Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/0d8088-ea93-4abb-8996-21cf56cbce12/1/VneO8CWzfNTp-XqVgoaJgbSjBrM.roa
File: VneO8CWzfNTp-XqVgoaJgbSjBrM.roa (raw, json)
Hash identifier: KkCnGF84IuLsU9TgHQGQjivW5owOgbuPjTH7EFiXt0w=
Subject key identifier: 56:77:8E:F0:25:B3:7C:D4:E9:F9:7A:95:82:86:89:81:B4:A3:06:B3
Certificate issuer: /CN=44a7e5a33d9c5a965d9fbfdeecdc871af0a5d4f8
Certificate serial: 0185719E943DC7C0448B9C38608A6B36E5D4
Authority key identifier: 44:A7:E5:A3:3D:9C:5A:96:5D:9F:BF:DE:EC:DC:87:1A:F0:A5:D4:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RKfloz2cWpZdn7_e7NyHGvCl1Pg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/0d8088-ea93-4abb-8996-21cf56cbce12/1/VneO8CWzfNTp-XqVgoaJgbSjBrM.roa
Signing time: Mon 02 Jan 2023 08:34:56 +0000
ROA not before: Mon 02 Jan 2023 08:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49969
IP address blocks: 195.211.132.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:9e:94:3d:c7:c0:44:8b:9c:38:60:8a:6b:36:e5:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44a7e5a33d9c5a965d9fbfdeecdc871af0a5d4f8
Validity
Not Before: Jan 2 08:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=56778ef025b37cd4e9f97a9582868981b4a306b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:d9:48:36:32:c4:b6:b9:82:49:04:62:a9:95:
79:70:0e:f8:06:a9:ac:5e:41:83:c8:e8:4d:b8:ca:
6d:26:fb:6f:0d:dd:a7:81:5c:55:cd:cb:be:43:f0:
2b:3c:aa:cc:5b:8c:46:88:0a:9f:c2:24:22:03:35:
e7:69:88:ef:77:18:6d:af:9d:df:b6:06:fe:72:03:
f1:c8:c5:d8:61:c9:ab:52:80:07:f5:2d:2e:e3:9f:
96:48:2d:9c:76:8d:31:45:f9:01:5a:c7:3e:87:e4:
83:9f:0a:31:7a:4e:a1:48:04:80:aa:56:1d:32:e8:
dd:0c:17:8d:d9:31:35:28:b1:99:6d:ba:aa:7a:5d:
b3:a5:9b:cb:cf:c9:30:57:d4:13:41:0f:11:93:11:
19:17:2d:37:9c:0b:2e:a8:53:6a:b5:e7:c9:3c:61:
ec:a8:d0:aa:37:0a:af:b1:6e:c2:8a:aa:9a:62:93:
d2:9c:61:3b:f2:03:d2:94:1a:c8:19:10:a9:cf:a8:
ec:16:5b:91:9f:61:fe:01:05:9a:21:64:ba:3a:02:
94:9b:c3:d3:5b:12:9f:e7:a8:20:66:98:8b:c6:d6:
33:d2:ee:71:e4:ee:f2:73:05:d1:eb:25:50:2b:b3:
4f:82:fb:72:93:a7:d0:ac:db:6f:61:dc:5d:f0:30:
a0:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:77:8E:F0:25:B3:7C:D4:E9:F9:7A:95:82:86:89:81:B4:A3:06:B3
X509v3 Authority Key Identifier:
keyid:44:A7:E5:A3:3D:9C:5A:96:5D:9F:BF:DE:EC:DC:87:1A:F0:A5:D4:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RKfloz2cWpZdn7_e7NyHGvCl1Pg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0d8088-ea93-4abb-8996-21cf56cbce12/1/VneO8CWzfNTp-XqVgoaJgbSjBrM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0d8088-ea93-4abb-8996-21cf56cbce12/1/RKfloz2cWpZdn7_e7NyHGvCl1Pg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.211.132.0/22
