Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/5e6116-56e6-4c1d-9683-4b22fc5184a2/1/vPo0e3O-gspxqeAnApEedJ5mrG4.roa
File: vPo0e3O-gspxqeAnApEedJ5mrG4.roa (raw, json)
Hash identifier: 8zlcL0PEUhEEgwCOqqEWM6Wf1CVxr5HHdyNIcOSVWro=
Subject key identifier: BC:FA:34:7B:73:BE:82:CA:71:A9:E0:27:02:91:1E:74:9E:66:AC:6E
Certificate issuer: /CN=45b9854b044594e6cf0846fb41de7b0908fb5f72
Certificate serial: 348FAD5C
Authority key identifier: 45:B9:85:4B:04:45:94:E6:CF:08:46:FB:41:DE:7B:09:08:FB:5F:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RbmFSwRFlObPCEb7Qd57CQj7X3I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/5e6116-56e6-4c1d-9683-4b22fc5184a2/1/vPo0e3O-gspxqeAnApEedJ5mrG4.roa
Signing time: Sat 01 Jan 2022 09:57:35 +0000
ROA not before: Sat 01 Jan 2022 09:57:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24679
IP address blocks: 217.175.224.0/19 maxlen: 24
195.47.229.0/24 maxlen: 24
193.201.52.0/22 maxlen: 24
81.3.0.0/18 maxlen: 24
83.246.0.0/17 maxlen: 24
193.238.228.0/22 maxlen: 24
217.195.32.0/20 maxlen: 24
2a02:790::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 881831260 (0x348fad5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45b9854b044594e6cf0846fb41de7b0908fb5f72
Validity
Not Before: Jan 1 09:57:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bcfa347b73be82ca71a9e02702911e749e66ac6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:1d:15:e3:9b:27:7b:ea:c0:4c:e8:f5:f8:66:
94:50:18:88:b7:fb:27:f0:f2:bd:72:c9:74:5e:c6:
ae:f7:66:55:bc:e4:91:cb:5c:51:08:a5:dd:d1:75:
07:5e:0a:f5:f9:10:50:ca:cf:47:7c:93:5a:ac:15:
04:07:71:ec:9d:52:61:f8:4e:38:42:42:74:0f:6c:
dc:eb:11:2c:2b:1a:69:de:96:67:8e:2c:2e:22:f1:
c4:d3:80:cf:8b:29:75:15:aa:8c:25:36:81:f2:bc:
26:19:e8:37:89:c6:44:de:9b:ca:f3:12:af:2b:e7:
b1:3d:50:40:70:49:20:fe:0e:83:67:d6:7b:f1:b5:
79:73:1c:2f:c5:6e:07:a3:61:90:00:4d:25:44:4b:
03:a7:16:87:a2:ef:dd:9f:a3:4b:dc:5a:d2:08:1e:
cf:d2:fc:d3:25:73:fa:0d:45:bd:a3:5c:57:66:28:
a5:98:5b:1e:5d:0b:2b:99:30:4e:27:bc:46:4b:a2:
c2:22:7e:ea:3e:d5:53:6a:e8:dc:e6:4b:d3:b0:4d:
f4:a6:0c:7e:62:a1:19:d9:c2:68:ea:ab:4a:94:b8:
35:2f:c8:e5:8c:20:d7:dd:fd:29:22:61:52:ca:87:
44:06:23:65:06:e5:84:b4:6d:6c:a2:eb:b7:08:0f:
9f:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:FA:34:7B:73:BE:82:CA:71:A9:E0:27:02:91:1E:74:9E:66:AC:6E
X509v3 Authority Key Identifier:
keyid:45:B9:85:4B:04:45:94:E6:CF:08:46:FB:41:DE:7B:09:08:FB:5F:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RbmFSwRFlObPCEb7Qd57CQj7X3I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/5e6116-56e6-4c1d-9683-4b22fc5184a2/1/vPo0e3O-gspxqeAnApEedJ5mrG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/5e6116-56e6-4c1d-9683-4b22fc5184a2/1/RbmFSwRFlObPCEb7Qd57CQj7X3I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.3.0.0/18
