Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/VMAXD9Mby4lzEpY0V-Zdq1mza-U.roa
File: VMAXD9Mby4lzEpY0V-Zdq1mza-U.roa (raw, json)
Hash identifier: 6iigSfge0tHQ208ZI/Ux7nhsISdSOOpu3y97d/olw08=
Subject key identifier: 54:C0:17:0F:D3:1B:CB:89:73:12:96:34:57:E6:5D:AB:59:B3:6B:E5
Certificate issuer: /CN=ff31492473a78c6fe9f539f9fa7d2252560a2b7e
Certificate serial: 05ED1A3A
Authority key identifier: FF:31:49:24:73:A7:8C:6F:E9:F5:39:F9:FA:7D:22:52:56:0A:2B:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_zFJJHOnjG_p9Tn5-n0iUlYKK34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/VMAXD9Mby4lzEpY0V-Zdq1mza-U.roa
Signing time: Sat 01 Jan 2022 06:02:15 +0000
ROA not before: Sat 01 Jan 2022 06:02:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206813
IP address blocks: 2001:bf7:1320::/44 maxlen: 48
2001:bf7:170::/44 maxlen: 48
2001:bf7:1310::/44 maxlen: 48
2001:bf7:1310::/48 maxlen: 48
2001:bf7:1315::/48 maxlen: 48
2001:bf7:1322::/48 maxlen: 48
2001:bf7:1314::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99424826 (0x5ed1a3a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff31492473a78c6fe9f539f9fa7d2252560a2b7e
Validity
Not Before: Jan 1 06:02:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=54c0170fd31bcb897312963457e65dab59b36be5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c5:70:d4:24:6e:ef:a9:1e:be:dd:fa:d1:07:
bb:4a:b0:6e:51:58:65:10:7b:8d:4e:3f:27:80:16:
b6:42:fb:db:56:6c:ea:94:0f:43:4b:70:b6:92:1e:
e3:8f:f1:be:7f:87:2e:e1:a5:f5:16:d4:4d:50:9e:
f4:89:46:ea:b8:b3:63:d2:8d:b0:99:cc:f4:a1:10:
cf:66:20:d0:19:94:17:9c:c5:39:43:6b:d3:f1:8a:
47:c9:42:8a:42:09:e9:9d:1d:f3:14:95:4c:df:0d:
fe:79:94:3d:65:18:2d:fa:af:73:26:d9:f6:1e:0c:
04:34:a3:59:c5:c4:60:15:ba:ed:9d:0a:11:c0:73:
b2:df:8a:25:82:8e:86:44:46:0f:2c:de:51:20:bf:
b5:5a:f7:24:8e:b7:2c:45:81:85:01:c1:93:e3:8d:
64:f9:db:e5:e0:a0:9c:18:e3:a4:2a:4c:16:ab:44:
48:aa:d4:d9:f4:7e:a1:17:f1:42:35:b6:f9:25:fa:
90:f2:46:8a:43:3c:26:56:2a:c8:9e:7d:c3:89:af:
29:11:27:2f:90:77:90:21:17:1d:f9:27:1f:05:f2:
37:28:ab:77:6c:67:a1:84:bd:4c:3d:e1:2a:98:3b:
2a:0d:a9:37:86:aa:42:2e:16:4d:de:f3:59:a6:de:
89:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:C0:17:0F:D3:1B:CB:89:73:12:96:34:57:E6:5D:AB:59:B3:6B:E5
X509v3 Authority Key Identifier:
keyid:FF:31:49:24:73:A7:8C:6F:E9:F5:39:F9:FA:7D:22:52:56:0A:2B:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_zFJJHOnjG_p9Tn5-n0iUlYKK34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/VMAXD9Mby4lzEpY0V-Zdq1mza-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/_zFJJHOnjG_p9Tn5-n0iUlYKK34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:bf7:170::/44
