Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/c80d48-830c-4cc3-ae52-e6812dab6999/1/VSHBMoC8nquGSe8giejXEXm1qK4.roa
File: VSHBMoC8nquGSe8giejXEXm1qK4.roa (raw, json)
Hash identifier: xlDMPSNylV10MMNP64atlJW6pyCY7GEvpy3zDy7X1pw=
Subject key identifier: 55:21:C1:32:80:BC:9E:AB:86:49:EF:20:89:E8:D7:11:79:B5:A8:AE
Certificate issuer: /CN=e43baafc64b33e43db78dc7aed605ef70406d9af
Certificate serial: 018BCD4799889B2D9D9E1B02B75F2DAF33F0
Authority key identifier: E4:3B:AA:FC:64:B3:3E:43:DB:78:DC:7A:ED:60:5E:F7:04:06:D9:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Duq_GSzPkPbeNx67WBe9wQG2a8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/c80d48-830c-4cc3-ae52-e6812dab6999/1/VSHBMoC8nquGSe8giejXEXm1qK4.roa
Signing time: Tue 14 Nov 2023 10:01:43 +0000
ROA not before: Tue 14 Nov 2023 10:01:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31334
IP address blocks: 77.20.0.0/14 maxlen: 24
31.16.0.0/14 maxlen: 24
88.134.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cd:47:99:88:9b:2d:9d:9e:1b:02:b7:5f:2d:af:33:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e43baafc64b33e43db78dc7aed605ef70406d9af
Validity
Not Before: Nov 14 10:01:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5521c13280bc9eab8649ef2089e8d71179b5a8ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:96:f8:45:28:73:fc:4b:ed:a0:77:8a:12:64:
21:ea:39:52:ff:8c:2f:7a:59:95:8d:ff:dd:76:5a:
8b:50:48:ea:f0:9a:67:1d:c2:0f:7c:5f:b9:2e:08:
8a:66:d5:a1:d6:52:53:a6:9f:bb:16:ae:cd:a1:cb:
6c:c4:ca:1b:23:d7:1c:ca:b6:75:66:8e:ca:57:4d:
db:c9:2b:2a:34:35:84:10:1c:a3:b7:38:db:a2:88:
66:e0:cb:95:8f:35:43:a4:5f:32:6b:06:5e:0f:02:
63:e1:2b:03:6d:1f:1a:bb:07:a7:99:b2:d3:76:ed:
7b:0c:23:13:a0:12:a0:14:1e:08:ad:74:ac:46:a0:
33:df:a9:62:1f:86:9c:e6:ab:b5:3e:49:ca:48:bb:
66:06:08:03:57:4e:4c:60:eb:fc:5d:f3:29:b4:38:
00:58:49:9f:b3:0b:9c:5e:aa:84:03:d7:ff:b6:a5:
68:96:22:83:1a:d3:7a:c6:6a:c2:e9:5a:85:6e:7c:
94:6e:99:90:a8:14:44:9b:d6:dd:45:0f:a7:6f:8a:
1b:57:47:aa:e9:48:d6:0c:80:ef:5c:dd:90:cd:dd:
13:d0:6b:48:53:81:9b:f6:a3:00:b7:19:c9:c6:da:
4c:7d:e5:2a:84:f6:82:8b:ff:2e:38:2b:25:7c:ef:
76:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:21:C1:32:80:BC:9E:AB:86:49:EF:20:89:E8:D7:11:79:B5:A8:AE
X509v3 Authority Key Identifier:
keyid:E4:3B:AA:FC:64:B3:3E:43:DB:78:DC:7A:ED:60:5E:F7:04:06:D9:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Duq_GSzPkPbeNx67WBe9wQG2a8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c80d48-830c-4cc3-ae52-e6812dab6999/1/VSHBMoC8nquGSe8giejXEXm1qK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c80d48-830c-4cc3-ae52-e6812dab6999/1/5Duq_GSzPkPbeNx67WBe9wQG2a8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.16.0.0/14
