Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/e810cd-6497-4d8a-91a5-bf57387662a0/1/VgZAt_aKPrtp6AiQc49IReyke54.roa
File: VgZAt_aKPrtp6AiQc49IReyke54.roa (raw, json)
Hash identifier: IX7UW8VUS+7zALSWTlKB96sW8cLJ6gCZQUvFKlG+ojg=
Subject key identifier: 56:06:40:B7:F6:8A:3E:BB:69:E8:08:90:73:8F:48:45:EC:A4:7B:9E
Certificate issuer: /CN=4bf4d9fa66b008a08c3b8ed82c38267e1d212550
Certificate serial: 135711EC
Authority key identifier: 4B:F4:D9:FA:66:B0:08:A0:8C:3B:8E:D8:2C:38:26:7E:1D:21:25:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S_TZ-mawCKCMO47YLDgmfh0hJVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/e810cd-6497-4d8a-91a5-bf57387662a0/1/VgZAt_aKPrtp6AiQc49IReyke54.roa
Signing time: Sat 01 Jan 2022 10:01:25 +0000
ROA not before: Sat 01 Jan 2022 10:01:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49079
IP address blocks: 185.131.20.0/22 maxlen: 24
2a03:a020::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 324473324 (0x135711ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4bf4d9fa66b008a08c3b8ed82c38267e1d212550
Validity
Not Before: Jan 1 10:01:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=560640b7f68a3ebb69e80890738f4845eca47b9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a2:58:5b:2e:6f:db:77:e6:f0:10:1b:0f:bd:
fe:98:83:20:45:37:7b:f7:25:6c:46:f6:5b:ce:60:
7e:d6:eb:6e:8a:39:43:2b:a9:35:33:82:19:fa:7f:
77:cc:dd:99:cd:cf:e4:d2:06:75:23:0a:03:b4:a4:
76:e2:d7:7d:ca:2e:a4:7c:23:71:61:35:62:de:9d:
7d:a5:90:bb:af:bd:d8:a8:27:3d:56:46:c5:5a:5d:
8e:4a:a1:1f:21:09:aa:18:07:d8:b1:3f:60:20:8d:
43:28:d3:95:69:ca:06:05:9e:08:89:bc:00:7f:33:
91:d8:f0:22:5b:d7:3b:25:0f:6f:73:51:0d:c2:96:
9f:ca:16:59:eb:95:ca:e7:9e:37:c7:54:45:c8:3f:
20:ab:cf:c6:8b:d4:ea:a7:eb:c1:34:ec:a5:cb:97:
a7:17:e3:99:1f:61:9a:f2:4e:f3:f6:d0:7b:aa:6d:
51:72:88:ef:e6:3d:e1:b9:bc:44:ea:1d:6c:82:f9:
fe:48:63:94:15:db:0f:1b:47:40:c1:48:9e:be:11:
52:9e:29:bd:2b:79:16:87:8f:a3:9a:cc:44:a9:86:
24:b7:67:65:16:14:99:d8:12:62:44:50:b9:22:86:
0e:04:33:e8:21:01:5c:fb:f0:5b:25:23:30:5b:2c:
5a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:06:40:B7:F6:8A:3E:BB:69:E8:08:90:73:8F:48:45:EC:A4:7B:9E
X509v3 Authority Key Identifier:
keyid:4B:F4:D9:FA:66:B0:08:A0:8C:3B:8E:D8:2C:38:26:7E:1D:21:25:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S_TZ-mawCKCMO47YLDgmfh0hJVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e810cd-6497-4d8a-91a5-bf57387662a0/1/VgZAt_aKPrtp6AiQc49IReyke54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e810cd-6497-4d8a-91a5-bf57387662a0/1/S_TZ-mawCKCMO47YLDgmfh0hJVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.131.20.0/22
