Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/c53c3e-aa2d-41ab-a312-2637d13338f1/1/vONSOxlS-pwCpsujJkZhbOGcipE.roa
File: vONSOxlS-pwCpsujJkZhbOGcipE.roa (raw, json)
Hash identifier: ynZcA1sRD25LwoTAlI9+zCZP1565r68cjRoGdsSAaSE=
Subject key identifier: BC:E3:52:3B:19:52:FA:9C:02:A6:CB:A3:26:46:61:6C:E1:9C:8A:91
Certificate issuer: /CN=3bd9436d2135c084897b74c6ad36da1700a7a98d
Certificate serial: 045C8E66
Authority key identifier: 3B:D9:43:6D:21:35:C0:84:89:7B:74:C6:AD:36:DA:17:00:A7:A9:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O9lDbSE1wISJe3TGrTbaFwCnqY0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/c53c3e-aa2d-41ab-a312-2637d13338f1/1/vONSOxlS-pwCpsujJkZhbOGcipE.roa
Signing time: Sat 01 Jan 2022 14:02:21 +0000
ROA not before: Sat 01 Jan 2022 14:02:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61287
IP address blocks: 185.12.128.0/23 maxlen: 23
185.12.128.0/22 maxlen: 22
185.12.130.0/23 maxlen: 23
2a03:8d40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73174630 (0x45c8e66)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bd9436d2135c084897b74c6ad36da1700a7a98d
Validity
Not Before: Jan 1 14:02:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bce3523b1952fa9c02a6cba32646616ce19c8a91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:3f:53:91:5d:c9:b7:af:89:82:3a:07:40:aa:
e0:cc:c8:f4:a5:94:eb:65:9b:21:88:4c:46:c3:5e:
bf:d1:9c:55:33:e1:12:93:09:0c:9b:f5:c1:19:3f:
d5:37:2e:96:ee:ee:94:83:8a:ab:09:ec:d9:5f:eb:
6b:8c:87:5d:83:1a:1d:b9:e4:d5:8b:b0:a5:75:b3:
2f:e4:0d:09:30:e4:9d:c5:51:d7:5f:90:95:cc:28:
42:b1:19:3d:73:62:a9:84:b1:e6:75:9b:28:c8:0e:
a3:67:3f:03:f1:18:63:40:dd:c5:49:41:36:be:27:
16:62:3d:bf:7a:c2:73:29:44:fe:5b:e3:02:c9:8d:
ac:23:96:a5:fe:5d:32:35:8a:f2:3a:01:7a:22:56:
84:ce:b8:29:22:d4:55:88:38:94:14:54:ca:82:76:
56:11:08:af:d8:7f:f4:cb:af:8d:99:df:dc:27:dc:
11:21:0d:5e:3c:c3:00:f5:8b:57:16:10:5d:6c:80:
c0:57:a9:a8:4d:af:ca:b7:50:3e:54:b1:86:41:97:
e5:77:a1:1e:d4:ab:af:ab:d2:70:66:4b:e9:20:66:
07:ba:2b:0f:2f:b1:0c:77:af:28:a8:a1:1b:4b:2c:
fc:49:25:7d:39:52:1e:ec:b6:0d:8d:c9:b5:0d:96:
e6:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:E3:52:3B:19:52:FA:9C:02:A6:CB:A3:26:46:61:6C:E1:9C:8A:91
X509v3 Authority Key Identifier:
keyid:3B:D9:43:6D:21:35:C0:84:89:7B:74:C6:AD:36:DA:17:00:A7:A9:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O9lDbSE1wISJe3TGrTbaFwCnqY0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/c53c3e-aa2d-41ab-a312-2637d13338f1/1/vONSOxlS-pwCpsujJkZhbOGcipE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/c53c3e-aa2d-41ab-a312-2637d13338f1/1/O9lDbSE1wISJe3TGrTbaFwCnqY0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.12.128.0/22
