Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/vIXTN46l9uQ_p2amYmMAWtTGgTY.roa
File: vIXTN46l9uQ_p2amYmMAWtTGgTY.roa (raw, json)
Hash identifier: yWX8FzfFAc6fyex4/ezZhZ5kjFCG+qOeWWkQxCUlQJk=
Subject key identifier: BC:85:D3:37:8E:A5:F6:E4:3F:A7:66:A6:62:63:00:5A:D4:C6:81:36
Certificate issuer: /CN=d41703db3020cc1ef2fd71091a468f4a649c238f
Certificate serial: 01856FF94EE5B52C5C69DA9BDA108BC213AA
Authority key identifier: D4:17:03:DB:30:20:CC:1E:F2:FD:71:09:1A:46:8F:4A:64:9C:23:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/vIXTN46l9uQ_p2amYmMAWtTGgTY.roa
Signing time: Mon 02 Jan 2023 00:54:47 +0000
ROA not before: Mon 02 Jan 2023 00:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206570
IP address blocks: 185.179.200.0/23 maxlen: 24
213.179.210.0/23 maxlen: 23
2a00:1d23::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:4e:e5:b5:2c:5c:69:da:9b:da:10:8b:c2:13:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d41703db3020cc1ef2fd71091a468f4a649c238f
Validity
Not Before: Jan 2 00:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc85d3378ea5f6e43fa766a66263005ad4c68136
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:47:b4:e3:9c:d9:a5:ac:a4:bc:42:0e:87:60:
f9:a6:8d:bd:f4:a6:a3:51:9a:e5:f4:da:07:d8:26:
c1:39:1a:72:37:d9:4e:ed:e5:44:65:65:43:a7:cb:
57:0a:7e:8e:0e:cd:2e:1c:34:f8:86:35:20:ce:cb:
2e:17:21:89:ec:de:74:6c:77:2e:80:f2:ef:81:f2:
ae:65:ab:c7:03:2b:dc:af:b4:f0:e3:6b:b2:78:20:
11:26:ac:de:1f:aa:55:a3:b9:cd:a7:7d:1c:be:6f:
b9:eb:e9:44:09:9e:48:8d:12:ea:c2:43:57:36:47:
ca:ac:8f:df:25:8f:b1:e7:2c:b6:71:dc:08:dd:07:
56:d9:c0:7e:5d:69:78:6b:df:a3:be:05:a1:06:6a:
b3:dd:9e:57:ed:04:3a:52:07:e9:b8:45:54:4f:87:
18:6b:98:01:7e:0f:eb:f5:5c:30:73:47:0c:b3:a1:
d9:95:9d:cb:38:fb:e7:39:29:a0:11:60:5e:ea:4e:
15:52:d3:53:bf:96:c8:be:ac:45:48:04:09:42:42:
2b:0d:a1:d2:ab:8d:52:5c:38:d6:0e:ce:23:f5:70:
14:0e:72:e2:18:84:a5:2f:78:aa:bd:ee:2a:f0:b6:
0f:c9:2f:7f:2e:9d:66:08:35:34:44:c1:13:73:f4:
45:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:85:D3:37:8E:A5:F6:E4:3F:A7:66:A6:62:63:00:5A:D4:C6:81:36
X509v3 Authority Key Identifier:
keyid:D4:17:03:DB:30:20:CC:1E:F2:FD:71:09:1A:46:8F:4A:64:9C:23:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/vIXTN46l9uQ_p2amYmMAWtTGgTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/1BcD2zAgzB7y_XEJGkaPSmScI48.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.179.200.0/23
213.179.210.0/23
IPv6:
2a00:1d23::/32
Signature Algorithm: sha256WithRSAEncryption
