Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/7d9854-969e-4e34-a1df-a302f6a74b08/1/vrUndqt31x1beGErvXpaMfj0l2M.roa
File: vrUndqt31x1beGErvXpaMfj0l2M.roa (raw, json)
Hash identifier: tLbA8DGwF2ZSjaMEwlSTeW96jQm+qogOef3GfbkU14w=
Subject key identifier: BE:B5:27:76:AB:77:D7:1D:5B:78:61:2B:BD:7A:5A:31:F8:F4:97:63
Certificate issuer: /CN=a3da0196096c11c231e49bb3089670b94dbf5e80
Certificate serial: 018484807F20EF1AB62C3DB486ABBD0616F4
Authority key identifier: A3:DA:01:96:09:6C:11:C2:31:E4:9B:B3:08:96:70:B9:4D:BF:5E:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o9oBlglsEcIx5JuzCJZwuU2_XoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/7d9854-969e-4e34-a1df-a302f6a74b08/1/vrUndqt31x1beGErvXpaMfj0l2M.roa
Signing time: Thu 17 Nov 2022 07:32:04 +0000
ROA not before: Thu 17 Nov 2022 07:32:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212707
IP address blocks: 193.163.47.0/24 maxlen: 24
2a10:5bc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:84:80:7f:20:ef:1a:b6:2c:3d:b4:86:ab:bd:06:16:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3da0196096c11c231e49bb3089670b94dbf5e80
Validity
Not Before: Nov 17 07:32:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=beb52776ab77d71d5b78612bbd7a5a31f8f49763
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c7:e8:64:49:82:74:a3:ea:8b:57:36:e4:d7:
32:d3:e6:ee:ca:b9:9b:98:1b:56:2d:0e:ce:65:18:
72:b6:c7:5f:14:27:56:ff:c1:27:d0:8c:6a:1d:9d:
93:98:c6:0b:cb:3f:4f:ed:ee:8c:51:c4:f1:81:85:
3a:74:2f:e3:6e:3b:6c:7f:c2:a7:6b:2c:fb:43:cb:
d4:7f:21:8f:05:91:c4:84:45:b0:3a:f9:d0:6d:ca:
0c:7d:aa:38:4e:b4:5c:d5:c4:83:83:ff:35:e0:47:
06:3d:2f:8f:d0:9c:26:3e:31:0a:f6:4b:e4:54:5c:
7b:87:a7:cc:cb:cb:14:92:5a:57:9e:b9:de:77:87:
3d:d0:42:87:34:9b:7e:34:36:ae:01:9f:ee:90:15:
9b:b3:14:85:80:68:ba:49:7c:e4:72:a9:f2:b0:41:
e7:1f:e2:b8:e2:e3:57:c6:b0:99:89:91:06:44:1b:
e4:d4:e9:51:7a:13:42:ad:24:27:4e:51:58:02:42:
38:a2:ab:aa:bc:aa:d6:35:7e:9d:19:aa:1a:0e:0a:
38:18:a3:9c:32:02:06:d5:6a:cc:67:91:ff:8c:74:
3d:82:eb:e5:61:6c:22:37:87:39:5a:86:b8:fe:54:
2e:31:1a:10:d0:07:fb:d8:19:6f:cc:90:ff:76:67:
bf:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:B5:27:76:AB:77:D7:1D:5B:78:61:2B:BD:7A:5A:31:F8:F4:97:63
X509v3 Authority Key Identifier:
keyid:A3:DA:01:96:09:6C:11:C2:31:E4:9B:B3:08:96:70:B9:4D:BF:5E:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o9oBlglsEcIx5JuzCJZwuU2_XoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/7d9854-969e-4e34-a1df-a302f6a74b08/1/vrUndqt31x1beGErvXpaMfj0l2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/7d9854-969e-4e34-a1df-a302f6a74b08/1/o9oBlglsEcIx5JuzCJZwuU2_XoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.163.47.0/24
