Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/vkiVmXksdpzzQYLJXeeESWUGBG4.roa
File: vkiVmXksdpzzQYLJXeeESWUGBG4.roa (raw, json)
Hash identifier: yOr6x5JMtUxjqnmtVfzEDK9DDzFUsxNCFIdzCwdg+J8=
Subject key identifier: BE:48:95:99:79:2C:76:9C:F3:41:82:C9:5D:E7:84:49:65:06:04:6E
Certificate issuer: /CN=ef9d763b49e024a7b6a19eaf7dfb98911a9c94c8
Certificate serial: 07B526A8
Authority key identifier: EF:9D:76:3B:49:E0:24:A7:B6:A1:9E:AF:7D:FB:98:91:1A:9C:94:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7512O0ngJKe2oZ6vffuYkRqclMg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/vkiVmXksdpzzQYLJXeeESWUGBG4.roa
Signing time: Mon 03 Jan 2022 04:36:01 +0000
ROA not before: Mon 03 Jan 2022 04:36:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20473
IP address blocks: 5.182.22.0/24 maxlen: 24
5.182.23.0/24 maxlen: 24
2a0e:b800:cccc::/48 maxlen: 48
2a0e:b800:aaaa::/48 maxlen: 48
2a0e:b800:abcd::/48 maxlen: 48
2a0e:b800:bbbb::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 129312424 (0x7b526a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef9d763b49e024a7b6a19eaf7dfb98911a9c94c8
Validity
Not Before: Jan 3 04:36:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=be489599792c769cf34182c95de784496506046e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:98:c3:cf:8d:ec:ec:9b:32:3d:24:eb:9b:78:
16:8f:b5:7a:1b:09:4a:28:8b:0c:c5:84:ca:16:7d:
f2:b0:66:58:41:7c:13:53:a9:ac:16:73:a6:47:6c:
e9:a8:c7:bd:b3:ad:c2:8e:7a:9d:5b:ab:29:6c:99:
02:0d:62:4c:3e:ea:e1:72:fa:06:50:4a:ee:91:1a:
c2:a0:89:0f:7d:ac:cf:bd:c0:7b:2f:5d:31:fe:06:
41:5e:11:77:75:e2:e0:11:54:af:a0:fc:2c:4e:39:
7e:4e:8a:bb:9c:20:44:9a:77:d8:1f:d7:ee:44:b9:
84:b4:9f:01:f7:dc:fc:cf:d3:2b:94:65:13:61:be:
27:75:45:13:9b:64:2e:0e:5c:3a:b2:7a:94:c8:20:
73:f4:65:b9:83:f5:49:b6:94:39:71:b5:0c:f1:9f:
21:30:23:38:7f:a0:1f:cd:ff:72:8e:1a:b3:2e:82:
80:d6:ad:43:f2:91:1f:e0:e0:6a:53:8e:16:f3:98:
ee:27:ee:95:8a:30:eb:a2:44:bf:66:3d:b5:45:27:
5a:5d:00:1a:3e:60:41:bf:1b:c3:c2:88:36:24:e7:
ac:b2:2c:08:80:a2:5a:2c:68:ad:49:15:27:b8:27:
cd:51:95:66:de:62:7b:ba:4c:65:38:cd:ca:f8:0c:
ae:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:48:95:99:79:2C:76:9C:F3:41:82:C9:5D:E7:84:49:65:06:04:6E
X509v3 Authority Key Identifier:
keyid:EF:9D:76:3B:49:E0:24:A7:B6:A1:9E:AF:7D:FB:98:91:1A:9C:94:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7512O0ngJKe2oZ6vffuYkRqclMg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/vkiVmXksdpzzQYLJXeeESWUGBG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/7512O0ngJKe2oZ6vffuYkRqclMg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.22.0/23
IPv6:
2a0e:b800:aaaa::/48
2a0e:b800:abcd::/48