IPv6:
2a03:8d40::/32
Signature Algorithm: sha256WithRSAEncryption
5c:d3:5b:de:cd:d7:d5:fe:7f:68:41:72:f5:6d:45:3b:84:d4:
03:80:19:1f:60:de:d1:58:d5:31:7c:94:c7:34:d5:c1:10:50:
ac:ad:65:b7:30:71:10:07:1b:7e:ca:59:5e:25:0f:70:b4:98:
da:5c:27:6b:8c:0e:de:6b:d1:af:f9:a4:31:13:42:34:f8:38:
af:73:9d:14:a8:46:59:bc:55:18:00:fd:a1:d0:ba:5d:63:fc:
f0:7f:ad:d1:07:c7:45:ed:d0:be:60:fb:a3:fe:ac:a2:36:a8:
8e:c2:e4:e7:7c:4b:e2:0f:26:c7:81:f7:8c:32:d0:7c:d6:cd:
9e:b5:c5:f3:3e:3b:f1:85:a1:f7:9f:97:76:8b:b4:e1:f5:a5:
1e:0f:62:76:77:1b:5f:2c:81:be:bb:8e:99:da:c2:e8:94:6d:
07:76:43:02:12:35:65:2b:1b:47:07:3d:d4:c0:79:09:92:64:
09:a5:ec:f5:d0:c8:a4:fb:76:70:f5:f7:aa:51:99:c6:16:ac:
ae:d6:42:68:46:5f:7a:bf:78:39:1e:a8:cc:72:e9:3d:8f:07:
90:c1:a2:87:f8:22:cc:8e:df:f5:41:5d:ee:2b:80:6c:6a:b2:
70:4f:1d:86:61:d1:80:a9:0c:72:3f:36:92:f0:fc:f7:be:07:
60:51:52:55
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBFyOZjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YmQ5NDM2ZDIxMzVjMDg0ODk3Yjc0YzZhZDM2ZGExNzAwYTdhOThkMB4XDTIyMDEw
MTE0MDIyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmNlMzUyM2IxOTUy
ZmE5YzAyYTZjYmEzMjY0NjYxNmNlMTljOGE5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJY/U5FdybeviYI6B0Cq4MzI9KWU62WbIYhMRsNev9GcVTPh
EpMJDJv1wRk/1Tculu7ulIOKqwns2V/ra4yHXYMaHbnk1YuwpXWzL+QNCTDkncVR
11+QlcwoQrEZPXNiqYSx5nWbKMgOo2c/A/EYY0DdxUlBNr4nFmI9v3rCcylE/lvj
AsmNrCOWpf5dMjWK8joBeiJWhM64KSLUVYg4lBRUyoJ2VhEIr9h/9MuvjZnf3Cfc
ESENXjzDAPWLVxYQXWyAwFepqE2vyrdQPlSxhkGX5XehHtSrr6vScGZL6SBmB7or
Dy+xDHevKKihG0ss/EklfTlSHuy2DY3JtQ2W5r8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBS841I7GVL6nAKmy6MmRmFs4ZyKkTAfBgNVHSMEGDAWgBQ72UNtITXAhIl7
dMatNtoXAKepjTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L085bERiU0Uxd0lTSmUzVEdyVGJhRndDbnFZMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzgvYzUzYzNlLWFhMmQtNDFhYi1hMzEyLTI2MzdkMTMzMzhmMS8x
L3ZPTlNPeGxTLXB3Q3BzdWpKa1poYk9HY2lwRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgv
YzUzYzNlLWFhMmQtNDFhYi1hMzEyLTI2MzdkMTMzMzhmMS8xL085bERiU0Uxd0lT
SmUzVEdyVGJhRndDbnFZMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArkMgDANBAIAAjAHAwUAKgONQDAN
BgkqhkiG9w0BAQsFAAOCAQEAXNNb3s3X1f5/aEFy9W1FO4TUA4AZH2De0VjVMXyU
xzTVwRBQrK1ltzBxEAcbfspZXiUPcLSY2lwna4wO3mvRr/mkMRNCNPg4r3OdFKhG
WbxVGAD9odC6XWP88H+t0QfHRe3QvmD7o/6sojaojsLk53xL4g8mx4H3jDLQfNbN
nrXF8z478YWh95+Xdou04fWlHg9idncbXyyBvruOmdrC6JRtB3ZDAhI1ZSsbRwc9
1MB5CZJkCaXs9dDIpPt2cPX3qlGZxhasrtZCaEZfer94OR6ozHLpPY8HkMGih/gi
zI7f9UFd7iuAbGqycE8dhmHRgKkMcj82kvD8974HYFFSVQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:51 2025 by rpki-client