Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/2f9a33-cd8c-41e4-9c48-eb8612457715/1/VfekldczW92PbGdEVIcAVkHn-Rw.roa
File: VfekldczW92PbGdEVIcAVkHn-Rw.roa (raw, json)
Hash identifier: qLciqQB8I2y3SJ3BhvhYhXrCwcXeZWA14sBI8LgpIkU=
Subject key identifier: 55:F7:A4:95:D7:33:5B:DD:8F:6C:67:44:54:87:00:56:41:E7:F9:1C
Certificate issuer: /CN=58e0687a24d6a3e414d798d9b2fb6c52591cbb23
Certificate serial: 01856E01B99135DE33B6FABFCB57465838BD
Authority key identifier: 58:E0:68:7A:24:D6:A3:E4:14:D7:98:D9:B2:FB:6C:52:59:1C:BB:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WOBoeiTWo-QU15jZsvtsUlkcuyM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/2f9a33-cd8c-41e4-9c48-eb8612457715/1/VfekldczW92PbGdEVIcAVkHn-Rw.roa
Signing time: Sun 01 Jan 2023 15:44:44 +0000
ROA not before: Sun 01 Jan 2023 15:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208149
IP address blocks: 185.89.96.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:01:b9:91:35:de:33:b6:fa:bf:cb:57:46:58:38:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58e0687a24d6a3e414d798d9b2fb6c52591cbb23
Validity
Not Before: Jan 1 15:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=55f7a495d7335bdd8f6c67445487005641e7f91c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:30:8d:77:a0:0f:da:9c:73:6b:8b:aa:23:6b:
38:27:c2:72:af:00:5e:75:94:60:52:ac:cd:e1:22:
5d:38:ef:bb:51:dc:3f:0f:1a:2f:6e:e2:d0:19:d1:
59:01:37:62:3c:66:36:50:4e:1b:86:3e:d6:a3:a6:
0b:9b:67:38:06:a7:eb:14:c0:12:73:d1:49:64:0e:
f8:6c:23:ec:4b:8f:02:59:41:93:f7:63:98:31:22:
fd:05:df:de:bc:5d:ec:e1:4b:bd:4a:7e:35:97:af:
7d:0d:b5:3b:2c:30:6b:8e:ca:bf:6e:bd:bf:c3:b7:
a9:59:a2:36:7c:ad:99:e3:73:44:90:75:8c:80:96:
98:4e:d7:57:c1:18:ed:d6:db:5a:d9:ce:79:e4:c5:
f1:23:10:67:82:7d:71:2e:a3:63:10:2d:3f:62:2b:
fe:4d:f9:ab:3c:68:fb:52:c9:66:c1:ed:06:b2:82:
b1:01:fb:f0:73:69:56:91:a7:d6:40:91:b2:85:04:
51:24:c3:dd:a3:e6:4e:81:31:c7:2f:ea:99:02:25:
b9:4d:af:9e:ff:a5:d3:a0:d1:bf:9e:49:3f:3d:2d:
c5:74:b0:20:41:1e:55:f2:4d:b2:f5:a2:67:76:4d:
28:01:32:9d:02:40:7d:62:2c:8a:5f:be:6a:c3:b7:
8a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:F7:A4:95:D7:33:5B:DD:8F:6C:67:44:54:87:00:56:41:E7:F9:1C
X509v3 Authority Key Identifier:
keyid:58:E0:68:7A:24:D6:A3:E4:14:D7:98:D9:B2:FB:6C:52:59:1C:BB:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WOBoeiTWo-QU15jZsvtsUlkcuyM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/2f9a33-cd8c-41e4-9c48-eb8612457715/1/VfekldczW92PbGdEVIcAVkHn-Rw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/2f9a33-cd8c-41e4-9c48-eb8612457715/1/WOBoeiTWo-QU15jZsvtsUlkcuyM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.96.0/24
