Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/587460-eab7-40d9-a512-3e660d0252db/1/VVkVpx8QxpmFZgBJc7FgMykx3yI.roa
File: VVkVpx8QxpmFZgBJc7FgMykx3yI.roa (raw, json)
Hash identifier: fC1oOk0+tqjQGPewKEQgJAsZwrkHCNBa0cg8qJvG7ys=
Subject key identifier: 55:59:15:A7:1F:10:C6:99:85:66:00:49:73:B1:60:33:29:31:DF:22
Certificate issuer: /CN=e30f8894f308172ace92fbe6052eec23853eadad
Certificate serial: 018ADB03B24CF3F8355C57E2423FBD731647
Authority key identifier: E3:0F:88:94:F3:08:17:2A:CE:92:FB:E6:05:2E:EC:23:85:3E:AD:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4w-IlPMIFyrOkvvmBS7sI4U-ra0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/587460-eab7-40d9-a512-3e660d0252db/1/VVkVpx8QxpmFZgBJc7FgMykx3yI.roa
Signing time: Thu 28 Sep 2023 08:59:27 +0000
ROA not before: Thu 28 Sep 2023 08:59:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3920
IP address blocks: 117.55.203.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:db:03:b2:4c:f3:f8:35:5c:57:e2:42:3f:bd:73:16:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e30f8894f308172ace92fbe6052eec23853eadad
Validity
Not Before: Sep 28 08:59:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=555915a71f10c6998566004973b160332931df22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:eb:d2:a3:4b:f0:93:db:e8:52:af:5e:1d:d9:
0c:1f:38:5e:89:ac:bc:08:83:07:19:c2:91:40:72:
a9:e5:ed:06:0e:95:a5:d7:bc:33:7e:ab:37:3e:30:
6f:f7:e4:74:c9:8d:3b:ff:66:d5:50:41:d7:d6:78:
16:94:07:11:bb:46:92:89:21:06:d9:55:62:42:28:
8a:62:52:c2:fa:f7:a6:e5:bc:9e:6a:fa:e3:29:f9:
bd:e7:f6:45:b3:f9:72:3d:fb:ec:69:30:c9:58:41:
4a:ce:b5:1b:c8:aa:d1:dc:1c:84:b3:cf:ef:38:cb:
c9:32:49:46:d0:0c:da:98:f7:6f:34:ff:3d:8f:f6:
05:33:51:c3:51:a4:5d:62:c3:b0:3d:87:be:c6:04:
73:2b:9e:36:ba:14:2e:96:71:29:f9:30:03:be:b4:
f0:44:9f:e4:ad:e4:d7:53:8b:7e:47:ae:52:a1:5d:
38:9e:a3:f5:22:9b:ff:1b:3e:db:3b:6f:60:b5:a9:
ed:8b:c6:cf:69:79:aa:2e:cf:92:67:ee:49:47:42:
4f:b2:48:63:f0:38:c3:41:77:2f:de:7f:d6:9c:40:
6a:ec:17:ac:e3:14:b5:7f:fd:49:e5:29:2b:77:06:
61:7b:2a:59:86:ce:30:77:4d:f6:c7:78:c1:6b:e0:
f7:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:59:15:A7:1F:10:C6:99:85:66:00:49:73:B1:60:33:29:31:DF:22
X509v3 Authority Key Identifier:
keyid:E3:0F:88:94:F3:08:17:2A:CE:92:FB:E6:05:2E:EC:23:85:3E:AD:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4w-IlPMIFyrOkvvmBS7sI4U-ra0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/587460-eab7-40d9-a512-3e660d0252db/1/VVkVpx8QxpmFZgBJc7FgMykx3yI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/587460-eab7-40d9-a512-3e660d0252db/1/4w-IlPMIFyrOkvvmBS7sI4U-ra0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
