Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/b62e77-357a-4aad-bb27-f4485aed7429/1/vqYk9tCVxtXon4nHqsHcxSX5-V4.roa
File: vqYk9tCVxtXon4nHqsHcxSX5-V4.roa (raw, json)
Hash identifier: POo0dzqmfQidsvkUV+8dPr6AJU8yWK9Q8T0ZRBAcx6M=
Subject key identifier: BE:A6:24:F6:D0:95:C6:D5:E8:9F:89:C7:AA:C1:DC:C5:25:F9:F9:5E
Certificate issuer: /CN=f67ed4f7d35575281c176cae3ddcbd40cc5c1dd6
Certificate serial: 018570C2D993C6DD2E4A415AEA1558E91484
Authority key identifier: F6:7E:D4:F7:D3:55:75:28:1C:17:6C:AE:3D:DC:BD:40:CC:5C:1D:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9n7U99NVdSgcF2yuPdy9QMxcHdY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/b62e77-357a-4aad-bb27-f4485aed7429/1/vqYk9tCVxtXon4nHqsHcxSX5-V4.roa
Signing time: Mon 02 Jan 2023 04:34:55 +0000
ROA not before: Mon 02 Jan 2023 04:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50520
IP address blocks: 185.134.112.0/22 maxlen: 22
185.134.112.0/24 maxlen: 24
185.134.113.0/24 maxlen: 24
185.134.115.0/24 maxlen: 24
185.134.114.0/24 maxlen: 24
2a02:fa80:ca02::/48 maxlen: 48
2a02:fa80::/32 maxlen: 32
2a02:fa80:fa80::/48 maxlen: 48
2a02:fa80:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:c2:d9:93:c6:dd:2e:4a:41:5a:ea:15:58:e9:14:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f67ed4f7d35575281c176cae3ddcbd40cc5c1dd6
Validity
Not Before: Jan 2 04:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bea624f6d095c6d5e89f89c7aac1dcc525f9f95e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:5f:a4:5f:f6:70:ce:6f:15:7b:12:6f:6b:fe:
7f:e5:d9:c6:47:fc:d5:05:5d:45:74:d4:c4:65:41:
09:ec:cb:f9:de:41:eb:e2:2d:74:af:16:c6:76:b8:
88:ce:41:41:8e:26:79:22:03:5c:24:af:6c:76:34:
e6:68:9a:85:85:98:67:a1:e5:11:06:e9:c6:23:0f:
7e:4d:b3:4c:4d:aa:6d:1e:bf:6d:07:2b:1a:be:c7:
29:31:77:d6:48:36:6e:d2:5f:5d:ec:b7:4c:0a:fd:
90:bf:dd:4e:75:40:1a:7d:3a:f7:79:94:be:60:53:
bf:22:5a:ec:1a:dc:bc:69:04:e8:93:6f:6f:b2:34:
f7:73:3b:6d:e4:17:33:36:c4:44:e6:b9:ac:fc:75:
bd:b3:ba:1c:4a:0d:53:c5:16:df:6e:29:31:43:ed:
c3:43:8c:70:c0:c7:01:58:d3:40:c6:5a:80:4c:a7:
91:2a:5c:4a:c9:b4:64:7d:e7:2f:43:26:3f:0a:50:
02:0c:cd:d7:46:ca:38:e2:aa:00:14:ec:b4:59:2c:
23:8c:ff:3a:cf:43:56:e6:36:40:88:71:87:19:fe:
23:31:4a:99:c4:70:50:3b:dd:63:7c:17:f4:65:d2:
e7:cd:d1:65:e1:c9:3c:f1:aa:b4:4e:ea:0a:af:55:
da:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:A6:24:F6:D0:95:C6:D5:E8:9F:89:C7:AA:C1:DC:C5:25:F9:F9:5E
X509v3 Authority Key Identifier:
keyid:F6:7E:D4:F7:D3:55:75:28:1C:17:6C:AE:3D:DC:BD:40:CC:5C:1D:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9n7U99NVdSgcF2yuPdy9QMxcHdY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/b62e77-357a-4aad-bb27-f4485aed7429/1/vqYk9tCVxtXon4nHqsHcxSX5-V4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/b62e77-357a-4aad-bb27-f4485aed7429/1/9n7U99NVdSgcF2yuPdy9QMxcHdY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.134.112.0/22
