Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/60d02f-1163-4666-9be9-7dfbbae0368e/1/vhyuWqZOQzAIhdUwkwxkXNlPD3E.roa
File: vhyuWqZOQzAIhdUwkwxkXNlPD3E.roa (raw, json)
Hash identifier: 6aAELVV1wI9sAr0PIejcGe5IRpNU1Iqrlxj7OQiPJtk=
Subject key identifier: BE:1C:AE:5A:A6:4E:43:30:08:85:D5:30:93:0C:64:5C:D9:4F:0F:71
Certificate issuer: /CN=c53b29170b56a84241f4b84fd4daff0836d503c6
Certificate serial: 0185A5891C5F0B7B8677B06620EC2BC820DA
Authority key identifier: C5:3B:29:17:0B:56:A8:42:41:F4:B8:4F:D4:DA:FF:08:36:D5:03:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xTspFwtWqEJB9LhP1Nr_CDbVA8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/60d02f-1163-4666-9be9-7dfbbae0368e/1/vhyuWqZOQzAIhdUwkwxkXNlPD3E.roa
Signing time: Thu 12 Jan 2023 10:31:44 +0000
ROA not before: Thu 12 Jan 2023 10:31:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201228
IP address blocks: 193.29.10.0/23 maxlen: 24
193.29.20.0/23 maxlen: 24
2a0f:a580::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a5:89:1c:5f:0b:7b:86:77:b0:66:20:ec:2b:c8:20:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c53b29170b56a84241f4b84fd4daff0836d503c6
Validity
Not Before: Jan 12 10:31:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be1cae5aa64e43300885d530930c645cd94f0f71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:09:3a:34:74:6c:ea:41:db:91:bf:6c:ed:c2:
eb:52:d0:53:f9:29:d2:e7:dd:8f:4e:ba:9f:c4:8a:
39:f0:77:ac:8b:8f:2f:30:fd:ee:e8:66:7b:a4:0a:
3c:5a:a0:3b:83:97:5b:6b:0a:ce:cd:46:51:d6:ec:
1d:a5:41:71:d5:3a:b6:45:17:33:54:46:5c:8b:52:
88:93:ca:1e:64:64:82:a0:dd:a3:e6:af:4c:7b:8a:
eb:5e:15:ca:3b:4b:b4:7b:b8:b5:a0:46:50:ec:a1:
01:21:ce:04:b8:de:cd:ed:f8:1f:21:af:85:5d:e2:
0a:b1:a7:bd:c2:b4:fc:6c:cf:e6:90:83:84:74:27:
3a:21:d7:71:32:03:54:24:1c:22:31:a4:c9:ae:aa:
90:d0:50:6e:fb:70:28:ed:a1:d7:e6:71:b8:0e:b7:
82:b2:a7:02:1b:5b:c0:8e:0d:4b:8e:43:ed:58:82:
91:ee:12:c5:98:91:6a:81:a8:81:c9:67:47:2a:21:
02:c3:c7:8b:ec:43:42:2e:35:5a:0f:93:f6:d4:c2:
82:0d:3f:41:6a:09:ef:94:eb:b1:0c:a1:e7:7e:56:
5f:72:bc:90:45:c6:27:96:3e:af:6f:bd:e9:ec:cb:
36:e5:8c:c2:6b:e4:76:7e:1a:f4:4b:5d:cd:79:d3:
c9:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:1C:AE:5A:A6:4E:43:30:08:85:D5:30:93:0C:64:5C:D9:4F:0F:71
X509v3 Authority Key Identifier:
keyid:C5:3B:29:17:0B:56:A8:42:41:F4:B8:4F:D4:DA:FF:08:36:D5:03:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xTspFwtWqEJB9LhP1Nr_CDbVA8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/60d02f-1163-4666-9be9-7dfbbae0368e/1/vhyuWqZOQzAIhdUwkwxkXNlPD3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/60d02f-1163-4666-9be9-7dfbbae0368e/1/xTspFwtWqEJB9LhP1Nr_CDbVA8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.29.10.0/23