117.55.203.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:fa:f9:f6:ae:9a:8e:2b:b5:38:6c:d1:e6:1e:c1:07:65:32:
aa:26:d5:ef:09:b9:4e:db:6d:c5:97:17:a2:4f:54:15:79:b1:
07:42:18:e9:88:b1:f1:2f:ab:8e:55:5d:30:76:e7:f7:9c:c4:
74:96:45:e1:ad:d2:d4:45:4e:c6:59:b2:18:0b:9e:52:29:0e:
3d:bf:8a:1b:12:2c:07:cb:65:ef:48:4b:c7:6d:5f:ef:b2:cf:
3f:75:f1:30:41:e1:9f:8f:51:ba:28:70:94:76:b1:df:09:a3:
51:85:c6:36:92:bc:21:5b:47:68:84:da:03:8e:3e:d7:89:27:
18:af:94:7b:ad:39:27:f8:a6:46:f7:0e:95:17:5e:3f:05:76:
51:b1:2a:4a:6e:12:0a:e7:f4:c1:c4:8a:18:9a:de:41:12:e8:
75:0d:5e:f8:64:51:08:0e:31:75:37:12:b1:35:38:c0:4a:ca:
b5:74:d0:12:50:c7:a5:14:09:dc:35:d4:1c:e5:97:2b:f3:4a:
13:ba:97:33:2a:34:74:71:29:67:02:71:58:33:1c:25:02:ac:
c7:81:02:b8:d1:08:ff:b5:43:02:d0:bb:5b:30:cc:8f:52:d8:
e2:0b:6c:87:71:b4:d7:c8:cd:48:1f:57:df:f0:e8:93:d3:d7:
d0:e8:3c:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrbA7JM8/g1XFfiQj+9cxZHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMGY4ODk0ZjMwODE3MmFjZTkyZmJlNjA1MmVlYzIzODUz
ZWFkYWQwHhcNMjMwOTI4MDg1OTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTU5MTVhNzFmMTBjNjk5ODU2NjAwNDk3M2IxNjAzMzI5MzFkZjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOvSo0vwk9voUq9eHdkMHzheiay8
CIMHGcKRQHKp5e0GDpWl17wzfqs3PjBv9+R0yY07/2bVUEHX1ngWlAcRu0aSiSEG
2VViQiiKYlLC+vem5byeavrjKfm95/ZFs/lyPfvsaTDJWEFKzrUbyKrR3ByEs8/v
OMvJMklG0AzamPdvNP89j/YFM1HDUaRdYsOwPYe+xgRzK542uhQulnEp+TADvrTw
RJ/kreTXU4t+R65SoV04nqP1Ipv/Gz7bO29gtanti8bPaXmqLs+SZ+5JR0JPskhj
8DjDQXcv3n/WnEBq7Bes4xS1f/1J5SkrdwZheypZhs4wd032x3jBa+D3ywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFVZFacfEMaZhWYASXOxYDMpMd8iMB8GA1UdIwQY
MBaAFOMPiJTzCBcqzpL75gUu7COFPq2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHctSWxQTUlGeXJPa3Z2bUJTN3NJNFUtcmEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81ODc0NjAtZWFiNy00MGQ5LWE1MTIt
M2U2NjBkMDI1MmRiLzEvVlZrVnB4OFF4cG1GWmdCSmM3RmdNeWt4M3lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81ODc0NjAtZWFiNy00MGQ5LWE1MTItM2U2NjBkMDI1MmRi
LzEvNHctSWxQTUlGeXJPa3Z2bUJTN3NJNFUtcmEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAdTfLMA0G
CSqGSIb3DQEBCwUAA4IBAQAN+vn2rpqOK7U4bNHmHsEHZTKqJtXvCblO223Flxei
T1QVebEHQhjpiLHxL6uOVV0wduf3nMR0lkXhrdLURU7GWbIYC55SKQ49v4obEiwH
y2XvSEvHbV/vss8/dfEwQeGfj1G6KHCUdrHfCaNRhcY2krwhW0dohNoDjj7XiScY
r5R7rTkn+KZG9w6VF14/BXZRsSpKbhIK5/TBxIoYmt5BEuh1DV74ZFEIDjF1NxKx
NTjASsq1dNASUMelFAncNdQc5Zcr80oTupczKjR0cSlnAnFYMxwlAqzHgQK40Qj/
tUMC0LtbMMyPUtjiC2yHcbTXyM1IH1ff8OiT09fQ6Dz4
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:20 2025 by rpki-client