Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/c71fde-3ef2-4bf7-8641-12719c261cc0/1/vXGDxFT1Q1eWNuXAW6frLQVWPAs.roa
File: vXGDxFT1Q1eWNuXAW6frLQVWPAs.roa (raw, json)
Hash identifier: QSxuQEe1vz22d3WQbneHrssVjvsKfLwM6dMd50z+XWw=
Subject key identifier: BD:71:83:C4:54:F5:43:57:96:36:E5:C0:5B:A7:EB:2D:05:56:3C:0B
Certificate issuer: /CN=145ceb292089e0df75719db3e96c509754f94837
Certificate serial: 01856D4AA88607EFB2D802C2D7068B5CA3EC
Authority key identifier: 14:5C:EB:29:20:89:E0:DF:75:71:9D:B3:E9:6C:50:97:54:F9:48:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FFzrKSCJ4N91cZ2z6WxQl1T5SDc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/c71fde-3ef2-4bf7-8641-12719c261cc0/1/vXGDxFT1Q1eWNuXAW6frLQVWPAs.roa
Signing time: Sun 01 Jan 2023 12:24:47 +0000
ROA not before: Sun 01 Jan 2023 12:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49028
IP address blocks: 193.203.52.0/22 maxlen: 22
185.252.236.0/22 maxlen: 22
185.252.236.0/24 maxlen: 24
185.252.237.0/24 maxlen: 24
45.151.9.0/24 maxlen: 24
185.252.238.0/24 maxlen: 24
45.151.10.0/24 maxlen: 24
185.252.239.0/24 maxlen: 24
2.59.188.0/22 maxlen: 22
2a0c:2dc0::/29 maxlen: 29
2a09:f7c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:a8:86:07:ef:b2:d8:02:c2:d7:06:8b:5c:a3:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=145ceb292089e0df75719db3e96c509754f94837
Validity
Not Before: Jan 1 12:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd7183c454f543579636e5c05ba7eb2d05563c0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:18:8f:7a:e0:f7:ab:94:33:72:c2:7c:f6:a2:
b9:a1:a6:42:24:2a:55:bc:cf:76:3e:b5:02:00:15:
ec:2d:09:b1:22:d5:b8:e1:05:0f:a0:ad:63:30:cd:
42:cb:79:23:02:6b:bf:9a:8a:4f:db:0c:b9:14:68:
43:a5:34:aa:4d:45:10:92:4a:83:58:0b:1c:aa:01:
28:97:04:b0:76:41:14:02:74:1c:99:08:72:b5:fd:
9d:fa:2c:a9:22:d0:71:84:84:b7:18:cb:77:7a:e3:
8a:92:2a:3a:e1:82:f8:23:2d:9e:2d:1d:78:b2:9c:
59:ce:d4:28:34:72:56:46:06:81:be:be:9a:a4:2d:
b0:eb:56:f0:cf:4c:c1:83:10:b6:78:07:ba:4f:9e:
26:29:07:98:92:23:c6:52:23:0f:08:9c:ec:d8:7d:
3e:12:db:19:17:02:ec:a8:49:cb:be:3b:0c:70:9d:
e5:f9:a0:96:02:6a:48:e8:7b:3d:de:be:59:1c:4e:
7a:2f:b8:1a:73:6c:2b:b0:2d:41:1c:35:04:24:a1:
3d:e3:80:ee:71:d2:7d:0e:33:2c:7d:79:e1:ee:a9:
5f:6b:58:44:72:0c:76:72:fd:73:3e:cd:e5:0d:0a:
9b:85:8e:f2:55:39:8a:8c:9e:dc:f4:40:7a:b0:53:
7e:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:71:83:C4:54:F5:43:57:96:36:E5:C0:5B:A7:EB:2D:05:56:3C:0B
X509v3 Authority Key Identifier:
keyid:14:5C:EB:29:20:89:E0:DF:75:71:9D:B3:E9:6C:50:97:54:F9:48:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FFzrKSCJ4N91cZ2z6WxQl1T5SDc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/c71fde-3ef2-4bf7-8641-12719c261cc0/1/vXGDxFT1Q1eWNuXAW6frLQVWPAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/c71fde-3ef2-4bf7-8641-12719c261cc0/1/FFzrKSCJ4N91cZ2z6WxQl1T5SDc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.188.0/22
