Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/6670f9-418e-4275-8000-a29eb139e79d/1/vhF7Cjd52Rj2o7iTuFoXbi9vh1E.roa
File: vhF7Cjd52Rj2o7iTuFoXbi9vh1E.roa (raw, json)
Hash identifier: khSOOD6N6GiKttQMnXFz4nTWHrs7wiHIVeY6A2zLcF0=
Subject key identifier: BE:11:7B:0A:37:79:D9:18:F6:A3:B8:93:B8:5A:17:6E:2F:6F:87:51
Certificate issuer: /CN=24cacceee35ff87cd678ef6a92262cefce8492df
Certificate serial: 0184B4B6E86332C2E32BA8484537D6D04155
Authority key identifier: 24:CA:CC:EE:E3:5F:F8:7C:D6:78:EF:6A:92:26:2C:EF:CE:84:92:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JMrM7uNf-HzWeO9qkiYs786Ekt8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/6670f9-418e-4275-8000-a29eb139e79d/1/vhF7Cjd52Rj2o7iTuFoXbi9vh1E.roa
Signing time: Sat 26 Nov 2022 16:13:16 +0000
ROA not before: Sat 26 Nov 2022 16:13:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48944
IP address blocks: 109.72.192.0/21 maxlen: 21
109.72.192.0/20 maxlen: 20
109.238.176.0/20 maxlen: 20
109.72.200.0/21 maxlen: 21
109.238.184.0/24 maxlen: 24
185.246.4.0/22 maxlen: 22
5.23.112.0/21 maxlen: 21
176.67.64.0/20 maxlen: 20
185.11.176.0/22 maxlen: 22
95.130.58.0/24 maxlen: 24
95.130.57.0/24 maxlen: 24
95.130.56.0/24 maxlen: 24
95.130.56.0/21 maxlen: 21
95.130.59.0/24 maxlen: 24
95.130.63.0/24 maxlen: 24
95.130.62.0/24 maxlen: 24
95.130.61.0/24 maxlen: 24
95.130.60.0/24 maxlen: 24
2a02:d2c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:b4:b6:e8:63:32:c2:e3:2b:a8:48:45:37:d6:d0:41:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24cacceee35ff87cd678ef6a92262cefce8492df
Validity
Not Before: Nov 26 16:13:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=be117b0a3779d918f6a3b893b85a176e2f6f8751
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:9e:70:5c:4c:77:a4:c1:ba:ca:14:0d:fd:e4:
38:61:5a:bf:e6:22:37:0e:13:dd:92:1f:f5:5d:22:
d5:1e:fb:97:51:c4:39:13:98:0c:c5:72:99:5e:ae:
99:23:ed:55:0a:93:b4:2e:ed:90:a2:40:c3:6c:b3:
c3:b2:18:ad:db:46:1c:dc:09:bf:ff:a3:50:cf:86:
5f:34:ae:71:61:b5:34:5e:d1:b3:f8:31:37:de:67:
cd:e8:46:65:aa:90:80:45:ab:23:97:a3:52:dc:e4:
16:a2:d5:dd:53:9e:95:78:f6:0f:6a:ce:65:87:21:
7f:12:a9:22:05:2d:2d:e3:df:6f:ed:14:00:00:b4:
e4:85:49:cd:ca:a9:fa:fd:79:a2:c1:61:5d:ab:af:
b1:ab:67:13:0d:65:21:cd:9d:aa:ab:0e:ab:85:ff:
38:f2:1c:d9:37:58:4b:df:e0:46:ea:8d:4c:24:61:
a7:ef:24:af:ed:85:9e:8f:0b:c9:43:bd:36:c7:72:
60:ff:c3:25:08:3b:9a:93:7f:b7:75:ad:de:31:6f:
ff:e3:73:37:01:9d:7c:a8:53:26:a6:6f:13:fe:5a:
d4:5b:6f:01:dc:df:91:24:32:ea:34:2b:c6:d9:6a:
7e:78:72:18:e3:88:06:0d:f0:e3:24:c1:81:ad:4c:
59:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:11:7B:0A:37:79:D9:18:F6:A3:B8:93:B8:5A:17:6E:2F:6F:87:51
X509v3 Authority Key Identifier:
keyid:24:CA:CC:EE:E3:5F:F8:7C:D6:78:EF:6A:92:26:2C:EF:CE:84:92:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JMrM7uNf-HzWeO9qkiYs786Ekt8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/6670f9-418e-4275-8000-a29eb139e79d/1/vhF7Cjd52Rj2o7iTuFoXbi9vh1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/6670f9-418e-4275-8000-a29eb139e79d/1/JMrM7uNf-HzWeO9qkiYs786Ekt8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.23.112.0/21
