Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/VfeEXYy2pSpzGN2HHsgQuU3QSq4.roa
File: VfeEXYy2pSpzGN2HHsgQuU3QSq4.roa (raw, json)
Hash identifier: WGPCEigvXCwRvU7DMZFec6KCSj1je0ABmgY/VT1u3qU=
Subject key identifier: 55:F7:84:5D:8C:B6:A5:2A:73:18:DD:87:1E:C8:10:B9:4D:D0:4A:AE
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01856CCADCA424086F2AE3C895A6654DEB12
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/VfeEXYy2pSpzGN2HHsgQuU3QSq4.roa
Signing time: Sun 01 Jan 2023 10:05:12 +0000
ROA not before: Sun 01 Jan 2023 10:05:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24851
IP address blocks: 192.71.211.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:dc:a4:24:08:6f:2a:e3:c8:95:a6:65:4d:eb:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 10:05:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=55f7845d8cb6a52a7318dd871ec810b94dd04aae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ff:5d:c1:13:78:2f:68:fe:c3:f6:c5:47:01:
9e:94:73:31:5a:d3:05:b8:cf:a6:37:07:57:55:57:
52:76:6c:de:ae:7c:81:15:cf:9a:e0:66:7e:a9:2f:
58:2f:7c:75:b1:37:bc:2e:5e:66:30:87:50:87:e9:
e9:86:49:8e:76:9c:fe:5b:e3:c4:e7:c4:f6:4d:0a:
3f:df:4f:fd:34:11:6b:f2:10:3a:d1:26:27:eb:1e:
51:27:a0:c7:85:a3:c1:78:30:c4:57:5c:25:31:8e:
a8:9b:35:e6:48:59:65:d3:a1:a5:ec:39:c7:67:f6:
2e:10:93:7e:64:b2:ff:d4:de:49:e0:90:8e:08:7f:
42:d6:ec:47:75:d6:4a:55:4d:52:c5:d2:c3:cf:41:
99:69:fa:1a:3b:22:6a:4e:34:f0:2d:ab:eb:e2:82:
c7:7e:83:0b:c3:b1:91:04:73:51:4d:da:c0:6d:fa:
17:65:73:49:47:25:80:18:7d:5d:b9:ab:e3:df:fe:
1d:63:1a:0b:e4:24:8e:72:12:2e:4d:68:6c:66:74:
76:b6:5c:27:19:28:46:31:f0:1e:3e:34:61:f1:32:
84:4f:30:67:7d:52:84:09:52:51:90:1b:b0:49:74:
fa:1f:59:f6:a5:06:85:92:c3:f5:28:0f:e3:e6:dd:
98:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:F7:84:5D:8C:B6:A5:2A:73:18:DD:87:1E:C8:10:B9:4D:D0:4A:AE
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/VfeEXYy2pSpzGN2HHsgQuU3QSq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.211.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:e5:df:e9:97:6c:91:64:d4:7a:9e:b9:b3:fa:cb:81:33:ea:
25:1c:3c:e4:6f:40:47:5c:ea:74:cf:25:56:4d:92:11:29:9a:
41:d5:48:85:ab:36:fb:51:ab:e8:c6:a2:04:e5:80:4f:2a:d6:
29:ef:9d:49:9f:3f:6a:5a:b3:53:44:12:cd:3c:51:4c:28:13:
9d:eb:3e:db:aa:a5:3b:cb:63:67:d8:4c:b5:b8:a7:0c:ff:f9:
67:32:4f:a1:c0:60:10:80:e3:ae:e0:9b:50:ba:d6:8e:58:4e:
45:50:24:a2:1b:27:72:58:a5:f6:0c:d2:81:8e:3f:ee:02:3c:
6b:c5:83:3d:cc:6e:aa:df:41:ac:bf:57:c6:db:4e:b5:e7:41:
1a:9d:4d:3e:a3:d8:0f:a4:4b:ec:ca:2f:b8:88:d4:0d:09:90:
d0:06:97:a6:50:55:75:56:d7:20:f5:e1:0d:80:6b:4a:88:c3:
f1:9a:7e:dd:62:4c:38:96:84:e8:66:c6:73:e3:45:31:18:c8:
22:26:67:d4:50:8e:78:81:1f:47:64:5d:f1:5f:58:91:ca:e1:
f0:58:7a:0b:7e:52:aa:71:d4:9f:03:9d:7e:c9:2c:91:cc:51:
0b:fb:ba:d7:82:31:f8:f9:4e:45:87:8b:3c:36:72:e4:e6:a8:
cb:20:7a:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsytykJAhvKuPIlaZlTesSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMTAxMTAwNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWY3ODQ1ZDhjYjZhNTJhNzMxOGRkODcxZWM4MTBiOTRkZDA0YWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjv9dwRN4L2j+w/bFRwGelHMxWtMF
uM+mNwdXVVdSdmzernyBFc+a4GZ+qS9YL3x1sTe8Ll5mMIdQh+nphkmOdpz+W+PE
58T2TQo/30/9NBFr8hA60SYn6x5RJ6DHhaPBeDDEV1wlMY6omzXmSFll06Gl7DnH
Z/YuEJN+ZLL/1N5J4JCOCH9C1uxHddZKVU1SxdLDz0GZafoaOyJqTjTwLavr4oLH
foMLw7GRBHNRTdrAbfoXZXNJRyWAGH1duavj3/4dYxoL5CSOchIuTWhsZnR2tlwn
GShGMfAePjRh8TKETzBnfVKECVJRkBuwSXT6H1n2pQaFksP1KA/j5t2YnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFX3hF2MtqUqcxjdhx7IELlN0EquMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvVmZlRVhZeTJwU3B6R04ySEhzZ1F1VTNRU3E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwEfTMA0G
CSqGSIb3DQEBCwUAA4IBAQC75d/pl2yRZNR6nrmz+suBM+olHDzkb0BHXOp0zyVW
TZIRKZpB1UiFqzb7UavoxqIE5YBPKtYp751Jnz9qWrNTRBLNPFFMKBOd6z7bqqU7
y2Nn2Ey1uKcM//lnMk+hwGAQgOOu4JtQutaOWE5FUCSiGydyWKX2DNKBjj/uAjxr
xYM9zG6q30Gsv1fG206150EanU0+o9gPpEvsyi+4iNQNCZDQBpemUFV1Vtcg9eEN
gGtKiMPxmn7dYkw4loToZsZz40UxGMgiJmfUUI54gR9HZF3xX1iRyuHwWHoLflKq
cdSfA51+ySyRzFEL+7rXgjH4+U5Fh4s8NnLk5qjLIHoB
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:32 2025 by rpki-client