Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/011b5d-652e-452a-96c9-d8ec2cbcad26/1/Vgug-IDPL4U9AI6Q7ZuZ9sUZnp0.roa
File: Vgug-IDPL4U9AI6Q7ZuZ9sUZnp0.roa (raw, json)
Hash identifier: +kRxXE2JnkPlfBy1rBva5+dm3QURHNBxWgtU7DN1SgE=
Subject key identifier: 56:0B:A0:F8:80:CF:2F:85:3D:00:8E:90:ED:9B:99:F6:C5:19:9E:9D
Certificate issuer: /CN=577c0cd5a4cfd83d491d627d8b0fccb670e81534
Certificate serial: 12D42714
Authority key identifier: 57:7C:0C:D5:A4:CF:D8:3D:49:1D:62:7D:8B:0F:CC:B6:70:E8:15:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V3wM1aTP2D1JHWJ9iw_MtnDoFTQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/011b5d-652e-452a-96c9-d8ec2cbcad26/1/Vgug-IDPL4U9AI6Q7ZuZ9sUZnp0.roa
Signing time: Sat 01 Jan 2022 03:01:41 +0000
ROA not before: Sat 01 Jan 2022 03:01:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43775
IP address blocks: 91.147.152.0/24 maxlen: 24
91.147.157.0/24 maxlen: 24
91.147.156.0/24 maxlen: 24
91.147.154.0/24 maxlen: 24
91.147.153.0/24 maxlen: 24
91.147.159.0/24 maxlen: 24
91.147.158.0/24 maxlen: 24
91.147.164.0/24 maxlen: 24
91.147.163.0/24 maxlen: 24
91.147.162.0/24 maxlen: 24
91.147.161.0/24 maxlen: 24
91.147.160.0/24 maxlen: 24
91.147.160.0/20 maxlen: 20
91.147.171.0/24 maxlen: 24
91.147.170.0/24 maxlen: 24
91.147.175.0/24 maxlen: 24
91.147.173.0/24 maxlen: 24
91.147.129.0/24 maxlen: 24
91.147.128.0/19 maxlen: 19
91.147.128.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 315893524 (0x12d42714)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=577c0cd5a4cfd83d491d627d8b0fccb670e81534
Validity
Not Before: Jan 1 03:01:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=560ba0f880cf2f853d008e90ed9b99f6c5199e9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:a8:12:0f:85:8c:97:d8:42:03:30:0c:de:e8:
61:b8:4a:4d:8e:25:43:3e:98:84:af:77:b7:42:d3:
33:fe:74:fd:84:76:f6:6e:ec:20:ed:b5:1f:15:e6:
36:7e:43:4e:55:89:a6:bd:72:1f:26:e2:45:b1:c3:
0d:af:50:89:c9:bc:21:cf:df:ca:06:22:ab:a3:fb:
9e:72:af:cf:05:20:65:43:aa:e3:0f:a4:5d:85:98:
08:b0:6c:4c:8c:af:4d:3b:30:c4:6a:cd:75:27:37:
44:ec:66:1c:60:17:b6:e4:11:11:f1:d0:99:4b:f0:
50:79:25:f3:d0:df:7e:a5:f6:46:45:b8:e3:42:56:
82:de:68:ff:38:73:6f:da:1e:b5:c6:21:b4:f5:8e:
d7:d9:5e:6c:17:df:5f:72:3f:e3:6c:67:b0:ca:19:
8d:d2:32:a1:d3:62:c8:6b:d1:44:f9:3f:bf:e5:01:
12:28:1e:1d:b0:78:b3:23:3b:1f:5b:79:95:4b:e7:
3b:cf:81:41:83:c6:50:b9:fb:f6:8a:66:b1:05:29:
ec:7f:16:a3:29:1d:8c:46:2f:ff:ab:b9:03:17:a3:
bf:c7:1b:26:a5:1c:77:32:6e:bf:92:61:99:df:b3:
fe:73:bb:3d:b5:3d:94:6b:55:fc:79:1c:08:50:30:
fe:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:0B:A0:F8:80:CF:2F:85:3D:00:8E:90:ED:9B:99:F6:C5:19:9E:9D
X509v3 Authority Key Identifier:
