Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vdY-mqX7_QFEMclULrRVYn_k5cw.roa
File: vdY-mqX7_QFEMclULrRVYn_k5cw.roa (raw, json)
Hash identifier: opP+PXL/GfJoJK2pWmeHyMZpKBFzNMkNdGFPGVtOIMI=
Subject key identifier: BD:D6:3E:9A:A5:FB:FD:01:44:31:C9:54:2E:B4:55:62:7F:E4:E5:CC
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01830E52CFEAB1768FFACB6139566F006D69
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vdY-mqX7_QFEMclULrRVYn_k5cw.roa
Signing time: Mon 05 Sep 2022 15:44:11 +0000
ROA not before: Mon 05 Sep 2022 15:44:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400377
IP address blocks: 109.206.242.0/24 maxlen: 24
212.87.204.0/24 maxlen: 24
80.76.51.0/24 maxlen: 24
185.218.138.0/24 maxlen: 24
85.31.44.0/24 maxlen: 24
185.225.74.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
185.246.222.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:0e:52:cf:ea:b1:76:8f:fa:cb:61:39:56:6f:00:6d:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 5 15:44:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bdd63e9aa5fbfd014431c9542eb455627fe4e5cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:46:9c:5c:36:bb:dc:d4:50:16:28:45:37:6e:
ff:09:45:f1:fe:7a:99:72:1e:82:ae:37:fb:b7:3c:
3d:3c:e8:d3:6e:2e:6c:55:b7:71:80:48:1b:97:9b:
d6:b9:fa:81:5e:6e:db:b7:83:ea:f1:66:d0:08:e8:
63:14:a9:6d:c7:1d:f2:fc:0b:ac:27:c6:a0:d3:0a:
11:58:52:74:78:9a:dd:74:72:4d:86:04:38:66:38:
7f:db:e3:2f:e9:69:cb:d6:a6:eb:b0:1e:a3:6e:1a:
14:d4:33:b7:c5:25:b0:f6:ef:d2:e4:96:01:82:02:
d0:4e:78:4d:56:94:c9:23:74:d2:fd:20:d3:bc:b9:
90:bf:cc:00:ae:03:3b:8c:07:ba:26:b4:92:90:85:
04:9f:87:96:b2:91:d4:87:c3:e9:65:49:67:09:0a:
93:6c:70:c0:a0:79:63:7c:b7:35:da:ba:8f:86:16:
76:ab:66:da:01:30:a3:1c:28:8a:ae:60:13:52:17:
66:57:dc:85:2c:22:b5:8f:50:fc:e3:02:79:fc:01:
b0:7e:3f:ed:38:c5:2d:82:04:d2:1f:4b:a9:32:ab:
8b:61:e4:f6:e7:b1:e2:6e:f5:0f:ee:80:e3:33:63:
c9:e2:3a:6d:56:56:8d:a5:08:fe:06:72:5c:e9:28:
87:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:D6:3E:9A:A5:FB:FD:01:44:31:C9:54:2E:B4:55:62:7F:E4:E5:CC
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vdY-mqX7_QFEMclULrRVYn_k5cw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.76.51.0/24
85.31.44.0/24
109.206.242.0/24
185.218.138.0/24
185.225.74.0/24
185.246.222.0/24
194.55.186.0/24
212.87.204.0/24
Signature Algorithm: sha256WithRSAEncryption
49:0d:f3:a1:15:08:6f:da:f2:21:13:52:c0:68:1c:56:6f:25:
41:d4:38:c6:71:ee:6e:6c:19:93:5a:54:c7:a8:3f:66:48:0f:
89:4a:75:5a:0f:6b:27:f3:e8:bd:3c:f6:73:fd:1e:7c:80:d9:
6f:5c:b5:74:c3:96:b2:4f:39:eb:b9:90:13:8c:6c:36:03:5e:
fe:2e:1c:e4:81:51:da:e0:6c:63:58:93:82:78:fa:3e:cc:81:
76:c6:14:30:96:42:d7:75:de:50:1b:15:25:b6:33:dc:65:6e:
c8:2f:2e:09:23:4a:87:01:5b:4a:8f:18:98:c8:ff:37:ea:94:
24:1d:f0:17:75:7b:3b:0d:07:8f:f3:db:09:f9:ce:ec:ee:d2:
db:ed:b5:fc:46:66:1b:28:83:a4:5f:ff:54:7f:d7:c3:f5:11:
ce:f0:e8:8f:68:d0:85:16:dc:bd:44:fa:88:5b:19:f9:16:37:
7f:3e:8a:4b:10:f7:0e:6d:12:55:9e:49:54:10:96:4c:11:72:
b6:6b:90:8d:ae:b6:9e:97:89:8e:cc:e2:5f:51:bd:d0:62:33:
fc:db:c7:e6:a3:47:d3:2b:da:ba:d4:2b:d8:f9:0e:14:c9:43:
40:5c:3c:47:d6:e8:ba:53:19:9e:55:29:15:54:b4:ed:e3:44:
6b:af:b7:de
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYMOUs/qsXaP+sthOVZvAG1pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIwOTA1MTU0NDExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGQ2M2U5YWE1ZmJmZDAxNDQzMWM5NTQyZWI0NTU2MjdmZTRlNWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiEacXDa73NRQFihFN27/CUXx/nqZ
ch6Crjf7tzw9POjTbi5sVbdxgEgbl5vWufqBXm7bt4Pq8WbQCOhjFKltxx3y/Aus
J8ag0woRWFJ0eJrddHJNhgQ4Zjh/2+Mv6WnL1qbrsB6jbhoU1DO3xSWw9u/S5JYB
ggLQTnhNVpTJI3TS/SDTvLmQv8wArgM7jAe6JrSSkIUEn4eWspHUh8PpZUlnCQqT
bHDAoHljfLc12rqPhhZ2q2baATCjHCiKrmATUhdmV9yFLCK1j1D84wJ5/AGwfj/t
OMUtggTSH0upMquLYeT257HibvUP7oDjM2PJ4jptVlaNpQj+BnJc6SiHnQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFL3WPpql+/0BRDHJVC60VWJ/5OXMMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdmRZLW1xWDdfUUZFTWNsVUxyUlZZbl9rNWN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAUEwzAwQA
VR8sAwQAbc7yAwQAudqKAwQAueFKAwQAufbeAwQAwje6AwQA1FfMMA0GCSqGSIb3
DQEBCwUAA4IBAQBJDfOhFQhv2vIhE1LAaBxWbyVB1DjGce5ubBmTWlTHqD9mSA+J
SnVaD2sn8+i9PPZz/R58gNlvXLV0w5ayTznruZATjGw2A17+LhzkgVHa4GxjWJOC
ePo+zIF2xhQwlkLXdd5QGxUltjPcZW7ILy4JI0qHAVtKjxiYyP836pQkHfAXdXs7
DQeP89sJ+c7s7tLb7bX8RmYbKIOkX/9Uf9fD9RHO8OiPaNCFFty9RPqIWxn5Fjd/
PopLEPcObRJVnklUEJZMEXK2a5CNrrael4mOzOJfUb3QYjP828fmo0fTK9q61CvY
+Q4UyUNAXDxH1ui6UxmeVSkVVLTt40Rrr7fe
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:50 2023 by rpki-client on console-fra.rpki-client.org