Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/0caaeb-287d-4ed5-ad7e-6b1d0714554a/1/VuYWsu0xIG7XgrTvo4V7XBVxzXg.roa
File: VuYWsu0xIG7XgrTvo4V7XBVxzXg.roa (raw, json)
Hash identifier: UIFeA1hvNNCsE+dHtvLI1vGqigwyceHc87XAWaW53+c=
Subject key identifier: 56:E6:16:B2:ED:31:20:6E:D7:82:B4:EF:A3:85:7B:5C:15:71:CD:78
Certificate issuer: /CN=3bffb605dce3060dfb66dccca88eb7da0ac74af1
Certificate serial: 01857C1532AAF909E9E266CB1BA46246CF4A
Authority key identifier: 3B:FF:B6:05:DC:E3:06:0D:FB:66:DC:CC:A8:8E:B7:DA:0A:C7:4A:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O_-2BdzjBg37ZtzMqI632grHSvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/0caaeb-287d-4ed5-ad7e-6b1d0714554a/1/VuYWsu0xIG7XgrTvo4V7XBVxzXg.roa
Signing time: Wed 04 Jan 2023 09:20:41 +0000
ROA not before: Wed 04 Jan 2023 09:20:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5413
IP address blocks: 194.33.128.0/20 maxlen: 24
193.35.240.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:7c:15:32:aa:f9:09:e9:e2:66:cb:1b:a4:62:46:cf:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bffb605dce3060dfb66dccca88eb7da0ac74af1
Validity
Not Before: Jan 4 09:20:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=56e616b2ed31206ed782b4efa3857b5c1571cd78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:29:38:78:7a:fd:68:28:7b:19:15:63:3b:ac:
78:dc:0b:d0:cf:98:45:7a:59:d7:a3:0f:fb:32:a1:
32:65:35:38:54:82:37:b2:ca:8f:a3:c6:7f:17:76:
92:1d:44:a7:cb:0d:30:10:7c:62:5b:65:c2:44:dd:
63:71:2e:c8:71:30:28:89:03:f5:c2:4f:3d:e1:ad:
48:a7:91:49:b2:cb:f2:f7:f7:8f:0a:b9:d5:62:e8:
7b:07:0a:a6:4b:59:c8:76:0b:e8:0c:38:49:7d:f6:
b2:f6:f6:3b:70:dd:b8:fa:69:9a:e1:7e:70:4d:96:
17:b2:5b:1f:30:91:5c:25:16:a5:3a:58:31:38:cb:
5d:d9:f2:e6:51:72:d1:77:20:29:da:ab:39:b8:21:
11:58:ea:21:70:a5:c0:e7:db:e2:57:c2:69:4f:6c:
e3:b4:18:9d:7d:b5:0b:c0:07:b1:ec:34:54:a4:23:
e8:b3:5e:67:2b:a9:b1:fd:65:c5:64:16:5d:11:6b:
33:ca:c9:8a:59:00:60:19:ce:1e:b2:58:08:d6:7a:
6a:c6:aa:f8:d5:06:74:e4:60:10:f4:e7:28:74:f0:
e2:a1:dd:42:13:9b:cd:f2:05:29:93:83:51:68:a6:
81:e3:cd:14:ef:ea:36:43:c9:86:f4:c0:bb:57:88:
12:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:E6:16:B2:ED:31:20:6E:D7:82:B4:EF:A3:85:7B:5C:15:71:CD:78
X509v3 Authority Key Identifier:
keyid:3B:FF:B6:05:DC:E3:06:0D:FB:66:DC:CC:A8:8E:B7:DA:0A:C7:4A:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O_-2BdzjBg37ZtzMqI632grHSvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/0caaeb-287d-4ed5-ad7e-6b1d0714554a/1/VuYWsu0xIG7XgrTvo4V7XBVxzXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/0caaeb-287d-4ed5-ad7e-6b1d0714554a/1/O_-2BdzjBg37ZtzMqI632grHSvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.35.240.0/22
