Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/vyfUXO1bDJ0IhrvlY3N9GlfCT0o.roa
File: vyfUXO1bDJ0IhrvlY3N9GlfCT0o.roa (raw, json)
Hash identifier: nuGa+XWaPhzqe6FjGLeZQY95Bn2ldZGRHfFaxy8iZao=
Subject key identifier: BF:27:D4:5C:ED:5B:0C:9D:08:86:BB:E5:63:73:7D:1A:57:C2:4F:4A
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 42610678
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/vyfUXO1bDJ0IhrvlY3N9GlfCT0o.roa
Signing time: Sat 01 Jan 2022 14:03:04 +0000
ROA not before: Sat 01 Jan 2022 14:03:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29216
IP address blocks: 192.36.148.0/23 maxlen: 23
192.36.148.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1113654904 (0x42610678)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 14:03:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bf27d45ced5b0c9d0886bbe563737d1a57c24f4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:4d:97:18:78:a4:56:4f:23:a4:91:27:35:1e:
75:4b:cb:5d:87:b5:ab:37:94:af:52:9c:bf:e5:1f:
75:01:3b:93:f2:a2:e6:11:1d:64:b7:d1:1a:78:1a:
ee:92:a7:7a:b5:ec:d4:1a:ff:53:35:92:8b:07:8b:
b4:3b:90:b6:00:f9:89:5f:1c:e2:b3:9c:8f:59:fd:
5e:aa:bb:f8:69:37:7f:78:bb:b5:ea:3f:d2:61:d9:
af:90:84:ba:76:e4:67:9e:c2:63:95:83:30:d1:1b:
56:f6:c2:fa:a7:10:64:5a:a6:1d:2d:43:a0:f1:2c:
fa:fa:5c:45:f7:83:a7:eb:4b:f2:41:23:e8:c5:9e:
d1:e6:93:c6:70:af:d8:02:41:d8:b7:2c:41:4d:11:
08:fc:39:70:07:89:df:e6:73:96:c5:81:96:83:c7:
b3:81:a9:c8:06:09:f5:38:6d:79:c7:07:a4:a6:fd:
d0:c1:13:0c:c8:6a:b2:c7:81:5c:5d:33:ca:0a:2b:
a6:59:03:2a:78:51:b2:c1:78:98:5a:dd:55:66:47:
bd:f2:c4:c0:f4:49:36:e4:7b:f0:fc:b4:ad:24:a2:
7d:f7:89:c0:17:40:ee:9a:81:39:ba:cc:0d:5d:52:
93:47:07:d5:e7:ed:3e:38:b5:cf:8e:17:31:04:3d:
46:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:27:D4:5C:ED:5B:0C:9D:08:86:BB:E5:63:73:7D:1A:57:C2:4F:4A
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/vyfUXO1bDJ0IhrvlY3N9GlfCT0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.148.0/23
Signature Algorithm: sha256WithRSAEncryption
b2:e8:44:53:d5:62:0c:10:af:1b:a6:22:55:78:41:10:c7:e3:
74:20:8e:e1:81:eb:f7:6f:de:92:8e:d9:a5:f6:c6:41:2e:5c:
4d:ac:c9:20:d8:16:17:15:18:38:54:f9:9b:04:48:ec:9a:9d:
5b:28:0a:2f:ef:fa:f9:55:7c:8f:96:e2:bb:e9:9e:5d:f5:5c:
4f:b0:c8:4f:59:74:7d:5d:a8:2e:70:3e:d6:c5:db:7d:03:cd:
96:43:89:ee:25:37:9c:1e:9d:62:18:e8:48:d7:d7:e2:27:4d:
04:de:33:b5:ef:f2:02:a3:70:cc:5d:04:7a:81:04:9e:43:35:
13:6b:2e:74:f3:df:5e:4e:11:0e:9b:cd:0c:fb:81:b0:91:b4:
c9:87:57:c9:26:f1:c1:f6:6f:25:16:40:1d:63:b6:20:8c:3a:
3f:0a:94:ed:62:6c:85:32:f1:0a:7e:64:17:b0:7c:30:ff:c2:
9b:09:35:b1:5b:46:48:6c:2e:4f:a9:0f:db:29:25:cf:5c:01:
b4:23:5d:f6:cb:71:75:07:4f:92:80:87:a6:88:2a:86:c9:a3:
c5:26:c9:f1:d4:b6:a3:1b:06:39:d1:e5:79:59:d5:d1:bc:2f:
a4:76:b7:20:0b:28:a7:e8:4a:56:2c:4a:89:52:a2:81:12:d0:
af:ed:2a:ad
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEQmEGeDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTM1YzdmNTcxZWVmZWI2NzQwNGFiNmM0NWZkNDc1NTUxYWRhZjFiMB4XDTIyMDEw
MTE0MDMwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmYyN2Q0NWNlZDVi
MGM5ZDA4ODZiYmU1NjM3MzdkMWE1N2MyNGY0YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKNNlxh4pFZPI6SRJzUedUvLXYe1qzeUr1Kcv+UfdQE7k/Ki
5hEdZLfRGnga7pKnerXs1Br/UzWSiweLtDuQtgD5iV8c4rOcj1n9Xqq7+Gk3f3i7
teo/0mHZr5CEunbkZ57CY5WDMNEbVvbC+qcQZFqmHS1DoPEs+vpcRfeDp+tL8kEj
6MWe0eaTxnCv2AJB2LcsQU0RCPw5cAeJ3+ZzlsWBloPHs4GpyAYJ9ThteccHpKb9
0METDMhqsseBXF0zygorplkDKnhRssF4mFrdVWZHvfLEwPRJNuR78Py0rSSiffeJ
wBdA7pqBObrMDV1Sk0cH1eftPji1z44XMQQ9RmMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS/J9Rc7VsMnQiGu+Vjc30aV8JPSjAfBgNVHSMEGDAWgBQhNcf1ce7+tnQE
q2xF/UdVUa2vGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lUWEg5WEh1X3JaMEJLdHNSZjFIVlZHdHJ4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8x
L3Z5ZlVYTzFiREowSWhydmxZM045R2xmQ1Qwby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
NjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8xL0lUWEg5WEh1X3Ja
MEJLdHNSZjFIVlZHdHJ4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcAklDANBgkqhkiG9w0BAQsFAAOC
AQEAsuhEU9ViDBCvG6YiVXhBEMfjdCCO4YHr92/eko7ZpfbGQS5cTazJINgWFxUY
OFT5mwRI7JqdWygKL+/6+VV8j5biu+meXfVcT7DIT1l0fV2oLnA+1sXbfQPNlkOJ
7iU3nB6dYhjoSNfX4idNBN4zte/yAqNwzF0EeoEEnkM1E2sudPPfXk4RDpvNDPuB
sJG0yYdXySbxwfZvJRZAHWO2IIw6PwqU7WJshTLxCn5kF7B8MP/Cmwk1sVtGSGwu
T6kP2yklz1wBtCNd9stxdQdPkoCHpogqhsmjxSbJ8dS2oxsGOdHleVnV0bwvpHa3
IAsop+hKVixKiVKigRLQr+0qrQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:47 2025 by rpki-client