Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/vYZN7-HqDX5Xm2ADu3EF8xuYZoc.roa
File: vYZN7-HqDX5Xm2ADu3EF8xuYZoc.roa (raw, json)
Hash identifier: Fq3pOEbzUgS50LiGDvQzI50Q+VKFYmqAl/RB7vJ53Fk=
Subject key identifier: BD:86:4D:EF:E1:EA:0D:7E:57:9B:60:03:BB:71:05:F3:1B:98:66:87
Certificate issuer: /CN=1e14eb1eef66c2d349f3f7d7bafa68e49fbfec9c
Certificate serial: 018200E20A81F6B1F8D8F74832F3B574C57B
Authority key identifier: 1E:14:EB:1E:EF:66:C2:D3:49:F3:F7:D7:BA:FA:68:E4:9F:BF:EC:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/vYZN7-HqDX5Xm2ADu3EF8xuYZoc.roa
Signing time: Fri 15 Jul 2022 08:03:09 +0000
ROA not before: Fri 15 Jul 2022 08:03:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210421
IP address blocks: 91.193.167.0/24 maxlen: 24
94.45.129.0/24 maxlen: 24
94.45.139.0/24 maxlen: 24
94.45.136.0/24 maxlen: 24
94.45.142.0/24 maxlen: 24
94.45.152.0/22 maxlen: 24
94.45.146.0/23 maxlen: 24
94.45.148.0/23 maxlen: 24
94.45.156.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:00:e2:0a:81:f6:b1:f8:d8:f7:48:32:f3:b5:74:c5:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e14eb1eef66c2d349f3f7d7bafa68e49fbfec9c
Validity
Not Before: Jul 15 08:03:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bd864defe1ea0d7e579b6003bb7105f31b986687
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ad:ca:e7:e9:f0:2a:96:80:27:6a:06:ef:3b:
ca:bd:2d:6f:e0:99:83:71:26:66:00:e5:29:5d:53:
fa:cd:ef:bf:f9:f4:40:25:73:44:43:0a:9b:a3:ec:
e3:97:d7:90:e9:5e:03:46:dd:34:ba:2e:57:e6:29:
65:72:5d:db:91:93:a6:c2:71:f7:70:fe:c9:b0:68:
5b:65:92:a8:fb:45:3a:96:1d:4e:f8:56:06:4f:7b:
9d:a4:0d:c5:f5:5a:55:03:4b:f3:9e:08:97:47:31:
f5:69:42:6b:86:b2:87:a1:3e:c9:d8:79:d7:74:6e:
7c:e1:b5:28:78:af:7e:a9:56:19:e1:30:77:66:f9:
64:36:08:79:8c:c8:0b:a8:3e:8d:dd:08:76:bc:c4:
80:ea:31:6a:76:a5:2d:a4:c5:80:f2:a9:69:f9:09:
60:5f:aa:f3:7c:3e:48:ee:da:0f:a3:20:c5:0c:4c:
7e:2a:53:1e:20:c1:d6:c0:c4:ac:be:9f:c6:75:b2:
7e:b7:1e:6f:1a:bb:94:27:44:1a:10:8f:7a:ec:88:
7a:62:a7:69:36:8c:5f:51:ba:aa:88:35:1e:a2:fb:
a4:ef:9a:3e:e8:aa:e5:a7:cd:08:05:f7:45:d9:29:
57:b3:a7:f9:a2:ab:2a:af:20:c0:ab:6f:fd:85:a9:
c3:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:86:4D:EF:E1:EA:0D:7E:57:9B:60:03:BB:71:05:F3:1B:98:66:87
X509v3 Authority Key Identifier:
keyid:1E:14:EB:1E:EF:66:C2:D3:49:F3:F7:D7:BA:FA:68:E4:9F:BF:EC:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/vYZN7-HqDX5Xm2ADu3EF8xuYZoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.167.0/24
94.45.129.0/24
94.45.136.0/24
94.45.139.0/24
94.45.142.0/24
94.45.146.0-94.45.149.255
94.45.152.0-94.45.157.255
Signature Algorithm: sha256WithRSAEncryption
