Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/ff63a8-974c-4ccc-8cd8-24023403bb0c/1/vZFMWMUgZRtLK0nF9HPFH-9Muk8.roa
File: vZFMWMUgZRtLK0nF9HPFH-9Muk8.roa (raw, json)
Hash identifier: JJG65VyrN0QOpmv4b8zzFLkEiLh8GJPDA1aNncgK+DE=
Subject key identifier: BD:91:4C:58:C5:20:65:1B:4B:2B:49:C5:F4:73:C5:1F:EF:4C:BA:4F
Certificate issuer: /CN=8a8d19ad31c84a74856b0a6b3cc100e47a2b2aac
Certificate serial: 01858671F7F928CB7C8B02037F2FBA8DC3DD
Authority key identifier: 8A:8D:19:AD:31:C8:4A:74:85:6B:0A:6B:3C:C1:00:E4:7A:2B:2A:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/io0ZrTHISnSFawprPMEA5HorKqw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/ff63a8-974c-4ccc-8cd8-24023403bb0c/1/vZFMWMUgZRtLK0nF9HPFH-9Muk8.roa
Signing time: Fri 06 Jan 2023 09:38:14 +0000
ROA not before: Fri 06 Jan 2023 09:38:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34863
IP address blocks: 185.163.64.0/22 maxlen: 22
2a0a:7400::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:86:71:f7:f9:28:cb:7c:8b:02:03:7f:2f:ba:8d:c3:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a8d19ad31c84a74856b0a6b3cc100e47a2b2aac
Validity
Not Before: Jan 6 09:38:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd914c58c520651b4b2b49c5f473c51fef4cba4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:a5:d4:1a:86:2b:75:2b:d2:16:38:1a:57:23:
3e:b6:9c:fd:69:74:84:aa:61:e5:56:76:dd:3e:22:
4b:43:be:9d:d5:60:fd:a8:b1:f5:8e:1b:cf:3b:3c:
d1:fc:1f:b9:10:98:36:ae:cb:d3:7a:93:86:15:a4:
4c:fb:68:d6:71:ac:25:ff:d2:a4:9c:bd:b4:47:7d:
f7:92:52:d4:ae:b2:15:5a:f0:b9:f6:b4:ed:0e:98:
63:e9:19:00:25:54:81:8f:8d:67:06:8c:54:55:d9:
b7:29:63:22:95:10:5a:3a:89:bc:d8:11:f9:3e:ba:
2b:51:9e:dc:5b:ef:22:69:2a:f3:3a:8e:65:99:06:
fb:a1:27:30:81:88:01:a9:40:93:a7:05:60:5f:66:
12:a1:94:fd:52:86:3b:19:2f:50:7f:ed:7e:14:87:
94:3c:cc:24:3a:78:5c:46:2d:ac:91:5c:74:67:52:
e0:03:ae:31:9d:fa:2f:58:8e:9a:1b:1a:f7:28:81:
60:ad:61:5a:9f:54:8a:d0:70:dc:fc:bc:40:f3:a6:
b4:91:b0:f1:e6:f7:a8:28:fa:97:44:93:85:e6:26:
2f:6b:d1:8f:cd:f6:55:c2:88:59:6b:07:0a:51:71:
1f:ba:6d:09:4e:bd:74:4d:24:a0:36:b7:fe:b4:39:
09:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:91:4C:58:C5:20:65:1B:4B:2B:49:C5:F4:73:C5:1F:EF:4C:BA:4F
X509v3 Authority Key Identifier:
keyid:8A:8D:19:AD:31:C8:4A:74:85:6B:0A:6B:3C:C1:00:E4:7A:2B:2A:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/io0ZrTHISnSFawprPMEA5HorKqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/ff63a8-974c-4ccc-8cd8-24023403bb0c/1/vZFMWMUgZRtLK0nF9HPFH-9Muk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/ff63a8-974c-4ccc-8cd8-24023403bb0c/1/io0ZrTHISnSFawprPMEA5HorKqw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.163.64.0/22
