Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/vmIxdpFgRTYM7XPNt_v1d0U42T0.roa
File: vmIxdpFgRTYM7XPNt_v1d0U42T0.roa (raw, json)
Hash identifier: ddFSHbSaVuorPe0fFhFyAjgEnTWqNIorKqol2Px6NoU=
Subject key identifier: BE:62:31:76:91:60:45:36:0C:ED:73:CD:B7:FB:F5:77:45:38:D9:3D
Certificate issuer: /CN=cfeace714c29568ef197007b141d12758cc415d5
Certificate serial: 0189FD330DE8E952E31CF6FF2C80A7A397C2
Authority key identifier: CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/vmIxdpFgRTYM7XPNt_v1d0U42T0.roa
Signing time: Wed 16 Aug 2023 07:15:28 +0000
ROA not before: Wed 16 Aug 2023 07:15:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41175
IP address blocks: 185.114.104.0/22 maxlen: 22
81.201.208.0/20 maxlen: 20
2a00:e900::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fd:33:0d:e8:e9:52:e3:1c:f6:ff:2c:80:a7:a3:97:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfeace714c29568ef197007b141d12758cc415d5
Validity
Not Before: Aug 16 07:15:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be623176916045360ced73cdb7fbf5774538d93d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:46:f5:bb:0e:43:cc:06:4d:11:13:05:7f:ba:
1e:7c:ec:64:9e:eb:af:fd:a1:ca:a3:a3:d3:e0:b2:
1b:39:6d:6c:61:45:5a:2a:40:68:3c:32:07:63:ce:
dc:69:82:e1:f4:e0:4a:a7:14:00:f0:e1:3e:b6:66:
7b:5c:41:9c:5e:0e:66:46:d9:96:14:ab:a4:72:01:
25:2e:8d:91:cf:cb:7b:be:c3:7d:7a:82:0d:d6:b6:
46:41:05:0a:d8:94:c4:3e:d0:c1:f6:b2:0c:44:af:
90:62:6d:cb:9e:bc:11:2f:63:eb:d1:b4:b3:09:db:
8c:20:5a:a5:86:2f:c2:0e:95:43:07:12:75:06:6c:
af:19:d0:1e:9c:94:25:a0:f3:ab:7f:ba:35:39:0b:
59:81:9d:28:b0:98:f2:01:88:cc:68:c7:82:59:cf:
ed:b2:67:0b:63:0d:96:13:5f:7c:ac:3b:50:8f:9b:
c5:09:d1:da:e5:b8:df:17:36:14:c1:2d:aa:ae:7f:
a6:66:31:f0:d7:b9:ea:e9:b2:d6:56:ee:b5:fd:5b:
dc:4d:a3:8c:b6:dc:cb:f7:56:d6:ec:cc:e1:cb:4c:
8b:a6:56:91:f6:5d:75:97:4d:9e:75:77:c6:30:74:
d4:41:6d:65:c1:bc:95:5e:2f:86:38:18:0f:86:a9:
68:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:62:31:76:91:60:45:36:0C:ED:73:CD:B7:FB:F5:77:45:38:D9:3D
X509v3 Authority Key Identifier:
keyid:CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/vmIxdpFgRTYM7XPNt_v1d0U42T0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/z-rOcUwpVo7xlwB7FB0SdYzEFdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.201.208.0/20
185.114.104.0/22
IPv6:
2a00:e900::/29
Signature Algorithm: sha256WithRSAEncryption