8a:49:f4:a9:fa:97:83:8c:b3:1c:96:c7:2c:a4:af:0b:86:ab:
f9:b8:54:4a:f7:da:e5:4a:74:da:b3:04:01:9d:05:ef:dd:f2:
04:de:cc:90:13:95:3a:52:26:04:64:97:05:05:5c:c4:77:c8:
75:6e:1f:c7:7b:91:88:e8:9c:0f:ab:56:62:7c:00:46:b6:e8:
3f:66:f3:7c:6f:c8:14:3c:c5:11:b6:f4:07:54:23:48:a4:ea:
17:3f:d6:e0:3d:bd:0a:af:2a:c6:92:53:ce:60:be:7b:ff:97:
6a:6f:0e:31:72:84:ac:05:7f:d4:c2:6f:e7:20:d8:0a:0d:43:
3f:56:f6:66:b7:8b:40:cc:62:d6:a2:db:84:d9:6f:59:8e:d9:
60:32:c3:ee:2c:54:7f:5d:d4:8f:ee:0e:0c:d6:8d:a9:b4:b4:
06:7f:bc:7c:8f:ef:f5:fd:9f:9b:82:fd:40:ec:f6:6f:a7:2c:
09:1a:e8:ef:cb:54:60:0c:66:4c:11:9b:4d:5a:0f:ea:f4:52:
93:bb:85:95:1d:51:77:03:fb:24:92:50:b5:d1:f4:12:be:09:
39:37:86:e5:99:cf:67:c4:c6:63:4b:77:0c:86:cc:08:c2:f3:
f7:12:13:16:a4:af:d6:af:36:b8:20:c9:d5:2b:f2:ee:8a:24:
e1:7f:ec:46
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYIA4gqB9rH42PdIMvO1dMV7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMTRlYjFlZWY2NmMyZDM0OWYzZjdkN2JhZmE2OGU0OWZi
ZmVjOWMwHhcNMjIwNzE1MDgwMzA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDg2NGRlZmUxZWEwZDdlNTc5YjYwMDNiYjcxMDVmMzFiOTg2Njg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwK3K5+nwKpaAJ2oG7zvKvS1v4JmD
cSZmAOUpXVP6ze+/+fRAJXNEQwqbo+zjl9eQ6V4DRt00ui5X5illcl3bkZOmwnH3
cP7JsGhbZZKo+0U6lh1O+FYGT3udpA3F9VpVA0vzngiXRzH1aUJrhrKHoT7J2HnX
dG584bUoeK9+qVYZ4TB3ZvlkNgh5jMgLqD6N3Qh2vMSA6jFqdqUtpMWA8qlp+Qlg
X6rzfD5I7toPoyDFDEx+KlMeIMHWwMSsvp/GdbJ+tx5vGruUJ0QaEI967Ih6Yqdp
NoxfUbqqiDUeovuk75o+6Krlp80IBfdF2SlXs6f5oqsqryDAq2/9hanDlQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFL2GTe/h6g1+V5tgA7txBfMbmGaHMB8GA1UdIwQY
MBaAFB4U6x7vZsLTSfP317r6aOSfv+ycMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGhUckh1OW13dE5KOF9mWHV2cG81Si1fN0p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8zMzNhYjEtYWY5Yi00MzRjLThkMTMt
OWNhOThmNDk1MGNmLzEvdllaTjctSHFEWDVYbTJBRHUzRUY4eHVZWm9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8zMzNhYjEtYWY5Yi00MzRjLThkMTMtOWNhOThmNDk1MGNm
LzEvSGhUckh1OW13dE5KOF9mWHV2cG81Si1fN0p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQAW8GnAwQA
Xi2BAwQAXi2IAwQAXi2LAwQAXi2OMAwDBAFeLZIDBAFeLZQwDAMEA14tmAMEAV4t
nDANBgkqhkiG9w0BAQsFAAOCAQEAikn0qfqXg4yzHJbHLKSvC4ar+bhUSvfa5Up0
2rMEAZ0F793yBN7MkBOVOlImBGSXBQVcxHfIdW4fx3uRiOicD6tWYnwARrboP2bz
fG/IFDzFEbb0B1QjSKTqFz/W4D29Cq8qxpJTzmC+e/+Xam8OMXKErAV/1MJv5yDY
Cg1DP1b2ZreLQMxi1qLbhNlvWY7ZYDLD7ixUf13Uj+4ODNaNqbS0Bn+8fI/v9f2f
m4L9QOz2b6csCRro78tUYAxmTBGbTVoP6vRSk7uFlR1RdwP7JJJQtdH0Er4JOTeG
5ZnPZ8TGY0t3DIbMCMLz9xITFqSv1q82uCDJ1Svy7ook4X/sRg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:06 2023 by rpki-client on console-ams.rpki-client.org