IPv6:
2a10:5bc0::/29
Signature Algorithm: sha256WithRSAEncryption
8f:a5:72:c2:7d:87:66:79:14:b0:dd:a8:7c:57:bf:27:7a:3e:
20:6a:6e:ec:ef:ff:59:08:42:6d:3e:d5:42:81:2e:e8:8f:9d:
a1:f7:63:ff:3d:0c:69:07:1b:a4:da:45:40:44:6e:fb:36:73:
9c:79:8b:68:1e:1f:1f:4c:a6:23:28:15:b7:73:da:c0:b3:f8:
ac:34:e8:69:f0:e5:3a:e7:80:c5:18:28:e4:92:0b:7a:67:fb:
3e:dc:0a:20:db:2f:0e:ea:a9:91:8a:0a:37:85:ca:36:a6:a0:
13:27:f7:85:35:28:64:2b:10:48:46:9d:2e:1d:26:43:dd:a5:
1e:a5:6d:f4:42:60:34:ce:b7:9b:dd:87:fd:22:75:fb:1e:15:
9a:09:a9:1a:cd:e8:67:d2:82:40:fd:4c:af:18:85:3e:5a:fb:
6b:08:12:0d:bb:b1:07:74:c6:5c:2f:59:3a:31:53:2a:60:cf:
d6:58:aa:67:04:98:c6:f4:52:65:4e:3a:fd:10:f6:b6:78:b7:
0d:95:b5:7f:5c:80:1b:2b:59:61:ae:3c:9d:fe:42:3d:38:5c:
8b:90:68:b5:35:ee:b1:40:fa:95:6d:94:69:5a:42:56:81:62:
c9:50:ee:57:34:46:f8:6c:cb:a1:e0:d8:a9:14:0b:fd:22:ed:
17:09:fa:c6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYSEgH8g7xq2LD20hqu9Bhb0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzZGEwMTk2MDk2YzExYzIzMWU0OWJiMzA4OTY3MGI5NGRi
ZjVlODAwHhcNMjIxMTE3MDczMjA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWI1Mjc3NmFiNzdkNzFkNWI3ODYxMmJiZDdhNWEzMWY4ZjQ5NzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcfoZEmCdKPqi1c25Ncy0+buyrmb
mBtWLQ7OZRhytsdfFCdW/8En0IxqHZ2TmMYLyz9P7e6MUcTxgYU6dC/jbjtsf8Kn
ayz7Q8vUfyGPBZHEhEWwOvnQbcoMfao4TrRc1cSDg/814EcGPS+P0JwmPjEK9kvk
VFx7h6fMy8sUklpXnrned4c90EKHNJt+NDauAZ/ukBWbsxSFgGi6SXzkcqnysEHn
H+K44uNXxrCZiZEGRBvk1OlRehNCrSQnTlFYAkI4oquqvKrWNX6dGaoaDgo4GKOc
MgIG1WrMZ5H/jHQ9guvlYWwiN4c5Woa4/lQuMRoQ0Af72BlvzJD/dme/QwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFL61J3ard9cdW3hhK716WjH49JdjMB8GA1UdIwQY
MBaAFKPaAZYJbBHCMeSbswiWcLlNv16AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzlvQmxnbHNFY0l4NUp1ekNKWnd1VTJfWG9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy83ZDk4NTQtOTY5ZS00ZTM0LWExZGYt
YTMwMmY2YTc0YjA4LzEvdnJVbmRxdDMxeDFiZUdFcnZYcGFNZmowbDJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy83ZDk4NTQtOTY5ZS00ZTM0LWExZGYtYTMwMmY2YTc0YjA4
LzEvbzlvQmxnbHNFY0l4NUp1ekNKWnd1VTJfWG9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwaMvMA0E
AgACMAcDBQMqEFvAMA0GCSqGSIb3DQEBCwUAA4IBAQCPpXLCfYdmeRSw3ah8V78n
ej4gam7s7/9ZCEJtPtVCgS7oj52h92P/PQxpBxuk2kVARG77NnOceYtoHh8fTKYj
KBW3c9rAs/isNOhp8OU654DFGCjkkgt6Z/s+3Aog2y8O6qmRigo3hco2pqATJ/eF
NShkKxBIRp0uHSZD3aUepW30QmA0zreb3Yf9InX7HhWaCakazehn0oJA/UyvGIU+
WvtrCBINu7EHdMZcL1k6MVMqYM/WWKpnBJjG9FJlTjr9EPa2eLcNlbV/XIAbK1lh
rjyd/kI9OFyLkGi1Ne6xQPqVbZRpWkJWgWLJUO5XNEb4bMuh4NipFAv9Iu0XCfrG
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:46:36 2025 by rpki-client