Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/74940a-d9fa-4552-be5c-a7ade434d451/1/vh0KlFP0GVWq-iHA6C4S1XpCzS8.roa
File: vh0KlFP0GVWq-iHA6C4S1XpCzS8.roa (raw, json)
Hash identifier: 215WKmd05w3c+FFGdjxZzh7Bs7P7HIKCzGguSRAGGzE=
Subject key identifier: BE:1D:0A:94:53:F4:19:55:AA:FA:21:C0:E8:2E:12:D5:7A:42:CD:2F
Certificate issuer: /CN=beb12ce6a91030e27d5abad146df27bc2880652b
Certificate serial: 018570CC0BFE54AD9D532495ACBC66727353
Authority key identifier: BE:B1:2C:E6:A9:10:30:E2:7D:5A:BA:D1:46:DF:27:BC:28:80:65:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vrEs5qkQMOJ9WrrRRt8nvCiAZSs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/74940a-d9fa-4552-be5c-a7ade434d451/1/vh0KlFP0GVWq-iHA6C4S1XpCzS8.roa
Signing time: Mon 02 Jan 2023 04:44:58 +0000
ROA not before: Mon 02 Jan 2023 04:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207734
IP address blocks: 193.186.199.0/24 maxlen: 24
5.11.23.0/24 maxlen: 24
5.11.20.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:cc:0b:fe:54:ad:9d:53:24:95:ac:bc:66:72:73:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=beb12ce6a91030e27d5abad146df27bc2880652b
Validity
Not Before: Jan 2 04:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be1d0a9453f41955aafa21c0e82e12d57a42cd2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a7:22:5a:66:5d:f2:78:45:b1:63:ef:90:1d:
c9:50:c0:25:23:ef:36:93:cb:52:06:9e:dd:1b:8a:
3d:af:48:39:c2:94:05:d8:35:ae:7b:e7:32:88:c8:
92:73:e6:eb:be:ca:cb:99:9a:db:aa:d3:de:5b:73:
11:85:03:d6:8a:e1:4a:48:53:9a:92:cf:f2:3d:58:
ab:07:74:bc:49:5e:17:e6:fb:0e:4c:1f:ad:90:f5:
3a:02:32:91:34:5f:d4:61:3e:83:bd:2d:b8:e4:01:
4b:69:41:8a:69:ee:5a:65:59:a2:e5:2f:16:06:9e:
85:92:02:97:2b:57:72:f3:09:55:86:d1:32:8e:c8:
b0:be:68:d8:b9:d6:3c:df:54:b8:3c:e6:7b:76:08:
84:28:9d:ee:d9:49:4d:d4:01:f3:30:ad:2c:4e:fa:
ae:b4:60:54:3b:31:70:c6:06:ce:2a:12:df:e7:0a:
82:64:04:03:81:83:43:61:e8:d5:9c:55:6b:d3:49:
72:53:aa:ea:03:aa:32:86:88:46:44:44:2e:6e:f5:
1d:f3:b8:8a:6d:86:a1:db:eb:f2:e8:ea:dd:a6:16:
e5:36:f5:69:78:29:50:8a:96:ba:2c:1e:a0:b6:ab:
2e:67:66:7f:48:23:b8:ca:6c:d6:6b:ef:ad:6a:38:
3f:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:1D:0A:94:53:F4:19:55:AA:FA:21:C0:E8:2E:12:D5:7A:42:CD:2F
X509v3 Authority Key Identifier:
keyid:BE:B1:2C:E6:A9:10:30:E2:7D:5A:BA:D1:46:DF:27:BC:28:80:65:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vrEs5qkQMOJ9WrrRRt8nvCiAZSs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/74940a-d9fa-4552-be5c-a7ade434d451/1/vh0KlFP0GVWq-iHA6C4S1XpCzS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/74940a-d9fa-4552-be5c-a7ade434d451/1/vrEs5qkQMOJ9WrrRRt8nvCiAZSs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.20.0/24
