Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/c321a3-d362-454f-8e84-ce6bb71a8da6/1/vace-kgW4eaMWdEJ0gw5C_bGGYI.roa
File: vace-kgW4eaMWdEJ0gw5C_bGGYI.roa (raw, json)
Hash identifier: S2V3m+pXXE6Jfh6jV1vST+AR5C8/tQHBegdPfDzn7zQ=
Subject key identifier: BD:A7:1E:FA:48:16:E1:E6:8C:59:D1:09:D2:0C:39:0B:F6:C6:19:82
Certificate issuer: /CN=26d3db8bed354b478c6d1704a1e3ae6c926d5672
Certificate serial: 01856EEFCBBFE76620004381FC4693DB1601
Authority key identifier: 26:D3:DB:8B:ED:35:4B:47:8C:6D:17:04:A1:E3:AE:6C:92:6D:56:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JtPbi-01S0eMbRcEoeOubJJtVnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/c321a3-d362-454f-8e84-ce6bb71a8da6/1/vace-kgW4eaMWdEJ0gw5C_bGGYI.roa
Signing time: Sun 01 Jan 2023 20:04:47 +0000
ROA not before: Sun 01 Jan 2023 20:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211799
IP address blocks: 185.40.17.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:ef:cb:bf:e7:66:20:00:43:81:fc:46:93:db:16:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26d3db8bed354b478c6d1704a1e3ae6c926d5672
Validity
Not Before: Jan 1 20:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bda71efa4816e1e68c59d109d20c390bf6c61982
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:e6:85:9b:67:b0:e4:e8:1f:19:e3:aa:a2:01:
72:2a:af:f0:4f:15:ae:8f:10:da:b0:6a:ea:fe:55:
80:fc:a2:40:7d:00:c7:90:a5:b2:21:ca:bc:13:7a:
f9:d5:74:74:dc:b1:e0:b5:40:4f:63:f2:7e:42:92:
95:73:3e:c2:47:33:f2:ac:19:92:93:6b:9f:b8:ac:
b7:c7:83:68:bf:bb:91:b0:86:4e:57:0c:00:f5:67:
f1:d4:1f:c9:82:bd:ba:9d:31:3b:b4:ee:82:21:fb:
66:91:23:8f:68:93:19:21:96:bd:72:06:de:1f:91:
7d:90:26:50:e3:de:b4:53:8e:1f:fb:d4:93:ef:96:
58:52:80:6b:73:2e:a4:c5:48:85:2f:e1:47:e5:f6:
6e:6b:6b:f8:48:fe:bf:ab:07:8d:81:ed:a2:50:ec:
f2:97:dc:83:e3:17:2a:8d:d1:8d:4c:79:b8:be:6b:
13:76:4b:4b:65:33:cb:76:ac:51:8f:d9:6c:1f:f4:
09:52:5e:8d:49:fa:46:d0:88:25:6e:1a:40:47:95:
f1:90:60:e4:30:62:e7:b0:20:8c:4c:39:90:ac:c6:
5c:4c:e4:c8:94:0e:e8:46:3f:62:3a:84:2a:1d:af:
ee:d7:18:b7:7d:7e:32:8d:ae:d6:18:a5:42:d8:05:
01:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:A7:1E:FA:48:16:E1:E6:8C:59:D1:09:D2:0C:39:0B:F6:C6:19:82
X509v3 Authority Key Identifier:
keyid:26:D3:DB:8B:ED:35:4B:47:8C:6D:17:04:A1:E3:AE:6C:92:6D:56:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JtPbi-01S0eMbRcEoeOubJJtVnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/c321a3-d362-454f-8e84-ce6bb71a8da6/1/vace-kgW4eaMWdEJ0gw5C_bGGYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/c321a3-d362-454f-8e84-ce6bb71a8da6/1/JtPbi-01S0eMbRcEoeOubJJtVnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.17.0/24