77.20.0.0/14
88.134.0.0/16
Signature Algorithm: sha256WithRSAEncryption
66:b3:13:07:63:c5:e5:d0:8d:21:d9:59:22:57:e6:73:f2:f7:
82:1e:1a:71:2e:8e:47:10:fa:13:45:a1:0a:de:fc:dd:5b:f2:
6a:45:09:07:6f:a4:f8:1b:c0:3d:55:89:e2:05:b0:fc:75:3b:
c8:04:a7:17:49:b2:f4:48:91:39:38:09:54:45:e0:f8:11:cd:
30:33:3e:f6:bf:c7:ab:0f:44:5b:e2:42:96:2a:b6:2f:12:8d:
14:4c:d4:2d:db:87:b8:3f:c9:c1:9b:31:e8:55:01:50:c4:df:
a1:47:ce:e6:d6:0a:92:80:69:04:70:5d:ca:3e:e8:b0:09:78:
38:9b:4c:4b:85:b6:40:00:7f:b8:09:57:e9:65:c6:2d:bd:e5:
27:cc:e8:6f:35:99:80:ea:bb:22:d0:a1:b4:1b:86:8f:45:0c:
f0:63:e2:1b:82:6f:fd:d8:0d:d3:1f:4e:bd:dc:1e:d2:68:80:
5b:9b:9a:6b:43:2f:38:d9:28:6b:59:c2:4e:f2:92:8a:71:9f:
b0:a9:0a:72:a4:e5:76:f2:2a:01:60:bf:8a:c1:25:5a:05:bc:
3c:59:71:f4:77:50:47:d5:39:5b:d2:50:92:fd:fd:32:66:39:
48:65:c0:e2:83:bf:1f:86:ad:5a:9f:52:94:3f:9f:e0:89:f0:
21:b8:3d:ea
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAYvNR5mImy2dnhsCt18trzPwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0M2JhYWZjNjRiMzNlNDNkYjc4ZGM3YWVkNjA1ZWY3MDQw
NmQ5YWYwHhcNMjMxMTE0MTAwMTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTIxYzEzMjgwYmM5ZWFiODY0OWVmMjA4OWU4ZDcxMTc5YjVhOGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZb4RShz/EvtoHeKEmQh6jlS/4wv
elmVjf/ddlqLUEjq8JpnHcIPfF+5LgiKZtWh1lJTpp+7Fq7NoctsxMobI9ccyrZ1
Zo7KV03bySsqNDWEEByjtzjboohm4MuVjzVDpF8yawZeDwJj4SsDbR8auwenmbLT
du17DCMToBKgFB4IrXSsRqAz36liH4ac5qu1PknKSLtmBggDV05MYOv8XfMptDgA
WEmfswucXqqEA9f/tqVoliKDGtN6xmrC6VqFbnyUbpmQqBREm9bdRQ+nb4obV0eq
6UjWDIDvXN2Qzd0T0GtIU4Gb9qMAtxnJxtpMfeUqhPaCi/8uOCslfO92owIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFFUhwTKAvJ6rhknvIIno1xF5taiuMB8GA1UdIwQY
MBaAFOQ7qvxksz5D23jceu1gXvcEBtmvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUR1cV9HU3pQa1BiZU54NjdXQmU5d1FHMmE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9jODBkNDgtODMwYy00Y2MzLWFlNTIt
ZTY4MTJkYWI2OTk5LzEvVlNIQk1vQzhucXVHU2U4Z2llalhFWG0xcUs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9jODBkNDgtODMwYy00Y2MzLWFlNTItZTY4MTJkYWI2OTk5
LzEvNUR1cV9HU3pQa1BiZU54NjdXQmU5d1FHMmE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCgGCCsGAQUFBwEHAQH/BBkwFzAVBAIAATAPAwMCHxADAwJN
FAMDAFiGMA0GCSqGSIb3DQEBCwUAA4IBAQBmsxMHY8Xl0I0h2VkiV+Zz8veCHhpx
Lo5HEPoTRaEK3vzdW/JqRQkHb6T4G8A9VYniBbD8dTvIBKcXSbL0SJE5OAlUReD4
Ec0wMz72v8erD0Rb4kKWKrYvEo0UTNQt24e4P8nBmzHoVQFQxN+hR87m1gqSgGkE
cF3KPuiwCXg4m0xLhbZAAH+4CVfpZcYtveUnzOhvNZmA6rsi0KG0G4aPRQzwY+Ib
gm/92A3TH0693B7SaIBbm5prQy842ShrWcJO8pKKcZ+wqQpypOV28ioBYL+KwSVa
Bbw8WXH0d1BH1Tlb0lCS/f0yZjlIZcDig78fhq1an1KUP5/gifAhuD3q
-----END CERTIFICATE-----
Generated at Sun May 11 12:28:05 2025 by rpki-client