Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/455f56-1e6f-467d-b711-ebdf38b0095c/1/VT464zX5loCKi9x0liv78yJUct4.roa
File: VT464zX5loCKi9x0liv78yJUct4.roa (raw, json)
Hash identifier: nMsSYH1wqDsd22xECdhGVR7+k5iMwlraZ9xR8hzO5n8=
Subject key identifier: 55:3E:3A:E3:35:F9:96:80:8A:8B:DC:74:96:2B:FB:F3:22:54:72:DE
Certificate issuer: /CN=f4460d6554d581ebb80e39e45015cd7d36d93f66
Certificate serial: 230AB24D
Authority key identifier: F4:46:0D:65:54:D5:81:EB:B8:0E:39:E4:50:15:CD:7D:36:D9:3F:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9EYNZVTVgeu4DjnkUBXNfTbZP2Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/455f56-1e6f-467d-b711-ebdf38b0095c/1/VT464zX5loCKi9x0liv78yJUct4.roa
Signing time: Sat 01 Jan 2022 12:01:18 +0000
ROA not before: Sat 01 Jan 2022 12:01:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15752
IP address blocks: 149.177.176.0/22 maxlen: 22
149.177.180.0/22 maxlen: 22
149.177.192.0/22 maxlen: 22
149.177.212.0/22 maxlen: 22
149.177.216.0/22 maxlen: 22
149.177.224.0/21 maxlen: 21
149.177.128.0/23 maxlen: 23
149.177.130.0/23 maxlen: 23
149.177.148.0/23 maxlen: 23
149.177.150.0/23 maxlen: 23
149.177.152.0/23 maxlen: 23
149.177.154.0/23 maxlen: 23
149.177.164.0/23 maxlen: 23
149.177.166.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 587903565 (0x230ab24d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4460d6554d581ebb80e39e45015cd7d36d93f66
Validity
Not Before: Jan 1 12:01:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=553e3ae335f996808a8bdc74962bfbf3225472de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:2d:05:53:6d:6d:f0:99:44:31:37:d8:a0:6e:
a1:83:e9:9f:0f:ed:09:76:4f:e6:e0:cd:31:f4:48:
f7:b5:49:9d:4c:ec:5e:5c:04:4d:c3:70:e0:2d:be:
95:6b:59:8b:75:eb:02:d5:73:4e:9e:d9:67:0b:f1:
bf:4a:5c:e0:12:91:36:6d:73:84:02:ea:d4:80:50:
08:56:e1:84:53:5b:b7:03:0a:fc:6b:24:fd:16:f5:
70:2b:24:20:6c:e5:32:8a:54:f4:2a:3a:2b:ca:68:
f8:0b:d3:f1:60:2c:19:bc:0e:a5:d7:ac:fd:3d:a1:
6b:82:fa:64:79:e1:37:c4:88:ea:2c:24:98:7e:cb:
4b:c0:2e:86:f7:ae:64:17:58:78:41:19:19:82:82:
d8:49:81:84:c3:ec:a3:d2:3c:b8:d3:bd:09:ad:40:
80:55:c2:32:f3:35:da:52:6a:4b:5d:a9:30:3f:4a:
39:91:ca:a5:e4:0b:d4:31:7c:92:29:63:c5:bc:3a:
3f:97:9f:e9:bf:96:a2:96:da:06:b8:f2:99:c6:a4:
4b:79:3f:13:2c:f8:a8:85:6a:d0:6f:13:0c:f8:b9:
63:bf:46:87:b6:07:80:19:4b:29:3b:f5:46:1e:5d:
ba:79:39:dd:4c:1e:b9:cc:b8:3c:1c:d6:e0:99:bb:
a8:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:3E:3A:E3:35:F9:96:80:8A:8B:DC:74:96:2B:FB:F3:22:54:72:DE
X509v3 Authority Key Identifier:
keyid:F4:46:0D:65:54:D5:81:EB:B8:0E:39:E4:50:15:CD:7D:36:D9:3F:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9EYNZVTVgeu4DjnkUBXNfTbZP2Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/455f56-1e6f-467d-b711-ebdf38b0095c/1/VT464zX5loCKi9x0liv78yJUct4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/455f56-1e6f-467d-b711-ebdf38b0095c/1/9EYNZVTVgeu4DjnkUBXNfTbZP2Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.177.128.0/22
