Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/9d960c-e234-4a05-aba2-4a8779e478c6/1/vtMUXMCbZuU85kvVrUyUmRy0RNk.roa
File: vtMUXMCbZuU85kvVrUyUmRy0RNk.roa (raw, json)
Hash identifier: nyG3q1jVwsEtCRPf/lRzvLbuMVAH2ywBbYV3rzJSUGY=
Subject key identifier: BE:D3:14:5C:C0:9B:66:E5:3C:E6:4B:D5:AD:4C:94:99:1C:B4:44:D9
Certificate issuer: /CN=050e3b7dfbd59910fe527cc7e29af64d53806c91
Certificate serial: 0182C925D39B4A0B486DB26258A147FB7689
Authority key identifier: 05:0E:3B:7D:FB:D5:99:10:FE:52:7C:C7:E2:9A:F6:4D:53:80:6C:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BQ47ffvVmRD-UnzH4pr2TVOAbJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/9d960c-e234-4a05-aba2-4a8779e478c6/1/vtMUXMCbZuU85kvVrUyUmRy0RNk.roa
Signing time: Tue 23 Aug 2022 05:21:15 +0000
ROA not before: Tue 23 Aug 2022 05:21:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31117
IP address blocks: 217.119.112.0/20 maxlen: 20
87.244.192.0/18 maxlen: 18
212.37.64.0/19 maxlen: 19
185.171.140.0/22 maxlen: 22
2a01:328::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:c9:25:d3:9b:4a:0b:48:6d:b2:62:58:a1:47:fb:76:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=050e3b7dfbd59910fe527cc7e29af64d53806c91
Validity
Not Before: Aug 23 05:21:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bed3145cc09b66e53ce64bd5ad4c94991cb444d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:bb:17:75:83:ce:43:7b:9a:43:93:4a:50:c4:
e7:fe:e2:75:2f:08:3a:c3:c2:78:e3:45:17:e6:5e:
b3:07:18:1d:5b:48:19:67:8c:c6:1e:07:2b:db:c4:
af:f2:85:62:77:6e:f4:94:f2:ee:24:ec:a8:e0:d5:
de:51:bb:70:2c:0f:98:3b:1b:4c:83:6a:14:cc:4b:
84:a3:b6:36:d9:46:9d:5e:6d:a1:84:59:75:02:86:
29:ac:d9:98:7e:d3:37:53:9d:87:d0:ca:8a:a0:f7:
82:61:3e:ea:d7:8d:e5:b4:42:a3:b8:54:f7:cd:5c:
a5:18:76:27:ce:ab:f2:c8:ee:e9:20:e0:39:e3:7b:
69:fe:2b:56:e0:c4:0f:7f:52:b0:29:08:6a:26:a6:
1d:64:59:8c:a0:1d:6f:6f:b4:1c:08:d7:ea:63:57:
d7:38:f7:2e:59:74:1e:17:97:ef:52:c0:74:93:ae:
39:e5:56:8c:b1:bf:08:ba:62:38:ee:a8:02:9c:42:
ce:96:a6:ae:fc:e1:a9:63:df:cd:21:d7:cd:ba:3a:
77:35:04:80:84:40:c4:95:b1:30:3b:fc:c2:eb:c5:
f7:8a:81:f3:b3:51:02:78:e2:05:c9:14:ea:e6:40:
bf:f5:7b:79:29:cb:1d:1d:5b:c3:bd:ba:68:75:9c:
85:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:D3:14:5C:C0:9B:66:E5:3C:E6:4B:D5:AD:4C:94:99:1C:B4:44:D9
X509v3 Authority Key Identifier:
keyid:05:0E:3B:7D:FB:D5:99:10:FE:52:7C:C7:E2:9A:F6:4D:53:80:6C:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BQ47ffvVmRD-UnzH4pr2TVOAbJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9d960c-e234-4a05-aba2-4a8779e478c6/1/vtMUXMCbZuU85kvVrUyUmRy0RNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9d960c-e234-4a05-aba2-4a8779e478c6/1/BQ47ffvVmRD-UnzH4pr2TVOAbJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.244.192.0/18
