Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/_VNClgM9UGhT4-zLVXze83yKCI8.roa
File: _VNClgM9UGhT4-zLVXze83yKCI8.roa (raw, json)
Hash identifier: MA010mzqAznhQDkWdQ1cm/3DekaLpdeB10Pq6M0rq6g=
Subject key identifier: FD:53:42:96:03:3D:50:68:53:E3:EC:CB:55:7C:DE:F3:7C:8A:08:8F
Certificate issuer: /CN=624ad4535ac88dd534199f2a726095af71afe44e
Certificate serial: 0698E020
Authority key identifier: 62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/_VNClgM9UGhT4-zLVXze83yKCI8.roa
Signing time: Tue 01 Feb 2022 18:36:33 +0000
ROA not before: Tue 01 Feb 2022 18:36:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208485
IP address blocks: 185.233.127.0/24 maxlen: 24
31.171.156.0/24 maxlen: 24
109.74.29.0/24 maxlen: 24
109.74.28.0/24 maxlen: 24
109.74.31.0/24 maxlen: 24
109.74.30.0/24 maxlen: 24
194.113.95.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 110682144 (0x698e020)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624ad4535ac88dd534199f2a726095af71afe44e
Validity
Not Before: Feb 1 18:36:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fd534296033d506853e3eccb557cdef37c8a088f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:56:cf:fa:9e:d0:eb:d9:d7:77:ed:b9:e2:3c:
be:c5:e0:70:b7:ea:13:2f:50:26:b6:cd:ad:6a:c9:
59:2d:d4:03:28:9f:93:be:8c:c3:a9:f3:e7:c3:71:
5b:55:d2:5e:5e:b2:8f:e2:2c:60:fb:55:2b:27:73:
ad:b4:69:da:97:bf:c1:ff:2c:56:58:28:c0:a4:88:
20:ac:aa:4b:76:39:f1:98:ce:48:84:dd:8d:7f:fc:
12:c8:55:15:5c:c2:65:1d:f4:6a:56:ce:46:d8:3c:
22:8f:2d:00:e4:c4:5d:fe:bf:20:05:04:03:84:54:
f1:d0:d6:2e:5b:88:e6:ac:b4:4a:d0:03:dd:91:df:
8b:20:f6:c8:fc:35:34:96:9f:4f:63:61:71:74:ca:
a9:d4:2d:c9:8f:af:23:a7:aa:38:0f:3e:35:7e:51:
a6:d7:6c:68:4b:f2:84:7f:b8:fc:f0:09:63:1b:2d:
33:3a:a4:48:a8:c7:77:18:90:32:58:37:f9:5c:e5:
c4:1f:ad:76:d4:f9:2e:56:26:54:5b:15:71:58:a4:
43:0b:51:02:26:67:ef:1e:db:2a:5a:ab:e7:c7:2e:
e9:41:14:21:ff:b1:af:64:c6:c7:6b:68:28:cf:38:
ed:9d:78:53:6c:06:c3:2d:69:2c:5a:28:aa:b0:88:
fc:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:53:42:96:03:3D:50:68:53:E3:EC:CB:55:7C:DE:F3:7C:8A:08:8F
X509v3 Authority Key Identifier:
keyid:62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/_VNClgM9UGhT4-zLVXze83yKCI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.156.0/24
109.74.28.0/22
185.233.127.0/24
194.113.95.0/24
Signature Algorithm: sha256WithRSAEncryption
06:ef:aa:e7:30:1e:30:c4:28:bd:11:2a:1e:6b:33:7f:d1:a3:
