Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/03f256-7401-4af4-97d0-ead1af8691ba/1/vlHohgbz_aBshTYzS0xqZaFh29M.roa
File: vlHohgbz_aBshTYzS0xqZaFh29M.roa (raw, json)
Hash identifier: MD4+MgUETE2ruhi9sX4xBuWhSmcZra6TNK+fbsNPj2c=
Subject key identifier: BE:51:E8:86:06:F3:FD:A0:6C:85:36:33:4B:4C:6A:65:A1:61:DB:D3
Certificate issuer: /CN=9be0a611e0678b8d329ee550312b246e0dcf4698
Certificate serial: 01856F4291FF4878989F4B2516465F59ACC7
Authority key identifier: 9B:E0:A6:11:E0:67:8B:8D:32:9E:E5:50:31:2B:24:6E:0D:CF:46:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m-CmEeBni40ynuVQMSskbg3PRpg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/03f256-7401-4af4-97d0-ead1af8691ba/1/vlHohgbz_aBshTYzS0xqZaFh29M.roa
Signing time: Sun 01 Jan 2023 21:35:11 +0000
ROA not before: Sun 01 Jan 2023 21:35:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6744
IP address blocks: 150.140.0.0/17 maxlen: 17
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:91:ff:48:78:98:9f:4b:25:16:46:5f:59:ac:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9be0a611e0678b8d329ee550312b246e0dcf4698
Validity
Not Before: Jan 1 21:35:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be51e88606f3fda06c8536334b4c6a65a161dbd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:cd:3f:b2:72:1f:ce:31:e0:f0:99:03:79:a8:
6a:6d:9c:db:6c:70:c7:a4:6a:65:26:ca:69:00:fd:
8c:97:3e:6a:39:70:87:9d:f4:95:c6:a0:2a:9f:06:
1a:b4:02:cd:2f:09:7c:73:a1:ef:83:b4:b7:07:1b:
6d:f8:65:44:92:35:3c:b1:3d:64:74:85:3d:f6:b1:
bf:b2:49:0f:c9:b4:fa:eb:18:d6:8b:04:73:6d:d4:
fa:4b:e9:19:0b:91:b5:ba:6a:78:f3:5b:71:6c:b8:
9b:fb:21:9c:f6:ea:b1:d9:7b:c7:55:8b:d9:fb:6e:
dc:00:27:50:72:9c:fe:67:36:35:ab:8b:2c:98:df:
ee:0c:e4:af:8e:c1:d0:b2:9d:2e:e7:85:8d:eb:a9:
37:80:a1:a7:39:4f:21:56:9d:64:fc:00:8e:19:0e:
87:42:a2:59:8f:1e:e0:64:e8:4e:b1:25:f9:e8:3c:
5f:da:06:4f:f9:f7:59:75:ca:3e:4a:d1:df:75:60:
63:10:b0:d2:03:58:ec:d8:ff:ea:ab:9c:49:ff:9f:
a9:26:33:9a:73:2c:ae:66:90:a9:f6:53:db:76:df:
05:9e:bb:43:c4:5b:2c:24:ca:1f:49:c7:a1:6e:fd:
35:ef:e4:e7:e4:1f:03:e4:2f:fb:8b:1e:ee:14:85:
cc:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:51:E8:86:06:F3:FD:A0:6C:85:36:33:4B:4C:6A:65:A1:61:DB:D3
X509v3 Authority Key Identifier:
keyid:9B:E0:A6:11:E0:67:8B:8D:32:9E:E5:50:31:2B:24:6E:0D:CF:46:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m-CmEeBni40ynuVQMSskbg3PRpg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/03f256-7401-4af4-97d0-ead1af8691ba/1/vlHohgbz_aBshTYzS0xqZaFh29M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/03f256-7401-4af4-97d0-ead1af8691ba/1/m-CmEeBni40ynuVQMSskbg3PRpg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.140.0.0/17
