Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/vudknUlrmEJxAmzJ8_qWS348HDo.roa
File: vudknUlrmEJxAmzJ8_qWS348HDo.roa (raw, json)
Hash identifier: uX6WBhfyZik7F65grA1CAtYmBrX/9QWUcQpfveAilbI=
Subject key identifier: BE:E7:64:9D:49:6B:98:42:71:02:6C:C9:F3:FA:96:4B:7E:3C:1C:3A
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018C7B530090EDC4B1E308037F7E0BF79AAA
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/vudknUlrmEJxAmzJ8_qWS348HDo.roa
Signing time: Mon 18 Dec 2023 05:08:06 +0000
ROA not before: Mon 18 Dec 2023 05:08:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7029
IP address blocks: 64.226.156.0/22 maxlen: 22
64.226.54.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7b:53:00:90:ed:c4:b1:e3:08:03:7f:7e:0b:f7:9a:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 18 05:08:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bee7649d496b984271026cc9f3fa964b7e3c1c3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:14:5a:79:eb:5a:85:83:31:59:b3:17:a3:44:
35:d7:07:eb:87:71:7b:50:fd:bb:f0:03:98:0c:60:
2f:dd:b9:1b:b7:bd:2c:8e:37:06:b6:cd:5d:2c:45:
2d:37:1c:ee:d6:a6:d2:e2:8a:33:e7:5d:33:2f:a9:
97:e1:44:e8:ee:54:92:61:f2:60:58:70:18:16:33:
9d:4f:2a:f6:f9:c0:df:65:6f:4e:8e:f0:2b:09:b2:
7e:3f:9e:f1:78:d5:c8:95:a4:4c:34:c0:e8:79:85:
29:d2:2e:02:c3:95:d3:19:f2:00:bd:5f:b0:3c:74:
55:10:78:cc:c9:24:d5:76:d9:8c:a3:70:42:f5:64:
1b:29:b4:31:77:36:7f:e4:89:96:29:0c:16:44:df:
50:9e:58:33:5b:7b:fe:f8:b5:69:f8:04:47:1f:ba:
f4:4f:17:67:08:c1:ae:a3:ab:73:e9:c8:15:b3:d7:
17:f2:18:b8:5d:8b:02:ea:bd:4f:80:a3:4f:02:06:
aa:a7:db:94:73:21:0e:93:49:72:ec:42:15:38:c0:
a5:26:52:2c:bd:db:bb:28:55:3f:9b:9d:fd:b1:1b:
68:d2:0c:0a:b5:e6:3c:ba:bf:d4:ee:45:a9:6a:fb:
8e:f5:cf:54:ca:fe:75:76:5f:3a:a5:b1:4f:b9:93:
9d:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:E7:64:9D:49:6B:98:42:71:02:6C:C9:F3:FA:96:4B:7E:3C:1C:3A
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/vudknUlrmEJxAmzJ8_qWS348HDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.226.54.0/23
64.226.156.0/22
Signature Algorithm: sha256WithRSAEncryption
59:b9:40:84:d4:e7:a0:76:ae:e2:f6:75:9f:a3:b4:64:bb:cd:
b0:8e:91:db:aa:23:ff:0d:f2:d4:de:e0:7e:5c:7e:99:9e:be:
99:d5:e3:b9:c2:2c:2a:12:c9:40:f6:fb:e9:d4:2c:47:3d:46:
8f:d2:6c:b1:34:c7:24:7c:1b:79:fd:6d:53:44:57:0f:4c:87:
a8:bc:1d:12:2d:45:3e:cf:d9:7e:cf:c1:68:4a:09:21:b7:31:
ca:d1:e2:73:8e:f8:e1:d7:69:83:89:4f:24:21:dc:ef:16:bb:
b6:b2:34:6d:97:23:ca:31:98:8e:17:62:d1:0a:78:13:26:a5:
fe:33:e5:47:1b:a5:8e:ad:e2:65:fe:6a:be:7c:7d:5c:19:4c:
5f:f5:95:18:dc:d6:7a:53:a7:05:7e:a6:eb:fc:e7:f2:9a:6b:
bb:02:3b:a1:cb:1d:5e:f3:fd:d0:c4:24:5b:fb:a4:f7:99:58:
9c:8d:fa:b5:54:95:84:e0:78:a7:a4:52:0d:24:b2:86:ca:ec:
11:53:40:f6:95:4e:1e:95:9f:ed:d5:26:16:f4:5b:f2:81:34:
77:18:83:5c:4f:af:14:93:6e:a3:14:65:4a:69:4f:c1:65:98:
83:04:f1:c9:22:21:92:92:21:fe:69:a4:9b:54:71:73:39:d8:
57:df:33:28
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYx7UwCQ7cSx4wgDf34L95qqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMxMjE4MDUwODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWU3NjQ5ZDQ5NmI5ODQyNzEwMjZjYzlmM2ZhOTY0YjdlM2MxYzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhRaeetahYMxWbMXo0Q11wfrh3F7
UP278AOYDGAv3bkbt70sjjcGts1dLEUtNxzu1qbS4ooz510zL6mX4UTo7lSSYfJg
WHAYFjOdTyr2+cDfZW9OjvArCbJ+P57xeNXIlaRMNMDoeYUp0i4Cw5XTGfIAvV+w
PHRVEHjMySTVdtmMo3BC9WQbKbQxdzZ/5ImWKQwWRN9QnlgzW3v++LVp+ARHH7r0
TxdnCMGuo6tz6cgVs9cX8hi4XYsC6r1PgKNPAgaqp9uUcyEOk0ly7EIVOMClJlIs
vdu7KFU/m539sRto0gwKteY8ur/U7kWpavuO9c9Uyv51dl86pbFPuZOdLQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL7nZJ1Ja5hCcQJsyfP6lkt+PBw6MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvdnVka25VbHJtRUp4QW16SjhfcVdTMzQ4SERvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBQOI2AwQC
QOKcMA0GCSqGSIb3DQEBCwUAA4IBAQBZuUCE1Oegdq7i9nWfo7Rku82wjpHbqiP/
DfLU3uB+XH6Znr6Z1eO5wiwqEslA9vvp1CxHPUaP0myxNMckfBt5/W1TRFcPTIeo
vB0SLUU+z9l+z8FoSgkhtzHK0eJzjvjh12mDiU8kIdzvFru2sjRtlyPKMZiOF2LR
CngTJqX+M+VHG6WOreJl/mq+fH1cGUxf9ZUY3NZ6U6cFfqbr/Ofymmu7Ajuhyx1e
8/3QxCRb+6T3mVicjfq1VJWE4HinpFINJLKGyuwRU0D2lU4elZ/t1SYW9FvygTR3
GINcT68Uk26jFGVKaU/BZZiDBPHJIiGSkiH+aaSbVHFzOdhX3zMo
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:13:30 2025 by rpki-client