Signature Algorithm: sha256WithRSAEncryption
37:02:d2:24:67:2b:7a:3a:db:51:95:9d:51:07:47:f9:72:1c:
78:8b:2a:7d:77:10:50:2c:2c:96:ce:bb:a7:27:75:73:c4:21:
aa:c8:0d:75:cb:5d:da:a2:9c:51:f4:35:ba:3e:6c:15:13:3b:
fb:c1:96:b2:f6:ac:40:d5:5d:17:51:50:3d:fe:f3:c7:31:94:
83:8d:7a:08:b9:ee:1a:03:41:4d:60:5b:75:5a:7d:05:01:56:
86:f5:38:d0:7a:a0:6f:24:0b:88:09:a3:23:65:e5:db:12:29:
77:33:91:47:bf:93:27:26:78:05:39:7b:f2:5c:01:7b:34:8e:
29:89:33:28:dc:0c:3e:1a:7f:6a:31:90:df:6f:82:02:ee:94:
37:d4:bb:19:af:ac:c7:82:c9:19:74:35:50:f4:cd:58:dc:73:
c6:c8:f2:c4:0b:6b:1e:24:e8:44:4a:a9:9d:f2:75:18:34:d5:
0e:c8:08:bf:a3:f6:ce:e4:9d:02:32:35:f2:81:87:0a:80:6e:
15:28:6c:a3:63:99:db:7e:ed:9b:8b:3a:06:8b:da:c2:a9:be:
38:cf:51:2e:df:ed:c7:97:d2:4c:8c:20:75:14:e6:18:d9:89:
42:69:be:c7:98:b8:34:24:75:fd:98:e7:2c:01:48:98:eb:c0:
fa:a2:8f:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuAbmRNd4ztvq/y1dGWDi9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ZTA2ODdhMjRkNmEzZTQxNGQ3OThkOWIyZmI2YzUyNTkx
Y2JiMjMwHhcNMjMwMTAxMTU0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWY3YTQ5NWQ3MzM1YmRkOGY2YzY3NDQ1NDg3MDA1NjQxZTdmOTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTCNd6AP2pxza4uqI2s4J8JyrwBe
dZRgUqzN4SJdOO+7Udw/DxovbuLQGdFZATdiPGY2UE4bhj7Wo6YLm2c4BqfrFMAS
c9FJZA74bCPsS48CWUGT92OYMSL9Bd/evF3s4Uu9Sn41l699DbU7LDBrjsq/br2/
w7epWaI2fK2Z43NEkHWMgJaYTtdXwRjt1tta2c555MXxIxBngn1xLqNjEC0/Yiv+
TfmrPGj7Uslmwe0GsoKxAfvwc2lWkafWQJGyhQRRJMPdo+ZOgTHHL+qZAiW5Ta+e
/6XToNG/nkk/PS3FdLAgQR5V8k2y9aJndk0oATKdAkB9YiyKX75qw7eKWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFX3pJXXM1vdj2xnRFSHAFZB5/kcMB8GA1UdIwQY
MBaAFFjgaHok1qPkFNeY2bL7bFJZHLsjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV09Cb2VpVFdvLVFVMTVqWnN2dHNVbGtjdXlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8yZjlhMzMtY2Q4Yy00MWU0LTljNDgt
ZWI4NjEyNDU3NzE1LzEvVmZla2xkY3pXOTJQYkdkRVZJY0FWa0huLVJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8yZjlhMzMtY2Q4Yy00MWU0LTljNDgtZWI4NjEyNDU3NzE1
LzEvV09Cb2VpVFdvLVFVMTVqWnN2dHNVbGtjdXlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVlgMA0G
CSqGSIb3DQEBCwUAA4IBAQA3AtIkZyt6OttRlZ1RB0f5chx4iyp9dxBQLCyWzrun
J3VzxCGqyA11y13aopxR9DW6PmwVEzv7wZay9qxA1V0XUVA9/vPHMZSDjXoIue4a
A0FNYFt1Wn0FAVaG9TjQeqBvJAuICaMjZeXbEil3M5FHv5MnJngFOXvyXAF7NI4p
iTMo3Aw+Gn9qMZDfb4IC7pQ31LsZr6zHgskZdDVQ9M1Y3HPGyPLEC2seJOhESqmd
8nUYNNUOyAi/o/bO5J0CMjXygYcKgG4VKGyjY5nbfu2bizoGi9rCqb44z1Eu3+3H
l9JMjCB1FOYY2YlCab7HmLg0JHX9mOcsAUiY68D6oo/p
-----END CERTIFICATE-----
Generated at Tue Apr 15 17:06:43 2025 by rpki-client