Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/cccc41-dd2c-41f0-82bf-e92dd8fa6abb/1/Vau2_DJczzyFBEOYwvlw8YD2KRI.roa
File: Vau2_DJczzyFBEOYwvlw8YD2KRI.roa (raw, json)
Hash identifier: eansGFCWEJfqshG5Whkzk0LYjsBBJqFbUYWulw+7Ck8=
Subject key identifier: 55:AB:B6:FC:32:5C:CF:3C:85:04:43:98:C2:F9:70:F1:80:F6:29:12
Certificate issuer: /CN=aca2f7748fe363dc5939e9b854fc00403130eba5
Certificate serial: 01856CB820F80F8A203F9B7E6F00A5602C99
Authority key identifier: AC:A2:F7:74:8F:E3:63:DC:59:39:E9:B8:54:FC:00:40:31:30:EB:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKL3dI_jY9xZOem4VPwAQDEw66U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/cccc41-dd2c-41f0-82bf-e92dd8fa6abb/1/Vau2_DJczzyFBEOYwvlw8YD2KRI.roa
Signing time: Sun 01 Jan 2023 09:44:44 +0000
ROA not before: Sun 01 Jan 2023 09:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212204
IP address blocks: 91.239.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:20:f8:0f:8a:20:3f:9b:7e:6f:00:a5:60:2c:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca2f7748fe363dc5939e9b854fc00403130eba5
Validity
Not Before: Jan 1 09:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=55abb6fc325ccf3c85044398c2f970f180f62912
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c1:ba:20:01:11:5c:91:4d:a3:06:8e:37:bc:
5f:be:10:17:65:24:93:40:b7:2d:46:d2:0b:c0:0c:
ec:b7:71:65:be:de:07:fc:09:04:01:76:1d:d1:53:
bc:2a:79:14:3a:79:b0:7b:c7:bf:8a:c2:79:3f:5c:
20:cd:a9:73:ee:36:7c:75:2f:ee:ca:b5:d9:d7:54:
11:7e:b7:11:b6:d8:c0:dc:32:70:34:8e:d5:ab:1e:
fe:da:a4:47:5c:bb:cc:75:67:c1:7c:59:9d:0e:ef:
1e:be:eb:21:73:6a:3b:0e:61:1a:c4:d0:87:6c:a0:
59:b8:b2:da:01:a1:2d:d2:f2:cd:54:ea:d5:02:52:
90:ea:85:8c:c9:ee:6b:73:9b:fd:08:35:e2:82:c9:
7b:19:df:70:a6:5e:f1:e5:ee:df:92:c8:72:04:d1:
7c:99:ab:2c:c6:a0:38:43:bd:c3:1d:5d:1b:85:b7:
d7:14:78:d7:21:46:36:3a:ea:8a:a7:1b:08:ca:4d:
72:bc:6e:04:a6:a2:18:55:48:6e:9b:bc:be:e4:bd:
cc:d0:4a:66:c3:ce:12:8c:97:9e:07:9d:c8:59:f6:
ee:1c:74:28:f7:99:0e:d6:5f:2a:7b:10:76:ac:ab:
9a:7d:51:7e:12:a7:7b:c9:cd:c9:4b:58:10:9c:66:
75:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:AB:B6:FC:32:5C:CF:3C:85:04:43:98:C2:F9:70:F1:80:F6:29:12
X509v3 Authority Key Identifier:
keyid:AC:A2:F7:74:8F:E3:63:DC:59:39:E9:B8:54:FC:00:40:31:30:EB:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKL3dI_jY9xZOem4VPwAQDEw66U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/cccc41-dd2c-41f0-82bf-e92dd8fa6abb/1/Vau2_DJczzyFBEOYwvlw8YD2KRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/cccc41-dd2c-41f0-82bf-e92dd8fa6abb/1/rKL3dI_jY9xZOem4VPwAQDEw66U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.120.0/24
