Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/VaM4Ij3nIUdOlWhVocR22FPaKb0.roa
File: VaM4Ij3nIUdOlWhVocR22FPaKb0.roa (raw, json)
Hash identifier: S3Us66t7kIGFCMhInwApiqky55pcxsnhU3pxoRgaY9M=
Subject key identifier: 55:A3:38:22:3D:E7:21:47:4E:95:68:55:A1:C4:76:D8:53:DA:29:BD
Certificate issuer: /CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Certificate serial: 0189C21E1402B5A1C6E7E67A5A7FA1F939B0
Authority key identifier: 6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/VaM4Ij3nIUdOlWhVocR22FPaKb0.roa
Signing time: Fri 04 Aug 2023 19:54:58 +0000
ROA not before: Fri 04 Aug 2023 19:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50979
IP address blocks: 92.118.148.0/24 maxlen: 24
176.126.162.0/24 maxlen: 24
185.237.218.0/23 maxlen: 23
2a0a:8c40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c2:1e:14:02:b5:a1:c6:e7:e6:7a:5a:7f:a1:f9:39:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Validity
Not Before: Aug 4 19:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=55a338223de721474e956855a1c476d853da29bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:11:a7:4b:b7:c7:7f:9a:9d:51:6f:f5:34:6e:
e7:2d:a8:2a:cd:d3:7e:ac:63:c2:b9:1e:57:4e:c3:
23:b7:fc:55:e5:af:6f:f1:86:10:18:e9:3e:47:98:
47:9d:45:e5:69:69:38:e7:bc:f9:03:a0:f1:4b:d0:
4b:9b:2c:28:7c:a8:13:79:a3:c3:a2:6b:b2:8e:05:
04:34:5d:53:4a:43:1e:66:83:26:5f:4a:db:a0:52:
b8:51:8f:aa:b9:fc:2c:ab:a2:4d:b8:c0:aa:23:ce:
0a:3c:24:75:89:e8:94:9d:fe:d5:f5:5d:a7:22:92:
74:d7:35:47:86:2d:b8:22:9a:ae:60:66:51:2b:dc:
96:ea:3f:51:48:2c:ea:02:3a:d6:10:1e:39:bf:08:
65:f3:3c:92:0a:05:64:4e:69:0b:83:cb:35:65:c8:
be:16:fd:84:6d:fb:27:3c:93:c8:f5:a5:58:03:2c:
5e:0f:ed:fc:4c:8e:38:ea:75:ed:93:40:c1:25:42:
98:0d:74:1e:b7:bd:99:96:9f:9f:08:06:2b:e0:ef:
0d:e7:4b:01:57:7d:18:8d:33:a1:b4:2a:1c:8d:42:
bc:16:79:85:69:da:05:9d:40:9d:dc:34:ee:fb:69:
bb:b7:69:7b:df:c8:27:85:d9:1a:9f:95:24:81:45:
ea:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:A3:38:22:3D:E7:21:47:4E:95:68:55:A1:C4:76:D8:53:DA:29:BD
X509v3 Authority Key Identifier:
keyid:6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/VaM4Ij3nIUdOlWhVocR22FPaKb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/b8zf_aakxIkUtejN59pdgguclxg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.148.0/24
176.126.162.0/24
185.237.218.0/23
IPv6:
2a0a:8c40::/32
Signature Algorithm: sha256WithRSAEncryption
91:63:70:d3:7e:f4:7b:16:ad:4f:dc:84:8f:69:13:49:4d:3c:
cd:bc:62:67:da:64:91:ae:24:04:65:5b:4c:00:23:35:9f:ae:
4f:3f:7c:49:73:bf:34:e4:21:52:57:a7:3c:90:76:13:30:2e:
bf:60:dc:7a:f2:c9:65:a7:0d:4d:5e:19:4f:60:73:5e:c9:1a:
ef:f1:a8:59:5a:3d:04:91:54:cf:fc:10:f2:7f:7e:be:f5:60:
5c:af:b4:9f:34:03:8f:86:4a:88:0c:b4:fe:03:52:82:fe:0b:
65:46:c4:44:b8:0f:07:ef:08:1a:dd:94:7e:56:b0:de:3f:fd:
03:ad:c8:bb:be:92:eb:05:00:95:43:c5:5a:b3:63:2c:ed:89:
be:fb:11:01:ef:3e:91:8f:37:6c:94:41:55:bb:ff:1e:af:bb:
67:25:49:27:a5:b8:94:04:fa:e9:84:82:6f:13:da:89:ab:58:
03:25:3c:72:fc:d6:b2:b0:06:28:c9:06:1f:c3:cf:23:f2:2f:
da:9e:79:6f:85:e9:f0:01:82:10:90:e6:4b:02:4f:a4:7f:44:
45:91:9d:2f:75:e9:2e:4f:7b:60:ca:d8:76:8c:e3:b6:34:c8:
fc:a9:96:27:2c:8d:65:5d:e4:f0:e0:38:74:4e:3b:1f:33:c7:
69:2a:88:6c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYnCHhQCtaHG5+Z6Wn+h+TmwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmY2NkZmZkYTZhNGM0ODkxNGI1ZThjZGU3ZGE1ZDgyMGI5
Yzk3MTgwHhcNMjMwODA0MTk1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWEzMzgyMjNkZTcyMTQ3NGU5NTY4NTVhMWM0NzZkODUzZGEyOWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRGnS7fHf5qdUW/1NG7nLagqzdN+
rGPCuR5XTsMjt/xV5a9v8YYQGOk+R5hHnUXlaWk457z5A6DxS9BLmywofKgTeaPD
omuyjgUENF1TSkMeZoMmX0rboFK4UY+qufwsq6JNuMCqI84KPCR1ieiUnf7V9V2n
IpJ01zVHhi24IpquYGZRK9yW6j9RSCzqAjrWEB45vwhl8zySCgVkTmkLg8s1Zci+
Fv2EbfsnPJPI9aVYAyxeD+38TI446nXtk0DBJUKYDXQet72Zlp+fCAYr4O8N50sB
V30YjTOhtCocjUK8FnmFadoFnUCd3DTu+2m7t2l738gnhdkan5UkgUXqNQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFWjOCI95yFHTpVoVaHEdthT2im9MB8GA1UdIwQY
MBaAFG/M3/2mpMSJFLXozefaXYILnJcYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQt
YTc3NGU0MWQyNjRjLzEvVmFNNElqM25JVWRPbFdoVm9jUjIyRlBhS2IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQtYTc3NGU0MWQyNjRj
LzEvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAXHaUAwQA
sH6iAwQBue3aMA0EAgACMAcDBQAqCoxAMA0GCSqGSIb3DQEBCwUAA4IBAQCRY3DT
fvR7Fq1P3ISPaRNJTTzNvGJn2mSRriQEZVtMACM1n65PP3xJc7805CFSV6c8kHYT
MC6/YNx68sllpw1NXhlPYHNeyRrv8ahZWj0EkVTP/BDyf36+9WBcr7SfNAOPhkqI
DLT+A1KC/gtlRsREuA8H7wga3ZR+VrDeP/0Drci7vpLrBQCVQ8Vas2Ms7Ym++xEB
7z6RjzdslEFVu/8er7tnJUknpbiUBPrphIJvE9qJq1gDJTxy/NaysAYoyQYfw88j
8i/annlvhenwAYIQkOZLAk+kf0RFkZ0vdekuT3tgyth2jOO2NMj8qZYnLI1lXeTw
4Dh0TjsfM8dpKohs
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:53:29 2025 by rpki-client