Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/0f2eb8-9800-4621-b674-3b4d02a61ec2/1/vfRVVkKDCYVByfgDKVSek6XQsg4.roa
File: vfRVVkKDCYVByfgDKVSek6XQsg4.roa (raw, json)
Hash identifier: p89FszaLxTBx76pf9Ioj3Vnh7w6TLVhvLQfgaxX+m/s=
Subject key identifier: BD:F4:55:56:42:83:09:85:41:C9:F8:03:29:54:9E:93:A5:D0:B2:0E
Certificate issuer: /CN=ae8355299374297933d281f51eb74ba5c2c91cc1
Certificate serial: 01856BE597745E5AC15071A8F8C017EBDCFD
Authority key identifier: AE:83:55:29:93:74:29:79:33:D2:81:F5:1E:B7:4B:A5:C2:C9:1C:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/roNVKZN0KXkz0oH1HrdLpcLJHME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/0f2eb8-9800-4621-b674-3b4d02a61ec2/1/vfRVVkKDCYVByfgDKVSek6XQsg4.roa
Signing time: Sun 01 Jan 2023 05:54:46 +0000
ROA not before: Sun 01 Jan 2023 05:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209118
IP address blocks: 185.81.116.0/22 maxlen: 24
2a05:8840::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:e5:97:74:5e:5a:c1:50:71:a8:f8:c0:17:eb:dc:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae8355299374297933d281f51eb74ba5c2c91cc1
Validity
Not Before: Jan 1 05:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bdf455564283098541c9f80329549e93a5d0b20e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ee:d8:50:fb:dd:5f:13:3f:2c:12:f6:2a:b5:
89:c7:d4:00:f9:64:b0:31:c6:52:ae:75:2f:b5:00:
94:02:7e:d7:9a:9d:3b:e0:3a:34:0f:1e:6f:c4:37:
d3:25:fe:ee:22:a1:7a:8c:c2:8a:8d:77:4e:e2:95:
9b:6c:2a:ca:b9:63:d5:4a:f7:b0:32:d2:bf:7b:47:
98:2d:83:a2:de:83:6d:1c:48:58:6b:5c:b9:8c:ab:
d5:da:bb:32:be:6e:58:6e:6c:69:59:f0:fb:c8:55:
09:b9:c8:45:ab:7d:3f:6b:59:94:f1:94:ff:f9:10:
2e:96:4e:58:9b:62:bd:f8:f5:dd:54:b6:83:28:4c:
44:f8:01:40:4d:5b:a6:c6:df:3c:ec:1b:05:5f:02:
00:72:05:88:62:96:ab:37:e0:39:9a:ec:d2:bd:31:
81:06:ca:9f:1b:48:c2:80:70:5f:a7:60:07:f1:66:
e5:25:1b:40:df:de:16:e3:b3:4e:43:7b:6f:c2:7b:
4e:e7:8f:c7:97:bc:67:f6:9d:ef:76:68:c3:16:a5:
ef:cd:f4:25:7a:54:9c:8e:85:11:82:c1:35:fe:fc:
56:ee:cc:7d:8b:2b:88:c0:67:94:47:c3:63:b2:3b:
b0:44:b0:7a:f6:7e:55:b9:65:90:76:78:e9:cd:de:
03:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:F4:55:56:42:83:09:85:41:C9:F8:03:29:54:9E:93:A5:D0:B2:0E
X509v3 Authority Key Identifier:
keyid:AE:83:55:29:93:74:29:79:33:D2:81:F5:1E:B7:4B:A5:C2:C9:1C:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/roNVKZN0KXkz0oH1HrdLpcLJHME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/0f2eb8-9800-4621-b674-3b4d02a61ec2/1/vfRVVkKDCYVByfgDKVSek6XQsg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/0f2eb8-9800-4621-b674-3b4d02a61ec2/1/roNVKZN0KXkz0oH1HrdLpcLJHME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.116.0/22
