Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/fd73d8-154a-40ce-aebc-e889a6e6beac/1/VUaEWo0qB5LBLdKVCEO_c4Z_apQ.roa
File: VUaEWo0qB5LBLdKVCEO_c4Z_apQ.roa (raw, json)
Hash identifier: 0YBZsgcPLGc6JtzjdudyGlKKxnxd5dcjabkj584F8IQ=
Subject key identifier: 55:46:84:5A:8D:2A:07:92:C1:2D:D2:95:08:43:BF:73:86:7F:6A:94
Certificate issuer: /CN=f3c8990bd6e9307113e83832c6915fda5cacfc2f
Certificate serial: 3552122F
Authority key identifier: F3:C8:99:0B:D6:E9:30:71:13:E8:38:32:C6:91:5F:DA:5C:AC:FC:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/88iZC9bpMHET6DgyxpFf2lys_C8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/fd73d8-154a-40ce-aebc-e889a6e6beac/1/VUaEWo0qB5LBLdKVCEO_c4Z_apQ.roa
Signing time: Sat 01 Jan 2022 02:52:16 +0000
ROA not before: Sat 01 Jan 2022 02:52:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43012
IP address blocks: 194.59.52.0/22 maxlen: 22
77.91.216.0/21 maxlen: 21
2a02:2538::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 894571055 (0x3552122f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3c8990bd6e9307113e83832c6915fda5cacfc2f
Validity
Not Before: Jan 1 02:52:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5546845a8d2a0792c12dd2950843bf73867f6a94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f9:5e:d3:10:3a:6b:e8:02:4d:31:d1:d9:99:
2f:11:07:97:60:18:b5:16:bf:de:57:85:99:74:8f:
eb:33:0d:24:61:08:4b:0c:28:e6:9d:b3:0d:a4:11:
2c:58:fd:8d:35:c2:62:80:25:df:8a:ea:ac:e8:dd:
6a:e4:8d:69:c3:26:2e:e0:aa:50:b2:cf:99:ab:35:
dd:fd:63:68:75:a5:e7:97:28:c1:04:1b:62:85:27:
e0:2f:0e:b4:0d:ec:19:fb:71:f2:bc:69:6e:9e:43:
f2:cf:e0:80:ae:52:6a:dd:66:95:b7:d7:29:3b:6e:
12:0d:d4:aa:17:30:87:6b:54:99:2e:77:cf:79:f9:
a4:1a:42:b9:59:18:84:6c:7c:47:50:d4:27:47:90:
1c:0d:36:d3:01:64:e5:f0:22:4b:d9:7c:48:ff:8c:
06:74:d9:21:c7:cb:6b:df:df:33:57:88:84:e3:12:
6e:a0:ab:c4:7a:f5:f9:f4:51:15:6e:1b:44:8e:03:
55:68:88:20:da:97:98:fa:ed:5b:4c:73:72:e3:e9:
26:cf:89:aa:3a:96:a9:8b:7b:0d:ab:13:72:a2:75:
5d:4c:0d:b1:35:91:5a:ae:1a:19:f7:ff:c3:3c:7f:
37:a9:9b:d6:33:2b:db:b0:07:d0:f5:1b:8d:ac:34:
1e:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:46:84:5A:8D:2A:07:92:C1:2D:D2:95:08:43:BF:73:86:7F:6A:94
X509v3 Authority Key Identifier:
keyid:F3:C8:99:0B:D6:E9:30:71:13:E8:38:32:C6:91:5F:DA:5C:AC:FC:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/88iZC9bpMHET6DgyxpFf2lys_C8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fd73d8-154a-40ce-aebc-e889a6e6beac/1/VUaEWo0qB5LBLdKVCEO_c4Z_apQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fd73d8-154a-40ce-aebc-e889a6e6beac/1/88iZC9bpMHET6DgyxpFf2lys_C8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.216.0/21