IPv6:
2a0a:7400::/29
Signature Algorithm: sha256WithRSAEncryption
47:f3:64:2d:7e:48:07:f8:75:ff:df:2b:af:6c:63:c0:f1:d7:
c5:75:bc:c5:e8:a8:d6:ae:52:74:ec:51:d5:94:fa:49:c2:37:
a1:04:fa:40:c0:9d:c2:1a:12:79:59:ff:21:ab:d3:c1:02:10:
34:97:06:63:46:29:1f:68:3b:b7:06:f9:c5:58:be:98:29:67:
c1:da:68:12:bc:f7:81:42:47:6e:3a:75:89:63:d5:b3:dd:10:
a4:5c:fe:04:2c:e0:39:0d:42:5f:0e:a0:88:af:84:95:75:d8:
8d:2e:57:ad:fe:da:51:d9:a6:86:31:88:41:0c:db:06:3b:af:
ed:2d:27:e5:ae:69:4b:97:44:08:de:a1:59:82:40:76:0b:df:
05:be:19:0d:2e:85:63:ec:af:10:5b:46:4a:5e:96:e8:31:9d:
21:85:8e:b2:e6:4c:be:d1:88:41:93:d2:38:7f:1b:57:ef:8e:
96:8f:ac:20:d2:51:ed:73:cf:bd:4c:5b:62:89:04:8c:4e:4e:
bb:80:ab:cc:92:78:6e:b8:dd:c8:6b:fa:ad:bf:6b:dc:af:5e:
ee:a7:9e:85:96:c5:ea:30:e4:e6:b0:ed:d9:72:47:1b:00:38:
f4:a3:8b:74:64:5e:40:be:34:49:e3:98:d7:5d:7e:29:80:04:
51:64:cc:39
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYWGcff5KMt8iwIDfy+6jcPdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhOGQxOWFkMzFjODRhNzQ4NTZiMGE2YjNjYzEwMGU0N2Ey
YjJhYWMwHhcNMjMwMTA2MDkzODE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDkxNGM1OGM1MjA2NTFiNGIyYjQ5YzVmNDczYzUxZmVmNGNiYTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgKXUGoYrdSvSFjgaVyM+tpz9aXSE
qmHlVnbdPiJLQ76d1WD9qLH1jhvPOzzR/B+5EJg2rsvTepOGFaRM+2jWcawl/9Kk
nL20R333klLUrrIVWvC59rTtDphj6RkAJVSBj41nBoxUVdm3KWMilRBaOom82BH5
ProrUZ7cW+8iaSrzOo5lmQb7oScwgYgBqUCTpwVgX2YSoZT9UoY7GS9Qf+1+FIeU
PMwkOnhcRi2skVx0Z1LgA64xnfovWI6aGxr3KIFgrWFan1SK0HDc/LxA86a0kbDx
5veoKPqXRJOF5iYva9GPzfZVwohZawcKUXEfum0JTr10TSSgNrf+tDkJNwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFL2RTFjFIGUbSytJxfRzxR/vTLpPMB8GA1UdIwQY
MBaAFIqNGa0xyEp0hWsKazzBAOR6KyqsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW8wWnJUSElTblNGYXdwclBNRUE1SG9yS3F3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mZjYzYTgtOTc0Yy00Y2NjLThjZDgt
MjQwMjM0MDNiYjBjLzEvdlpGTVdNVWdaUnRMSzBuRjlIUEZILTlNdWs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mZjYzYTgtOTc0Yy00Y2NjLThjZDgtMjQwMjM0MDNiYjBj
LzEvaW8wWnJUSElTblNGYXdwclBNRUE1SG9yS3F3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaNAMA0E
AgACMAcDBQMqCnQAMA0GCSqGSIb3DQEBCwUAA4IBAQBH82QtfkgH+HX/3yuvbGPA
8dfFdbzF6KjWrlJ07FHVlPpJwjehBPpAwJ3CGhJ5Wf8hq9PBAhA0lwZjRikfaDu3
BvnFWL6YKWfB2mgSvPeBQkduOnWJY9Wz3RCkXP4ELOA5DUJfDqCIr4SVddiNLlet
/tpR2aaGMYhBDNsGO6/tLSflrmlLl0QI3qFZgkB2C98FvhkNLoVj7K8QW0ZKXpbo
MZ0hhY6y5ky+0YhBk9I4fxtX746Wj6wg0lHtc8+9TFtiiQSMTk67gKvMknhuuN3I
a/qtv2vcr17up56FlsXqMOTmsO3ZckcbADj0o4t0ZF5AvjRJ45jXXX4pgARRZMw5
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:42 2025 by rpki-client