Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/23d525-8296-4f9c-9de4-91e32c517152/1/vFMqrAQisdqLT8k_m1hrBWZ2M7g.roa
File: vFMqrAQisdqLT8k_m1hrBWZ2M7g.roa (raw, json)
Hash identifier: v6b5jTTJByf+utzZx5f/rMUkpFksPjfMN2SD+4SnwtI=
Subject key identifier: BC:53:2A:AC:04:22:B1:DA:8B:4F:C9:3F:9B:58:6B:05:66:76:33:B8
Certificate issuer: /CN=56c8a1713c7476e00ed2b77fd98fd89330365d87
Certificate serial: 01856FE71168F926616E4F6405D7A7F19038
Authority key identifier: 56:C8:A1:71:3C:74:76:E0:0E:D2:B7:7F:D9:8F:D8:93:30:36:5D:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VsihcTx0duAO0rd_2Y_YkzA2XYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/23d525-8296-4f9c-9de4-91e32c517152/1/vFMqrAQisdqLT8k_m1hrBWZ2M7g.roa
Signing time: Mon 02 Jan 2023 00:34:52 +0000
ROA not before: Mon 02 Jan 2023 00:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210672
IP address blocks: 88.80.149.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e7:11:68:f9:26:61:6e:4f:64:05:d7:a7:f1:90:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56c8a1713c7476e00ed2b77fd98fd89330365d87
Validity
Not Before: Jan 2 00:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc532aac0422b1da8b4fc93f9b586b05667633b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:96:09:bc:bc:ac:27:02:4e:8e:9d:90:80:38:
51:5b:07:b0:12:94:b7:73:2f:55:b5:3d:06:62:da:
9b:89:48:06:e4:22:02:c0:e9:10:7c:19:c6:ab:bd:
f9:76:bb:1a:39:fb:a8:14:03:c3:0e:aa:15:e0:e4:
d9:34:18:85:9a:5d:1b:10:a0:11:b8:33:c1:46:c2:
7d:4a:ec:8d:ea:09:7e:77:74:e0:8a:14:3e:08:75:
20:41:92:c9:ae:e3:92:a2:bc:2f:b6:fb:a1:87:93:
19:f1:3f:36:79:d4:53:e1:fd:f1:63:0c:b5:94:aa:
38:74:99:d4:44:cb:b2:8c:00:9e:f7:74:79:99:cf:
f1:55:ae:02:b5:83:ac:b6:41:4f:21:d1:4b:78:ac:
6c:d1:05:02:55:b9:52:5c:fb:d8:40:d2:2b:73:fb:
5f:81:ff:3b:ad:43:9b:02:4d:9f:d7:a2:53:dd:5c:
11:7b:48:b7:e1:51:ef:29:e3:a0:7c:06:9b:db:57:
a7:de:9f:35:02:75:dc:62:68:ad:cb:90:ed:5a:66:
81:9d:0e:46:23:ec:6c:eb:af:5c:25:0f:2b:a2:08:
73:d0:85:ae:f6:d4:2c:82:05:21:e5:5a:8b:f6:09:
84:a5:48:4e:94:eb:fa:67:c5:e2:64:54:b3:6b:d2:
e2:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:53:2A:AC:04:22:B1:DA:8B:4F:C9:3F:9B:58:6B:05:66:76:33:B8
X509v3 Authority Key Identifier:
keyid:56:C8:A1:71:3C:74:76:E0:0E:D2:B7:7F:D9:8F:D8:93:30:36:5D:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VsihcTx0duAO0rd_2Y_YkzA2XYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/23d525-8296-4f9c-9de4-91e32c517152/1/vFMqrAQisdqLT8k_m1hrBWZ2M7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/23d525-8296-4f9c-9de4-91e32c517152/1/VsihcTx0duAO0rd_2Y_YkzA2XYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.80.149.0/24