Signature Algorithm: sha256WithRSAEncryption
31:ea:7d:16:c4:05:39:d3:8c:55:61:89:0e:e7:4f:14:44:2b:
0f:ec:d7:2d:70:18:d2:2b:b6:95:11:86:d4:41:ef:1a:fa:8b:
20:d3:8b:3d:f3:c8:30:05:c7:20:92:5f:8c:f6:27:89:cb:8a:
dc:f6:09:c5:c3:88:e9:66:d6:d3:2f:b8:c1:8f:57:d7:22:f6:
c8:28:58:9d:06:1c:53:5c:b0:c7:cf:10:b2:44:82:e9:44:5d:
b8:2b:db:17:02:c5:ba:f3:48:f8:76:aa:da:af:a9:3f:6f:0e:
41:76:09:1c:7d:37:d9:01:55:85:cf:f6:79:43:ba:e1:20:f1:
94:55:07:0d:74:5c:08:74:4f:3d:40:45:41:52:06:48:9c:81:
f4:e7:7b:2a:65:17:dd:38:3b:03:a5:3d:68:db:f7:5d:ed:58:
c3:87:2f:73:eb:f3:84:2e:ad:bd:fb:3d:3f:d0:5b:8b:8c:c7:
8d:a7:b4:bd:c2:9e:44:ea:1a:23:66:a6:06:5f:2a:c0:25:6e:
1f:32:91:df:91:1a:06:12:14:05:a8:d2:e9:35:05:71:0a:af:
05:db:29:3b:da:f9:15:74:53:cc:82:ac:0a:13:22:a9:6b:c1:
8a:e9:8b:4d:df:97:68:bf:07:0e:72:01:d0:fe:75:7b:a8:5a:
b4:82:a1:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQpH/SHiYn0slFkZfWazHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliZTBhNjExZTA2NzhiOGQzMjllZTU1MDMxMmIyNDZlMGRj
ZjQ2OTgwHhcNMjMwMTAxMjEzNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTUxZTg4NjA2ZjNmZGEwNmM4NTM2MzM0YjRjNmE2NWExNjFkYmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhM0/snIfzjHg8JkDeahqbZzbbHDH
pGplJsppAP2Mlz5qOXCHnfSVxqAqnwYatALNLwl8c6Hvg7S3Bxtt+GVEkjU8sT1k
dIU99rG/skkPybT66xjWiwRzbdT6S+kZC5G1ump481txbLib+yGc9uqx2XvHVYvZ
+27cACdQcpz+ZzY1q4ssmN/uDOSvjsHQsp0u54WN66k3gKGnOU8hVp1k/ACOGQ6H
QqJZjx7gZOhOsSX56Dxf2gZP+fdZdco+StHfdWBjELDSA1js2P/qq5xJ/5+pJjOa
cyyuZpCp9lPbdt8FnrtDxFssJMofScehbv017+Tn5B8D5C/7ix7uFIXMMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL5R6IYG8/2gbIU2M0tMamWhYdvTMB8GA1UdIwQY
MBaAFJvgphHgZ4uNMp7lUDErJG4Nz0aYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbS1DbUVlQm5pNDB5bnVWUU1Tc2tiZzNQUnBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8wM2YyNTYtNzQwMS00YWY0LTk3ZDAt
ZWFkMWFmODY5MWJhLzEvdmxIb2hnYnpfYUJzaFRZelMweHFaYUZoMjlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8wM2YyNTYtNzQwMS00YWY0LTk3ZDAtZWFkMWFmODY5MWJh
LzEvbS1DbUVlQm5pNDB5bnVWUU1Tc2tiZzNQUnBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHlowAMA0G
CSqGSIb3DQEBCwUAA4IBAQAx6n0WxAU504xVYYkO508URCsP7NctcBjSK7aVEYbU
Qe8a+osg04s988gwBccgkl+M9ieJy4rc9gnFw4jpZtbTL7jBj1fXIvbIKFidBhxT
XLDHzxCyRILpRF24K9sXAsW680j4dqrar6k/bw5BdgkcfTfZAVWFz/Z5Q7rhIPGU
VQcNdFwIdE89QEVBUgZInIH053sqZRfdODsDpT1o2/dd7VjDhy9z6/OELq29+z0/
0FuLjMeNp7S9wp5E6hojZqYGXyrAJW4fMpHfkRoGEhQFqNLpNQVxCq8F2yk72vkV
dFPMgqwKEyKpa8GK6YtN35dovwcOcgHQ/nV7qFq0gqEu
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:19 2025 by rpki-client