Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/Vkt81r5dxy6xxNPxFilUt37OK5g.roa
File: Vkt81r5dxy6xxNPxFilUt37OK5g.roa (raw, json)
Hash identifier: +FyozHlwek1oQGi64hmTkv5lR2P0JcBhM3d2mfVm6N8=
Subject key identifier: 56:4B:7C:D6:BE:5D:C7:2E:B1:C4:D3:F1:16:29:54:B7:7E:CE:2B:98
Certificate issuer: /CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Certificate serial: 0184DD0664AFB20555268898D48B542EAA47
Authority key identifier: 9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/Vkt81r5dxy6xxNPxFilUt37OK5g.roa
Signing time: Sun 04 Dec 2022 12:04:54 +0000
ROA not before: Sun 04 Dec 2022 12:04:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9009
IP address blocks: 45.94.136.0/24 maxlen: 24
45.94.137.0/24 maxlen: 24
45.94.138.0/24 maxlen: 24
45.94.139.0/24 maxlen: 24
5.253.184.0/23 maxlen: 23
185.114.204.0/24 maxlen: 24
5.253.187.0/24 maxlen: 24
185.114.206.0/23 maxlen: 23
193.135.220.0/22 maxlen: 22
88.218.196.0/22 maxlen: 22
185.219.160.0/24 maxlen: 24
185.219.163.0/24 maxlen: 24
45.81.161.0/24 maxlen: 24
45.81.162.0/24 maxlen: 24
45.81.163.0/24 maxlen: 24
45.130.33.0/24 maxlen: 24
45.130.34.0/23 maxlen: 23
193.111.184.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:dd:06:64:af:b2:05:55:26:88:98:d4:8b:54:2e:aa:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Validity
Not Before: Dec 4 12:04:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=564b7cd6be5dc72eb1c4d3f1162954b77ece2b98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:00:54:32:a9:16:b7:47:0e:e7:ca:c0:c1:de:
05:91:5e:5f:2f:34:6a:fb:b7:80:ea:d9:b3:07:8e:
38:ca:be:d0:ca:ea:8e:7f:a6:83:46:dd:24:f0:e0:
4d:d4:20:f9:90:78:e0:54:52:7b:63:87:22:99:a0:
ad:bf:8e:9d:7e:56:8f:30:e0:08:5f:65:1e:c3:43:
c5:b4:f1:da:fe:d1:da:d2:28:94:ab:b8:d6:15:89:
f5:3e:60:37:3b:1f:84:8b:ff:3b:22:97:b3:84:88:
aa:9f:5c:52:96:28:e2:0a:12:48:92:a5:2f:17:81:
7f:8e:01:ac:87:33:a2:22:05:65:81:4e:2a:fc:84:
0e:01:18:7d:70:d2:e5:53:76:09:73:a4:cd:00:40:
8d:24:fa:c0:b7:d1:5a:b3:c5:6e:4f:7c:de:36:15:
b6:0b:02:5a:5d:07:91:98:99:d0:eb:bf:b0:05:05:
de:6c:ca:a0:1b:e0:d1:60:42:df:5d:9e:45:27:ee:
8c:ec:3b:60:64:2d:01:86:5a:08:e4:03:7d:e1:95:
72:66:59:ca:cf:88:4b:87:d7:df:b4:55:13:e1:74:
4b:1c:5b:32:cb:bd:bf:77:04:20:7a:55:a4:29:6b:
8e:5b:24:2a:64:74:89:64:23:37:15:65:8d:39:db:
05:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:4B:7C:D6:BE:5D:C7:2E:B1:C4:D3:F1:16:29:54:B7:7E:CE:2B:98
X509v3 Authority Key Identifier:
keyid:9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/Vkt81r5dxy6xxNPxFilUt37OK5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.184.0/23
5.253.187.0/24
45.81.161.0-45.81.163.255
45.94.136.0/22
