Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/69194a-45a0-48ef-99bf-8e04887c0abf/1/VTendCKvrYrEvjkaLUZ0nKWmqeE.roa
File: VTendCKvrYrEvjkaLUZ0nKWmqeE.roa (raw, json)
Hash identifier: gYheqBavwzfN/w0++jktofR0wsR5WWfTjbq0eV6nDPs=
Subject key identifier: 55:37:A7:74:22:AF:AD:8A:C4:BE:39:1A:2D:46:74:9C:A5:A6:A9:E1
Certificate issuer: /CN=f9e0257d067ef8b85f620c67220cf977ddde3994
Certificate serial: 0184CE33546B7873A0911B7BBF91D2826090
Authority key identifier: F9:E0:25:7D:06:7E:F8:B8:5F:62:0C:67:22:0C:F9:77:DD:DE:39:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-eAlfQZ--LhfYgxnIgz5d93eOZQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/69194a-45a0-48ef-99bf-8e04887c0abf/1/VTendCKvrYrEvjkaLUZ0nKWmqeE.roa
Signing time: Thu 01 Dec 2022 14:59:41 +0000
ROA not before: Thu 01 Dec 2022 14:59:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41884
IP address blocks: 195.200.72.0/23 maxlen: 23
2001:67c:1c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ce:33:54:6b:78:73:a0:91:1b:7b:bf:91:d2:82:60:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9e0257d067ef8b85f620c67220cf977ddde3994
Validity
Not Before: Dec 1 14:59:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5537a77422afad8ac4be391a2d46749ca5a6a9e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ce:c4:3b:5a:07:d9:07:21:77:54:19:26:9f:
c0:37:c1:a3:b4:ca:0f:c2:a3:ba:7c:38:61:d8:5b:
49:71:30:f5:7f:5d:a7:68:cb:c3:45:c3:67:bb:79:
7f:f3:d2:09:24:0a:5d:4f:26:f7:9b:a0:48:bd:89:
21:4e:9d:33:8d:1e:d9:d5:7e:e7:43:61:56:3f:77:
a0:fe:58:6b:9c:5d:56:06:18:a0:51:dd:9a:00:3d:
24:59:75:b7:41:cf:dd:39:99:d2:42:29:29:3a:01:
cd:04:4d:05:61:da:ab:47:69:f3:36:73:8f:19:e7:
a5:f0:28:fd:ba:82:b9:10:31:ba:aa:69:cd:b4:0b:
21:4b:ec:75:0f:f8:b1:4c:57:8b:92:49:a6:12:51:
63:c9:32:3e:da:f3:cf:19:f2:ce:fa:fa:29:c4:95:
55:bc:e2:88:11:e0:06:cb:82:be:2d:d3:16:12:cc:
f3:d1:a8:e4:20:96:a6:ee:1e:4e:f6:1d:08:9e:8b:
cd:15:7f:02:31:2a:1a:3c:ef:51:6d:e5:80:09:de:
f5:66:27:38:04:41:f2:7b:16:14:06:6c:88:ac:ef:
d7:7c:fe:02:19:6f:70:2e:8d:9d:6d:55:1c:f4:e0:
f6:f0:4a:8e:18:fb:fb:11:f3:12:4b:60:91:23:d9:
48:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:37:A7:74:22:AF:AD:8A:C4:BE:39:1A:2D:46:74:9C:A5:A6:A9:E1
X509v3 Authority Key Identifier:
keyid:F9:E0:25:7D:06:7E:F8:B8:5F:62:0C:67:22:0C:F9:77:DD:DE:39:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-eAlfQZ--LhfYgxnIgz5d93eOZQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/69194a-45a0-48ef-99bf-8e04887c0abf/1/VTendCKvrYrEvjkaLUZ0nKWmqeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/69194a-45a0-48ef-99bf-8e04887c0abf/1/1-eAlfQZ--LhfYgxnIgz5d93eOZQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.200.72.0/23
