Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vwfbb0nJrk03PflsOZjMwq4uQME.roa
File: vwfbb0nJrk03PflsOZjMwq4uQME.roa (raw, json)
Hash identifier: f3kYgkn9ksviDNsuRHAAWsD/VwPPd5DF+yPzfXuGwo0=
Subject key identifier: BF:07:DB:6F:49:C9:AE:4D:37:3D:F9:6C:39:98:CC:C2:AE:2E:40:C1
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018571FA2CB9A74400809D42EA682505A2E4
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vwfbb0nJrk03PflsOZjMwq4uQME.roa
Signing time: Mon 02 Jan 2023 10:14:58 +0000
ROA not before: Mon 02 Jan 2023 10:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211373
IP address blocks: 81.168.117.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:fa:2c:b9:a7:44:00:80:9d:42:ea:68:25:05:a2:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 2 10:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf07db6f49c9ae4d373df96c3998ccc2ae2e40c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:65:71:0d:7f:19:dd:be:a2:eb:6a:d2:94:e5:
1c:fa:d4:6d:ec:d2:83:9e:b6:cb:9e:30:99:86:e9:
f2:4c:c3:23:bc:0e:9a:66:e3:b6:29:12:8b:2c:33:
9e:0e:eb:95:7f:94:d2:d7:7f:05:67:70:a9:16:85:
40:38:72:fc:c5:b3:1b:52:83:b3:a5:c8:b8:8e:33:
b4:f1:ec:63:ed:75:03:fc:75:06:c7:fa:fd:f9:9b:
2f:19:ce:42:cd:43:a9:ca:6a:60:96:fe:64:53:19:
b4:1c:b7:98:3f:29:f7:80:73:5d:ef:8d:0b:4e:92:
ee:c0:e9:ae:bf:be:8c:0e:89:fc:ce:0f:7e:2c:ce:
08:c6:34:3b:f7:4d:ac:54:c1:f5:35:fe:cb:59:db:
67:45:38:67:8c:b5:6a:9c:16:c6:1d:f9:3a:7d:2a:
e3:72:b8:0c:37:7d:d4:80:3d:a2:f8:20:08:34:fd:
39:72:42:c5:ae:82:65:45:df:fb:56:e9:22:1c:7d:
c0:4c:2a:18:00:26:f6:ec:e3:6b:2e:99:07:e6:ea:
a2:a5:e8:ec:b3:7d:86:14:2e:83:3d:2d:87:35:5f:
9f:20:3e:d9:92:df:e4:db:b8:cc:70:26:3f:1b:75:
01:6a:c5:21:58:4e:b0:c7:c9:aa:fc:f7:38:56:b4:
68:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:07:DB:6F:49:C9:AE:4D:37:3D:F9:6C:39:98:CC:C2:AE:2E:40:C1
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vwfbb0nJrk03PflsOZjMwq4uQME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.117.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:07:f8:e6:ef:0f:11:f9:3e:db:7d:92:d3:22:64:4f:6f:a0:
8e:41:0f:63:3f:d3:07:4d:f7:43:0c:b7:82:bd:2b:6e:99:c0:
4a:4f:a6:5a:5f:2e:f9:08:b8:fb:91:b0:b2:06:4b:9e:90:f6:
bf:d5:24:36:28:05:c6:34:93:45:5e:57:a4:3e:f4:21:d7:9e:
cc:c2:eb:e6:90:28:b8:26:9f:d7:f7:68:6e:2c:f1:96:3f:6d:
92:86:c3:cf:44:14:c8:dc:de:f0:a0:d6:f1:c0:97:7e:53:bb:
61:b0:80:b3:6b:02:4e:90:6b:43:de:2d:d4:c0:33:52:14:41:
a3:d2:fe:6b:1c:96:f7:04:ec:e0:82:f4:bc:6b:5f:be:e1:d9:
73:4f:52:22:5f:3a:51:5b:7a:c0:82:9f:3a:39:7a:74:be:9b:
c4:36:f9:43:af:3f:5f:18:f5:40:29:ac:27:00:88:da:a6:95:
01:cd:8a:87:05:30:44:0a:cb:be:1a:b9:1f:44:c0:bf:40:17:
da:01:f0:53:5d:02:72:14:3a:5e:6b:79:80:98:9a:05:98:27:
9f:56:af:7b:0f:ec:55:b5:7f:e0:64:3c:c7:43:f6:12:52:d0:
8d:e2:29:c5:8a:d7:fc:77:e2:8b:45:17:40:22:65:92:4f:4f:
31:33:f4:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx+iy5p0QAgJ1C6mglBaLkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMTAyMTAxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjA3ZGI2ZjQ5YzlhZTRkMzczZGY5NmMzOTk4Y2NjMmFlMmU0MGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGVxDX8Z3b6i62rSlOUc+tRt7NKD
nrbLnjCZhunyTMMjvA6aZuO2KRKLLDOeDuuVf5TS138FZ3CpFoVAOHL8xbMbUoOz
pci4jjO08exj7XUD/HUGx/r9+ZsvGc5CzUOpympglv5kUxm0HLeYPyn3gHNd740L
TpLuwOmuv76MDon8zg9+LM4IxjQ7902sVMH1Nf7LWdtnRThnjLVqnBbGHfk6fSrj
crgMN33UgD2i+CAINP05ckLFroJlRd/7VukiHH3ATCoYACb27ONrLpkH5uqipejs
s32GFC6DPS2HNV+fID7Zkt/k27jMcCY/G3UBasUhWE6wx8mq/Pc4VrRoOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL8H229Jya5NNz35bDmYzMKuLkDBMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdndmYmIwbkpyazAzUGZsc09aak13cTR1UU1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUah1MA0G
CSqGSIb3DQEBCwUAA4IBAQB6B/jm7w8R+T7bfZLTImRPb6COQQ9jP9MHTfdDDLeC
vStumcBKT6ZaXy75CLj7kbCyBkuekPa/1SQ2KAXGNJNFXlekPvQh157MwuvmkCi4
Jp/X92huLPGWP22ShsPPRBTI3N7woNbxwJd+U7thsICzawJOkGtD3i3UwDNSFEGj
0v5rHJb3BOzggvS8a1++4dlzT1IiXzpRW3rAgp86OXp0vpvENvlDrz9fGPVAKawn
AIjappUBzYqHBTBECsu+GrkfRMC/QBfaAfBTXQJyFDpea3mAmJoFmCefVq97D+xV
tX/gZDzHQ/YSUtCN4inFitf8d+KLRRdAImWST08xM/SM
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:32:48 2025 by rpki-client