Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/vlz-eDacBOr8kW0vuYwY3e3EadM.roa
File: vlz-eDacBOr8kW0vuYwY3e3EadM.roa (raw, json)
Hash identifier: vnlHkVIdxyFLVrKNDhtGCU9tKSdzL5mXjEaoC4aMFLI=
Subject key identifier: BE:5C:FE:78:36:9C:04:EA:FC:91:6D:2F:B9:8C:18:DD:ED:C4:69:D3
Certificate issuer: /CN=90444b079df008a7c7cbe28fcba5dbe0620e8e17
Certificate serial: 05536B32
Authority key identifier: 90:44:4B:07:9D:F0:08:A7:C7:CB:E2:8F:CB:A5:DB:E0:62:0E:8E:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kERLB53wCKfHy-KPy6Xb4GIOjhc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/vlz-eDacBOr8kW0vuYwY3e3EadM.roa
Signing time: Fri 18 Mar 2022 08:01:13 +0000
ROA not before: Fri 18 Mar 2022 08:01:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47447
IP address blocks: 185.88.212.0/22 maxlen: 22
159.48.12.0/22 maxlen: 22
194.6.208.0/22 maxlen: 22
109.71.72.0/22 maxlen: 22
2a05:cc00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89353010 (0x5536b32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90444b079df008a7c7cbe28fcba5dbe0620e8e17
Validity
Not Before: Mar 18 08:01:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=be5cfe78369c04eafc916d2fb98c18ddedc469d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:87:12:51:ec:a4:5b:e1:bb:3a:53:0c:7b:29:
18:ab:40:04:af:88:8e:99:52:91:76:33:62:93:d7:
3c:89:14:bc:f8:fa:3b:91:6b:dc:bb:58:b4:95:30:
0b:78:c9:d4:05:f4:3c:d2:b2:b2:60:c9:ae:11:26:
66:7a:a5:88:49:6b:cc:b7:3e:80:88:ad:43:16:e7:
d2:42:64:bd:7a:ce:4e:41:73:29:20:f0:be:57:05:
a1:f9:aa:64:d5:01:3b:dd:cf:f9:68:54:dd:2f:c4:
73:b6:2d:52:d8:09:d4:fe:cf:aa:e5:9b:24:1b:e4:
4b:c1:df:f3:71:4e:c2:e4:37:11:00:28:c1:43:b9:
bd:d3:5f:44:20:76:0f:03:14:30:91:16:8d:a8:32:
4c:0a:12:f0:84:19:04:d4:39:81:61:2b:fd:24:ad:
62:34:1f:03:8c:84:78:8c:8e:e3:6c:54:e2:cd:c7:
20:76:84:b5:68:ca:06:b7:7a:43:e0:3a:7c:6e:91:
e6:f0:2a:97:35:3d:6d:2d:22:3e:6e:86:f6:9c:ed:
9a:41:15:0a:e7:27:ab:18:57:95:ed:9e:f6:59:ad:
b0:64:d7:92:da:b8:e7:82:e0:b5:11:29:c8:19:fb:
f4:9d:05:24:ac:36:d4:82:2f:3d:f4:75:bf:41:b9:
27:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:5C:FE:78:36:9C:04:EA:FC:91:6D:2F:B9:8C:18:DD:ED:C4:69:D3
X509v3 Authority Key Identifier:
keyid:90:44:4B:07:9D:F0:08:A7:C7:CB:E2:8F:CB:A5:DB:E0:62:0E:8E:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kERLB53wCKfHy-KPy6Xb4GIOjhc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/vlz-eDacBOr8kW0vuYwY3e3EadM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/kERLB53wCKfHy-KPy6Xb4GIOjhc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.71.72.0/22
159.48.12.0/22
185.88.212.0/22
194.6.208.0/22
IPv6:
