Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/22112e-4e13-43d0-9eb1-0da3caa91429/1/VNCiMJXKJZivhBXqAcT5UKVKhYE.roa
File: VNCiMJXKJZivhBXqAcT5UKVKhYE.roa (raw, json)
Hash identifier: jo09A/d5i7Zmh3lQH6SnY1EHd+qdarAzgQ9/w4f11Mc=
Subject key identifier: 54:D0:A2:30:95:CA:25:98:AF:84:15:EA:01:C4:F9:50:A5:4A:85:81
Certificate issuer: /CN=82b136e6820d94f03b1c5d71eee3d4b22191528f
Certificate serial: 02B25ACE
Authority key identifier: 82:B1:36:E6:82:0D:94:F0:3B:1C:5D:71:EE:E3:D4:B2:21:91:52:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/grE25oINlPA7HF1x7uPUsiGRUo8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/22112e-4e13-43d0-9eb1-0da3caa91429/1/VNCiMJXKJZivhBXqAcT5UKVKhYE.roa
Signing time: Sat 01 Jan 2022 15:55:43 +0000
ROA not before: Sat 01 Jan 2022 15:55:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213035
IP address blocks: 193.56.104.0/24 maxlen: 24
193.56.105.0/24 maxlen: 24
185.37.33.0/24 maxlen: 24
185.37.34.0/24 maxlen: 24
185.37.35.0/24 maxlen: 24
185.37.32.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45243086 (0x2b25ace)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82b136e6820d94f03b1c5d71eee3d4b22191528f
Validity
Not Before: Jan 1 15:55:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=54d0a23095ca2598af8415ea01c4f950a54a8581
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d3:7c:a0:9a:66:2f:b1:17:1c:bd:59:f2:e4:
e1:7e:0a:72:bd:cd:03:13:13:86:ac:fd:8c:c5:35:
14:a7:97:2c:9f:df:64:0b:8b:7f:6b:17:e4:2f:90:
c3:75:cb:a3:7f:f4:4e:61:ec:a5:a1:54:0d:f7:bd:
be:0d:da:d3:44:2b:07:c4:7e:c4:b9:9e:9e:be:97:
51:a6:41:4e:fa:c2:ff:c8:20:2e:64:43:f1:de:fe:
6d:a3:f3:b9:7d:5b:91:f4:a2:74:14:48:3a:39:57:
98:76:5b:47:0c:6d:04:c1:83:05:89:9b:1d:28:a8:
54:18:65:a3:55:1c:81:fd:5a:a3:1e:01:20:4c:22:
2a:d5:5e:ac:1d:ce:77:82:c9:bb:1c:3a:b4:33:89:
a5:5f:27:27:4e:c1:65:8f:b3:fc:d1:cb:55:c9:3e:
a6:00:31:67:b0:9f:9a:c9:34:7d:75:f5:ab:7f:8c:
bb:f7:c8:f7:61:9a:71:3a:c1:43:cc:d3:e4:f8:5d:
c5:dd:67:6c:5a:40:a7:84:52:cb:c2:65:58:9d:6c:
9e:10:6e:73:28:5d:52:e5:bb:a5:0e:d1:c5:a8:97:
fc:14:b4:76:fd:58:1a:ce:f3:a3:72:4b:05:1f:97:
8a:e6:4a:3a:aa:e4:50:59:8a:05:ca:3e:b9:d9:c5:
38:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:D0:A2:30:95:CA:25:98:AF:84:15:EA:01:C4:F9:50:A5:4A:85:81
X509v3 Authority Key Identifier:
keyid:82:B1:36:E6:82:0D:94:F0:3B:1C:5D:71:EE:E3:D4:B2:21:91:52:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/grE25oINlPA7HF1x7uPUsiGRUo8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/22112e-4e13-43d0-9eb1-0da3caa91429/1/VNCiMJXKJZivhBXqAcT5UKVKhYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/22112e-4e13-43d0-9eb1-0da3caa91429/1/grE25oINlPA7HF1x7uPUsiGRUo8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.32.0/22