45.130.33.0-45.130.35.255
88.218.196.0/22
185.114.204.0/24
185.114.206.0/23
185.219.160.0/24
185.219.163.0/24
193.111.184.0/22
193.135.220.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:de:09:47:af:6b:d8:50:51:bd:fa:29:c0:37:38:10:72:ea:
f7:b4:ba:8b:a8:e4:bf:9c:5b:52:2c:7b:4b:9f:73:2e:fa:53:
0b:0b:89:0a:fc:11:11:de:b9:b3:01:db:7e:4e:da:cc:0f:e2:
a0:f8:84:b5:39:fe:01:f6:86:d3:4f:c0:89:84:03:99:95:a5:
c8:5c:0c:9a:59:47:99:0c:8d:e3:9a:c4:bd:24:b2:e4:15:b2:
22:7a:91:70:1a:05:ca:e6:03:b0:fe:06:e6:18:ae:1f:a9:fb:
91:7b:2a:4b:4e:38:25:ad:7e:86:fa:30:94:27:f4:83:90:62:
0d:2f:f4:f8:8a:94:1e:01:50:43:55:af:0d:c3:1d:39:c1:2d:
31:41:0e:56:29:fc:8e:ed:ba:ee:4d:ed:26:93:81:5c:2d:3c:
5a:92:59:2f:0e:5d:64:8d:e6:10:1d:51:f0:3b:7e:b9:2a:d6:
85:5c:7b:9d:35:3b:3b:bd:56:af:dc:ae:f2:4d:88:df:76:1e:
2a:86:1c:2e:ab:44:b9:27:0a:52:e4:2c:16:4e:53:fe:a1:53:
a6:5f:c4:16:5c:03:e8:74:8d:c4:91:bd:89:d0:1a:ab:29:0b:
93:77:ff:26:e4:89:28:4d:29:97:ee:df:5d:16:43:3a:9e:61:
4a:74:bb:f6
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYTdBmSvsgVVJoiY1ItULqpHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYjI1Y2U1NTBlNGQ5YmRhMDViZDVkNDVjOGI2YmEzNzQz
MGJiYmEwHhcNMjIxMjA0MTIwNDU0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjRiN2NkNmJlNWRjNzJlYjFjNGQzZjExNjI5NTRiNzdlY2UyYjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQBUMqkWt0cO58rAwd4FkV5fLzRq
+7eA6tmzB444yr7QyuqOf6aDRt0k8OBN1CD5kHjgVFJ7Y4cimaCtv46dflaPMOAI
X2Uew0PFtPHa/tHa0iiUq7jWFYn1PmA3Ox+Ei/87IpezhIiqn1xSlijiChJIkqUv
F4F/jgGshzOiIgVlgU4q/IQOARh9cNLlU3YJc6TNAECNJPrAt9Fas8VuT3zeNhW2
CwJaXQeRmJnQ67+wBQXebMqgG+DRYELfXZ5FJ+6M7DtgZC0BhloI5AN94ZVyZlnK
z4hLh9fftFUT4XRLHFsyy72/dwQgelWkKWuOWyQqZHSJZCM3FWWNOdsFzwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFFZLfNa+XccuscTT8RYpVLd+ziuYMB8GA1UdIwQY
MBaAFJyyXOVQ5Nm9oFvV1FyLa6N0MLu6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYt
YmU0NWYwZDJhYmJiLzEvVmt0ODFyNWR4eTZ4eE5QeEZpbFV0MzdPSzVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYtYmU0NWYwZDJhYmJi
LzEvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQBBf24AwQA
Bf27MAwDBAAtUaEDBAItUaADBAItXogwDAMEAC2CIQMEAi2CIAMEAljaxAMEALly
zAMEAblyzgMEALnboAMEALnbowMEAsFvuAMEAsGH3DANBgkqhkiG9w0BAQsFAAOC
AQEATt4JR69r2FBRvfopwDc4EHLq97S6i6jkv5xbUix7S59zLvpTCwuJCvwREd65
swHbfk7azA/ioPiEtTn+AfaG00/AiYQDmZWlyFwMmllHmQyN45rEvSSy5BWyInqR
cBoFyuYDsP4G5hiuH6n7kXsqS044Ja1+hvowlCf0g5BiDS/0+IqUHgFQQ1WvDcMd
OcEtMUEOVin8ju267k3tJpOBXC08WpJZLw5dZI3mEB1R8Dt+uSrWhVx7nTU7O71W
r9yu8k2I33YeKoYcLqtEuScKUuQsFk5T/qFTpl/EFlwD6HSNxJG9idAaqykLk3f/
JuSJKE0pl+7fXRZDOp5hSnS79g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:39 2023 by rpki-client on console-ams.rpki-client.org