Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/654f36-ac5a-4292-8140-534d78898d6b/1/VVEMG7rwTL6S2F6aEKyK6Gy3fQg.roa
File: VVEMG7rwTL6S2F6aEKyK6Gy3fQg.roa (raw, json)
Hash identifier: X/8G8gFefd13+roteYjnw7aJ035GbK07K3KS2P99TNQ=
Subject key identifier: 55:51:0C:1B:BA:F0:4C:BE:92:D8:5E:9A:10:AC:8A:E8:6C:B7:7D:08
Certificate issuer: /CN=b55d4e6317c62a1a69dac31f4f143e3bc280ba62
Certificate serial: 018572CCD01859A3BD900AD01083DF5F4B7A
Authority key identifier: B5:5D:4E:63:17:C6:2A:1A:69:DA:C3:1F:4F:14:3E:3B:C2:80:BA:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tV1OYxfGKhpp2sMfTxQ-O8KAumI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/654f36-ac5a-4292-8140-534d78898d6b/1/VVEMG7rwTL6S2F6aEKyK6Gy3fQg.roa
Signing time: Mon 02 Jan 2023 14:05:03 +0000
ROA not before: Mon 02 Jan 2023 14:05:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16321
IP address blocks: 176.116.240.0/20 maxlen: 20
91.196.252.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:d0:18:59:a3:bd:90:0a:d0:10:83:df:5f:4b:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b55d4e6317c62a1a69dac31f4f143e3bc280ba62
Validity
Not Before: Jan 2 14:05:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=55510c1bbaf04cbe92d85e9a10ac8ae86cb77d08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ec:98:51:d6:b9:ca:f7:43:4d:fb:13:29:c5:
64:3f:d7:a9:ab:34:b3:f6:89:3d:0c:ae:bf:ba:49:
ec:2c:b9:80:bd:f7:ad:23:8c:7d:f5:cc:67:a5:9c:
3f:56:16:bb:e2:d9:ac:b4:59:04:90:c4:df:c9:a2:
35:63:79:8b:46:d8:1a:5e:07:4f:27:5b:83:b4:ea:
bb:bc:ab:e2:f0:a1:69:7f:94:8b:53:9d:a6:ae:a3:
fb:47:30:f0:44:1b:42:21:41:a6:d4:ec:86:2a:92:
d4:3e:4e:8e:79:88:f5:03:ea:e9:29:17:fb:81:52:
af:3b:e2:d1:b4:a9:83:1a:a8:d4:59:c7:b6:5c:10:
75:0f:00:74:0c:d4:99:fd:a8:ec:e3:6f:05:9c:4d:
48:ba:86:a3:3a:25:57:9b:b9:af:d0:0a:7f:08:e9:
31:2d:97:c2:6d:2f:7d:37:75:db:99:87:e6:aa:8f:
2f:d3:64:42:77:9a:e3:7f:f5:21:65:94:aa:c3:a3:
4b:52:1e:c1:f8:8b:42:dc:b8:f2:bd:1a:64:8c:dc:
5f:66:17:4c:60:14:60:e0:fb:9f:fb:93:a6:7b:f8:
c9:ab:0d:0a:b2:4e:27:3b:a1:9a:10:63:b0:5c:05:
61:d6:de:14:ef:fb:55:51:9f:ee:7d:a7:c8:a8:cf:
41:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:51:0C:1B:BA:F0:4C:BE:92:D8:5E:9A:10:AC:8A:E8:6C:B7:7D:08
X509v3 Authority Key Identifier:
keyid:B5:5D:4E:63:17:C6:2A:1A:69:DA:C3:1F:4F:14:3E:3B:C2:80:BA:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tV1OYxfGKhpp2sMfTxQ-O8KAumI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/654f36-ac5a-4292-8140-534d78898d6b/1/VVEMG7rwTL6S2F6aEKyK6Gy3fQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/654f36-ac5a-4292-8140-534d78898d6b/1/tV1OYxfGKhpp2sMfTxQ-O8KAumI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.252.0/22