Signature Algorithm: sha256WithRSAEncryption
15:ec:b8:c6:02:c2:4e:5a:63:d1:da:7d:a1:4f:22:56:93:b0:
7e:ae:a2:80:7a:fe:fa:2d:35:44:f5:14:9f:9d:8b:51:4c:16:
ab:4e:37:67:a3:f8:02:3f:3a:f7:6d:19:60:1c:c1:da:2f:24:
aa:54:cb:15:c5:9b:43:d9:ab:27:d1:88:4a:78:c1:6e:b6:3b:
92:2c:04:89:af:0e:1d:0f:7b:8c:61:66:3e:13:2d:1c:b5:5d:
c4:b8:ee:01:a3:f6:16:65:64:87:d1:c3:85:47:ca:15:c1:fe:
74:c4:db:50:7f:70:37:be:de:c1:ac:31:ac:e6:d9:69:6d:8e:
4c:83:94:66:a6:0b:89:6a:f2:ca:ba:a9:77:80:0f:45:50:63:
69:c0:43:4d:87:ff:25:dd:e8:be:ae:34:8d:1c:b5:a2:26:70:
09:f7:dd:3d:2b:80:8a:cb:c4:26:b0:0a:4a:45:c7:67:d4:eb:
16:6c:f7:33:61:5a:bd:5f:c7:28:0a:50:1d:9e:a7:07:b4:af:
87:a6:b4:7c:2b:07:ab:d1:0d:ef:f7:0c:97:e0:d4:b2:eb:9b:
f5:88:e0:7c:f8:4e:44:db:88:e7:99:43:4f:05:83:2c:6f:03:
a2:cd:14:17:db:55:bd:1a:9d:4d:9c:5a:8f:0c:20:ff:62:cc:
c8:f8:f2:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu78u/52YgAEOB/EaT2xYBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2ZDNkYjhiZWQzNTRiNDc4YzZkMTcwNGExZTNhZTZjOTI2
ZDU2NzIwHhcNMjMwMTAxMjAwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGE3MWVmYTQ4MTZlMWU2OGM1OWQxMDlkMjBjMzkwYmY2YzYxOTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7uaFm2ew5OgfGeOqogFyKq/wTxWu
jxDasGrq/lWA/KJAfQDHkKWyIcq8E3r51XR03LHgtUBPY/J+QpKVcz7CRzPyrBmS
k2ufuKy3x4Nov7uRsIZOVwwA9Wfx1B/Jgr26nTE7tO6CIftmkSOPaJMZIZa9cgbe
H5F9kCZQ4960U44f+9ST75ZYUoBrcy6kxUiFL+FH5fZua2v4SP6/qweNge2iUOzy
l9yD4xcqjdGNTHm4vmsTdktLZTPLdqxRj9lsH/QJUl6NSfpG0IglbhpAR5XxkGDk
MGLnsCCMTDmQrMZcTOTIlA7oRj9iOoQqHa/u1xi3fX4yja7WGKVC2AUB5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL2nHvpIFuHmjFnRCdIMOQv2xhmCMB8GA1UdIwQY
MBaAFCbT24vtNUtHjG0XBKHjrmySbVZyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnRQYmktMDFTMGVNYlJjRW9lT3ViSkp0Vm5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9jMzIxYTMtZDM2Mi00NTRmLThlODQt
Y2U2YmI3MWE4ZGE2LzEvdmFjZS1rZ1c0ZWFNV2RFSjBndzVDX2JHR1lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS9jMzIxYTMtZDM2Mi00NTRmLThlODQtY2U2YmI3MWE4ZGE2
LzEvSnRQYmktMDFTMGVNYlJjRW9lT3ViSkp0Vm5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSgRMA0G
CSqGSIb3DQEBCwUAA4IBAQAV7LjGAsJOWmPR2n2hTyJWk7B+rqKAev76LTVE9RSf
nYtRTBarTjdno/gCPzr3bRlgHMHaLySqVMsVxZtD2asn0YhKeMFutjuSLASJrw4d
D3uMYWY+Ey0ctV3EuO4Bo/YWZWSH0cOFR8oVwf50xNtQf3A3vt7BrDGs5tlpbY5M
g5RmpguJavLKuql3gA9FUGNpwENNh/8l3ei+rjSNHLWiJnAJ9909K4CKy8QmsApK
Rcdn1OsWbPczYVq9X8coClAdnqcHtK+HprR8Kwer0Q3v9wyX4NSy65v1iOB8+E5E
24jnmUNPBYMsbwOizRQX21W9Gp1NnFqPDCD/YszI+PL/
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:49:41 2025 by rpki-client