Signature Algorithm: sha256WithRSAEncryption
00:28:29:04:b1:41:66:31:66:57:69:0a:0b:ec:20:60:d3:e7:
3f:b8:a8:6c:35:a2:f4:99:d9:71:44:fd:58:6b:07:d4:74:f9:
04:fd:12:52:13:2a:94:18:9e:b5:f3:75:0d:70:eb:ee:d1:00:
79:2a:af:6d:f8:9d:06:c1:eb:79:0e:ec:7b:40:3c:2f:9d:82:
48:fe:30:36:3b:78:d7:9c:d7:5d:33:56:67:75:89:26:c1:b7:
cd:39:a8:49:19:cb:fc:b6:01:90:4c:76:70:28:89:cd:74:14:
18:60:05:71:ef:b8:93:7e:9f:15:bf:e4:ec:a4:3d:63:18:ab:
b9:fe:34:2c:99:dc:bf:9f:51:b6:e2:1b:78:fe:a5:6a:f4:d9:
27:81:95:89:98:ec:00:e2:ac:0a:d7:98:64:3f:5b:45:0a:7b:
a0:24:69:ff:1c:5d:48:fb:4f:9d:1c:60:2c:91:43:8c:e0:ec:
4e:03:fe:18:71:ee:a5:79:8a:e2:aa:88:f9:32:cd:a2:56:59:
05:22:fe:79:8b:6b:8f:5a:b2:64:b3:04:c2:24:82:3a:d4:fe:
7b:07:0a:68:44:66:8e:6f:79:3a:5e:18:84:ed:96:6d:5c:7f:
d4:26:2b:de:2c:92:15:b7:31:97:e4:2f:bb:22:44:73:fa:54:
fc:fd:76:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxnpQ9x8BEi5w4YIprNuXUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YTdlNWEzM2Q5YzVhOTY1ZDlmYmZkZWVjZGM4NzFhZjBh
NWQ0ZjgwHhcNMjMwMTAyMDgzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Njc3OGVmMDI1YjM3Y2Q0ZTlmOTdhOTU4Mjg2ODk4MWI0YTMwNmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9lINjLEtrmCSQRiqZV5cA74Bqms
XkGDyOhNuMptJvtvDd2ngVxVzcu+Q/ArPKrMW4xGiAqfwiQiAzXnaYjvdxhtr53f
tgb+cgPxyMXYYcmrUoAH9S0u45+WSC2cdo0xRfkBWsc+h+SDnwoxek6hSASAqlYd
MujdDBeN2TE1KLGZbbqqel2zpZvLz8kwV9QTQQ8RkxEZFy03nAsuqFNqtefJPGHs
qNCqNwqvsW7CiqqaYpPSnGE78gPSlBrIGRCpz6jsFluRn2H+AQWaIWS6OgKUm8PT
WxKf56ggZpiLxtYz0u5x5O7ycwXR6yVQK7NPgvtyk6fQrNtvYdxd8DCgdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFZ3jvAls3zU6fl6lYKGiYG0owazMB8GA1UdIwQY
MBaAFESn5aM9nFqWXZ+/3uzchxrwpdT4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUktmbG96MmNXcFpkbjdfZTdOeUhHdkNsMVBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8wZDgwODgtZWE5My00YWJiLTg5OTYt
MjFjZjU2Y2JjZTEyLzEvVm5lTzhDV3pmTlRwLVhxVmdvYUpnYlNqQnJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8wZDgwODgtZWE5My00YWJiLTg5OTYtMjFjZjU2Y2JjZTEy
LzEvUktmbG96MmNXcFpkbjdfZTdOeUhHdkNsMVBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw9OEMA0G
CSqGSIb3DQEBCwUAA4IBAQAAKCkEsUFmMWZXaQoL7CBg0+c/uKhsNaL0mdlxRP1Y
awfUdPkE/RJSEyqUGJ6183UNcOvu0QB5Kq9t+J0Gwet5Dux7QDwvnYJI/jA2O3jX
nNddM1ZndYkmwbfNOahJGcv8tgGQTHZwKInNdBQYYAVx77iTfp8Vv+TspD1jGKu5
/jQsmdy/n1G24ht4/qVq9NkngZWJmOwA4qwK15hkP1tFCnugJGn/HF1I+0+dHGAs
kUOM4OxOA/4Yce6leYriqoj5Ms2iVlkFIv55i2uPWrJkswTCJII61P57BwpoRGaO
b3k6XhiE7ZZtXH/UJiveLJIVtzGX5C+7IkRz+lT8/Xa3
-----END CERTIFICATE-----
Generated at Wed Apr 23 07:36:14 2025 by rpki-client