7f:32:f4:02:e5:6d:a5:ee:d5:19:db:00:51:b0:91:20:b1:e7:
b6:52:c5:c6:f0:da:ed:c4:e3:a0:57:e6:b6:dc:1e:65:10:18:
71:44:6e:59:a6:10:66:d2:fc:04:8d:dc:d9:70:5e:73:40:be:
24:a4:e7:03:0a:2b:ca:d4:c8:ff:a4:3e:1b:2f:e0:7c:18:9a:
a1:4d:f1:55:84:f8:fa:0b:ec:59:78:04:58:0b:bb:cd:09:96:
1f:ce:46:19:cd:30:80:e3:89:fa:58:82:3b:72:d3:41:94:a7:
d2:35:3d:f6:0d:ed:0d:3b:49:77:d1:da:07:f6:5f:e6:1c:06:
6e:f0:bc:8c:0e:a9:c2:51:9d:28:3e:d4:b3:1b:29:4b:13:d1:
4f:f0:23:ac:2e:4d:a4:2e:6a:c2:6d:e0:74:d7:fd:b1:e4:2c:
86:42:35:1d:bd:ba:9c:99:c2:2c:54:56:b2:5e:86:c3:20:98:
d7:c1:54:9e:fd:69:12:fd:6c:fc:b4:44:be:c8:4e:39:54:58:
ec:8b:5d:8a:9f:69:dc:73:27:b7:0d:a5:5c:c8:4e:07:94:78:
78:4e:ef:b8:fd:d2:b5:7c:99:b7:4d:8f:25:7f:e1:c3:11:f8:
28:16:c9:1c
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEBpjgIDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MjRhZDQ1MzVhYzg4ZGQ1MzQxOTlmMmE3MjYwOTVhZjcxYWZlNDRlMB4XDTIyMDIw
MTE4MzYzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmQ1MzQyOTYwMzNk
NTA2ODUzZTNlY2NiNTU3Y2RlZjM3YzhhMDg4ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALtWz/qe0OvZ13ftueI8vsXgcLfqEy9QJrbNrWrJWS3UAyif
k76Mw6nz58NxW1XSXl6yj+IsYPtVKydzrbRp2pe/wf8sVlgowKSIIKyqS3Y58ZjO
SITdjX/8EshVFVzCZR30albORtg8Io8tAOTEXf6/IAUEA4RU8dDWLluI5qy0StAD
3ZHfiyD2yPw1NJafT2NhcXTKqdQtyY+vI6eqOA8+NX5RptdsaEvyhH+4/PAJYxst
MzqkSKjHdxiQMlg3+VzlxB+tdtT5LlYmVFsVcVikQwtRAiZn7x7bKlqr58cu6UEU
If+xr2TGx2toKM847Z14U2wGwy1pLFooqrCI/NsCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBT9U0KWAz1QaFPj7MtVfN7zfIoIjzAfBgNVHSMEGDAWgBRiStRTWsiN1TQZ
nypyYJWvca/kTjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lrclVVMXJJamRVMEdaOHFjbUNWcjNHdjVFNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvYWExMDE5LTU2NGYtNGM0Ni1hMjE3LWZiNTk0OTgwOGRkYy8x
L19WTkNsZ005VUdoVDQtekxWWHplODN5S0NJOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
YWExMDE5LTU2NGYtNGM0Ni1hMjE3LWZiNTk0OTgwOGRkYy8xL1lrclVVMXJJamRV
MEdaOHFjbUNWcjNHdjVFNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAB+rnAMEAm1KHAMEALnpfwMEAMJx
XzANBgkqhkiG9w0BAQsFAAOCAQEABu+q5zAeMMQovREqHmszf9GjfzL0AuVtpe7V
GdsAUbCRILHntlLFxvDa7cTjoFfmttweZRAYcURuWaYQZtL8BI3c2XBec0C+JKTn
AworytTI/6Q+Gy/gfBiaoU3xVYT4+gvsWXgEWAu7zQmWH85GGc0wgOOJ+liCO3LT
QZSn0jU99g3tDTtJd9HaB/Zf5hwGbvC8jA6pwlGdKD7UsxspSxPRT/AjrC5NpC5q
wm3gdNf9seQshkI1Hb26nJnCLFRWsl6GwyCY18FUnv1pEv1s/LREvshOOVRY7Itd
ip9p3HMntw2lXMhOB5R4eE7vuP3StXyZt02PJX/hwxH4KBbJHA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:34 2025 by rpki-client