Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/1--vmqu-yVDbW8sVTw6wRF4zqdqI.roa
File: 1--vmqu-yVDbW8sVTw6wRF4zqdqI.roa (raw, json)
Hash identifier: AS1q/wgaLxLW4XJtn0+HnW0AgeXIUEzz+VrWfvvJcYk=
Subject key identifier: FB:EB:E6:AA:EF:B2:54:36:D6:F2:C5:53:C3:AC:11:17:8C:EA:76:A2
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0185708CDBEC2C41FC38CC73DF8EA4F68A35
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/1--vmqu-yVDbW8sVTw6wRF4zqdqI.roa
Signing time: Mon 02 Jan 2023 03:35:57 +0000
ROA not before: Mon 02 Jan 2023 03:35:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25515
IP address blocks: 217.107.96.0/21 maxlen: 21
217.107.104.0/23 maxlen: 23
185.141.236.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:db:ec:2c:41:fc:38:cc:73:df:8e:a4:f6:8a:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 03:35:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbebe6aaefb25436d6f2c553c3ac11178cea76a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:62:1b:d6:0d:a6:34:0d:d9:74:38:20:31:05:
a6:02:13:16:8b:10:cc:34:05:d7:7f:35:bc:b5:2e:
a0:28:7c:63:ef:f9:c3:2f:40:14:dd:29:8e:4a:8c:
6b:32:d2:28:ac:b3:b3:89:0b:35:a6:7c:f2:c1:0b:
83:0f:34:d2:21:58:29:38:b0:d7:4a:8c:ab:d3:b1:
88:d5:c1:f9:30:33:3f:17:28:5a:6b:56:8f:06:7a:
a7:69:ff:50:11:13:6a:e4:18:6c:55:a1:d6:39:8d:
c4:c8:1e:37:03:2d:4b:52:04:e9:f1:e7:55:91:b0:
d7:41:ae:c0:b7:25:7c:f5:1d:0d:c6:47:6c:b2:da:
3f:ef:fe:e1:b6:28:49:af:e7:b9:a2:f7:51:61:6b:
a9:75:61:f8:c6:5a:c7:60:90:f6:66:d1:7f:13:8d:
39:f6:af:26:7b:20:15:0c:46:3c:96:1e:97:6d:88:
76:e2:4f:68:61:a5:2d:c3:4d:ab:f1:1b:a0:73:3b:
9e:63:5c:08:fa:16:b4:db:1a:ff:0a:db:06:9f:1e:
bc:f6:f9:19:d7:fb:35:72:c7:2a:da:c5:f4:86:c6:
2e:0f:ca:be:1a:c9:45:4b:85:16:87:32:9b:da:89:
cb:46:c3:61:7a:36:0a:59:20:42:c4:dd:71:02:31:
3a:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:EB:E6:AA:EF:B2:54:36:D6:F2:C5:53:C3:AC:11:17:8C:EA:76:A2
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/1--vmqu-yVDbW8sVTw6wRF4zqdqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.236.0/23
217.107.96.0-217.107.105.255
Signature Algorithm: sha256WithRSAEncryption
86:51:01:2f:99:db:d6:7f:de:6c:63:24:08:2d:78:90:3d:e5:
64:29:fb:84:a5:cb:94:7b:f0:da:a6:ae:ac:b5:5c:66:61:f4:
96:f6:e7:15:cc:54:26:a1:93:76:58:f9:c0:5c:a7:06:ab:a0:
7f:3e:af:c3:b9:98:fa:06:74:31:56:e8:49:cb:5a:19:82:31:
fa:91:ed:65:d9:0f:ca:e8:22:f6:6a:5b:8f:ba:0f:28:5a:26:
56:ad:b3:28:40:69:94:7a:b7:69:10:16:e1:b0:03:e0:0c:0d:
22:bf:08:c4:2f:96:05:26:74:c4:5a:6f:d5:91:30:f6:6a:d6:
b2:ed:65:f1:87:1f:ec:a6:c5:aa:41:7a:9a:e5:84:c8:7b:d8:
0d:1d:f8:78:d6:f7:2b:46:f9:8b:1c:81:56:fa:83:89:b9:5b:
3a:de:ef:d1:1d:88:0e:85:28:7f:3e:cc:db:cb:33:dc:8e:70:
9b:62:15:3a:e5:79:3c:f9:4f:12:89:e7:cb:c0:b7:a9:c1:66:
a5:64:7d:9b:71:1c:bd:16:db:7a:b7:bf:f6:5a:90:c5:35:e1:
f2:7c:9e:0d:f5:ec:53:e9:1f:ea:cb:77:53:3e:fa:f4:43:e2:
fd:0a:54:fe:3e:f5:64:ce:82:e3:6d:ad:9e:05:ad:4a:b2:b7:
f5:9b:9e:cb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwjNvsLEH8OMxz346k9oo1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjMwMTAyMDMzNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmViZTZhYWVmYjI1NDM2ZDZmMmM1NTNjM2FjMTExNzhjZWE3NmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWIb1g2mNA3ZdDggMQWmAhMWixDM
NAXXfzW8tS6gKHxj7/nDL0AU3SmOSoxrMtIorLOziQs1pnzywQuDDzTSIVgpOLDX
Soyr07GI1cH5MDM/Fyhaa1aPBnqnaf9QERNq5BhsVaHWOY3EyB43Ay1LUgTp8edV
kbDXQa7AtyV89R0Nxkdssto/7/7htihJr+e5ovdRYWupdWH4xlrHYJD2ZtF/E405
9q8meyAVDEY8lh6XbYh24k9oYaUtw02r8RugczueY1wI+ha02xr/CtsGnx689vkZ
1/s1cscq2sX0hsYuD8q+GslFS4UWhzKb2onLRsNhejYKWSBCxN1xAjE6PQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPvr5qrvslQ21vLFU8OsEReM6naiMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvMS0tdm1xdS15VkRiVzhzVlR3NndSRjR6cWRxSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZmQvOWExZDQ0LTg2MDktNGU1ZS1iYTk0LTVhODZjMjc1N2Mx
ZS8xL1h1VXh1YXdwa05hYWlsd3dJLWN1YllRZWJBay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAtBggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFAMEAbmN7DAM
AwQF2WtgAwQB2WtoMA0GCSqGSIb3DQEBCwUAA4IBAQCGUQEvmdvWf95sYyQILXiQ
PeVkKfuEpcuUe/Dapq6stVxmYfSW9ucVzFQmoZN2WPnAXKcGq6B/Pq/DuZj6BnQx
VuhJy1oZgjH6ke1l2Q/K6CL2aluPug8oWiZWrbMoQGmUerdpEBbhsAPgDA0ivwjE
L5YFJnTEWm/VkTD2atay7WXxhx/spsWqQXqa5YTIe9gNHfh41vcrRvmLHIFW+oOJ
uVs63u/RHYgOhSh/PszbyzPcjnCbYhU65Xk8+U8SiefLwLepwWalZH2bcRy9Ftt6
t7/2WpDFNeHyfJ4N9exT6R/qy3dTPvr0Q+L9ClT+PvVkzoLjba2eBa1Ksrf1m57L
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:52:16 2025 by rpki-client