Signature Algorithm: sha256WithRSAEncryption
74:a2:6d:7c:09:91:f6:76:a1:83:53:80:ab:cc:30:d1:7c:4d:
a0:cb:8f:04:2a:9b:4d:f3:60:5f:e2:5d:1b:cb:5d:94:de:85:
b3:c4:cf:88:a3:f6:3d:5b:75:6b:e9:99:45:47:37:a3:4d:c2:
c8:fd:6e:a5:70:92:99:6f:d5:db:6b:d8:d3:da:2f:90:41:86:
c0:28:62:8d:8f:d5:cb:f8:8b:5b:eb:e2:f7:ac:3d:3f:9e:6b:
91:f1:fc:e2:f9:55:b7:3a:77:16:bc:c3:99:e4:95:b5:33:de:
66:b9:03:64:e9:b4:ec:76:04:89:36:a8:1c:ca:ea:d9:1a:26:
32:d7:72:2f:48:ce:2d:b7:68:9f:c2:34:5c:17:9f:33:ad:09:
f3:90:30:31:21:fd:87:c9:67:e9:bd:25:0b:b1:0f:b1:77:38:
1b:17:e5:f3:bf:4b:66:50:a8:ed:2c:cd:72:4b:8a:1a:94:97:
34:ea:63:a6:75:40:9d:1b:16:a5:b0:86:ca:b8:d0:28:2e:11:
78:8e:66:31:3f:60:e0:f1:f2:95:17:d9:15:f1:9b:d7:4b:1d:
54:e9:1e:41:3d:f0:d9:13:ef:fb:fb:87:bb:9d:f0:6e:75:3f:
31:c9:eb:0f:01:3d:84:fb:7f:33:34:95:27:5c:20:90:96:5b:
9f:e2:5e:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv5xFo+SZhbk9kBden8ZA4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YzhhMTcxM2M3NDc2ZTAwZWQyYjc3ZmQ5OGZkODkzMzAz
NjVkODcwHhcNMjMwMTAyMDAzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzUzMmFhYzA0MjJiMWRhOGI0ZmM5M2Y5YjU4NmIwNTY2NzYzM2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZYJvLysJwJOjp2QgDhRWwewEpS3
cy9VtT0GYtqbiUgG5CICwOkQfBnGq735drsaOfuoFAPDDqoV4OTZNBiFml0bEKAR
uDPBRsJ9SuyN6gl+d3TgihQ+CHUgQZLJruOSorwvtvuhh5MZ8T82edRT4f3xYwy1
lKo4dJnURMuyjACe93R5mc/xVa4CtYOstkFPIdFLeKxs0QUCVblSXPvYQNIrc/tf
gf87rUObAk2f16JT3VwRe0i34VHvKeOgfAab21en3p81AnXcYmity5DtWmaBnQ5G
I+xs669cJQ8roghz0IWu9tQsggUh5VqL9gmEpUhOlOv6Z8XiZFSza9LiwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLxTKqwEIrHai0/JP5tYawVmdjO4MB8GA1UdIwQY
MBaAFFbIoXE8dHbgDtK3f9mP2JMwNl2HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnNpaGNUeDBkdUFPMHJkXzJZX1lrekEyWFljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8yM2Q1MjUtODI5Ni00ZjljLTlkZTQt
OTFlMzJjNTE3MTUyLzEvdkZNcXJBUWlzZHFMVDhrX20xaHJCV1oyTTdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8yM2Q1MjUtODI5Ni00ZjljLTlkZTQtOTFlMzJjNTE3MTUy
LzEvVnNpaGNUeDBkdUFPMHJkXzJZX1lrekEyWFljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWFCVMA0G
CSqGSIb3DQEBCwUAA4IBAQB0om18CZH2dqGDU4CrzDDRfE2gy48EKptN82Bf4l0b
y12U3oWzxM+Io/Y9W3Vr6ZlFRzejTcLI/W6lcJKZb9Xba9jT2i+QQYbAKGKNj9XL
+Itb6+L3rD0/nmuR8fzi+VW3OncWvMOZ5JW1M95muQNk6bTsdgSJNqgcyurZGiYy
13IvSM4tt2ifwjRcF58zrQnzkDAxIf2HyWfpvSULsQ+xdzgbF+Xzv0tmUKjtLM1y
S4oalJc06mOmdUCdGxalsIbKuNAoLhF4jmYxP2Dg8fKVF9kV8ZvXSx1U6R5BPfDZ
E+/7+4e7nfBudT8xyesPAT2E+38zNJUnXCCQlluf4l6N
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:27 2025 by rpki-client