Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/1d4f36-b97d-4d98-bb2c-b8a27472a896/1/VHENKliagzw-Q8LXr101PMlO93M.roa
File: VHENKliagzw-Q8LXr101PMlO93M.roa (raw, json)
Hash identifier: 5tYTc84ntkXtNIwGmhnhR6263fXEhfQ7cY0nCnClcRo=
Subject key identifier: 54:71:0D:2A:58:9A:83:3C:3E:43:C2:D7:AF:5D:35:3C:C9:4E:F7:73
Certificate issuer: /CN=34418e26b2aeb6eaa8143fd71830f9b354ae7bbc
Certificate serial: 01856E140C217C6E730EDF840E42C8055D66
Authority key identifier: 34:41:8E:26:B2:AE:B6:EA:A8:14:3F:D7:18:30:F9:B3:54:AE:7B:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NEGOJrKutuqoFD_XGDD5s1Sue7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/1d4f36-b97d-4d98-bb2c-b8a27472a896/1/VHENKliagzw-Q8LXr101PMlO93M.roa
Signing time: Sun 01 Jan 2023 16:04:45 +0000
ROA not before: Sun 01 Jan 2023 16:04:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211572
IP address blocks: 188.95.88.0/24 maxlen: 24
2a10:c140::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:0c:21:7c:6e:73:0e:df:84:0e:42:c8:05:5d:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34418e26b2aeb6eaa8143fd71830f9b354ae7bbc
Validity
Not Before: Jan 1 16:04:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=54710d2a589a833c3e43c2d7af5d353cc94ef773
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:35:40:49:65:f5:4f:4a:ca:64:2d:74:1d:2a:
92:17:24:1d:13:71:e1:8c:ff:93:6c:a8:77:e1:66:
3a:b1:2e:9d:08:e3:c2:38:8d:dd:09:b0:3c:cc:27:
c7:21:28:b0:92:d9:b1:0d:12:84:1b:c7:e6:42:1c:
fd:86:77:33:68:cd:28:c1:77:54:72:87:57:41:ae:
fe:d8:e1:36:d4:57:8b:1c:8e:f0:80:10:69:74:4c:
34:ac:3a:aa:46:ba:e7:4e:32:93:75:95:30:53:f8:
8a:ff:73:aa:3d:0d:7e:cb:6f:65:5b:a9:20:27:65:
6f:58:60:ef:f5:03:9a:4a:f7:3f:d4:b2:5f:98:98:
09:31:96:db:57:69:40:59:fa:da:f6:45:21:86:ea:
ef:45:64:98:ca:b2:1a:d5:86:b1:0b:9f:88:83:e2:
90:cf:01:24:4d:26:07:5f:b0:2b:7f:8e:d8:f6:d3:
13:68:14:da:37:04:41:d5:fc:ba:3a:24:5e:4b:47:
36:bc:79:d3:9b:46:67:48:e7:20:9b:8b:1c:a1:5e:
0f:aa:eb:07:40:5b:04:43:34:5b:e2:a8:a7:95:84:
66:23:25:dd:f7:f6:aa:58:1d:ff:1d:60:23:95:a3:
c6:b0:f1:8f:56:be:65:60:46:c5:1f:09:cf:39:68:
c4:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:71:0D:2A:58:9A:83:3C:3E:43:C2:D7:AF:5D:35:3C:C9:4E:F7:73
X509v3 Authority Key Identifier:
keyid:34:41:8E:26:B2:AE:B6:EA:A8:14:3F:D7:18:30:F9:B3:54:AE:7B:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NEGOJrKutuqoFD_XGDD5s1Sue7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/1d4f36-b97d-4d98-bb2c-b8a27472a896/1/VHENKliagzw-Q8LXr101PMlO93M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/1d4f36-b97d-4d98-bb2c-b8a27472a896/1/NEGOJrKutuqoFD_XGDD5s1Sue7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.95.88.0/24