194.59.52.0/22
IPv6:
2a02:2538::/32
Signature Algorithm: sha256WithRSAEncryption
55:62:df:cf:5d:80:b9:69:28:da:8f:21:27:47:37:01:60:b0:
5d:c7:c0:8a:23:0f:b1:b9:e3:f3:4a:e5:b1:a5:1f:fa:7e:77:
a4:2d:05:b1:d2:8b:31:b4:ab:38:84:54:86:d8:04:aa:f0:ae:
da:91:a7:b5:e6:9e:c9:ee:29:d9:5f:63:a5:5b:21:0f:63:e7:
0c:4a:cc:bc:e0:ed:51:d8:8c:f2:f7:c2:65:3c:f9:72:10:be:
48:02:79:f2:00:d5:ba:d9:58:39:fb:73:18:da:d6:54:9f:c8:
75:f3:76:47:95:72:47:93:1f:27:00:eb:ac:1d:de:06:f1:7f:
c5:f6:cf:d6:71:e4:26:f7:0c:a7:4a:62:37:2f:86:75:8a:ac:
c1:46:09:58:5e:2c:70:2e:a0:ce:0e:d1:ee:d7:89:91:ff:23:
7d:3d:0f:f3:23:04:5a:f5:ac:83:c7:aa:56:03:fa:ba:30:ee:
56:cc:07:e0:bb:b0:9a:e7:09:3c:51:46:07:08:29:27:85:f5:
fe:2f:a8:04:2e:5c:a0:41:bb:68:bb:d7:4e:5a:ab:8c:11:8b:
3f:8d:6a:d4:10:ac:c3:78:12:f8:2a:28:4e:b2:1b:09:39:93:
70:9b:a8:ce:56:51:61:89:a5:6f:77:b5:3d:4d:13:3e:d1:45:
68:c7:c8:7b
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIENVISLzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
M2M4OTkwYmQ2ZTkzMDcxMTNlODM4MzJjNjkxNWZkYTVjYWNmYzJmMB4XDTIyMDEw
MTAyNTIxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTU0Njg0NWE4ZDJh
MDc5MmMxMmRkMjk1MDg0M2JmNzM4NjdmNmE5NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKv5XtMQOmvoAk0x0dmZLxEHl2AYtRa/3leFmXSP6zMNJGEI
Swwo5p2zDaQRLFj9jTXCYoAl34rqrOjdauSNacMmLuCqULLPmas13f1jaHWl55co
wQQbYoUn4C8OtA3sGftx8rxpbp5D8s/ggK5Sat1mlbfXKTtuEg3Uqhcwh2tUmS53
z3n5pBpCuVkYhGx8R1DUJ0eQHA020wFk5fAiS9l8SP+MBnTZIcfLa9/fM1eIhOMS
bqCrxHr1+fRRFW4bRI4DVWiIINqXmPrtW0xzcuPpJs+JqjqWqYt7DasTcqJ1XUwN
sTWRWq4aGff/wzx/N6mb1jMr27AH0PUbjaw0Hp8CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBRVRoRajSoHksEt0pUIQ79zhn9qlDAfBgNVHSMEGDAWgBTzyJkL1ukwcRPo
ODLGkV/aXKz8LzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzg4aVpDOWJwTUhFVDZEZ3l4cEZmMmx5c19DOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGIvZmQ3M2Q4LTE1NGEtNDBjZS1hZWJjLWU4ODlhNmU2YmVhYy8x
L1ZVYUVXbzBxQjVMQkxkS1ZDRU9fYzRaX2FwUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGIv
ZmQ3M2Q4LTE1NGEtNDBjZS1hZWJjLWU4ODlhNmU2YmVhYy8xLzg4aVpDOWJwTUhF
VDZEZ3l4cEZmMmx5c19DOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEA01b2AMEAsI7NDANBAIAAjAHAwUA
KgIlODANBgkqhkiG9w0BAQsFAAOCAQEAVWLfz12AuWko2o8hJ0c3AWCwXcfAiiMP
sbnj80rlsaUf+n53pC0FsdKLMbSrOIRUhtgEqvCu2pGnteaeye4p2V9jpVshD2Pn
DErMvODtUdiM8vfCZTz5chC+SAJ58gDVutlYOftzGNrWVJ/IdfN2R5VyR5MfJwDr
rB3eBvF/xfbP1nHkJvcMp0piNy+GdYqswUYJWF4scC6gzg7R7teJkf8jfT0P8yME
WvWsg8eqVgP6ujDuVswH4LuwmucJPFFGBwgpJ4X1/i+oBC5coEG7aLvXTlqrjBGL
P41q1BCsw3gS+CooTrIbCTmTcJuozlZRYYmlb3e1PU0TPtFFaMfIew==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:14 2025 by rpki-client