keyid:57:7C:0C:D5:A4:CF:D8:3D:49:1D:62:7D:8B:0F:CC:B6:70:E8:15:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3wM1aTP2D1JHWJ9iw_MtnDoFTQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/011b5d-652e-452a-96c9-d8ec2cbcad26/1/Vgug-IDPL4U9AI6Q7ZuZ9sUZnp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/011b5d-652e-452a-96c9-d8ec2cbcad26/1/V3wM1aTP2D1JHWJ9iw_MtnDoFTQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.128.0-91.147.175.255
Signature Algorithm: sha256WithRSAEncryption
2f:55:13:2e:05:0f:6f:2c:57:26:02:09:b1:5b:ce:5b:ba:a3:
7f:da:a3:d2:05:3a:93:3c:18:14:ef:17:26:24:68:a4:18:28:
14:06:6b:e7:a4:f6:5b:e8:1d:af:b6:b4:84:8a:9c:1e:22:51:
ee:4f:47:0d:48:02:a4:24:cf:a9:58:36:cc:38:15:b1:0f:94:
89:b7:b5:dd:62:9c:bb:ab:4c:c8:f8:9f:0e:f4:8c:d7:00:00:
bd:2c:a5:22:08:30:04:d1:61:84:5d:79:92:d9:44:f2:cd:2e:
dc:49:d1:13:fb:cf:2a:f9:d0:db:30:bd:73:99:10:69:a5:0f:
84:7e:cf:9f:63:7c:03:f8:34:77:02:ba:e2:8b:28:70:f9:db:
15:f5:b5:b8:cc:bb:1d:cb:a6:32:6d:29:88:4b:f4:76:1c:e2:
cf:e0:1f:3b:64:21:ed:82:b6:55:21:82:96:91:dc:06:90:05:
8e:24:b2:1d:9f:df:9c:ed:1b:14:c3:30:ce:3f:d4:80:53:29:
91:2a:ea:5c:1c:50:01:68:42:3c:33:47:55:43:7c:2e:e7:62:
81:85:de:10:de:76:b3:17:5d:27:78:ff:88:d1:f7:82:01:8e:
40:90:8d:0d:f9:d1:74:f1:fd:33:ee:99:7a:b3:89:28:3e:b8:
ac:c2:ba:bb
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEEtQnFDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NzdjMGNkNWE0Y2ZkODNkNDkxZDYyN2Q4YjBmY2NiNjcwZTgxNTM0MB4XDTIyMDEw
MTAzMDE0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTYwYmEwZjg4MGNm
MmY4NTNkMDA4ZTkwZWQ5Yjk5ZjZjNTE5OWU5ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOSoEg+FjJfYQgMwDN7oYbhKTY4lQz6YhK93t0LTM/50/YR2
9m7sIO21HxXmNn5DTlWJpr1yHybiRbHDDa9Qicm8Ic/fygYiq6P7nnKvzwUgZUOq
4w+kXYWYCLBsTIyvTTswxGrNdSc3ROxmHGAXtuQREfHQmUvwUHkl89DffqX2RkW4
40JWgt5o/zhzb9oetcYhtPWO19lebBffX3I/42xnsMoZjdIyodNiyGvRRPk/v+UB
EigeHbB4syM7H1t5lUvnO8+BQYPGULn79opmsQUp7H8WoykdjEYv/6u5Axejv8cb
JqUcdzJuv5Jhmd+z/nO7PbU9lGtV/HkcCFAw/jkCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBRWC6D4gM8vhT0AjpDtm5n2xRmenTAfBgNVHSMEGDAWgBRXfAzVpM/YPUkd
Yn2LD8y2cOgVNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Yzd00xYVRQMkQxSkhXSjlpd19NdG5Eb0ZUUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvMDExYjVkLTY1MmUtNDUyYS05NmM5LWQ4ZWMyY2JjYWQyNi8x
L1ZndWctSURQTDRVOUFJNlE3WnVaOXNVWm5wMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
MDExYjVkLTY1MmUtNDUyYS05NmM5LWQ4ZWMyY2JjYWQyNi8xL1Yzd00xYVRQMkQx
SkhXSjlpd19NdG5Eb0ZUUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQHW5OAAwQEW5OgMA0GCSqGSIb3
DQEBCwUAA4IBAQAvVRMuBQ9vLFcmAgmxW85buqN/2qPSBTqTPBgU7xcmJGikGCgU
BmvnpPZb6B2vtrSEipweIlHuT0cNSAKkJM+pWDbMOBWxD5SJt7XdYpy7q0zI+J8O
9IzXAAC9LKUiCDAE0WGEXXmS2UTyzS7cSdET+88q+dDbML1zmRBppQ+Efs+fY3wD
+DR3Arriiyhw+dsV9bW4zLsdy6YybSmIS/R2HOLP4B87ZCHtgrZVIYKWkdwGkAWO
JLIdn9+c7RsUwzDOP9SAUymRKupcHFABaEI8M0dVQ3wu52KBhd4Q3nazF10neP+I
0feCAY5AkI0N+dF08f0z7pl6s4koPriswrq7
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:09 2025 by rpki-client