193.29.20.0/23
IPv6:
2a0f:a580::/29
Signature Algorithm: sha256WithRSAEncryption
b1:0d:9e:d9:e5:8c:8c:45:33:bd:38:6d:64:c0:c5:a1:02:1f:
ab:40:bc:85:73:9d:81:25:fc:14:55:5a:0c:1f:7f:3b:b8:03:
85:25:45:65:42:ea:bb:19:f5:19:7c:cc:48:cb:65:fe:5f:a8:
bd:87:5f:fd:cb:ad:53:0c:87:ec:dd:bc:40:0f:fe:5a:91:84:
4a:65:be:c4:ef:24:b6:d8:c7:ec:40:09:df:c0:43:1d:02:5f:
9c:e4:f9:35:2d:48:45:3e:23:14:e9:91:8a:18:df:50:69:ae:
07:cd:d2:9c:e3:ef:b8:43:da:b5:89:ed:57:dd:d9:5b:55:8f:
7c:dd:79:b8:6c:99:9f:7c:9e:8d:23:97:f5:21:8f:6a:bf:2d:
9e:a2:aa:ac:af:c3:d2:89:6f:84:b3:f0:70:37:04:fc:35:b1:
73:e1:ca:fd:6f:12:84:fb:2f:85:6c:21:b3:d3:44:0b:42:c0:
bd:a4:97:3c:21:75:37:6f:ee:3d:f5:b3:50:94:7c:2e:33:86:
f2:24:04:87:4a:ff:73:12:1e:b4:08:a2:69:3b:e1:60:5a:e6:
bb:31:26:9e:7d:80:12:e4:b8:57:89:74:63:b9:ae:54:1d:38:
95:c0:96:6c:47:75:1a:b3:4a:ad:ce:17:15:61:16:d6:96:25:
66:ca:5c:33
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYWliRxfC3uGd7BmIOwryCDaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1M2IyOTE3MGI1NmE4NDI0MWY0Yjg0ZmQ0ZGFmZjA4MzZk
NTAzYzYwHhcNMjMwMTEyMTAzMTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTFjYWU1YWE2NGU0MzMwMDg4NWQ1MzA5MzBjNjQ1Y2Q5NGYwZjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQk6NHRs6kHbkb9s7cLrUtBT+SnS
592PTrqfxIo58Hesi48vMP3u6GZ7pAo8WqA7g5dbawrOzUZR1uwdpUFx1Tq2RRcz
VEZci1KIk8oeZGSCoN2j5q9Me4rrXhXKO0u0e7i1oEZQ7KEBIc4EuN7N7fgfIa+F
XeIKsae9wrT8bM/mkIOEdCc6IddxMgNUJBwiMaTJrqqQ0FBu+3Ao7aHX5nG4DreC
sqcCG1vAjg1LjkPtWIKR7hLFmJFqgaiByWdHKiECw8eL7ENCLjVaD5P21MKCDT9B
agnvlOuxDKHnflZfcryQRcYnlj6vb73p7Ms25YzCa+R2fhr0S13NedPJQQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFL4crlqmTkMwCIXVMJMMZFzZTw9xMB8GA1UdIwQY
MBaAFMU7KRcLVqhCQfS4T9Ta/wg21QPGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFRzcEZ3dFdxRUpCOUxoUDFOcl9DRGJWQThZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS82MGQwMmYtMTE2My00NjY2LTliZTkt
N2RmYmJhZTAzNjhlLzEvdmh5dVdxWk9RekFJaGRVd2t3eGtYTmxQRDNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS82MGQwMmYtMTE2My00NjY2LTliZTktN2RmYmJhZTAzNjhl
LzEveFRzcEZ3dFdxRUpCOUxoUDFOcl9DRGJWQThZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBwR0KAwQB
wR0UMA0EAgACMAcDBQMqD6WAMA0GCSqGSIb3DQEBCwUAA4IBAQCxDZ7Z5YyMRTO9
OG1kwMWhAh+rQLyFc52BJfwUVVoMH387uAOFJUVlQuq7GfUZfMxIy2X+X6i9h1/9
y61TDIfs3bxAD/5akYRKZb7E7yS22MfsQAnfwEMdAl+c5Pk1LUhFPiMU6ZGKGN9Q
aa4HzdKc4++4Q9q1ie1X3dlbVY983Xm4bJmffJ6NI5f1IY9qvy2eoqqsr8PSiW+E
s/BwNwT8NbFz4cr9bxKE+y+FbCGz00QLQsC9pJc8IXU3b+499bNQlHwuM4byJASH
Sv9zEh60CKJpO+FgWua7MSaefYAS5LhXiXRjua5UHTiVwJZsR3Uas0qtzhcVYRbW
liVmylwz
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:23 2025 by rpki-client