Signature Algorithm: sha256WithRSAEncryption
70:9a:ef:be:36:12:c8:e0:a1:76:32:be:4d:aa:55:4b:65:ce:
40:06:b8:1f:e5:d7:46:d2:dc:7f:5c:3d:6f:74:82:65:9d:58:
f7:88:dd:45:f0:42:8e:d9:23:cd:46:38:42:3e:7f:b8:7b:1f:
dd:88:7c:03:5c:d6:56:79:c9:db:57:09:55:72:b5:d3:56:11:
57:3b:4b:5f:30:df:28:88:bb:34:5d:66:15:77:b4:51:6f:db:
a6:a3:00:6d:b1:2f:0b:c8:dd:6a:31:ae:9b:b6:60:01:cc:ec:
47:c9:bc:cd:95:dd:e2:24:0b:ef:99:5b:56:85:fb:ee:ec:2f:
4c:85:cc:66:d3:52:57:70:7a:27:ab:41:92:57:ed:10:18:e7:
9b:2f:6b:ca:c0:5a:f9:34:73:8e:3f:6a:48:29:84:40:dc:9d:
86:6e:5c:c8:f4:62:ff:b7:3c:aa:45:07:5a:fe:b7:22:6d:4b:
8d:f6:bd:a3:1c:8c:c9:78:f2:a5:b5:69:08:af:ec:7a:4d:39:
f5:81:b6:b8:1f:21:78:ac:98:93:db:07:8c:b4:bb:96:04:b1:
d8:c2:d8:f1:09:1b:02:cc:66:7c:bb:ea:8f:98:3d:60:2a:f9:
7c:e2:15:e8:f3:e9:1f:c2:e6:7c:02:fa:3a:a2:08:21:89:54:
e5:29:2d:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsuCD4D4ogP5t+bwClYCyZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTJmNzc0OGZlMzYzZGM1OTM5ZTliODU0ZmMwMDQwMzEz
MGViYTUwHhcNMjMwMTAxMDk0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWFiYjZmYzMyNWNjZjNjODUwNDQzOThjMmY5NzBmMTgwZjYyOTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcG6IAERXJFNowaON7xfvhAXZSST
QLctRtILwAzst3Flvt4H/AkEAXYd0VO8KnkUOnmwe8e/isJ5P1wgzalz7jZ8dS/u
yrXZ11QRfrcRttjA3DJwNI7Vqx7+2qRHXLvMdWfBfFmdDu8evushc2o7DmEaxNCH
bKBZuLLaAaEt0vLNVOrVAlKQ6oWMye5rc5v9CDXigsl7Gd9wpl7x5e7fkshyBNF8
massxqA4Q73DHV0bhbfXFHjXIUY2OuqKpxsIyk1yvG4EpqIYVUhum7y+5L3M0Epm
w84SjJeeB53IWfbuHHQo95kO1l8qexB2rKuafVF+Eqd7yc3JS1gQnGZ1QQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFWrtvwyXM88hQRDmML5cPGA9ikSMB8GA1UdIwQY
MBaAFKyi93SP42PcWTnpuFT8AEAxMOulMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktMM2RJX2pZOXhaT2VtNFZQd0FRREV3NjZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9jY2NjNDEtZGQyYy00MWYwLTgyYmYt
ZTkyZGQ4ZmE2YWJiLzEvVmF1Ml9ESmN6enlGQkVPWXd2bHc4WUQyS1JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9jY2NjNDEtZGQyYy00MWYwLTgyYmYtZTkyZGQ4ZmE2YWJi
LzEvcktMM2RJX2pZOXhaT2VtNFZQd0FRREV3NjZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+94MA0G
CSqGSIb3DQEBCwUAA4IBAQBwmu++NhLI4KF2Mr5NqlVLZc5ABrgf5ddG0tx/XD1v
dIJlnVj3iN1F8EKO2SPNRjhCPn+4ex/diHwDXNZWecnbVwlVcrXTVhFXO0tfMN8o
iLs0XWYVd7RRb9umowBtsS8LyN1qMa6btmABzOxHybzNld3iJAvvmVtWhfvu7C9M
hcxm01JXcHonq0GSV+0QGOebL2vKwFr5NHOOP2pIKYRA3J2GblzI9GL/tzyqRQda
/rcibUuN9r2jHIzJePKltWkIr+x6TTn1gba4HyF4rJiT2weMtLuWBLHYwtjxCRsC
zGZ8u+qPmD1gKvl84hXo8+kfwuZ8Avo6ogghiVTlKS3S
-----END CERTIFICATE-----
Generated at Wed Apr 23 13:34:54 2025 by rpki-client