IPv6:
2a05:8840::/29
Signature Algorithm: sha256WithRSAEncryption
12:2f:19:b7:0f:94:12:90:91:47:49:ff:c8:1c:cf:82:e2:4b:
63:a8:f6:d3:41:ad:fd:95:ca:ac:68:d8:86:45:68:99:a2:15:
0a:9a:31:c7:4f:f8:24:8e:c0:a4:16:bd:fb:f1:b7:37:98:03:
90:15:42:51:7b:29:18:f3:94:f0:33:4a:c6:34:e6:95:ef:a4:
29:c7:38:7e:79:80:ef:ea:3a:49:76:6a:51:5a:f2:c5:16:d7:
3d:fa:26:41:fd:7e:d7:20:3d:6c:36:06:3a:c5:cb:a6:57:97:
00:85:60:de:d5:1c:2f:04:be:cb:95:1a:a9:30:5e:99:35:bf:
b3:c7:26:10:2a:8f:b8:b8:ef:52:14:5f:dc:c9:88:8d:3d:88:
47:65:86:20:76:db:f9:80:5e:25:ee:ab:4b:a4:9f:17:e7:07:
47:34:9b:c3:52:d0:da:ca:18:a8:cd:6a:14:c7:c4:7b:9b:24:
e9:40:a1:a4:4e:eb:b4:8a:22:7f:bd:cf:b9:55:7b:13:b5:4c:
11:61:31:9f:5a:a6:6d:dd:91:eb:f2:0f:98:a7:9d:ec:a0:25:
b8:43:15:71:2f:6f:56:32:23:ae:5f:30:e9:7b:18:a7:d0:ff:
60:77:6e:ae:f0:12:7c:cc:95:5d:13:4d:a7:a4:ee:b1:00:d1:
40:9b:fd:5c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVr5Zd0XlrBUHGo+MAX69z9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlODM1NTI5OTM3NDI5NzkzM2QyODFmNTFlYjc0YmE1YzJj
OTFjYzEwHhcNMjMwMTAxMDU1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGY0NTU1NjQyODMwOTg1NDFjOWY4MDMyOTU0OWU5M2E1ZDBiMjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApe7YUPvdXxM/LBL2KrWJx9QA+WSw
McZSrnUvtQCUAn7Xmp074Do0Dx5vxDfTJf7uIqF6jMKKjXdO4pWbbCrKuWPVSvew
MtK/e0eYLYOi3oNtHEhYa1y5jKvV2rsyvm5YbmxpWfD7yFUJuchFq30/a1mU8ZT/
+RAulk5Ym2K9+PXdVLaDKExE+AFATVumxt887BsFXwIAcgWIYparN+A5muzSvTGB
BsqfG0jCgHBfp2AH8WblJRtA394W47NOQ3tvwntO54/Hl7xn9p3vdmjDFqXvzfQl
elScjoURgsE1/vxW7sx9iyuIwGeUR8NjsjuwRLB69n5VuWWQdnjpzd4DrwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFL30VVZCgwmFQcn4AylUnpOl0LIOMB8GA1UdIwQY
MBaAFK6DVSmTdCl5M9KB9R63S6XCyRzBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm9OVktaTjBLWGt6MG9IMUhyZExwY0xKSE1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8wZjJlYjgtOTgwMC00NjIxLWI2NzQt
M2I0ZDAyYTYxZWMyLzEvdmZSVlZrS0RDWVZCeWZnREtWU2VrNlhRc2c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8wZjJlYjgtOTgwMC00NjIxLWI2NzQtM2I0ZDAyYTYxZWMy
LzEvcm9OVktaTjBLWGt6MG9IMUhyZExwY0xKSE1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVF0MA0E
AgACMAcDBQMqBYhAMA0GCSqGSIb3DQEBCwUAA4IBAQASLxm3D5QSkJFHSf/IHM+C
4ktjqPbTQa39lcqsaNiGRWiZohUKmjHHT/gkjsCkFr378bc3mAOQFUJReykY85Tw
M0rGNOaV76Qpxzh+eYDv6jpJdmpRWvLFFtc9+iZB/X7XID1sNgY6xcumV5cAhWDe
1RwvBL7LlRqpMF6ZNb+zxyYQKo+4uO9SFF/cyYiNPYhHZYYgdtv5gF4l7qtLpJ8X
5wdHNJvDUtDayhiozWoUx8R7myTpQKGkTuu0iiJ/vc+5VXsTtUwRYTGfWqZt3ZHr
8g+Yp53soCW4QxVxL29WMiOuXzDpexin0P9gd26u8BJ8zJVdE02npO6xANFAm/1c
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:34 2025 by rpki-client