5.11.23.0/24
193.186.199.0/24
Signature Algorithm: sha256WithRSAEncryption
49:62:c3:35:c8:a8:16:5a:c6:52:8e:4f:36:5b:ef:38:76:21:
a7:ad:a3:6e:7e:96:6c:2e:13:3a:26:9c:2a:97:28:b6:13:7a:
37:46:54:9d:8c:09:36:55:cb:d6:bb:3e:17:6f:11:f1:45:b5:
9f:59:7b:01:ab:4a:73:4b:1a:3e:4a:73:d8:7c:94:25:51:28:
ac:27:1b:cd:ac:e0:17:a3:de:cc:4f:cf:24:35:14:c3:b4:ad:
c6:16:b1:15:50:d4:9c:6f:d1:3d:ff:d5:26:3e:2f:ab:05:33:
81:6b:07:33:70:76:ff:8e:9d:bd:f7:4a:0f:de:92:eb:29:82:
fd:74:04:ef:72:be:b8:c5:a8:ed:b2:b0:e5:95:f5:96:91:a6:
fa:2c:f4:d3:f9:a4:a4:9a:ca:9d:2e:27:5d:25:fa:6e:b2:db:
f9:61:11:5f:d6:d6:af:23:a6:2b:b9:a5:3c:99:00:de:6b:d6:
c2:09:b4:86:ee:07:14:4f:10:5c:7a:e5:ae:4b:2e:be:b9:5e:
a6:45:03:6b:32:c9:70:37:e8:45:3b:e9:fc:36:f1:2d:7f:6e:
3c:55:b3:09:01:7a:09:fc:1f:1f:59:e2:32:c0:52:50:aa:6e:
a2:bd:13:77:a0:d6:73:80:9d:9e:c8:ec:9b:01:02:56:fb:f8:
0a:fe:45:2a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwzAv+VK2dUySVrLxmcnNTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlYjEyY2U2YTkxMDMwZTI3ZDVhYmFkMTQ2ZGYyN2JjMjg4
MDY1MmIwHhcNMjMwMTAyMDQ0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTFkMGE5NDUzZjQxOTU1YWFmYTIxYzBlODJlMTJkNTdhNDJjZDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqaciWmZd8nhFsWPvkB3JUMAlI+82
k8tSBp7dG4o9r0g5wpQF2DWue+cyiMiSc+brvsrLmZrbqtPeW3MRhQPWiuFKSFOa
ks/yPVirB3S8SV4X5vsOTB+tkPU6AjKRNF/UYT6DvS245AFLaUGKae5aZVmi5S8W
Bp6FkgKXK1dy8wlVhtEyjsiwvmjYudY831S4POZ7dgiEKJ3u2UlN1AHzMK0sTvqu
tGBUOzFwxgbOKhLf5wqCZAQDgYNDYejVnFVr00lyU6rqA6oyhohGREQubvUd87iK
bYah2+vy6OrdphblNvVpeClQipa6LB6gtqsuZ2Z/SCO4ymzWa++tajg/iwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFL4dCpRT9BlVqvohwOguEtV6Qs0vMB8GA1UdIwQY
MBaAFL6xLOapEDDifVq60UbfJ7wogGUrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnJFczVxa1FNT0o5V3JyUlJ0OG52Q2lBWlNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC83NDk0MGEtZDlmYS00NTUyLWJlNWMt
YTdhZGU0MzRkNDUxLzEvdmgwS2xGUDBHVldxLWlIQTZDNFMxWHBDelM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC83NDk0MGEtZDlmYS00NTUyLWJlNWMtYTdhZGU0MzRkNDUx
LzEvdnJFczVxa1FNT0o5V3JyUlJ0OG52Q2lBWlNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABQsUAwQA
BQsXAwQAwbrHMA0GCSqGSIb3DQEBCwUAA4IBAQBJYsM1yKgWWsZSjk82W+84diGn
raNufpZsLhM6Jpwqlyi2E3o3RlSdjAk2VcvWuz4XbxHxRbWfWXsBq0pzSxo+SnPY
fJQlUSisJxvNrOAXo97MT88kNRTDtK3GFrEVUNScb9E9/9UmPi+rBTOBawczcHb/
jp2990oP3pLrKYL9dATvcr64xajtsrDllfWWkab6LPTT+aSkmsqdLiddJfpustv5
YRFf1tavI6YruaU8mQDea9bCCbSG7gcUTxBceuWuSy6+uV6mRQNrMslwN+hFO+n8
NvEtf248VbMJAXoJ/B8fWeIywFJQqm6ivRN3oNZzgJ2eyOybAQJW+/gK/kUq
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:58 2025 by rpki-client