Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/276c24-2a7f-4726-8d9f-8bf4fe4c7732/1/vgXjA-_GtcPTzu8vkxHr9Vc4t2o.roa
File: vgXjA-_GtcPTzu8vkxHr9Vc4t2o.roa (raw, json)
Hash identifier: BjpcvVFcwkigMnoouLPhi/nkWsA8WJ6atM4B+ue7gIE=
Subject key identifier: BE:05:E3:03:EF:C6:B5:C3:D3:CE:EF:2F:93:11:EB:F5:57:38:B7:6A
Certificate issuer: /CN=fa56c7e660b1c74e3b0318b14338c3f00dd7bc72
Certificate serial: 12ECFC71
Authority key identifier: FA:56:C7:E6:60:B1:C7:4E:3B:03:18:B1:43:38:C3:F0:0D:D7:BC:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-lbH5mCxx047AxixQzjD8A3XvHI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/276c24-2a7f-4726-8d9f-8bf4fe4c7732/1/vgXjA-_GtcPTzu8vkxHr9Vc4t2o.roa
Signing time: Sat 01 Jan 2022 12:59:09 +0000
ROA not before: Sat 01 Jan 2022 12:59:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57704
IP address blocks: 192.145.120.0/22 maxlen: 22
192.145.120.0/24 maxlen: 24
192.145.122.0/24 maxlen: 24
192.145.121.0/24 maxlen: 24
192.145.123.0/24 maxlen: 24
185.5.221.0/24 maxlen: 24
185.5.220.0/22 maxlen: 22
185.5.220.0/24 maxlen: 24
185.5.223.0/24 maxlen: 24
185.5.222.0/24 maxlen: 24
176.106.40.0/21 maxlen: 24
2a03:7c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 317521009 (0x12ecfc71)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa56c7e660b1c74e3b0318b14338c3f00dd7bc72
Validity
Not Before: Jan 1 12:59:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=be05e303efc6b5c3d3ceef2f9311ebf55738b76a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:58:7c:1c:80:2c:97:15:98:d3:06:8e:d5:3e:
96:7c:19:70:22:ee:42:70:22:90:75:6e:b1:56:1c:
05:d5:5c:93:39:00:d8:45:65:4b:25:ad:bf:7f:0f:
9c:78:f3:2b:59:99:e4:f4:6d:2d:19:d4:23:1a:95:
a4:e8:08:7a:25:ec:be:95:f8:a8:cc:0f:31:0a:89:
3c:17:1d:c8:a4:2d:dc:ef:d0:12:ce:b6:be:74:e0:
ba:55:44:dd:31:96:ba:b4:29:35:3c:dd:b0:2e:ed:
22:2a:e1:ad:04:36:14:db:41:e1:62:48:03:b9:f5:
ea:57:6f:d3:b1:26:6a:fa:5f:75:1f:7a:98:35:f7:
44:c5:dc:3c:d9:58:3c:5d:31:36:91:74:1f:e2:4a:
f2:69:ac:73:80:e5:3a:3d:b0:23:f8:0c:6b:ca:0a:
37:f3:d6:e4:89:7d:a9:c8:f4:6e:1c:cb:45:c5:33:
b3:be:87:8b:9a:7f:72:68:2c:5a:c6:99:5a:eb:9a:
bb:d5:23:f1:4b:87:37:82:b3:05:70:29:68:f3:98:
ac:db:a8:f4:18:de:67:c1:db:ca:b0:23:33:e6:12:
6a:b3:69:8d:ac:b2:1d:49:bb:2a:4d:ac:ce:ce:2a:
c0:2d:03:9f:2b:60:85:bf:38:7b:ca:ef:f0:48:ec:
ff:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:05:E3:03:EF:C6:B5:C3:D3:CE:EF:2F:93:11:EB:F5:57:38:B7:6A
X509v3 Authority Key Identifier:
keyid:FA:56:C7:E6:60:B1:C7:4E:3B:03:18:B1:43:38:C3:F0:0D:D7:BC:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-lbH5mCxx047AxixQzjD8A3XvHI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/276c24-2a7f-4726-8d9f-8bf4fe4c7732/1/vgXjA-_GtcPTzu8vkxHr9Vc4t2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/276c24-2a7f-4726-8d9f-8bf4fe4c7732/1/1-lbH5mCxx047AxixQzjD8A3XvHI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.106.40.0/21
