Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/30e582-4448-4952-94a0-30ff2c83f001/1/vdH_89qBlcfEAWnFr-m6xsdVxtk.roa
File: vdH_89qBlcfEAWnFr-m6xsdVxtk.roa (raw, json)
Hash identifier: oONEsB12i9YlkC3nq3vbOOH/lyBTyDLutZwDmvyErjY=
Subject key identifier: BD:D1:FF:F3:DA:81:95:C7:C4:01:69:C5:AF:E9:BA:C6:C7:55:C6:D9
Certificate issuer: /CN=55fad96dd05af8c2d26192c841131f2f97459fed
Certificate serial: 0183C730A26A44A11895FE3EF8DD822D6AC4
Authority key identifier: 55:FA:D9:6D:D0:5A:F8:C2:D2:61:92:C8:41:13:1F:2F:97:45:9F:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VfrZbdBa-MLSYZLIQRMfL5dFn-0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/30e582-4448-4952-94a0-30ff2c83f001/1/vdH_89qBlcfEAWnFr-m6xsdVxtk.roa
Signing time: Tue 11 Oct 2022 13:16:36 +0000
ROA not before: Tue 11 Oct 2022 13:16:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43361
IP address blocks: 185.175.94.0/23 maxlen: 23
45.10.89.0/24 maxlen: 24
31.133.98.0/23 maxlen: 23
194.31.244.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c7:30:a2:6a:44:a1:18:95:fe:3e:f8:dd:82:2d:6a:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=55fad96dd05af8c2d26192c841131f2f97459fed
Validity
Not Before: Oct 11 13:16:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bdd1fff3da8195c7c40169c5afe9bac6c755c6d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:39:d8:99:6f:c6:3b:04:98:75:21:95:92:94:
97:1c:bc:04:57:76:28:e1:81:30:57:5d:72:2a:ff:
73:51:8b:b5:08:30:00:09:57:84:e9:c6:25:5b:ed:
dc:ab:46:4d:8c:37:85:36:94:1c:ae:db:c5:13:a1:
ea:58:4c:ff:3f:e6:db:62:a7:6a:3f:ed:76:8c:21:
6e:a2:05:5f:40:bb:08:18:0a:25:32:1c:6c:82:7a:
dc:b0:84:6c:e6:40:bc:71:e6:08:38:66:f2:60:44:
1d:bc:f7:a0:87:3d:a8:ba:37:b1:90:e1:1b:2d:6f:
cd:ce:af:bf:b6:d5:a9:b4:e8:a1:aa:10:4b:d3:2f:
10:94:1e:8f:e3:17:4a:4f:3b:19:97:0a:69:2e:ff:
06:a5:80:f6:ef:e8:98:cd:c8:6d:92:7e:d0:e9:f3:
30:d8:75:36:61:aa:a5:02:9f:14:da:b3:5b:27:e2:
59:57:3f:ec:8c:3d:cd:90:b9:8b:e5:8e:61:23:9a:
aa:52:63:df:a9:e8:2c:db:51:64:a7:0e:43:8e:47:
57:f0:43:60:f0:0e:72:af:49:d6:42:c6:f8:df:9b:
a4:e1:f1:2e:9d:ca:3e:58:de:76:1e:c0:cc:47:5a:
12:6a:de:45:0a:d7:c2:97:68:a2:b2:e4:01:fe:05:
4e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:D1:FF:F3:DA:81:95:C7:C4:01:69:C5:AF:E9:BA:C6:C7:55:C6:D9
X509v3 Authority Key Identifier:
keyid:55:FA:D9:6D:D0:5A:F8:C2:D2:61:92:C8:41:13:1F:2F:97:45:9F:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VfrZbdBa-MLSYZLIQRMfL5dFn-0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/30e582-4448-4952-94a0-30ff2c83f001/1/vdH_89qBlcfEAWnFr-m6xsdVxtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/30e582-4448-4952-94a0-30ff2c83f001/1/VfrZbdBa-MLSYZLIQRMfL5dFn-0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.98.0/23