83.246.0.0/17
193.201.52.0/22
193.238.228.0/22
195.47.229.0/24
217.175.224.0/19
217.195.32.0/20
IPv6:
2a02:790::/32
Signature Algorithm: sha256WithRSAEncryption
29:0f:9a:53:e0:19:89:90:04:19:80:fe:59:89:40:41:d7:3b:
d2:ce:c0:6f:43:f6:d2:b3:33:ba:8a:77:dd:b1:f9:0d:c2:e1:
48:e1:ce:4b:c4:32:bf:f1:4a:7c:23:4d:f3:54:6b:8b:bf:13:
27:9d:0f:b1:23:b8:c2:60:b4:a2:e1:19:06:32:9f:91:b7:12:
69:3c:58:9d:74:ad:82:3e:f8:91:d0:4b:8a:c2:35:d7:1e:62:
06:77:79:1f:fb:c0:1a:89:41:65:26:f4:3f:a0:88:b0:ab:4f:
0a:fd:63:2e:de:c9:54:b3:33:a9:4d:2a:ee:f3:45:07:47:26:
8a:cd:28:fe:01:8a:e6:71:4e:45:fa:4d:fb:0d:45:77:9e:03:
62:69:b1:45:91:2d:c8:9e:bc:9c:1e:17:84:97:be:da:13:a5:
df:35:7f:a8:e3:fd:16:8f:20:9e:fd:13:bf:c2:76:bf:2c:e1:
ed:05:1b:25:2a:13:cf:42:c3:78:ff:64:12:1e:36:68:b9:23:
95:93:7f:f4:00:9c:b1:65:81:c4:76:e8:65:ed:87:1d:7f:95:
19:f8:38:75:06:35:90:97:ed:3d:2d:95:c9:ff:6d:0f:02:2b:
b2:69:7e:75:72:ad:75:29:b8:2c:b3:6f:c6:8a:5b:39:ef:8d:
11:25:ca:30
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIENI+tXDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NWI5ODU0YjA0NDU5NGU2Y2YwODQ2ZmI0MWRlN2IwOTA4ZmI1ZjcyMB4XDTIyMDEw
MTA5NTczNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmNmYTM0N2I3M2Jl
ODJjYTcxYTllMDI3MDI5MTFlNzQ5ZTY2YWM2ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALgdFeObJ3vqwEzo9fhmlFAYiLf7J/DyvXLJdF7GrvdmVbzk
kctcUQil3dF1B14K9fkQUMrPR3yTWqwVBAdx7J1SYfhOOEJCdA9s3OsRLCsaad6W
Z44sLiLxxNOAz4spdRWqjCU2gfK8JhnoN4nGRN6byvMSryvnsT1QQHBJIP4Og2fW
e/G1eXMcL8VuB6NhkABNJURLA6cWh6Lv3Z+jS9xa0ggez9L80yVz+g1FvaNcV2Yo
pZhbHl0LK5kwTie8RkuiwiJ+6j7VU2ro3OZL07BN9KYMfmKhGdnCaOqrSpS4NS/I
5Ywg1939KSJhUsqHRAYjZQblhLRtbKLrtwgPnz0CAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBS8+jR7c76CynGp4CcCkR50nmasbjAfBgNVHSMEGDAWgBRFuYVLBEWU5s8I
RvtB3nsJCPtfcjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JibUZTd1JGbE9iUENFYjdRZDU3Q1FqN1gzSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTIvNWU2MTE2LTU2ZTYtNGMxZC05NjgzLTRiMjJmYzUxODRhMi8x
L3ZQbzBlM08tZ3NweHFlQW5BcEVlZEo1bXJHNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIv
NWU2MTE2LTU2ZTYtNGMxZC05NjgzLTRiMjJmYzUxODRhMi8xL1JibUZTd1JGbE9i
UENFYjdRZDU3Q1FqN1gzSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEBlEDAAMEB1P2AAMEAsHJNAMEAsHu
5AMEAMMv5QMEBdmv4AMEBNnDIDANBAIAAjAHAwUAKgIHkDANBgkqhkiG9w0BAQsF
AAOCAQEAKQ+aU+AZiZAEGYD+WYlAQdc70s7Ab0P20rMzuop33bH5DcLhSOHOS8Qy
v/FKfCNN81Rri78TJ50PsSO4wmC0ouEZBjKfkbcSaTxYnXStgj74kdBLisI11x5i
Bnd5H/vAGolBZSb0P6CIsKtPCv1jLt7JVLMzqU0q7vNFB0cmis0o/gGK5nFORfpN
+w1Fd54DYmmxRZEtyJ68nB4XhJe+2hOl3zV/qOP9Fo8gnv0Tv8J2vyzh7QUbJSoT
z0LDeP9kEh42aLkjlZN/9ACcsWWBxHboZe2HHX+VGfg4dQY1kJftPS2Vyf9tDwIr
sml+dXKtdSm4LLNvxopbOe+NESXKMA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:04 2023 by rpki-client on console-ams.rpki-client.org