185.5.220.0/22
192.145.120.0/22
IPv6:
2a03:7c0::/32
Signature Algorithm: sha256WithRSAEncryption
54:16:84:d6:f4:15:4b:5b:e1:58:e8:18:98:53:95:23:88:81:
33:99:ee:33:e2:19:de:0e:af:e3:47:7a:06:54:a3:a5:7f:ab:
fc:be:d0:a8:21:ef:25:18:1b:17:fa:ad:72:ae:fe:e6:47:b8:
0c:38:f2:45:4b:c8:b8:4b:32:78:3c:85:1b:28:b6:19:cb:5f:
d9:b7:eb:2e:3b:63:aa:f2:c4:86:b7:81:e3:c2:70:8f:78:3d:
bc:c1:be:b5:ca:69:a6:39:be:73:e5:0b:ec:d9:aa:4c:76:b8:
0b:4b:cf:7f:89:20:1a:aa:4d:79:b4:63:20:b2:94:1a:25:77:
23:6a:8a:52:80:8e:8c:a8:7d:96:a4:f7:37:c7:0f:5a:28:e4:
ec:d6:dd:cc:36:9a:05:d4:45:fa:f0:cb:b9:92:92:f6:f2:3a:
68:71:99:9f:5c:93:c5:ca:07:a0:e9:33:30:5a:a4:41:ac:ac:
27:63:25:f0:66:a4:92:3c:f7:75:89:2a:2a:b7:d3:1d:4e:53:
4f:9a:45:19:da:e6:85:8a:8e:97:8c:14:34:5d:13:3f:59:db:
df:6e:98:ed:fc:b5:3a:f7:15:4e:4f:00:38:7a:c5:16:93:c1:
fc:d1:85:65:96:33:6d:95:d1:de:a9:8d:99:63:e1:be:2b:7c:
87:32:b9:a0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIEEuz8cTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YTU2YzdlNjYwYjFjNzRlM2IwMzE4YjE0MzM4YzNmMDBkZDdiYzcyMB4XDTIyMDEw
MTEyNTkwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmUwNWUzMDNlZmM2
YjVjM2QzY2VlZjJmOTMxMWViZjU1NzM4Yjc2YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKtYfByALJcVmNMGjtU+lnwZcCLuQnAikHVusVYcBdVckzkA
2EVlSyWtv38PnHjzK1mZ5PRtLRnUIxqVpOgIeiXsvpX4qMwPMQqJPBcdyKQt3O/Q
Es62vnTgulVE3TGWurQpNTzdsC7tIirhrQQ2FNtB4WJIA7n16ldv07EmavpfdR96
mDX3RMXcPNlYPF0xNpF0H+JK8mmsc4DlOj2wI/gMa8oKN/PW5Il9qcj0bhzLRcUz
s76Hi5p/cmgsWsaZWuuau9Uj8UuHN4KzBXApaPOYrNuo9BjeZ8HbyrAjM+YSarNp
jayyHUm7Kk2szs4qwC0Dnytghb84e8rv8Ejs/60CAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBS+BeMD78a1w9PO7y+TEev1Vzi3ajAfBgNVHSMEGDAWgBT6VsfmYLHHTjsD
GLFDOMPwDde8cjAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtbGJINW1DeHgwNDdBeGl4UXpqRDhBM1h2SEkuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzgyLzI3NmMyNC0yYTdmLTQ3MjYtOGQ5Zi04YmY0ZmU0Yzc3MzIv
MS92Z1hqQS1fR3RjUFR6dTh2a3hIcjlWYzR0Mm8ucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzgy
LzI3NmMyNC0yYTdmLTQ3MjYtOGQ5Zi04YmY0ZmU0Yzc3MzIvMS8xLWxiSDVtQ3h4
MDQ3QXhpeFF6akQ4QTNYdkhJLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDsGooAwQCuQXcAwQCwJF4MA0E
AgACMAcDBQAqAwfAMA0GCSqGSIb3DQEBCwUAA4IBAQBUFoTW9BVLW+FY6BiYU5Uj
iIEzme4z4hneDq/jR3oGVKOlf6v8vtCoIe8lGBsX+q1yrv7mR7gMOPJFS8i4SzJ4
PIUbKLYZy1/Zt+suO2Oq8sSGt4HjwnCPeD28wb61ymmmOb5z5Qvs2apMdrgLS89/
iSAaqk15tGMgspQaJXcjaopSgI6MqH2WpPc3xw9aKOTs1t3MNpoF1EX68Mu5kpL2
8jpocZmfXJPFygeg6TMwWqRBrKwnYyXwZqSSPPd1iSoqt9MdTlNPmkUZ2uaFio6X
jBQ0XRM/Wdvfbpjt/LU69xVOTwA4esUWk8H80YVlljNtldHeqY2ZY+G+K3yHMrmg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:07 2024 by rpki-client on console-fra.rpki-client.org