Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/776747-624a-494e-94b2-323d34defc8a/1/vXwUkHZsKdZwilM3P73CUSz-DaU.roa
File: vXwUkHZsKdZwilM3P73CUSz-DaU.roa (raw, json)
Hash identifier: Zux+6OS5F0TDX6PAJm+dTuKM8RfIHYI7OURlVwm1+iU=
Subject key identifier: BD:7C:14:90:76:6C:29:D6:70:8A:53:37:3F:BD:C2:51:2C:FE:0D:A5
Certificate issuer: /CN=e87ce7df23140c0005125a61aad721531e681f0e
Certificate serial: 018978BCB7544B786A671B68D9A5F0AAED8F
Authority key identifier: E8:7C:E7:DF:23:14:0C:00:05:12:5A:61:AA:D7:21:53:1E:68:1F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6Hzn3yMUDAAFElphqtchUx5oHw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/776747-624a-494e-94b2-323d34defc8a/1/vXwUkHZsKdZwilM3P73CUSz-DaU.roa
Signing time: Fri 21 Jul 2023 13:56:20 +0000
ROA not before: Fri 21 Jul 2023 13:56:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203698
IP address blocks: 31.14.68.0/22 maxlen: 24
45.112.120.0/22 maxlen: 24
185.126.228.0/22 maxlen: 24
2a06:c480::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:78:bc:b7:54:4b:78:6a:67:1b:68:d9:a5:f0:aa:ed:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e87ce7df23140c0005125a61aad721531e681f0e
Validity
Not Before: Jul 21 13:56:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd7c1490766c29d6708a53373fbdc2512cfe0da5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:bc:59:8c:29:49:c7:f9:3f:88:a0:6a:68:f7:
e3:99:bc:de:80:9a:35:b8:9f:ba:77:e0:97:a7:3e:
f1:72:75:f1:16:ef:c0:22:97:51:b8:9d:d5:fe:fe:
5e:d2:a0:b4:36:c9:67:99:9e:d4:c5:fd:ed:e2:b3:
9f:11:ed:bf:fd:27:a9:70:99:0b:95:f0:82:92:20:
6d:bd:eb:a4:8c:1b:ec:d5:d5:99:44:2d:46:e6:ce:
1c:dc:ff:d0:96:7d:f9:49:e1:6e:d0:a2:4f:1e:23:
d0:f8:f2:e1:8b:b3:1a:1e:d0:a0:2e:2a:c8:07:e0:
b4:94:9d:96:f9:1e:d6:9a:38:d0:bf:91:26:dd:e6:
7e:66:c2:6d:17:12:52:a3:19:60:83:18:0c:c5:a6:
ba:e1:f4:cd:e8:cc:71:70:96:e3:19:7c:17:7d:b9:
e4:d7:f0:84:74:f3:24:f3:f3:96:02:43:48:83:2f:
0a:1a:84:77:a0:b8:46:9e:38:cf:a9:88:29:08:26:
25:81:d3:2d:d6:97:1d:ff:c6:97:a8:b2:60:c1:b1:
f6:8f:64:46:e2:9f:8c:05:0f:3c:b1:ac:8d:71:dc:
e2:84:5b:4f:7d:58:ff:65:55:d9:b9:60:38:02:2b:
61:ed:6e:f9:b3:10:0b:54:e7:21:16:f9:7b:1c:6c:
ba:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:7C:14:90:76:6C:29:D6:70:8A:53:37:3F:BD:C2:51:2C:FE:0D:A5
X509v3 Authority Key Identifier:
keyid:E8:7C:E7:DF:23:14:0C:00:05:12:5A:61:AA:D7:21:53:1E:68:1F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6Hzn3yMUDAAFElphqtchUx5oHw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/776747-624a-494e-94b2-323d34defc8a/1/vXwUkHZsKdZwilM3P73CUSz-DaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/776747-624a-494e-94b2-323d34defc8a/1/6Hzn3yMUDAAFElphqtchUx5oHw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.68.0/22