1c:30:09:da:f0:c4:ed:ef:b3:68:bf:18:31:a5:ca:25:32:32:
35:22:a8:26:86:7e:a2:fd:75:0d:17:ff:5d:8b:1e:d1:fd:ab:
98:75:25:af:c6:df:25:57:bb:ed:ba:18:df:7e:99:aa:b2:7b:
20:5d:a5:1d:5f:5e:10:25:c5:a6:70:2a:a5:fd:09:de:31:2d:
9d:1a:7d:9f:24:29:a5:cd:a2:73:10:e8:43:07:41:cb:67:25:
c1:dd:f1:a8:b2:de:f6:ee:e0:dc:0b:70:51:08:f8:95:84:cf:
f2:14:ea:10:7d:30:b9:93:bb:ae:d5:f6:15:cd:d0:e8:5c:f2:
aa:00:23:c2:39:25:fd:8b:e2:9c:19:7d:bc:37:04:9e:c5:43:
3f:55:a1:44:3c:d7:4c:79:52:bd:86:21:05:66:4f:0c:91:5f:
7b:e2:c3:e0:22:16:bd:99:52:e2:b4:04:87:f4:b8:e8:60:1c:
4b:1d:ff:18:d4:ba:e9:ed:7d:5e:f4:0a:4d:bc:d1:b1:1d:39:
e3:f8:37:21:e8:e7:70:18:b8:2c:6e:b8:1d:d4:41:c1:ea:6a:
fa:02:9a:d0:55:63:cb:18:e7:b7:c9:aa:26:55:5d:f4:49:7d:
0e:37:2a:52:9c:b4:34:f9:16:98:5e:66:6c:99:d4:81:bb:05:
43:ff:3c:dd
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYn9Mw3o6VLjHPb/LICno5fCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZWFjZTcxNGMyOTU2OGVmMTk3MDA3YjE0MWQxMjc1OGNj
NDE1ZDUwHhcNMjMwODE2MDcxNTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTYyMzE3NjkxNjA0NTM2MGNlZDczY2RiN2ZiZjU3NzQ1MzhkOTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkb1uw5DzAZNERMFf7oefOxknuuv
/aHKo6PT4LIbOW1sYUVaKkBoPDIHY87caYLh9OBKpxQA8OE+tmZ7XEGcXg5mRtmW
FKukcgElLo2Rz8t7vsN9eoIN1rZGQQUK2JTEPtDB9rIMRK+QYm3LnrwRL2Pr0bSz
CduMIFqlhi/CDpVDBxJ1BmyvGdAenJQloPOrf7o1OQtZgZ0osJjyAYjMaMeCWc/t
smcLYw2WE198rDtQj5vFCdHa5bjfFzYUwS2qrn+mZjHw17nq6bLWVu61/VvcTaOM
ttzL91bW7Mzhy0yLplaR9l11l02edXfGMHTUQW1lwbyVXi+GOBgPhqloLQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFL5iMXaRYEU2DO1zzbf79XdFONk9MB8GA1UdIwQY
MBaAFM/qznFMKVaO8ZcAexQdEnWMxBXVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMt
OGZkMzk0YjUzNTdjLzEvdm1JeGRwRmdSVFlNN1hQTnRfdjFkMFU0MlQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMtOGZkMzk0YjUzNTdj
LzEvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUcnQAwQC
uXJoMA0EAgACMAcDBQMqAOkAMA0GCSqGSIb3DQEBCwUAA4IBAQAcMAna8MTt77No
vxgxpcolMjI1Iqgmhn6i/XUNF/9dix7R/auYdSWvxt8lV7vtuhjffpmqsnsgXaUd
X14QJcWmcCql/QneMS2dGn2fJCmlzaJzEOhDB0HLZyXB3fGost727uDcC3BRCPiV
hM/yFOoQfTC5k7uu1fYVzdDoXPKqACPCOSX9i+KcGX28NwSexUM/VaFEPNdMeVK9
hiEFZk8MkV974sPgIha9mVLitASH9LjoYBxLHf8Y1Lrp7X1e9ApNvNGxHTnj+Dch
6OdwGLgsbrgd1EHB6mr6AprQVWPLGOe3yaomVV30SX0ONypSnLQ0+RaYXmZsmdSB
uwVD/zzd
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:24 2025 by rpki-client