Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/VpZUp3x7hEsQKpeO8zt-Nl3hFlI.roa
File: VpZUp3x7hEsQKpeO8zt-Nl3hFlI.roa (raw, json)
Hash identifier: +MFd1VktRTdHApEFo1AwR41dJi23AeK+VoVMcyp5gSY=
Subject key identifier: 56:96:54:A7:7C:7B:84:4B:10:2A:97:8E:F3:3B:7E:36:5D:E1:16:52
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0182CABFFE188169AB16E3D9A1933493D709
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/VpZUp3x7hEsQKpeO8zt-Nl3hFlI.roa
Signing time: Tue 23 Aug 2022 12:49:16 +0000
ROA not before: Tue 23 Aug 2022 12:49:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211252
IP address blocks: 212.193.30.0/24 maxlen: 24
212.192.8.0/24 maxlen: 24
195.133.18.0/24 maxlen: 24
195.133.38.0/24 maxlen: 24
195.133.40.0/24 maxlen: 24
194.87.84.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ca:bf:fe:18:81:69:ab:16:e3:d9:a1:93:34:93:d7:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 23 12:49:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=569654a77c7b844b102a978ef33b7e365de11652
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:c9:cc:cd:3f:9d:c3:a8:b1:a5:95:a9:e8:ed:
d2:be:a3:9a:a2:d8:3c:07:35:6d:a3:80:02:6b:cc:
66:84:60:af:de:cc:33:88:28:0c:a0:7f:68:d4:47:
a8:53:ca:9c:af:65:56:e3:f8:51:0b:25:fe:5f:e0:
e4:05:88:ca:51:66:99:ba:d0:94:98:16:ec:82:09:
a6:9b:7a:f4:c3:96:37:e3:1a:8e:79:63:75:de:c5:
b5:61:92:56:04:b9:89:cb:27:dc:68:0f:92:8c:ac:
a4:c4:ae:08:f3:af:09:c0:29:23:e0:d9:ab:1f:85:
11:6f:1c:dd:3f:60:b9:03:7b:bb:b9:bc:3c:a7:c4:
dc:6c:e2:4c:eb:a3:5a:ea:b3:4d:ac:37:56:89:e6:
f5:75:96:e2:0f:e9:32:de:c6:05:88:ba:ac:46:8d:
f4:63:44:3e:f6:96:0d:18:77:d9:c3:02:19:7f:4d:
2b:c6:8e:94:d1:63:39:80:53:16:d9:cf:de:d4:d1:
21:57:8d:89:5b:ca:fd:5c:57:3b:c3:69:59:61:eb:
1e:e2:2e:81:e5:f2:51:a3:06:9a:e0:07:99:3a:c5:
0f:9f:61:33:53:41:07:8c:20:2b:b5:d1:fa:c9:3a:
c8:68:84:f5:31:16:11:49:b2:ae:6c:e7:87:6b:87:
44:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:96:54:A7:7C:7B:84:4B:10:2A:97:8E:F3:3B:7E:36:5D:E1:16:52
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/VpZUp3x7hEsQKpeO8zt-Nl3hFlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.84.0/22
195.133.18.0/24
195.133.38.0/24
195.133.40.0/24
212.192.8.0/24
212.193.30.0/24
Signature Algorithm: sha256WithRSAEncryption
84:96:4b:0b:a6:87:f9:ff:5b:3a:96:1a:68:b4:bb:3e:5b:05:
35:3e:58:91:69:84:69:db:27:17:3e:8d:f0:00:cd:55:eb:40:
1a:63:f4:71:04:41:1e:d8:a8:5f:33:d7:01:a5:b2:d4:87:dc:
e8:8f:3e:5e:5e:b6:5e:9c:80:48:b4:d9:39:82:c5:de:23:15:
47:af:9c:52:55:2a:ce:4e:52:88:ae:48:23:53:58:e5:ef:55:
6a:b5:50:67:1a:18:5f:78:72:72:61:f4:d1:8f:22:b5:5a:63:
a8:7d:25:9d:3c:8c:41:36:a3:73:ba:60:91:19:8b:ea:af:1f:
83:dc:77:26:22:42:7c:91:95:6d:b1:18:49:77:63:48:63:f0:
27:0f:a6:ae:c1:89:44:d8:87:e3:52:75:18:8c:c7:41:c1:69:
3a:f2:d2:89:de:87:94:44:b8:1b:f1:35:4d:d3:6c:12:6c:04:
9f:06:cb:b1:ab:0a:07:ee:4b:94:b2:36:33:d5:ec:03:ed:bc:
c3:01:11:27:63:5c:b7:43:07:fd:3c:d0:67:c7:35:02:d0:19:
7f:59:eb:24:f7:0a:75:26:c6:08:cd:4e:07:00:0c:fe:a0:c0:
4c:89:4b:88:70:68:09:29:b1:ac:0a:02:0e:f0:98:cc:08:eb:
a7:94:4c:8e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYLKv/4YgWmrFuPZoZM0k9cJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIwODIzMTI0OTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Njk2NTRhNzdjN2I4NDRiMTAyYTk3OGVmMzNiN2UzNjVkZTExNjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8nMzT+dw6ixpZWp6O3SvqOaotg8
BzVto4ACa8xmhGCv3swziCgMoH9o1EeoU8qcr2VW4/hRCyX+X+DkBYjKUWaZutCU
mBbsggmmm3r0w5Y34xqOeWN13sW1YZJWBLmJyyfcaA+SjKykxK4I868JwCkj4Nmr
H4URbxzdP2C5A3u7ubw8p8TcbOJM66Na6rNNrDdWieb1dZbiD+ky3sYFiLqsRo30
Y0Q+9pYNGHfZwwIZf00rxo6U0WM5gFMW2c/e1NEhV42JW8r9XFc7w2lZYese4i6B
5fJRowaa4AeZOsUPn2EzU0EHjCArtdH6yTrIaIT1MRYRSbKubOeHa4dEmwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFaWVKd8e4RLECqXjvM7fjZd4RZSMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVnBaVXAzeDdoRXNRS3BlTzh6dC1ObDNoRmxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCwldUAwQA
w4USAwQAw4UmAwQAw4UoAwQA1MAIAwQA1MEeMA0GCSqGSIb3DQEBCwUAA4IBAQCE
lksLpof5/1s6lhpotLs+WwU1PliRaYRp2ycXPo3wAM1V60AaY/RxBEEe2KhfM9cB
pbLUh9zojz5eXrZenIBItNk5gsXeIxVHr5xSVSrOTlKIrkgjU1jl71VqtVBnGhhf
eHJyYfTRjyK1WmOofSWdPIxBNqNzumCRGYvqrx+D3HcmIkJ8kZVtsRhJd2NIY/An
D6auwYlE2IfjUnUYjMdBwWk68tKJ3oeURLgb8TVN02wSbASfBsuxqwoH7kuUsjYz
1ewD7bzDAREnY1y3Qwf9PNBnxzUC0Bl/Wesk9wp1JsYIzU4HAAz+oMBMiUuIcGgJ
KbGsCgIO8JjMCOunlEyO
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:05 2023 by rpki-client on console-fra.rpki-client.org