45.112.120.0/22
185.126.228.0/22
IPv6:
2a06:c480::/29
Signature Algorithm: sha256WithRSAEncryption
65:b4:bb:e9:e9:24:23:4a:a6:de:41:d9:cd:f9:74:37:6a:76:
39:cd:0c:02:0f:59:33:62:d6:4a:d3:c6:43:e5:37:b8:71:bf:
55:29:35:a7:1e:8d:fa:76:7a:7d:92:65:23:64:03:3d:1d:91:
b3:9e:68:11:fd:79:8a:a8:b0:a7:86:2c:2a:b4:c3:1d:40:7f:
7f:ad:1c:74:bd:b8:48:22:ce:08:fd:f8:fd:89:f7:48:df:24:
7f:64:5e:50:77:19:c0:04:a1:4d:01:ad:84:76:ff:f2:ec:8e:
35:d6:7a:49:0a:25:f3:e8:ae:af:bf:c6:5d:e7:ba:f9:d6:81:
1c:bc:83:73:82:ab:ef:97:da:d1:b1:e4:45:28:4c:b9:c2:e3:
f5:36:1e:36:56:4e:bf:b8:6a:fe:ef:cb:f1:9b:5b:79:b5:d4:
1c:2c:bb:f9:a8:50:7b:76:20:23:91:8e:d4:7f:cb:a3:a2:87:
e0:aa:cb:eb:07:95:90:8b:3a:8e:94:04:55:f3:ba:2b:d3:10:
f7:e1:d6:b8:3a:8b:c8:97:3b:1e:ea:cc:35:5d:e6:c5:69:7d:
5e:5b:2c:ec:ba:be:1f:6b:96:e7:da:9c:3a:0f:7b:05:f5:6f:
4a:9f:b0:30:90:47:be:cf:5c:9d:43:86:1d:f2:bc:01:48:18:
ba:07:6b:e6
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYl4vLdUS3hqZxto2aXwqu2PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4N2NlN2RmMjMxNDBjMDAwNTEyNWE2MWFhZDcyMTUzMWU2
ODFmMGUwHhcNMjMwNzIxMTM1NjIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDdjMTQ5MDc2NmMyOWQ2NzA4YTUzMzczZmJkYzI1MTJjZmUwZGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3rxZjClJx/k/iKBqaPfjmbzegJo1
uJ+6d+CXpz7xcnXxFu/AIpdRuJ3V/v5e0qC0NslnmZ7Uxf3t4rOfEe2//SepcJkL
lfCCkiBtveukjBvs1dWZRC1G5s4c3P/Qln35SeFu0KJPHiPQ+PLhi7MaHtCgLirI
B+C0lJ2W+R7WmjjQv5Em3eZ+ZsJtFxJSoxlggxgMxaa64fTN6MxxcJbjGXwXfbnk
1/CEdPMk8/OWAkNIgy8KGoR3oLhGnjjPqYgpCCYlgdMt1pcd/8aXqLJgwbH2j2RG
4p+MBQ88sayNcdzihFtPfVj/ZVXZuWA4Aith7W75sxALVOchFvl7HGy6twIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFL18FJB2bCnWcIpTNz+9wlEs/g2lMB8GA1UdIwQY
MBaAFOh8598jFAwABRJaYarXIVMeaB8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkh6bjN5TVVEQUFGRWxwaHF0Y2hVeDVvSHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC83NzY3NDctNjI0YS00OTRlLTk0YjIt
MzIzZDM0ZGVmYzhhLzEvdlh3VWtIWnNLZFp3aWxNM1A3M0NVU3otRGFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC83NzY3NDctNjI0YS00OTRlLTk0YjItMzIzZDM0ZGVmYzhh
LzEvNkh6bjN5TVVEQUFGRWxwaHF0Y2hVeDVvSHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCHw5EAwQC
LXB4AwQCuX7kMA0EAgACMAcDBQMqBsSAMA0GCSqGSIb3DQEBCwUAA4IBAQBltLvp
6SQjSqbeQdnN+XQ3anY5zQwCD1kzYtZK08ZD5Te4cb9VKTWnHo36dnp9kmUjZAM9
HZGznmgR/XmKqLCnhiwqtMMdQH9/rRx0vbhIIs4I/fj9ifdI3yR/ZF5QdxnABKFN
Aa2Edv/y7I411npJCiXz6K6vv8Zd57r51oEcvINzgqvvl9rRseRFKEy5wuP1Nh42
Vk6/uGr+78vxm1t5tdQcLLv5qFB7diAjkY7Uf8ujoofgqsvrB5WQizqOlARV87or
0xD34da4OovIlzse6sw1XebFaX1eWyzsur4fa5bn2pw6D3sF9W9Kn7AwkEe+z1yd
Q4Yd8rwBSBi6B2vm
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:26 2025 by rpki-client