IPv6:
2a02:fa80::/32
Signature Algorithm: sha256WithRSAEncryption
09:ab:1e:00:90:8f:0e:b4:bb:2d:c2:9d:c6:03:bf:ff:60:eb:
c8:ed:5f:f2:bd:04:1c:d0:b9:95:a1:c7:07:b3:9d:d2:b4:fa:
4a:2f:79:cc:9b:08:6f:6b:c2:44:2e:d7:8f:81:4d:14:b8:a5:
d8:17:f5:4d:13:e5:1f:5a:be:93:53:3d:52:e4:00:20:b8:b7:
a5:c5:78:3b:5a:c0:25:b2:a2:af:5e:7e:fb:17:2c:9b:4e:13:
31:76:89:15:d2:0f:4d:ee:97:c1:66:f3:90:c6:d0:73:5a:e0:
1e:5f:78:9d:87:26:81:5b:34:fe:5d:9b:13:23:40:05:60:7f:
01:3c:f9:ed:ee:59:f3:a1:6d:f5:0e:4a:87:3b:f7:e7:28:e8:
5a:24:f4:74:f8:b5:c0:b6:fa:a0:20:d3:bc:b3:f8:3f:6e:30:
5d:56:f5:d5:7f:13:b1:83:65:7a:39:ce:aa:5d:80:07:3a:f4:
f3:fd:fe:ae:93:80:5f:62:a0:da:0f:63:93:2a:d3:f7:c7:be:
f3:b9:5d:ab:fb:c5:b0:45:58:44:1b:75:93:c1:6f:c4:ef:b4:
14:29:9a:4d:d2:c8:20:81:04:5d:13:26:b2:a8:57:cc:24:68:
9e:cf:65:94:a8:39:3f:5a:5d:af:3d:ac:8f:c0:f8:ee:91:d4:
3f:91:38:7c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwwtmTxt0uSkFa6hVY6RSEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2N2VkNGY3ZDM1NTc1MjgxYzE3NmNhZTNkZGNiZDQwY2M1
YzFkZDYwHhcNMjMwMTAyMDQzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWE2MjRmNmQwOTVjNmQ1ZTg5Zjg5YzdhYWMxZGNjNTI1ZjlmOTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAll+kX/Zwzm8VexJva/5/5dnGR/zV
BV1FdNTEZUEJ7Mv53kHr4i10rxbGdriIzkFBjiZ5IgNcJK9sdjTmaJqFhZhnoeUR
BunGIw9+TbNMTaptHr9tBysavscpMXfWSDZu0l9d7LdMCv2Qv91OdUAafTr3eZS+
YFO/IlrsGty8aQTok29vsjT3cztt5BczNsRE5rms/HW9s7ocSg1TxRbfbikxQ+3D
Q4xwwMcBWNNAxlqATKeRKlxKybRkfecvQyY/ClACDM3XRso44qoAFOy0WSwjjP86
z0NW5jZAiHGHGf4jMUqZxHBQO91jfBf0ZdLnzdFl4ck88aq0TuoKr1XaXwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFL6mJPbQlcbV6J+Jx6rB3MUl+fleMB8GA1UdIwQY
MBaAFPZ+1PfTVXUoHBdsrj3cvUDMXB3WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOW43VTk5TlZkU2djRjJ5dVBkeTlRTXhjSGRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9iNjJlNzctMzU3YS00YWFkLWJiMjct
ZjQ0ODVhZWQ3NDI5LzEvdnFZazl0Q1Z4dFhvbjRuSHFzSGN4U1g1LVY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9iNjJlNzctMzU3YS00YWFkLWJiMjctZjQ0ODVhZWQ3NDI5
LzEvOW43VTk5TlZkU2djRjJ5dVBkeTlRTXhjSGRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYZwMA0E
AgACMAcDBQAqAvqAMA0GCSqGSIb3DQEBCwUAA4IBAQAJqx4AkI8OtLstwp3GA7//
YOvI7V/yvQQc0LmVoccHs53StPpKL3nMmwhva8JELtePgU0UuKXYF/VNE+UfWr6T
Uz1S5AAguLelxXg7WsAlsqKvXn77FyybThMxdokV0g9N7pfBZvOQxtBzWuAeX3id
hyaBWzT+XZsTI0AFYH8BPPnt7lnzoW31DkqHO/fnKOhaJPR0+LXAtvqgINO8s/g/
bjBdVvXVfxOxg2V6Oc6qXYAHOvTz/f6uk4BfYqDaD2OTKtP3x77zuV2r+8WwRVhE
G3WTwW/E77QUKZpN0sgggQRdEyayqFfMJGiez2WUqDk/Wl2vPayPwPjukdQ/kTh8
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:23:56 2025 by rpki-client