Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/609976-1ace-444f-bcb5-4243e88bd76c/1/VuhBnyBSu3hXUJQP64LidfbvpSQ.roa
File: VuhBnyBSu3hXUJQP64LidfbvpSQ.roa (raw, json)
Hash identifier: QuL7SFoEfQ7GgWh9pOINjnDZ/XSCjpCrjY44YiuIsXM=
Subject key identifier: 56:E8:41:9F:20:52:BB:78:57:50:94:0F:EB:82:E2:75:F6:EF:A5:24
Certificate issuer: /CN=869b3600fd738e698d12fef20e106e6a94e3b674
Certificate serial: 0183E604B62980BFFD4568AE330B6174D9A1
Authority key identifier: 86:9B:36:00:FD:73:8E:69:8D:12:FE:F2:0E:10:6E:6A:94:E3:B6:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hps2AP1zjmmNEv7yDhBuapTjtnQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/609976-1ace-444f-bcb5-4243e88bd76c/1/VuhBnyBSu3hXUJQP64LidfbvpSQ.roa
Signing time: Mon 17 Oct 2022 12:56:51 +0000
ROA not before: Mon 17 Oct 2022 12:56:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50635
IP address blocks: 195.191.186.0/24 maxlen: 24
195.191.187.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e6:04:b6:29:80:bf:fd:45:68:ae:33:0b:61:74:d9:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=869b3600fd738e698d12fef20e106e6a94e3b674
Validity
Not Before: Oct 17 12:56:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=56e8419f2052bb785750940feb82e275f6efa524
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:1d:95:c0:b2:0e:22:9b:dc:91:c3:4f:8c:49:
13:6e:49:5d:b6:94:cc:d6:8d:92:b3:ff:b6:57:4d:
be:fd:de:91:8a:f5:9a:3f:ad:4a:93:9c:1a:90:71:
c0:90:7a:e0:63:4e:eb:14:74:09:77:06:f3:af:ce:
e9:89:52:aa:07:a0:2f:e1:df:c1:63:c9:17:f7:21:
01:d6:cf:49:14:96:9f:39:d8:1d:b9:0f:fe:81:64:
3a:19:f5:c7:a4:54:a9:a9:88:a3:4b:78:f1:04:b8:
ad:c9:e1:d3:bf:42:a3:3d:4b:89:49:87:d5:ac:31:
48:f6:a3:79:e0:8e:e6:06:51:f7:fd:82:cc:15:a0:
ad:04:0a:b6:5c:ba:14:d2:b3:2b:22:46:95:2f:77:
ca:b0:91:50:07:ab:22:90:dd:ae:bb:5e:49:80:47:
ce:d6:20:51:df:36:51:81:d0:63:3a:3c:c0:41:d8:
fb:dc:b1:90:ef:ba:26:6b:75:7a:61:46:a3:58:c2:
82:01:f8:af:00:96:b0:09:16:af:4b:d6:49:2d:ac:
cd:7e:67:c5:a8:13:c5:cc:51:7a:5b:e1:2a:ee:46:
c7:c8:7f:3f:b9:9a:95:05:2b:f5:13:35:c2:8c:1e:
16:c8:ff:6e:ac:9f:64:77:ef:05:35:2e:cc:01:64:
db:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:E8:41:9F:20:52:BB:78:57:50:94:0F:EB:82:E2:75:F6:EF:A5:24
X509v3 Authority Key Identifier:
keyid:86:9B:36:00:FD:73:8E:69:8D:12:FE:F2:0E:10:6E:6A:94:E3:B6:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hps2AP1zjmmNEv7yDhBuapTjtnQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/609976-1ace-444f-bcb5-4243e88bd76c/1/VuhBnyBSu3hXUJQP64LidfbvpSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/609976-1ace-444f-bcb5-4243e88bd76c/1/hps2AP1zjmmNEv7yDhBuapTjtnQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.191.186.0/23