45.10.89.0/24
185.175.94.0/23
194.31.244.0/24
Signature Algorithm: sha256WithRSAEncryption
55:5b:19:d6:07:02:0a:e8:32:d4:3d:bb:c8:b0:fd:c5:4e:3d:
a6:1a:35:4b:b4:a9:63:64:a0:c3:01:45:ba:b5:41:05:3c:f2:
17:3f:c4:17:bb:2f:07:c5:9b:b7:9a:88:67:68:4c:bb:9a:2c:
f8:ee:98:05:4a:27:34:bd:b9:24:6f:ce:b2:af:03:13:ac:c9:
16:09:dd:cc:9f:57:ba:e0:9b:1f:6d:6d:fc:32:b5:f7:b8:4d:
53:7a:d2:94:e1:bf:ae:2b:bd:01:3c:79:30:bb:24:1a:a8:b1:
0e:ad:7e:ab:93:f8:57:d8:7f:ab:9d:02:28:a7:13:08:a7:ed:
f1:45:59:68:9b:76:85:64:35:31:e5:c6:bc:78:50:5d:59:5f:
7d:fc:cc:1a:49:52:8f:19:ee:dd:ce:e1:8f:5e:a5:58:ee:0a:
63:33:30:e5:0a:61:93:d6:6d:ab:e7:a4:13:7c:82:c0:c1:a5:
3a:8b:9b:65:05:cf:de:b5:0d:29:83:a7:de:5f:84:03:21:9f:
4d:f6:ed:5a:a8:d6:af:20:40:a6:06:fb:bc:db:fc:d4:c9:61:
08:bb:a5:6a:fc:9b:89:49:07:dd:1d:cb:e3:56:6b:5d:32:d9:
51:8e:28:2e:78:de:44:dd:c9:b4:2c:96:9e:89:47:2a:5f:5f:
87:29:83:a2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYPHMKJqRKEYlf4++N2CLWrEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ZmFkOTZkZDA1YWY4YzJkMjYxOTJjODQxMTMxZjJmOTc0
NTlmZWQwHhcNMjIxMDExMTMxNjM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGQxZmZmM2RhODE5NWM3YzQwMTY5YzVhZmU5YmFjNmM3NTVjNmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDnYmW/GOwSYdSGVkpSXHLwEV3Yo
4YEwV11yKv9zUYu1CDAACVeE6cYlW+3cq0ZNjDeFNpQcrtvFE6HqWEz/P+bbYqdq
P+12jCFuogVfQLsIGAolMhxsgnrcsIRs5kC8ceYIOGbyYEQdvPeghz2oujexkOEb
LW/Nzq+/ttWptOihqhBL0y8QlB6P4xdKTzsZlwppLv8GpYD27+iYzchtkn7Q6fMw
2HU2YaqlAp8U2rNbJ+JZVz/sjD3NkLmL5Y5hI5qqUmPfqegs21Fkpw5DjkdX8ENg
8A5yr0nWQsb435uk4fEunco+WN52HsDMR1oSat5FCtfCl2iisuQB/gVOhQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFL3R//PagZXHxAFpxa/pusbHVcbZMB8GA1UdIwQY
MBaAFFX62W3QWvjC0mGSyEETHy+XRZ/tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmZyWmJkQmEtTUxTWVpMSVFSTWZMNWRGbi0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8zMGU1ODItNDQ0OC00OTUyLTk0YTAt
MzBmZjJjODNmMDAxLzEvdmRIXzg5cUJsY2ZFQVduRnItbTZ4c2RWeHRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8zMGU1ODItNDQ0OC00OTUyLTk0YTAtMzBmZjJjODNmMDAx
LzEvVmZyWmJkQmEtTUxTWVpMSVFSTWZMNWRGbi0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBH4ViAwQA
LQpZAwQBua9eAwQAwh/0MA0GCSqGSIb3DQEBCwUAA4IBAQBVWxnWBwIK6DLUPbvI
sP3FTj2mGjVLtKljZKDDAUW6tUEFPPIXP8QXuy8HxZu3mohnaEy7miz47pgFSic0
vbkkb86yrwMTrMkWCd3Mn1e64JsfbW38MrX3uE1TetKU4b+uK70BPHkwuyQaqLEO
rX6rk/hX2H+rnQIopxMIp+3xRVlom3aFZDUx5ca8eFBdWV99/MwaSVKPGe7dzuGP
XqVY7gpjMzDlCmGT1m2r56QTfILAwaU6i5tlBc/etQ0pg6feX4QDIZ9N9u1aqNav
IECmBvu82/zUyWEIu6Vq/JuJSQfdHcvjVmtdMtlRjigueN5E3cm0LJaeiUcqX1+H
KYOi
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:40:06 2025 by rpki-client