185.171.140.0/22
212.37.64.0/19
217.119.112.0/20
IPv6:
2a01:328::/32
Signature Algorithm: sha256WithRSAEncryption
65:3b:25:b7:19:39:f9:60:56:17:22:06:42:e7:6e:48:ef:49:
8a:0e:2f:3a:76:c4:47:c5:23:ba:b0:e5:02:c6:da:a0:60:fb:
33:3d:33:e3:b5:7b:55:a9:ad:7e:7f:9e:b6:ad:b0:a6:1a:8e:
b7:8b:03:71:2b:75:0e:1d:17:ed:fa:09:f7:82:19:4d:76:ec:
37:00:e3:41:70:ee:49:24:0e:87:a3:63:0f:6b:c0:ce:7c:ae:
ed:c1:27:6e:b9:c3:67:00:69:36:fb:10:ea:d3:c7:0e:22:c1:
20:65:78:eb:d1:d7:7a:52:4b:b9:95:bb:94:5c:b2:91:bd:66:
42:0b:51:cd:9b:07:8f:98:96:df:30:06:b2:3d:7a:e0:4d:67:
85:c4:0e:bb:4c:9b:a9:cb:47:91:33:26:dd:62:7a:13:95:7c:
d8:5e:7d:41:84:42:c3:74:10:3d:c4:78:a6:ba:27:61:38:92:
44:77:7d:8d:1a:73:8f:fd:60:c2:ff:c3:f5:7f:a3:41:3b:78:
b0:90:59:80:b9:66:54:dc:6c:de:0c:d0:26:8c:68:32:87:15:
a6:78:64:f2:45:96:40:37:7c:c1:54:c3:f4:43:ff:13:fd:36:
4a:12:ab:f8:44:03:c0:49:02:6b:00:2e:12:62:84:41:83:30:
70:d2:29:db
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYLJJdObSgtIbbJiWKFH+3aJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MGUzYjdkZmJkNTk5MTBmZTUyN2NjN2UyOWFmNjRkNTM4
MDZjOTEwHhcNMjIwODIzMDUyMTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWQzMTQ1Y2MwOWI2NmU1M2NlNjRiZDVhZDRjOTQ5OTFjYjQ0NGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7sXdYPOQ3uaQ5NKUMTn/uJ1Lwg6
w8J440UX5l6zBxgdW0gZZ4zGHgcr28Sv8oVid270lPLuJOyo4NXeUbtwLA+YOxtM
g2oUzEuEo7Y22UadXm2hhFl1AoYprNmYftM3U52H0MqKoPeCYT7q143ltEKjuFT3
zVylGHYnzqvyyO7pIOA543tp/itW4MQPf1KwKQhqJqYdZFmMoB1vb7QcCNfqY1fX
OPcuWXQeF5fvUsB0k6455VaMsb8IumI47qgCnELOlqau/OGpY9/NIdfNujp3NQSA
hEDElbEwO/zC68X3ioHzs1ECeOIFyRTq5kC/9Xt5KcsdHVvDvbpodZyF0wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFL7TFFzAm2blPOZL1a1MlJkctETZMB8GA1UdIwQY
MBaAFAUOO3371ZkQ/lJ8x+Ka9k1TgGyRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlE0N2ZmdlZtUkQtVW56SDRwcjJUVk9BYkpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85ZDk2MGMtZTIzNC00YTA1LWFiYTIt
NGE4Nzc5ZTQ3OGM2LzEvdnRNVVhNQ2JadVU4NWt2VnJVeVVtUnkwUk5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85ZDk2MGMtZTIzNC00YTA1LWFiYTItNGE4Nzc5ZTQ3OGM2
LzEvQlE0N2ZmdlZtUkQtVW56SDRwcjJUVk9BYkpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGV/TAAwQC
uauMAwQF1CVAAwQE2XdwMA0EAgACMAcDBQAqAQMoMA0GCSqGSIb3DQEBCwUAA4IB
AQBlOyW3GTn5YFYXIgZC525I70mKDi86dsRHxSO6sOUCxtqgYPszPTPjtXtVqa1+
f562rbCmGo63iwNxK3UOHRft+gn3ghlNduw3AONBcO5JJA6Ho2MPa8DOfK7twSdu
ucNnAGk2+xDq08cOIsEgZXjr0dd6Uku5lbuUXLKRvWZCC1HNmwePmJbfMAayPXrg
TWeFxA67TJupy0eRMybdYnoTlXzYXn1BhELDdBA9xHimuidhOJJEd32NGnOP/WDC
/8P1f6NBO3iwkFmAuWZU3GzeDNAmjGgyhxWmeGTyRZZAN3zBVMP0Q/8T/TZKEqv4
RAPASQJrAC4SYoRBgzBw0inb
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:58:47 2025 by rpki-client