IPv6:
2001:67c:1c::/48
Signature Algorithm: sha256WithRSAEncryption
97:9f:b1:b8:13:4f:15:5c:cc:57:14:ac:72:8f:5d:88:d3:d7:
e0:a9:82:d7:36:52:63:87:79:6a:7d:51:d5:9e:d2:b1:ce:41:
bb:03:cc:c6:e7:41:03:f1:7f:2a:7d:76:ef:e4:c3:40:58:86:
e3:30:2d:bb:0a:7e:dc:36:90:a2:6d:78:4c:91:1f:fe:f6:35:
52:64:c2:9e:5a:f0:98:6c:3e:b0:cf:28:ca:77:a4:79:8d:1b:
eb:09:5c:55:7a:d3:b6:af:a4:bd:6f:05:c3:83:63:29:5e:c1:
eb:da:25:b6:55:fb:c9:38:b8:be:2e:f7:49:7f:5a:6c:74:27:
de:cb:51:ff:fc:9d:bf:3d:18:cc:71:a1:c2:a5:ab:49:4a:d4:
99:75:5b:4f:e8:90:4f:49:ca:5c:d7:77:58:82:a2:2c:1a:21:
8a:cc:05:7c:a8:22:fc:f6:87:1c:6f:66:62:0f:a7:5d:1e:d9:
2e:66:3f:30:fe:61:55:9f:f8:f8:95:93:fa:f7:df:e6:65:eb:
e7:94:8c:27:64:66:f7:17:53:59:74:9c:26:8c:c5:b5:00:8a:
3e:e1:f7:9d:91:f7:80:88:73:ab:ad:9a:7f:24:a8:59:e0:e9:
70:04:ee:ef:ba:4e:83:3c:b1:17:5e:28:c2:bf:65:a6:c7:fb:
af:97:b3:a4
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYTOM1RreHOgkRt7v5HSgmCQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5ZTAyNTdkMDY3ZWY4Yjg1ZjYyMGM2NzIyMGNmOTc3ZGRk
ZTM5OTQwHhcNMjIxMjAxMTQ1OTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTM3YTc3NDIyYWZhZDhhYzRiZTM5MWEyZDQ2NzQ5Y2E1YTZhOWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhM7EO1oH2Qchd1QZJp/AN8GjtMoP
wqO6fDhh2FtJcTD1f12naMvDRcNnu3l/89IJJApdTyb3m6BIvYkhTp0zjR7Z1X7n
Q2FWP3eg/lhrnF1WBhigUd2aAD0kWXW3Qc/dOZnSQikpOgHNBE0FYdqrR2nzNnOP
Geel8Cj9uoK5EDG6qmnNtAshS+x1D/ixTFeLkkmmElFjyTI+2vPPGfLO+vopxJVV
vOKIEeAGy4K+LdMWEszz0ajkIJam7h5O9h0InovNFX8CMSoaPO9RbeWACd71Zic4
BEHyexYUBmyIrO/XfP4CGW9wLo2dbVUc9OD28EqOGPv7EfMSS2CRI9lIVQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFFU3p3Qir62KxL45Gi1GdJylpqnhMB8GA1UdIwQY
MBaAFPngJX0Gfvi4X2IMZyIM+Xfd3jmUMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1lQWxmUVotLUxoZllneG5JZ3o1ZDkzZU9aUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIvNjkxOTRhLTQ1YTAtNDhlZi05OWJm
LThlMDQ4ODdjMGFiZi8xL1ZUZW5kQ0t2cllyRXZqa2FMVVowbktXbXFlRS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZWIvNjkxOTRhLTQ1YTAtNDhlZi05OWJmLThlMDQ4ODdjMGFi
Zi8xLzEtZUFsZlFaLS1MaGZZZ3huSWd6NWQ5M2VPWlEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAHDyEgw
DwQCAAIwCQMHACABBnwAHDANBgkqhkiG9w0BAQsFAAOCAQEAl5+xuBNPFVzMVxSs
co9diNPX4KmC1zZSY4d5an1R1Z7Ssc5BuwPMxudBA/F/Kn127+TDQFiG4zAtuwp+
3DaQom14TJEf/vY1UmTCnlrwmGw+sM8oynekeY0b6wlcVXrTtq+kvW8Fw4NjKV7B
69oltlX7yTi4vi73SX9abHQn3stR//ydvz0YzHGhwqWrSUrUmXVbT+iQT0nKXNd3
WIKiLBohiswFfKgi/PaHHG9mYg+nXR7ZLmY/MP5hVZ/4+JWT+vff5mXr55SMJ2Rm
9xdTWXScJozFtQCKPuH3nZH3gIhzq62afySoWeDpcATu77pOgzyxF14owr9lpsf7
r5ezpA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:30:15 2025 by rpki-client