IPv6:
2a03:a020::/32
Signature Algorithm: sha256WithRSAEncryption
ce:a7:ab:16:33:db:94:54:36:41:da:47:31:8e:d6:f1:28:17:
df:df:81:dc:f1:3c:38:fb:7c:86:30:06:28:02:50:66:0a:1a:
bf:07:1c:c7:f6:22:5e:67:18:bb:24:6f:8d:a7:43:94:e4:27:
02:a8:dd:5e:33:1d:8d:f7:bf:37:32:2d:11:34:32:11:ba:4f:
f9:cd:9b:b9:cf:e7:d9:a8:50:f6:3a:fb:98:4b:75:8a:5e:a2:
7e:be:7d:0b:26:4c:a2:26:70:a3:51:e7:30:45:4e:56:83:8a:
fc:3a:13:e6:51:62:9f:3a:95:82:da:3f:f7:e3:97:a3:7a:19:
b2:d9:a5:a9:a5:1c:b1:81:81:3e:72:ae:6f:a8:ed:6a:12:ae:
c5:6b:f0:ca:06:4f:fc:ca:38:10:a8:eb:f9:c1:54:f5:d3:f2:
71:ef:37:60:e7:3d:7c:2f:4f:57:68:ed:17:97:e6:a3:fa:18:
47:df:af:12:b6:7a:b0:14:d5:cc:18:8b:fb:19:3c:ae:23:e2:
b8:3e:de:14:34:87:dc:21:ef:28:b5:3d:ab:bb:a9:b2:1b:19:
f1:a0:3e:e6:d0:72:45:bd:ea:7e:42:ca:e9:f8:af:08:af:43:
a8:36:31:e4:91:d7:eb:61:5f:19:11:fb:1a:3d:9a:39:1e:51:
3d:f3:ee:b0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEE1cR7DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YmY0ZDlmYTY2YjAwOGEwOGMzYjhlZDgyYzM4MjY3ZTFkMjEyNTUwMB4XDTIyMDEw
MTEwMDEyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTYwNjQwYjdmNjhh
M2ViYjY5ZTgwODkwNzM4ZjQ4NDVlY2E0N2I5ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJGiWFsub9t35vAQGw+9/piDIEU3e/clbEb2W85gftbrboo5
QyupNTOCGfp/d8zdmc3P5NIGdSMKA7SkduLXfcoupHwjcWE1Yt6dfaWQu6+92Kgn
PVZGxVpdjkqhHyEJqhgH2LE/YCCNQyjTlWnKBgWeCIm8AH8zkdjwIlvXOyUPb3NR
DcKWn8oWWeuVyueeN8dURcg/IKvPxovU6qfrwTTspcuXpxfjmR9hmvJO8/bQe6pt
UXKI7+Y94bm8ROodbIL5/khjlBXbDxtHQMFInr4RUp4pvSt5FoePo5rMRKmGJLdn
ZRYUmdgSYkRQuSKGDgQz6CEBXPvwWyUjMFssWlkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRWBkC39oo+u2noCJBzj0hF7KR7njAfBgNVHSMEGDAWgBRL9Nn6ZrAIoIw7
jtgsOCZ+HSElUDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NfVFotbWF3Q0tDTU80N1lMRGdtZmgwaEpWQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjkvZTgxMGNkLTY0OTctNGQ4YS05MWE1LWJmNTczODc2NjJhMC8x
L1ZnWkF0X2FLUHJ0cDZBaVFjNDlJUmV5a2U1NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjkv
ZTgxMGNkLTY0OTctNGQ4YS05MWE1LWJmNTczODc2NjJhMC8xL1NfVFotbWF3Q0tD
TU80N1lMRGdtZmgwaEpWQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmDFDANBAIAAjAHAwUAKgOgIDAN
BgkqhkiG9w0BAQsFAAOCAQEAzqerFjPblFQ2QdpHMY7W8SgX39+B3PE8OPt8hjAG
KAJQZgoavwccx/YiXmcYuyRvjadDlOQnAqjdXjMdjfe/NzItETQyEbpP+c2buc/n
2ahQ9jr7mEt1il6ifr59CyZMoiZwo1HnMEVOVoOK/DoT5lFinzqVgto/9+OXo3oZ
stmlqaUcsYGBPnKub6jtahKuxWvwygZP/Mo4EKjr+cFU9dPyce83YOc9fC9PV2jt
F5fmo/oYR9+vErZ6sBTVzBiL+xk8riPiuD7eFDSH3CHvKLU9q7upshsZ8aA+5tBy
Rb3qfkLK6fivCK9DqDYx5JHX62FfGRH7Gj2aOR5RPfPusA==
-----END CERTIFICATE-----
Generated at Sun Mar 9 19:29:14 2025 by rpki-client