194.33.128.0/20
Signature Algorithm: sha256WithRSAEncryption
87:0a:81:cc:79:6d:b1:af:ee:20:a8:61:80:b0:80:af:21:5f:
8a:d1:1c:6a:92:17:aa:21:e0:ac:41:13:96:39:20:55:72:d5:
5c:c7:76:da:bc:f0:07:f8:f9:0b:8f:ca:8e:60:13:59:4d:f4:
2c:09:59:53:f8:5a:f1:6b:c3:77:c3:2f:a0:bc:30:49:6a:ab:
cb:42:89:e9:7c:c3:90:8a:5d:df:f9:75:9a:bf:e0:85:bf:2c:
25:6a:83:59:71:1e:40:5e:2e:31:d9:91:47:c5:3a:7f:be:1e:
5c:57:4a:27:0c:9a:1b:d5:7a:5a:7e:17:c1:cb:33:15:6a:83:
4a:50:d4:c5:ad:08:ec:aa:2e:dc:91:1b:05:fb:88:92:c3:28:
a5:ca:da:0c:18:cf:52:73:ad:8b:1a:d7:1b:27:ed:14:b0:1d:
42:a6:36:07:66:38:bb:9f:48:87:29:12:95:b0:80:fb:9b:73:
7a:55:6c:96:80:8f:74:80:a4:93:df:8e:9b:44:e9:5a:ec:4a:
82:88:b8:94:0c:84:1d:dd:d1:ee:c0:8c:20:a2:4c:1d:d0:9a:
6d:d9:7b:cc:d2:15:6c:45:7f:5f:4c:4b:e1:75:1e:47:58:04:
b4:16:ef:57:82:da:69:4c:07:f8:62:86:69:b4:3a:bd:32:94:
3a:56:49:49
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYV8FTKq+Qnp4mbLG6RiRs9KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZmZiNjA1ZGNlMzA2MGRmYjY2ZGNjY2E4OGViN2RhMGFj
NzRhZjEwHhcNMjMwMTA0MDkyMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmU2MTZiMmVkMzEyMDZlZDc4MmI0ZWZhMzg1N2I1YzE1NzFjZDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyk4eHr9aCh7GRVjO6x43AvQz5hF
elnXow/7MqEyZTU4VII3ssqPo8Z/F3aSHUSnyw0wEHxiW2XCRN1jcS7IcTAoiQP1
wk894a1Ip5FJssvy9/ePCrnVYuh7BwqmS1nIdgvoDDhJffay9vY7cN24+mma4X5w
TZYXslsfMJFcJRalOlgxOMtd2fLmUXLRdyAp2qs5uCERWOohcKXA59viV8JpT2zj
tBidfbULwAex7DRUpCPos15nK6mx/WXFZBZdEWszysmKWQBgGc4eslgI1npqxqr4
1QZ05GAQ9OcodPDiod1CE5vN8gUpk4NRaKaB480U7+o2Q8mG9MC7V4gSywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFbmFrLtMSBu14K076OFe1wVcc14MB8GA1UdIwQY
MBaAFDv/tgXc4wYN+2bczKiOt9oKx0rxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT18tMkJkempCZzM3WnR6TXFJNjMyZ3JIU3ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wY2FhZWItMjg3ZC00ZWQ1LWFkN2Ut
NmIxZDA3MTQ1NTRhLzEvVnVZV3N1MHhJRzdYZ3JUdm80VjdYQlZ4elhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wY2FhZWItMjg3ZC00ZWQ1LWFkN2UtNmIxZDA3MTQ1NTRh
LzEvT18tMkJkempCZzM3WnR6TXFJNjMyZ3JIU3ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwSPwAwQE
wiGAMA0GCSqGSIb3DQEBCwUAA4IBAQCHCoHMeW2xr+4gqGGAsICvIV+K0Rxqkheq
IeCsQROWOSBVctVcx3bavPAH+PkLj8qOYBNZTfQsCVlT+Frxa8N3wy+gvDBJaqvL
QonpfMOQil3f+XWav+CFvywlaoNZcR5AXi4x2ZFHxTp/vh5cV0onDJob1XpafhfB
yzMVaoNKUNTFrQjsqi7ckRsF+4iSwyilytoMGM9Sc62LGtcbJ+0UsB1CpjYHZji7
n0iHKRKVsID7m3N6VWyWgI90gKST346bROla7EqCiLiUDIQd3dHuwIwgokwd0Jpt
2XvM0hVsRX9fTEvhdR5HWAS0Fu9XgtppTAf4YoZptDq9MpQ6VklJ
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:40:17 2025 by rpki-client