2001:bf7:1310::-2001:bf7:132f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0f:f7:4d:68:57:a4:1c:05:2b:f7:9a:5d:a8:fc:e3:02:fa:bf:
24:9f:13:27:09:87:17:0a:42:58:d3:d7:16:cb:13:5f:65:84:
61:9e:f4:46:4a:c0:dd:98:2a:5c:9c:21:71:ef:c1:07:d1:4c:
ed:69:6c:08:42:ac:66:4d:d8:ba:df:1c:51:65:bc:aa:1f:dd:
08:06:89:a7:74:d7:16:54:b7:81:91:81:c2:c5:80:21:7a:2d:
70:dc:31:d1:6d:c8:cf:8c:f3:ea:51:85:26:62:73:2f:e8:e3:
f6:04:3c:0d:8d:4c:61:c2:35:89:55:21:a7:e0:46:c0:03:39:
24:20:28:88:a4:73:5d:9c:0e:60:d8:13:37:a5:3f:05:7a:31:
1b:6e:1b:d3:fb:0d:56:48:4f:32:84:ff:80:b1:12:0c:17:7e:
56:8b:f5:74:84:49:d9:32:b1:fd:11:fa:29:a9:b8:03:1c:b8:
f1:2e:db:7e:c9:00:73:f9:22:73:0f:b3:e9:83:62:d3:9e:b1:
75:c1:48:5f:88:5f:22:2a:b6:fa:a2:ef:46:63:34:e2:ea:6b:
67:3d:d2:7d:3c:c1:a4:0a:73:90:d5:51:b1:8b:f1:da:65:ac:
f3:d6:0a:09:16:55:b2:1d:31:03:5c:5d:02:85:bb:0a:6c:b5:
d3:48:f6:49
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEBe0aOjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZjMxNDkyNDczYTc4YzZmZTlmNTM5ZjlmYTdkMjI1MjU2MGEyYjdlMB4XDTIyMDEw
MTA2MDIxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTRjMDE3MGZkMzFi
Y2I4OTczMTI5NjM0NTdlNjVkYWI1OWIzNmJlNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKbFcNQkbu+pHr7d+tEHu0qwblFYZRB7jU4/J4AWtkL721Zs
6pQPQ0twtpIe44/xvn+HLuGl9RbUTVCe9IlG6rizY9KNsJnM9KEQz2Yg0BmUF5zF
OUNr0/GKR8lCikIJ6Z0d8xSVTN8N/nmUPWUYLfqvcybZ9h4MBDSjWcXEYBW67Z0K
EcBzst+KJYKOhkRGDyzeUSC/tVr3JI63LEWBhQHBk+ONZPnb5eCgnBjjpCpMFqtE
SKrU2fR+oRfxQjW2+SX6kPJGikM8JlYqyJ59w4mvKREnL5B3kCEXHfknHwXyNyir
d2xnoYS9TD3hKpg7Kg2pN4aqQi4WTd7zWabeidkCAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBRUwBcP0xvLiXMSljRX5l2rWbNr5TAfBgNVHSMEGDAWgBT/MUkkc6eMb+n1
Ofn6fSJSVgorfjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L196RkpKSE9uakdfcDlUbjUtbjBpVWxZS0szNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzMvMWI0MTA1LTM0NzEtNDU5Mi1iZjA3LTczZmQzYmMxOWFhNy8x
L1ZNQVhEOU1ieTRsekVwWTBWLVpkcTFtemEtVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMv
MWI0MTA1LTM0NzEtNDU5Mi1iZjA3LTczZmQzYmMxOWFhNy8xL196RkpKSE9uakdf
cDlUbjUtbjBpVWxZS0szNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwIwQCAAIwHQMHBCABC/cBcDASAwcEIAEL9xMQAwcE
IAEL9xMgMA0GCSqGSIb3DQEBCwUAA4IBAQAP901oV6QcBSv3ml2o/OMC+r8knxMn
CYcXCkJY09cWyxNfZYRhnvRGSsDdmCpcnCFx78EH0UztaWwIQqxmTdi63xxRZbyq
H90IBomndNcWVLeBkYHCxYAhei1w3DHRbcjPjPPqUYUmYnMv6OP2BDwNjUxhwjWJ
VSGn4EbAAzkkICiIpHNdnA5g2BM3pT8FejEbbhvT+w1WSE8yhP+AsRIMF35Wi/V0
hEnZMrH9EfopqbgDHLjxLtt+yQBz+SJzD7Ppg2LTnrF1wUhfiF8iKrb6ou9GYzTi
6mtnPdJ9PMGkCnOQ1VGxi/HaZazz1goJFlWyHTEDXF0ChbsKbLXTSPZJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:21 2025 by rpki-client