2a0e:b800:bbbb::/48
2a0e:b800:cccc::/48
Signature Algorithm: sha256WithRSAEncryption
62:ea:3e:80:96:62:44:ea:75:8c:09:d0:64:87:38:59:bc:c6:
11:f7:13:49:fe:96:27:24:2f:ca:6e:33:cd:59:cb:cb:27:36:
f9:80:f9:d7:64:b8:02:85:9a:88:b8:00:a3:b0:27:ef:b8:8c:
03:eb:17:57:b9:27:be:99:bb:41:8f:2b:d9:17:66:7c:5a:6b:
c3:f5:7d:12:ed:66:d5:b7:c5:08:22:98:3e:07:f9:43:d0:7b:
ef:61:3b:b2:9b:1e:36:7e:f2:7c:22:87:86:c4:fb:e3:ce:da:
24:08:16:ac:d0:e0:fd:f2:a4:74:91:94:d9:75:e6:81:2e:71:
86:e1:a9:93:da:30:0e:29:10:41:7f:69:68:14:99:35:90:dc:
ae:57:f2:bd:4d:25:14:2a:2e:76:e9:57:f9:1e:68:45:03:09:
6b:1f:8b:82:92:61:25:ac:04:82:f7:f3:16:92:1b:9e:b4:80:
9d:9e:07:63:60:1c:bc:5a:38:50:0a:76:55:9e:9a:7b:d7:31:
ae:37:c0:8d:8f:a6:6a:c2:aa:3d:32:1d:4b:b6:3d:57:9c:8d:
05:d4:2d:90:a1:9e:a9:c2:ba:61:d8:2f:8b:6f:af:89:ac:7c:
85:bc:fb:ee:3b:1a:cd:82:56:ec:41:b4:f9:ae:95:5e:51:08:
1d:41:69:73
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIEB7UmqDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZjlkNzYzYjQ5ZTAyNGE3YjZhMTllYWY3ZGZiOTg5MTFhOWM5NGM4MB4XDTIyMDEw
MzA0MzYwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmU0ODk1OTk3OTJj
NzY5Y2YzNDE4MmM5NWRlNzg0NDk2NTA2MDQ2ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMmYw8+N7OybMj0k65t4Fo+1ehsJSiiLDMWEyhZ98rBmWEF8
E1OprBZzpkds6ajHvbOtwo56nVurKWyZAg1iTD7q4XL6BlBK7pEawqCJD32sz73A
ey9dMf4GQV4Rd3Xi4BFUr6D8LE45fk6Ku5wgRJp32B/X7kS5hLSfAffc/M/TK5Rl
E2G+J3VFE5tkLg5cOrJ6lMggc/RluYP1SbaUOXG1DPGfITAjOH+gH83/co4asy6C
gNatQ/KRH+DgalOOFvOY7ifulYow66JEv2Y9tUUnWl0AGj5gQb8bw8KINiTnrLIs
CICiWixorUkVJ7gnzVGVZt5ie7pMZTjNyvgMrokCAwEAAaOCAjUwggIxMB0GA1Ud
DgQWBBS+SJWZeSx2nPNBgsld54RJZQYEbjAfBgNVHSMEGDAWgBTvnXY7SeAkp7ah
nq99+5iRGpyUyDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzc1MTJPMG5nSktlMm9aNnZmZnVZa1JxY2xNZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzkvNTljZjhlLWRjNjctNDNmYi1iZDM3LTA4NzBlNjU5NjQ1Yi8x
L3ZraVZtWGtzZHB6elFZTEpYZWVFU1dVR0JHNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzkv
NTljZjhlLWRjNjctNDNmYi1iZDM3LTA4NzBlNjU5NjQ1Yi8xLzc1MTJPMG5nSktl
Mm9aNnZmZnVZa1JxY2xNZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBL
BggrBgEFBQcBBwEB/wQ8MDowDAQCAAEwBgMEAQW2FjAqBAIAAjAkAwcAKg64AKqq
AwcAKg64AKvNAwcAKg64ALu7AwcAKg64AMzMMA0GCSqGSIb3DQEBCwUAA4IBAQBi
6j6AlmJE6nWMCdBkhzhZvMYR9xNJ/pYnJC/KbjPNWcvLJzb5gPnXZLgChZqIuACj
sCfvuIwD6xdXuSe+mbtBjyvZF2Z8WmvD9X0S7WbVt8UIIpg+B/lD0HvvYTuymx42
fvJ8IoeGxPvjztokCBas0OD98qR0kZTZdeaBLnGG4amT2jAOKRBBf2loFJk1kNyu
V/K9TSUUKi526Vf5HmhFAwlrH4uCkmElrASC9/MWkhuetICdngdjYBy8WjhQCnZV
npp71zGuN8CNj6Zqwqo9Mh1Ltj1XnI0F1C2QoZ6pwrph2C+Lb6+JrHyFvPvuOxrN
glbsQbT5rpVeUQgdQWlz
-----END CERTIFICATE-----
Generated at Thu Apr 17 19:56:38 2025 by rpki-client