45.151.9.0-45.151.10.255
185.252.236.0/22
193.203.52.0/22
IPv6:
2a09:f7c0::/29
2a0c:2dc0::/29
Signature Algorithm: sha256WithRSAEncryption
79:bd:a3:42:93:51:00:45:2d:2b:f8:58:b0:52:04:70:38:06:
e5:48:d5:7c:0b:d3:2c:a6:ce:52:83:0a:62:df:f5:1f:79:d9:
11:6d:a5:0f:cc:6b:15:f0:36:74:af:ee:27:d4:aa:4d:cb:b8:
7a:ea:f4:04:01:08:92:8f:d0:3d:d8:4d:60:23:7a:90:2b:2f:
0c:78:84:1e:fa:c4:6d:11:66:71:ea:65:56:99:e4:9c:09:72:
a5:fe:7e:4b:4d:86:23:f9:d4:21:a8:3b:c5:19:57:ad:ce:9a:
f8:7b:b9:24:76:92:1e:68:9e:9d:e1:ef:db:04:c3:f2:61:35:
08:9e:0a:66:58:d4:83:a8:6d:de:3d:d7:39:66:3f:e8:a5:3c:
86:3f:5b:a0:53:20:98:9a:69:b7:0c:0b:55:0a:9e:9c:18:03:
81:f4:d0:6f:7a:ee:3b:7f:cf:d3:d5:df:9e:77:53:d1:bb:30:
8c:34:11:56:f4:1d:d2:1b:81:31:5f:bb:91:c3:40:9c:cb:79:
28:a0:d5:24:da:2c:c3:79:b4:f2:4a:79:98:dc:db:b7:3f:7b:
48:90:7a:d7:df:e2:f9:b8:84:0a:d8:a2:19:09:4d:92:6f:fb:
f4:af:08:bd:c5:35:c3:d8:74:29:72:8a:b3:46:f7:f2:0e:72:
5c:da:6b:71
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYVtSqiGB++y2ALC1waLXKPsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0NWNlYjI5MjA4OWUwZGY3NTcxOWRiM2U5NmM1MDk3NTRm
OTQ4MzcwHhcNMjMwMTAxMTIyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDcxODNjNDU0ZjU0MzU3OTYzNmU1YzA1YmE3ZWIyZDA1NTYzYzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1RiPeuD3q5QzcsJ89qK5oaZCJCpV
vM92PrUCABXsLQmxItW44QUPoK1jMM1Cy3kjAmu/mopP2wy5FGhDpTSqTUUQkkqD
WAscqgEolwSwdkEUAnQcmQhytf2d+iypItBxhIS3GMt3euOKkio64YL4Iy2eLR14
spxZztQoNHJWRgaBvr6apC2w61bwz0zBgxC2eAe6T54mKQeYkiPGUiMPCJzs2H0+
EtsZFwLsqEnLvjsMcJ3l+aCWAmpI6Hs93r5ZHE56L7gac2wrsC1BHDUEJKE944Du
cdJ9DjMsfXnh7qlfa1hEcgx2cv1zPs3lDQqbhY7yVTmKjJ7c9EB6sFN+IQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFL1xg8RU9UNXljblwFun6y0FVjwLMB8GA1UdIwQY
MBaAFBRc6ykgieDfdXGds+lsUJdU+Ug3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkZ6cktTQ0o0TjkxY1oyejZXeFFsMVQ1U0RjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9jNzFmZGUtM2VmMi00YmY3LTg2NDEt
MTI3MTljMjYxY2MwLzEvdlhHRHhGVDFRMWVXTnVYQVc2ZnJMUVZXUEFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9jNzFmZGUtM2VmMi00YmY3LTg2NDEtMTI3MTljMjYxY2Mw
LzEvRkZ6cktTQ0o0TjkxY1oyejZXeFFsMVQ1U0RjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAmBAIAATAgAwQCAju8MAwD
BAAtlwkDBAAtlwoDBAK5/OwDBALByzQwFAQCAAIwDgMFAyoJ98ADBQMqDC3AMA0G
CSqGSIb3DQEBCwUAA4IBAQB5vaNCk1EARS0r+FiwUgRwOAblSNV8C9Msps5Sgwpi
3/UfedkRbaUPzGsV8DZ0r+4n1KpNy7h66vQEAQiSj9A92E1gI3qQKy8MeIQe+sRt
EWZx6mVWmeScCXKl/n5LTYYj+dQhqDvFGVetzpr4e7kkdpIeaJ6d4e/bBMPyYTUI
ngpmWNSDqG3ePdc5Zj/opTyGP1ugUyCYmmm3DAtVCp6cGAOB9NBveu47f8/T1d+e
d1PRuzCMNBFW9B3SG4ExX7uRw0Ccy3kooNUk2izDebTySnmY3Nu3P3tIkHrX3+L5
uIQK2KIZCU2Sb/v0rwi9xTXD2HQpcoqzRvfyDnJc2mtx
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:04 2025 by rpki-client