Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/VZlwYmVV49Bg0NEwkYL-xEqhiwE.roa
File: VZlwYmVV49Bg0NEwkYL-xEqhiwE.roa (raw, json)
Hash identifier: VgAT2lmsh29yvl/5nruRaD4hxgDGORveKewkcCsVwX0=
Subject key identifier: 55:99:70:62:65:55:E3:D0:60:D0:D1:30:91:82:FE:C4:4A:A1:8B:01
Certificate issuer: /CN=49378660f5f01923946c35d94be5ccd7d2b71051
Certificate serial: 018810DEAF187C7807C6E022AADCB84A7550
Authority key identifier: 49:37:86:60:F5:F0:19:23:94:6C:35:D9:4B:E5:CC:D7:D2:B7:10:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/STeGYPXwGSOUbDXZS-XM19K3EFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/VZlwYmVV49Bg0NEwkYL-xEqhiwE.roa
Signing time: Fri 12 May 2023 16:50:09 +0000
ROA not before: Fri 12 May 2023 16:50:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25317
IP address blocks: 213.244.32.0/21 maxlen: 24
213.244.44.0/22 maxlen: 22
213.244.48.0/21 maxlen: 21
213.244.56.0/21 maxlen: 21
2a0a:6840::/30 maxlen: 30
2a0a:6844::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:10:de:af:18:7c:78:07:c6:e0:22:aa:dc:b8:4a:75:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49378660f5f01923946c35d94be5ccd7d2b71051
Validity
Not Before: May 12 16:50:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=559970626555e3d060d0d1309182fec44aa18b01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:0f:8b:b6:a2:7c:1b:6c:50:c3:15:f1:2b:71:
77:d9:fd:44:d9:ae:1f:fd:ea:8e:23:cf:7b:36:e1:
0a:35:af:ff:cf:c7:50:99:ff:9a:57:ca:b8:42:3b:
d3:e8:a9:8b:ce:ea:8f:64:d0:d5:fe:e1:2e:be:11:
69:d0:bc:99:87:17:cc:4d:62:ef:ff:77:0b:a7:a6:
2e:3c:6d:e2:1c:69:a6:2c:4a:48:6d:69:1e:46:33:
9e:b1:bd:d9:14:97:6e:fa:19:7c:c0:d3:06:cb:f1:
88:b7:a0:14:c9:2c:47:4d:cf:7a:d1:09:60:25:ff:
0c:46:b8:b8:80:c4:d9:12:37:79:9e:ff:9c:8a:0a:
1b:83:16:cb:33:ac:f9:ef:d6:67:ff:68:3f:cf:97:
5e:0c:a9:9b:99:1d:8d:fd:8b:76:c4:ff:90:ac:ed:
8b:74:fd:88:bb:e1:b3:13:6e:5f:e2:f0:36:dd:cb:
90:ec:1e:2e:bc:46:01:40:0b:4f:e3:da:b6:c9:cf:
1b:25:bf:d4:c6:7a:68:bc:ff:9c:8a:33:46:04:ed:
f0:4c:d7:66:8c:2b:fb:8b:97:ad:43:b7:25:bd:99:
5a:46:1d:55:e0:a1:6d:4e:3e:fe:a5:f2:f7:2d:f3:
12:7c:0c:b0:b1:0f:84:cf:45:80:21:06:c2:24:eb:
de:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:99:70:62:65:55:E3:D0:60:D0:D1:30:91:82:FE:C4:4A:A1:8B:01
X509v3 Authority Key Identifier:
keyid:49:37:86:60:F5:F0:19:23:94:6C:35:D9:4B:E5:CC:D7:D2:B7:10:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/STeGYPXwGSOUbDXZS-XM19K3EFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/VZlwYmVV49Bg0NEwkYL-xEqhiwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/STeGYPXwGSOUbDXZS-XM19K3EFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.244.32.0/21