IPv6:
2a10:c140::/29
Signature Algorithm: sha256WithRSAEncryption
0a:98:d9:aa:41:c3:03:bd:a9:4f:a6:3e:06:3b:f8:ac:39:10:
1e:ba:65:88:ea:7f:49:ae:da:1b:35:bd:bc:4e:a0:e4:e2:5a:
aa:a6:88:db:c4:92:19:8f:5d:41:40:48:7f:42:42:3b:49:69:
59:2d:9b:07:4f:69:cb:a5:4f:79:3a:9c:60:e4:e3:1b:22:05:
5c:36:a5:48:ec:3f:61:19:70:91:80:02:7d:dc:87:87:b7:58:
4d:6b:b2:2a:00:78:ab:69:3d:8b:6e:36:33:6b:be:e8:f6:6f:
94:a8:ea:e1:70:05:6f:98:9f:1b:66:87:1d:b0:ab:33:8a:bd:
c2:d4:86:af:00:08:92:8b:61:a8:cf:ff:ec:d6:df:bc:1d:e0:
ba:f1:f7:32:b5:fe:df:a7:86:df:ce:e8:ad:a1:57:42:49:04:
78:e6:1e:f9:4d:87:cd:fc:89:e4:a7:db:98:92:75:22:6c:08:
99:cc:10:cc:e2:52:72:7b:15:95:7c:17:c7:96:42:6f:b3:fd:
3a:a7:bc:b7:58:7c:f8:64:70:f6:bc:f1:92:91:d6:ff:d3:0d:
57:a7:f4:56:23:94:e0:31:87:90:95:62:cd:1b:97:a6:09:66:
0a:26:6d:2d:46:09:27:09:cf:b6:87:cc:e8:c3:12:3b:7b:df:
eb:83:e6:61
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuFAwhfG5zDt+EDkLIBV1mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NDE4ZTI2YjJhZWI2ZWFhODE0M2ZkNzE4MzBmOWIzNTRh
ZTdiYmMwHhcNMjMwMTAxMTYwNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDcxMGQyYTU4OWE4MzNjM2U0M2MyZDdhZjVkMzUzY2M5NGVmNzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzVASWX1T0rKZC10HSqSFyQdE3Hh
jP+TbKh34WY6sS6dCOPCOI3dCbA8zCfHISiwktmxDRKEG8fmQhz9hnczaM0owXdU
codXQa7+2OE21FeLHI7wgBBpdEw0rDqqRrrnTjKTdZUwU/iK/3OqPQ1+y29lW6kg
J2VvWGDv9QOaSvc/1LJfmJgJMZbbV2lAWfra9kUhhurvRWSYyrIa1YaxC5+Ig+KQ
zwEkTSYHX7Arf47Y9tMTaBTaNwRB1fy6OiReS0c2vHnTm0ZnSOcgm4scoV4PqusH
QFsEQzRb4qinlYRmIyXd9/aqWB3/HWAjlaPGsPGPVr5lYEbFHwnPOWjEWQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFRxDSpYmoM8PkPC169dNTzJTvdzMB8GA1UdIwQY
MBaAFDRBjiayrrbqqBQ/1xgw+bNUrnu8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkVHT0pyS3V0dXFvRkRfWEdERDVzMVN1ZTd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8xZDRmMzYtYjk3ZC00ZDk4LWJiMmMt
YjhhMjc0NzJhODk2LzEvVkhFTktsaWFnenctUThMWHIxMDFQTWxPOTNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8xZDRmMzYtYjk3ZC00ZDk4LWJiMmMtYjhhMjc0NzJhODk2
LzEvTkVHT0pyS3V0dXFvRkRfWEdERDVzMVN1ZTd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAvF9YMA0E
AgACMAcDBQMqEMFAMA0GCSqGSIb3DQEBCwUAA4IBAQAKmNmqQcMDvalPpj4GO/is
ORAeumWI6n9JrtobNb28TqDk4lqqpojbxJIZj11BQEh/QkI7SWlZLZsHT2nLpU95
Opxg5OMbIgVcNqVI7D9hGXCRgAJ93IeHt1hNa7IqAHiraT2LbjYza77o9m+UqOrh
cAVvmJ8bZocdsKszir3C1IavAAiSi2Goz//s1t+8HeC68fcytf7fp4bfzuitoVdC
SQR45h75TYfN/Inkp9uYknUibAiZzBDM4lJyexWVfBfHlkJvs/06p7y3WHz4ZHD2
vPGSkdb/0w1Xp/RWI5TgMYeQlWLNG5emCWYKJm0tRgknCc+2h8zowxI7e9/rg+Zh
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:52 2025 by rpki-client