2a05:cc00::/29
Signature Algorithm: sha256WithRSAEncryption
2a:2e:1f:bd:67:ec:21:e3:f4:81:bd:7e:27:ac:6b:f3:1a:2f:
86:28:1c:92:72:ca:27:d3:48:dd:a8:17:65:b3:5d:de:6e:7e:
20:68:15:c4:70:48:2b:52:23:3b:f5:52:f8:26:da:ec:cd:86:
d1:e8:02:c1:2a:22:b5:40:0d:d2:97:ff:6f:ed:2f:16:31:dd:
19:be:97:8e:d1:40:87:75:62:90:e3:b1:dc:38:06:ea:fe:76:
70:39:32:0a:a8:53:62:34:a2:43:d8:f0:6d:cf:4f:96:17:84:
e8:0b:90:99:69:6c:28:07:a9:12:47:8a:b9:01:e6:d5:29:df:
bd:3f:9d:6c:df:cc:a0:92:ae:26:be:16:1a:9e:5d:d5:05:3c:
b8:25:66:ae:c1:0d:e3:8c:2a:d2:e8:11:34:d4:be:af:d4:ef:
03:1b:4d:36:12:6c:10:47:ff:44:df:61:d8:ca:c5:d3:ca:7c:
b2:31:66:a8:bc:ff:e1:ca:b4:c6:d9:f5:f1:b3:76:02:46:1d:
9d:a0:84:90:2b:3f:67:1d:d1:51:b8:89:37:b0:36:58:87:23:
c0:8a:66:86:f7:46:ad:28:73:ac:00:c4:ce:ba:1e:c5:b9:c6:
92:81:12:58:82:ab:9f:df:bb:bf:19:9e:08:b2:ad:9e:38:97:
2a:2d:75:59
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEBVNrMjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MDQ0NGIwNzlkZjAwOGE3YzdjYmUyOGZjYmE1ZGJlMDYyMGU4ZTE3MB4XDTIyMDMx
ODA4MDExM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmU1Y2ZlNzgzNjlj
MDRlYWZjOTE2ZDJmYjk4YzE4ZGRlZGM0NjlkMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKyHElHspFvhuzpTDHspGKtABK+IjplSkXYzYpPXPIkUvPj6
O5Fr3LtYtJUwC3jJ1AX0PNKysmDJrhEmZnqliElrzLc+gIitQxbn0kJkvXrOTkFz
KSDwvlcFofmqZNUBO93P+WhU3S/Ec7YtUtgJ1P7PquWbJBvkS8Hf83FOwuQ3EQAo
wUO5vdNfRCB2DwMUMJEWjagyTAoS8IQZBNQ5gWEr/SStYjQfA4yEeIyO42xU4s3H
IHaEtWjKBrd6Q+A6fG6R5vAqlzU9bS0iPm6G9pztmkEVCucnqxhXle2e9lmtsGTX
ktq454LgtREpyBn79J0FJKw21IIvPfR1v0G5J2kCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBS+XP54NpwE6vyRbS+5jBjd7cRp0zAfBgNVHSMEGDAWgBSQREsHnfAIp8fL
4o/LpdvgYg6OFzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tFUkxCNTN3Q0tmSHktS1B5NlhiNEdJT2poYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGUvMjRlYzhlLTFjYzYtNDVlMy05MDYzLTk5MTQ5ODY3ZGJmNy8x
L3Zsei1lRGFjQk9yOGtXMHZ1WXdZM2UzRWFkTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUv
MjRlYzhlLTFjYzYtNDVlMy05MDYzLTk5MTQ5ODY3ZGJmNy8xL2tFUkxCNTN3Q0tm
SHktS1B5NlhiNEdJT2poYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAm1HSAMEAp8wDAMEArlY1AMEAsIG
0DANBAIAAjAHAwUDKgXMADANBgkqhkiG9w0BAQsFAAOCAQEAKi4fvWfsIeP0gb1+
J6xr8xovhigcknLKJ9NI3agXZbNd3m5+IGgVxHBIK1IjO/VS+Cba7M2G0egCwSoi
tUAN0pf/b+0vFjHdGb6XjtFAh3VikOOx3DgG6v52cDkyCqhTYjSiQ9jwbc9PlheE
6AuQmWlsKAepEkeKuQHm1SnfvT+dbN/MoJKuJr4WGp5d1QU8uCVmrsEN44wq0ugR
NNS+r9TvAxtNNhJsEEf/RN9h2MrF08p8sjFmqLz/4cq0xtn18bN2AkYdnaCEkCs/
Zx3RUbiJN7A2WIcjwIpmhvdGrShzrADEzroexbnGkoESWIKrn9+7vxmeCLKtnjiX
Ki11WQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:23 2025 by rpki-client