c:b7:d3:bf:ac:bf:05:7b:65:aa:13:ef:54:
00:9c:d4:e8:e0:6c:b7:d8:c6:ca:05:3a:24:14:e5:
5d:2a:e8:0f:64:b4:78:84:61:bc:ed:fe:bd:ad:e6:
2c:04:56:de:c5:5f:1c:fb:55:14:c4:be:6d:aa:f1:
82:ae:64:f2:c8:48:62:b4:14:59:38:32:92:17:ea:
77:8b:39:e6:56:b8:f5:1d:7d:e9:1b:e6:48:94:48:
2f:3c:cf:30:c8:7f:c4:4e:c3:a8:f8:ef:5b:79:57:
8c:49:07:29:e8:8e:40:7f:30:fd:53:43:92:75:c1:
b2:cb:e6:3b:d9:3a:89:d4:ef:0b:c1:9c:1c:d5:ce:
a2:8e:3f:f7:8f:e8:ed:3a:e9:42:2a:ab:7e:6e:9d:
be:e6:1d:68:b0:93:a5:66:93:ba:d3:ec:5e:de:e5:
8d:c1:15:7e:c7:7b:b2:62:a4:75:0e:9a:4f:b8:e4:
47:78:ba:01:80:41:b2:f8:4d:e0:48:f9:f2:c7:a2:
b4:1d:d7:4f:1a:75:74:9d:98:f3:0a:28:e5:95:49:
4e:12:ef:e9:be:d4:46:e3:98:6b:73:09:c6:94:6e:
ad:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:72:C4:82:CC:F6:BB:85:72:37:85:E3:4F:51:2C:EF:23:91:1B:7E
X509v3 Authority Key Identifier:
keyid:CC:BF:95:B4:7A:B2:B9:9C:22:2B:FE:54:52:1E:FD:1A:B6:7D:26:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zL-VtHqyuZwiK_5UUh79GrZ9Jn8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a29b95-ccb3-467b-ab7a-ac5b61493e01/1/VHLEgsz2u4VyN4XjT1Es7yORG34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a29b95-ccb3-467b-ab7a-ac5b61493e01/1/zL-VtHqyuZwiK_5UUh79GrZ9Jn8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.170.202.0/23
Signature Algorithm: sha256WithRSAEncryption
06:34:4f:71:5e:0f:21:55:a3:f3:7e:bf:ea:6f:0c:6d:6c:ef:
4b:45:fc:ca:8a:4e:06:2e:58:35:9f:bd:1c:1e:e4:83:4c:7f:
76:2d:24:3f:1e:6f:d5:db:0c:4b:45:16:93:16:d7:72:ff:bf:
f5:9c:40:4d:62:cb:eb:12:de:ee:14:62:9d:ae:08:14:13:dc:
3d:bb:8d:33:71:8f:19:37:5f:d5:75:13:18:0e:92:f2:9a:cf:
1c:b2:ce:b8:9a:4f:6c:a1:55:d5:64:a2:2b:49:b9:d9:f4:c5:
06:83:c5:a7:d7:4d:22:48:fc:e1:bc:1f:6d:fc:9b:fe:57:70:
10:02:27:1e:8c:5a:33:49:ca:a4:b6:f9:ee:ba:d8:b7:5e:57:
0e:a4:bd:76:0c:0a:22:74:12:18:2b:59:4c:b0:de:a6:c8:83:
78:aa:fb:a7:c9:f6:c7:aa:8a:f1:21:e8:3c:24:d5:83:80:76:
30:a1:7a:36:b4:f1:62:2c:bb:98:86:8a:cf:4b:df:86:4a:ee:
bd:53:50:12:d2:88:11:cd:ac:fb:0c:e1:e4:15:71:0a:b0:92:
ed:f1:b6:05:e6:eb:e7:c3:91:fb:92:f6:23:a2:05:23:ba:cf:
9a:e7:24:a7:78:18:1c:34:d1:7d:d6:91:d5:9d:63:de:c8:46:
86:5d:52:ce
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBhWSnTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Y2JmOTViNDdhYjJiOTljMjIyYmZlNTQ1MjFlZmQxYWI2N2QyNjdmMB4XDTIyMDEw
MTAxNTg1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTQ3MmM0ODJjY2Y2
YmI4NTcyMzc4NWUzNGY1MTJjZWYyMzkxMWI3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMcU8foOWfoBeuW1VZ7VUTpWfO7LtmMSLjqNd/w2fx5ct9O/
rL8Fe2WqE+9UAJzU6OBst9jGygU6JBTlXSroD2S0eIRhvO3+va3mLARW3sVfHPtV
FMS+barxgq5k8shIYrQUWTgykhfqd4s55la49R196RvmSJRILzzPMMh/xE7DqPjv
W3lXjEkHKeiOQH8w/VNDknXBssvmO9k6idTvC8GcHNXOoo4/94/o7TrpQiqrfm6d
vuYdaLCTpWaTutPsXt7ljcEVfsd7smKkdQ6aT7jkR3i6AYBBsvhN4Ej58seitB3X
Txp1dJ2Y8woo5ZVJThLv6b7URuOYa3MJxpRurfcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRUcsSCzPa7hXI3heNPUSzvI5EbfjAfBgNVHSMEGDAWgBTMv5W0erK5nCIr
/lRSHv0atn0mfzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pMLVZ0SHF5dVp3aUtfNVVVaDc5R3JaOUpuOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjAvYTI5Yjk1LWNjYjMtNDY3Yi1hYjdhLWFjNWI2MTQ5M2UwMS8x
L1ZITEVnc3oydTRWeU40WGpUMUVzN3lPUkczNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAv
YTI5Yjk1LWNjYjMtNDY3Yi1hYjdhLWFjNWI2MTQ5M2UwMS8xL3pMLVZ0SHF5dVp3
aUtfNVVVaDc5R3JaOUpuOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAdWqyjANBgkqhkiG9w0BAQsFAAOC
AQEABjRPcV4PIVWj836/6m8MbWzvS0X8yopOBi5YNZ+9HB7kg0x/di0kPx5v1dsM
S0UWkxbXcv+/9ZxATWLL6xLe7hRina4IFBPcPbuNM3GPGTdf1XUTGA6S8prPHLLO
uJpPbKFV1WSiK0m52fTFBoPFp9dNIkj84bwfbfyb/ldwEAInHoxaM0nKpLb57rrY
t15XDqS9dgwKInQSGCtZTLDepsiDeKr7p8n2x6qK8SHoPCTVg4B2MKF6NrTxYiy7
mIaKz0vfhkruvVNQEtKIEc2s+wzh5BVxCrCS7fG2Bebr58OR+5L2I6IFI7rPmuck
p3gYHDTRfdaR1Z1j3shGhl1Szg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:24 2025 by rpki-client