176.116.240.0/20
Signature Algorithm: sha256WithRSAEncryption
49:e5:f9:55:ab:c0:fa:3a:23:45:07:72:f0:dc:95:50:5a:da:
ed:12:c5:df:13:7d:a5:6f:1f:82:cd:b4:71:d2:7d:67:05:be:
e3:c4:8b:b0:e8:39:c1:3e:ad:f1:3f:59:4e:0f:62:45:ca:dd:
14:89:c3:d8:4a:b7:c2:eb:a5:5f:60:4f:2a:c0:94:54:17:1c:
cd:f2:c0:e8:ae:09:e8:dd:94:08:ee:6d:6a:de:8a:79:03:86:
aa:c4:e3:cb:01:9e:f5:1a:4b:e1:e5:a5:e7:70:38:db:b1:b2:
bb:97:56:92:a3:7a:d5:95:4c:70:bd:3c:5d:ee:c5:2b:0c:23:
c7:cd:a6:70:cc:78:7f:b1:8c:52:fb:08:e5:9e:3b:d4:e3:bd:
19:eb:e7:8f:ce:8f:bc:6f:c7:da:fe:7a:b7:be:04:ce:1d:51:
2a:4e:b0:0b:fe:78:67:d5:5b:e2:65:55:91:92:75:f7:c5:2b:
bf:36:ff:15:3e:e9:ac:b0:2b:2b:98:e1:a7:f8:71:ef:07:7c:
fc:52:eb:4e:82:8f:0d:ed:98:19:4f:0c:fe:fe:1b:44:1d:aa:
e0:55:46:a0:f1:42:f8:05:1f:8b:00:8f:46:66:01:54:c4:56:
35:54:89:bd:5b:a0:d0:72:08:3a:1b:5e:a3:95:bb:fe:eb:8c:
df:c0:a8:cc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyzNAYWaO9kArQEIPfX0t6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NWQ0ZTYzMTdjNjJhMWE2OWRhYzMxZjRmMTQzZTNiYzI4
MGJhNjIwHhcNMjMwMTAyMTQwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTUxMGMxYmJhZjA0Y2JlOTJkODVlOWExMGFjOGFlODZjYjc3ZDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAouyYUda5yvdDTfsTKcVkP9epqzSz
9ok9DK6/uknsLLmAvfetI4x99cxnpZw/Vha74tmstFkEkMTfyaI1Y3mLRtgaXgdP
J1uDtOq7vKvi8KFpf5SLU52mrqP7RzDwRBtCIUGm1OyGKpLUPk6OeYj1A+rpKRf7
gVKvO+LRtKmDGqjUWce2XBB1DwB0DNSZ/ajs428FnE1IuoajOiVXm7mv0Ap/COkx
LZfCbS99N3XbmYfmqo8v02RCd5rjf/UhZZSqw6NLUh7B+ItC3LjyvRpkjNxfZhdM
YBRg4Puf+5Ome/jJqw0Ksk4nO6GaEGOwXAVh1t4U7/tVUZ/ufafIqM9BSwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFVRDBu68Ey+kthemhCsiuhst30IMB8GA1UdIwQY
MBaAFLVdTmMXxioaadrDH08UPjvCgLpiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFYxT1l4ZkdLaHBwMnNNZlR4US1POEtBdW1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82NTRmMzYtYWM1YS00MjkyLTgxNDAt
NTM0ZDc4ODk4ZDZiLzEvVlZFTUc3cndUTDZTMkY2YUVLeUs2R3kzZlFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82NTRmMzYtYWM1YS00MjkyLTgxNDAtNTM0ZDc4ODk4ZDZi
LzEvdFYxT1l4ZkdLaHBwMnNNZlR4US1POEtBdW1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8T8AwQE
sHTwMA0GCSqGSIb3DQEBCwUAA4IBAQBJ5flVq8D6OiNFB3Lw3JVQWtrtEsXfE32l
bx+CzbRx0n1nBb7jxIuw6DnBPq3xP1lOD2JFyt0UicPYSrfC66VfYE8qwJRUFxzN
8sDorgno3ZQI7m1q3op5A4aqxOPLAZ71Gkvh5aXncDjbsbK7l1aSo3rVlUxwvTxd
7sUrDCPHzaZwzHh/sYxS+wjlnjvU470Z6+ePzo+8b8fa/nq3vgTOHVEqTrAL/nhn
1VviZVWRknX3xSu/Nv8VPumssCsrmOGn+HHvB3z8UutOgo8N7ZgZTwz+/htEHarg
VUag8UL4BR+LAI9GZgFUxFY1VIm9W6DQcgg6G16jlbv+64zfwKjM
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:33 2025 by rpki-client