Signature Algorithm: sha256WithRSAEncryption
06:e2:b6:63:4c:32:f1:cd:04:2d:3b:6e:87:09:15:7d:80:04:
14:b3:fc:ea:22:9f:d7:00:31:12:c1:6f:40:31:f0:a2:4f:e4:
ff:2f:7d:5f:e3:3a:39:a1:77:69:fc:4b:60:99:43:3e:38:c9:
1c:24:92:55:4a:18:2b:b5:5a:dc:a0:75:a9:02:18:cd:ca:0c:
5c:6f:88:4e:9e:9f:ae:5c:d3:26:58:50:bb:69:43:bf:c9:08:
00:85:7d:01:5e:57:13:49:4f:fe:90:7d:9f:9b:1d:a4:38:04:
10:95:8c:06:fd:00:8e:57:83:94:0b:8a:c6:f5:b2:cb:a7:bf:
4d:3b:a7:43:96:86:a1:a4:01:08:f7:79:03:3a:75:21:81:b6:
e7:80:5c:8d:76:82:a1:f5:b9:6f:d8:c6:8a:71:d3:12:d2:91:
bb:9b:7c:e2:6c:f8:93:f5:32:08:a7:06:98:5a:56:b1:6e:fe:
ce:ea:13:23:8a:3b:71:c0:f4:13:7f:9a:f8:50:4c:ef:a9:ae:
50:a4:43:42:8b:a2:c7:e0:6d:e3:7f:2f:fc:08:8a:b2:44:2f:
d1:1c:05:de:0a:d3:34:9d:d5:b8:12:71:ba:b1:9a:dc:0c:51:
12:98:22:6b:cc:f6:b5:02:cf:26:f5:07:79:f4:f6:48:95:e4:
be:99:2d:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPmBLYpgL/9RWiuMwthdNmhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OWIzNjAwZmQ3MzhlNjk4ZDEyZmVmMjBlMTA2ZTZhOTRl
M2I2NzQwHhcNMjIxMDE3MTI1NjUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmU4NDE5ZjIwNTJiYjc4NTc1MDk0MGZlYjgyZTI3NWY2ZWZhNTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqx2VwLIOIpvckcNPjEkTbkldtpTM
1o2Ss/+2V02+/d6RivWaP61Kk5wakHHAkHrgY07rFHQJdwbzr87piVKqB6Av4d/B
Y8kX9yEB1s9JFJafOdgduQ/+gWQ6GfXHpFSpqYijS3jxBLityeHTv0KjPUuJSYfV
rDFI9qN54I7mBlH3/YLMFaCtBAq2XLoU0rMrIkaVL3fKsJFQB6sikN2uu15JgEfO
1iBR3zZRgdBjOjzAQdj73LGQ77oma3V6YUajWMKCAfivAJawCRavS9ZJLazNfmfF
qBPFzFF6W+Eq7kbHyH8/uZqVBSv1EzXCjB4WyP9urJ9kd+8FNS7MAWTbYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFboQZ8gUrt4V1CUD+uC4nX276UkMB8GA1UdIwQY
MBaAFIabNgD9c45pjRL+8g4QbmqU47Z0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBzMkFQMXpqbW1ORXY3eURoQnVhcFRqdG5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy82MDk5NzYtMWFjZS00NDRmLWJjYjUt
NDI0M2U4OGJkNzZjLzEvVnVoQm55QlN1M2hYVUpRUDY0TGlkZmJ2cFNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy82MDk5NzYtMWFjZS00NDRmLWJjYjUtNDI0M2U4OGJkNzZj
LzEvaHBzMkFQMXpqbW1ORXY3eURoQnVhcFRqdG5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw7+6MA0G
CSqGSIb3DQEBCwUAA4IBAQAG4rZjTDLxzQQtO26HCRV9gAQUs/zqIp/XADESwW9A
MfCiT+T/L31f4zo5oXdp/EtgmUM+OMkcJJJVShgrtVrcoHWpAhjNygxcb4hOnp+u
XNMmWFC7aUO/yQgAhX0BXlcTSU/+kH2fmx2kOAQQlYwG/QCOV4OUC4rG9bLLp79N
O6dDloahpAEI93kDOnUhgbbngFyNdoKh9blv2MaKcdMS0pG7m3zibPiT9TIIpwaY
Wlaxbv7O6hMjijtxwPQTf5r4UEzvqa5QpENCi6LH4G3jfy/8CIqyRC/RHAXeCtM0
ndW4EnG6sZrcDFESmCJrzPa1As8m9Qd59PZIleS+mS1q
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:55 2025 by rpki-client