81:57:a8:da:59:e9:81:7e:e1:aa:50:bd:84:6d:49:f7:86:52:
44:a4:7d:93:0b:8e:9c:67:5e:3d:39:f6:65:4f:bd:17:d2:ea:
b6:31:2d:59:6e:c8:ee:08:4d:74:77:36:9b:7e:8e:29:ed:bf:
38:89:6e:94:bc:34:68:f7:5d:2e:01:65:5e:3f:bf:ec:0b:2f:
8e:11:18:df:55:bd:58:91:32:5b:e7:a2:6d:5c:f1:fa:8a:23:
db:55:b3:78:4b:6c:b9:78:dc:52:0a:0c:b4:b4:0d:83:c2:78:
c3:a1:fe:fe:d1:9f:10:ab:93:5a:2d:35:c4:34:d4:a5:40:a5:
41:22:66:d2:cc:91:58:bf:43:a9:12:17:37:0b:11:30:f5:fb:
11:6f:43:92:3e:34:56:b9:0c:96:b0:98:d4:23:e6:da:9b:a6:
dc:39:1e:a0:14:3f:3b:fa:d4:67:0c:42:55:2e:62:59:b8:54:
e8:18:8c:86:f3:26:c4:68:ee:a0:f4:68:3d:09:a3:a0:1e:57:
40:97:44:3f:89:7f:06:6d:d7:81:ec:56:af:0f:b4:5b:da:27:
48:25:94:ba:63:e3:73:09:8d:17:33:af:b0:2c:82:20:61:b3:
01:87:e1:3c:e7:b8:b1:78:e8:93:dd:88:57:2f:a9:a7:7c:64:
a7:8b:c7:8e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVv+U7ltSxcadqb2hCLwhOqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MTcwM2RiMzAyMGNjMWVmMmZkNzEwOTFhNDY4ZjRhNjQ5
YzIzOGYwHhcNMjMwMTAyMDA1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzg1ZDMzNzhlYTVmNmU0M2ZhNzY2YTY2MjYzMDA1YWQ0YzY4MTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUe045zZpaykvEIOh2D5po299Kaj
UZrl9NoH2CbBORpyN9lO7eVEZWVDp8tXCn6ODs0uHDT4hjUgzssuFyGJ7N50bHcu
gPLvgfKuZavHAyvcr7Tw42uyeCARJqzeH6pVo7nNp30cvm+56+lECZ5IjRLqwkNX
NkfKrI/fJY+x5yy2cdwI3QdW2cB+XWl4a9+jvgWhBmqz3Z5X7QQ6UgfpuEVUT4cY
a5gBfg/r9Vwwc0cMs6HZlZ3LOPvnOSmgEWBe6k4VUtNTv5bIvqxFSAQJQkIrDaHS
q41SXDjWDs4j9XAUDnLiGISlL3iqve4q8LYPyS9/Lp1mCDU0RMETc/RFjQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLyF0zeOpfbkP6dmpmJjAFrUxoE2MB8GA1UdIwQY
MBaAFNQXA9swIMwe8v1xCRpGj0pknCOPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUJjRDJ6QWd6Qjd5X1hFSkdrYVBTbVNjSTQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ODU1NGItNGY5Ny00MDZjLTkwYTYt
NDhkMzFjNzVmMzFlLzEvdklYVE40Nmw5dVFfcDJhbVltTUFXdFRHZ1RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ODU1NGItNGY5Ny00MDZjLTkwYTYtNDhkMzFjNzVmMzFl
LzEvMUJjRDJ6QWd6Qjd5X1hFSkdrYVBTbVNjSTQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBubPIAwQB
1bPSMA0EAgACMAcDBQAqAB0jMA0GCSqGSIb3DQEBCwUAA4IBAQCBV6jaWemBfuGq
UL2EbUn3hlJEpH2TC46cZ149OfZlT70X0uq2MS1ZbsjuCE10dzabfo4p7b84iW6U
vDRo910uAWVeP7/sCy+OERjfVb1YkTJb56JtXPH6iiPbVbN4S2y5eNxSCgy0tA2D
wnjDof7+0Z8Qq5NaLTXENNSlQKVBImbSzJFYv0OpEhc3CxEw9fsRb0OSPjRWuQyW
sJjUI+bam6bcOR6gFD87+tRnDEJVLmJZuFToGIyG8ybEaO6g9Gg9CaOgHldAl0Q/
iX8GbdeB7FavD7Rb2idIJZS6Y+NzCY0XM6+wLIIgYbMBh+E857ixeOiT3YhXL6mn
fGSni8eO
-----END CERTIFICATE-----
Generated at Tue Apr 8 17:36:47 2025 by rpki-client