213.244.44.0-213.244.63.255
IPv6:
2a0a:6840::/29
Signature Algorithm: sha256WithRSAEncryption
41:16:a5:c9:04:db:65:fd:63:56:a2:77:5b:c9:48:be:8a:47:
86:c6:1f:91:7a:92:ba:69:c2:9e:db:dd:22:d3:a0:9d:bd:98:
46:cf:a4:82:14:a7:66:87:a5:9b:c1:71:52:cd:80:55:19:21:
52:61:c3:98:5c:af:03:c8:e9:5e:db:60:ff:22:94:4b:c7:dc:
8e:7c:fb:25:22:b8:11:d6:c7:33:e1:41:29:7c:47:b7:b9:05:
16:c6:0a:b6:4d:9f:47:a5:0a:7b:c3:09:33:4d:48:24:80:d5:
4a:10:55:33:d4:d8:3d:e3:92:98:af:ad:3f:78:eb:ad:20:ee:
f5:bb:f4:e7:aa:e0:bc:19:10:a2:64:4d:58:bc:b3:f3:f0:ab:
75:8d:86:11:00:0d:69:52:e7:d5:31:ea:88:9a:ee:22:86:1f:
85:62:e6:0a:80:28:33:37:0f:cd:eb:55:9b:49:2e:ad:99:52:
ed:c4:c0:3d:0e:18:fd:6e:e2:b0:cd:2e:b7:58:2c:a8:53:25:
67:e7:81:f1:97:35:69:3e:62:68:90:eb:56:f9:24:c7:95:b4:
a6:1d:79:2d:72:7d:ce:12:fc:fb:13:58:2f:1b:d9:a7:e8:32:
64:53:f1:b9:93:65:32:ae:7f:44:47:3f:ea:79:15:0c:29:17:
2b:2b:8d:63
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYgQ3q8YfHgHxuAiqty4SnVQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5Mzc4NjYwZjVmMDE5MjM5NDZjMzVkOTRiZTVjY2Q3ZDJi
NzEwNTEwHhcNMjMwNTEyMTY1MDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTk5NzA2MjY1NTVlM2QwNjBkMGQxMzA5MTgyZmVjNDRhYTE4YjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiA+LtqJ8G2xQwxXxK3F32f1E2a4f
/eqOI897NuEKNa//z8dQmf+aV8q4QjvT6KmLzuqPZNDV/uEuvhFp0LyZhxfMTWLv
/3cLp6YuPG3iHGmmLEpIbWkeRjOesb3ZFJdu+hl8wNMGy/GIt6AUySxHTc960Qlg
Jf8MRri4gMTZEjd5nv+cigobgxbLM6z579Zn/2g/z5deDKmbmR2N/Yt2xP+QrO2L
dP2Iu+GzE25f4vA23cuQ7B4uvEYBQAtP49q2yc8bJb/UxnpovP+cijNGBO3wTNdm
jCv7i5etQ7clvZlaRh1V4KFtTj7+pfL3LfMSfAywsQ+Ez0WAIQbCJOve5QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFFWZcGJlVePQYNDRMJGC/sRKoYsBMB8GA1UdIwQY
MBaAFEk3hmD18BkjlGw12UvlzNfStxBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1RlR1lQWHdHU09VYkRYWlMtWE0xOUszRUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8wN2NkY2YtODg3NS00NzcwLThjNzUt
NDFiNzQ1YmY1M2RiLzEvVlpsd1ltVlY0OUJnME5Fd2tZTC14RXFoaXdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8wN2NkY2YtODg3NS00NzcwLThjNzUtNDFiNzQ1YmY1M2Ri
LzEvU1RlR1lQWHdHU09VYkRYWlMtWE0xOUszRUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQD1fQgMAwD
BALV9CwDBAbV9AAwDQQCAAIwBwMFAyoKaEAwDQYJKoZIhvcNAQELBQADggEBAEEW
pckE22X9Y1aid1vJSL6KR4bGH5F6krppwp7b3SLToJ29mEbPpIIUp2aHpZvBcVLN
gFUZIVJhw5hcrwPI6V7bYP8ilEvH3I58+yUiuBHWxzPhQSl8R7e5BRbGCrZNn0el
CnvDCTNNSCSA1UoQVTPU2D3jkpivrT94660g7vW79Oeq4LwZEKJkTVi8s/Pwq3WN
hhEADWlS59Ux6oia7iKGH4Vi5gqAKDM3D83rVZtJLq2ZUu3EwD0OGP1u4rDNLrdY
LKhTJWfngfGXNWk+YmiQ61b5JMeVtKYdeS1yfc4S/PsTWC8b2afoMmRT8bmTZTKu
f0RHP+p5FQwpFysrjWM=
-----END CERTIFICATE-----
Generated at Sat Apr 19 02:40:56 2025 by rpki-client