149.177.148.0-149.177.155.255
149.177.164.0/22
149.177.176.0/21
149.177.192.0/22
149.177.212.0-149.177.219.255
149.177.224.0/21
Signature Algorithm: sha256WithRSAEncryption
a6:c7:44:a8:fb:8b:4a:8d:8e:37:01:26:5b:a8:2f:1c:cf:67:
59:0b:55:4c:8f:48:01:d6:6f:f6:4d:0b:d0:3f:b7:c5:89:1a:
23:9f:50:9d:b2:2f:62:28:4e:e7:8a:53:2c:73:17:9d:f9:86:
89:24:64:0e:64:d5:39:ce:d7:78:30:60:d1:cc:e1:11:3c:79:
5f:83:48:fb:54:4d:83:2f:b1:4d:76:23:6f:2c:a8:6f:d5:91:
cd:8c:68:0c:0e:fc:4e:e2:18:6c:2e:99:a8:39:c1:b5:54:b1:
17:15:0f:1b:f3:9a:02:bd:d9:92:be:9e:a7:00:3c:a7:4b:24:
67:bb:00:f6:4d:1d:e5:53:66:54:6d:cd:a3:35:97:4f:e6:0a:
08:38:9e:17:d7:b7:5a:86:90:27:e7:50:48:a7:24:d5:de:4f:
12:42:cb:d7:0d:46:ba:5c:f8:4b:b6:89:68:17:da:d2:40:2a:
3a:bd:d8:88:b2:00:42:25:4b:f6:dd:53:70:17:6a:b3:e9:9f:
d3:95:65:97:af:e5:d1:cb:fa:19:d7:aa:cf:db:d4:bc:66:e3:
09:cd:70:ae:db:b2:d1:81:98:30:fd:a4:a7:24:ed:32:b2:cb:
62:1c:c3:50:8f:ef:b5:ad:65:ad:be:67:ae:78:b9:d8:56:29:
e5:4f:88:e2
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIEIwqyTTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NDQ2MGQ2NTU0ZDU4MWViYjgwZTM5ZTQ1MDE1Y2Q3ZDM2ZDkzZjY2MB4XDTIyMDEw
MTEyMDExOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTUzZTNhZTMzNWY5
OTY4MDhhOGJkYzc0OTYyYmZiZjMyMjU0NzJkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMEtBVNtbfCZRDE32KBuoYPpnw/tCXZP5uDNMfRI97VJnUzs
XlwETcNw4C2+lWtZi3XrAtVzTp7ZZwvxv0pc4BKRNm1zhALq1IBQCFbhhFNbtwMK
/Gsk/Rb1cCskIGzlMopU9Co6K8po+AvT8WAsGbwOpdes/T2ha4L6ZHnhN8SI6iwk
mH7LS8AuhveuZBdYeEEZGYKC2EmBhMPso9I8uNO9Ca1AgFXCMvM12lJqS12pMD9K
OZHKpeQL1DF8kiljxbw6P5ef6b+WopbaBrjymcakS3k/Eyz4qIVq0G8TDPi5Y79G
h7YHgBlLKTv1Rh5dunk53Uweucy4PBzW4Jm7qO8CAwEAAaOCAj0wggI5MB0GA1Ud
DgQWBBRVPjrjNfmWgIqL3HSWK/vzIlRy3jAfBgNVHSMEGDAWgBT0Rg1lVNWB67gO
OeRQFc19Ntk/ZjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlFWU5aVlRWZ2V1NERqbmtVQlhOZlRiWlAyWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWYvNDU1ZjU2LTFlNmYtNDY3ZC1iNzExLWViZGYzOGIwMDk1Yy8x
L1ZUNDY0elg1bG9DS2k5eDBsaXY3OHlKVWN0NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWYv
NDU1ZjU2LTFlNmYtNDY3ZC1iNzExLWViZGYzOGIwMDk1Yy8xLzlFWU5aVlRWZ2V1
NERqbmtVQlhOZlRiWlAyWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBT
BggrBgEFBQcBBwEB/wREMEIwQAQCAAEwOgMEApWxgDAMAwQClbGUAwQClbGYAwQC
lbGkAwQDlbGwAwQClbHAMAwDBAKVsdQDBAKVsdgDBAOVseAwDQYJKoZIhvcNAQEL
BQADggEBAKbHRKj7i0qNjjcBJluoLxzPZ1kLVUyPSAHWb/ZNC9A/t8WJGiOfUJ2y
L2IoTueKUyxzF535hokkZA5k1TnO13gwYNHM4RE8eV+DSPtUTYMvsU12I28sqG/V
kc2MaAwO/E7iGGwumag5wbVUsRcVDxvzmgK92ZK+nqcAPKdLJGe7APZNHeVTZlRt
zaM1l0/mCgg4nhfXt1qGkCfnUEinJNXeTxJCy9cNRrpc+Eu2iWgX2tJAKjq92Iiy
AEIlS/bdU3AXarPpn9OVZZev5dHL+hnXqs/b1Lxm4wnNcK7bstGBmDD9pKck7TKy
y2Icw1CP77WtZa2+Z654udhWKeVPiOI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:51 2024 by rpki-client on console-fra.rpki-client.org