193.56.104.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:de:55:93:1c:b8:0b:bc:5c:56:37:75:b1:ca:ea:f3:dc:a9:
46:54:5b:ff:df:a1:c0:8c:e4:fd:24:4d:f2:98:17:ec:f5:6b:
d6:df:b8:67:86:08:77:b8:4b:cd:af:d3:47:eb:6e:2e:ee:89:
97:50:a9:13:6b:64:9c:93:e0:14:80:dd:29:d9:7c:ea:70:28:
2d:03:0f:d5:3c:64:4c:4f:3e:d6:79:76:ae:b2:89:dd:86:16:
df:cb:ca:e7:95:40:7c:1d:07:14:4d:f8:24:e4:6d:7e:9a:a1:
81:ac:71:aa:ae:9b:91:93:0d:bd:33:36:87:0f:ab:f8:57:37:
a7:80:51:18:f9:26:39:18:c0:a9:25:76:0a:3d:8a:0e:45:57:
72:a0:55:5f:fe:e3:ef:ae:02:a8:91:25:96:d0:be:84:72:58:
39:5e:d4:d9:5b:6a:8f:e8:1e:55:c2:b9:ee:91:91:6f:3e:6e:
35:aa:a4:2e:5f:a2:42:89:8c:23:5b:88:ae:5b:23:45:bf:1e:
21:19:55:4b:70:03:14:b5:54:51:6f:2e:c9:1b:e1:a1:e7:04:
97:e9:c8:53:3f:1e:99:1b:aa:28:d0:c3:a7:ff:0c:af:c4:e6:
6c:df:28:12:24:77:4f:a5:ee:9e:63:dc:1c:ce:0b:62:5e:55:
0b:af:d6:5c
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEArJazjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MmIxMzZlNjgyMGQ5NGYwM2IxYzVkNzFlZWUzZDRiMjIxOTE1MjhmMB4XDTIyMDEw
MTE1NTU0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTRkMGEyMzA5NWNh
MjU5OGFmODQxNWVhMDFjNGY5NTBhNTRhODU4MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKjTfKCaZi+xFxy9WfLk4X4Kcr3NAxMThqz9jMU1FKeXLJ/f
ZAuLf2sX5C+Qw3XLo3/0TmHspaFUDfe9vg3a00QrB8R+xLmenr6XUaZBTvrC/8gg
LmRD8d7+baPzuX1bkfSidBRIOjlXmHZbRwxtBMGDBYmbHSioVBhlo1Ucgf1aox4B
IEwiKtVerB3Od4LJuxw6tDOJpV8nJ07BZY+z/NHLVck+pgAxZ7Cfmsk0fXX1q3+M
u/fI92GacTrBQ8zT5Phdxd1nbFpAp4RSy8JlWJ1snhBucyhdUuW7pQ7RxaiX/BS0
dv1YGs7zo3JLBR+XiuZKOqrkUFmKBco+udnFOFECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRU0KIwlcolmK+EFeoBxPlQpUqFgTAfBgNVHSMEGDAWgBSCsTbmgg2U8Dsc
XXHu49SyIZFSjzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dyRTI1b0lObFBBN0hGMXg3dVBVc2lHUlVvOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDIvMjIxMTJlLTRlMTMtNDNkMC05ZWIxLTBkYTNjYWE5MTQyOS8x
L1ZOQ2lNSlhLSlppdmhCWHFBY1Q1VUtWS2hZRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDIv
MjIxMTJlLTRlMTMtNDNkMC05ZWIxLTBkYTNjYWE5MTQyOS8xL2dyRTI1b0lObFBB
N0hGMXg3dVBVc2lHUlVvOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArklIAMEAcE4aDANBgkqhkiG9w0B
AQsFAAOCAQEACt5Vkxy4C7xcVjd1scrq89ypRlRb/9+hwIzk/SRN8pgX7PVr1t+4
Z4YId7hLza/TR+tuLu6Jl1CpE2tknJPgFIDdKdl86nAoLQMP1TxkTE8+1nl2rrKJ
3YYW38vK55VAfB0HFE34JORtfpqhgaxxqq6bkZMNvTM2hw+r+Fc3p4BRGPkmORjA
qSV2Cj2KDkVXcqBVX/7j764CqJElltC+hHJYOV7U2Vtqj+geVcK57pGRbz5uNaqk
Ll+iQomMI1uIrlsjRb8eIRlVS3ADFLVUUW8uyRvhoecEl+nIUz8emRuqKNDDp/8M
r8TmbN8oEiR3T6XunmPcHM4LYl5VC6/WXA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:07 2024 by rpki-client on console-ams.rpki-client.org