95.130.56.0/21
109.72.192.0/20
109.238.176.0/20
176.67.64.0/20
185.11.176.0/22
185.246.4.0/22
IPv6:
2a02:d2c0::/29
Signature Algorithm: sha256WithRSAEncryption
21:e0:82:fb:8c:1a:0e:4c:3a:45:b1:86:69:98:f3:23:e9:f0:
5e:7b:f3:1e:5f:30:4b:66:b0:5e:83:11:90:2e:af:a8:2f:fc:
a0:95:c6:34:84:8d:08:94:66:51:53:3e:ee:d9:06:c0:e2:01:
3b:40:42:c0:51:b1:5d:72:2e:37:e9:34:15:9b:2a:9a:06:d9:
61:6c:04:b1:ef:ba:3d:e6:df:6f:2d:f6:79:85:13:c8:f4:d6:
e5:af:71:9f:9b:a3:12:58:62:35:51:13:fe:94:ef:1a:58:2e:
09:ea:46:0d:13:60:95:7a:4f:bf:8e:19:86:a1:9a:d3:23:08:
23:e6:39:45:e5:d2:75:53:88:64:bb:b2:5f:67:58:b7:35:bb:
af:c8:df:7d:05:e3:4a:d2:9f:f5:ce:56:3e:ec:12:e1:f8:e8:
af:8d:e4:fd:86:68:da:9d:9c:13:26:ee:38:82:0a:44:6f:fa:
8e:10:03:2e:2b:56:8f:a9:e7:d8:62:5d:11:7b:c7:22:6a:94:
6e:93:de:02:12:7b:e6:b2:88:66:2d:45:b7:c6:bd:84:7f:5c:
93:3e:21:45:10:a1:a0:64:27:98:04:e1:da:68:87:20:36:97:
3a:ca:35:05:ef:7c:fa:ad:7c:1c:6b:6b:0f:74:e5:53:b0:a5:
48:20:24:e6
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYS0tuhjMsLjK6hIRTfW0EFVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0Y2FjY2VlZTM1ZmY4N2NkNjc4ZWY2YTkyMjYyY2VmY2U4
NDkyZGYwHhcNMjIxMTI2MTYxMzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTExN2IwYTM3NzlkOTE4ZjZhM2I4OTNiODVhMTc2ZTJmNmY4NzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZ5wXEx3pMG6yhQN/eQ4YVq/5iI3
DhPdkh/1XSLVHvuXUcQ5E5gMxXKZXq6ZI+1VCpO0Lu2QokDDbLPDshit20Yc3Am/
/6NQz4ZfNK5xYbU0XtGz+DE33mfN6EZlqpCARasjl6NS3OQWotXdU56VePYPas5l
hyF/EqkiBS0t499v7RQAALTkhUnNyqn6/XmiwWFdq6+xq2cTDWUhzZ2qqw6rhf84
8hzZN1hL3+BG6o1MJGGn7ySv7YWejwvJQ702x3Jg/8MlCDuak3+3da3eMW//43M3
AZ18qFMmpm8T/lrUW28B3N+RJDLqNCvG2Wp+eHIY44gGDfDjJMGBrUxZXwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFL4Rewo3edkY9qO4k7haF24vb4dRMB8GA1UdIwQY
MBaAFCTKzO7jX/h81njvapImLO/OhJLfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk1yTTd1TmYtSHpXZU85cWtpWXM3ODZFa3Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy82NjcwZjktNDE4ZS00Mjc1LTgwMDAt
YTI5ZWIxMzllNzlkLzEvdmhGN0NqZDUyUmoybzdpVHVGb1hiaTl2aDFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy82NjcwZjktNDE4ZS00Mjc1LTgwMDAtYTI5ZWIxMzllNzlk
LzEvSk1yTTd1TmYtSHpXZU85cWtpWXM3ODZFa3Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDBRdwAwQD
X4I4AwQEbUjAAwQEbe6wAwQEsENAAwQCuQuwAwQCufYEMA0EAgACMAcDBQMqAtLA
MA0GCSqGSIb3DQEBCwUAA4IBAQAh4IL7jBoOTDpFsYZpmPMj6fBee/MeXzBLZrBe
gxGQLq+oL/yglcY0hI0IlGZRUz7u2QbA4gE7QELAUbFdci436TQVmyqaBtlhbASx
77o95t9vLfZ5hRPI9Nblr3Gfm6MSWGI1URP+lO8aWC4J6kYNE2CVek+/jhmGoZrT
Iwgj5jlF5dJ1U4hku7JfZ1i3NbuvyN99BeNK0p/1zlY+7BLh+OivjeT9hmjanZwT
Ju44ggpEb/qOEAMuK1aPqefYYl0Re8ciapRuk94CEnvmsohmLUW3xr2Ef1yTPiFF
EKGgZCeYBOHaaIcgNpc6yjUF73z6rXwca2sPdOVTsKVIICTm
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:00 2024 by rpki-client on console-ams.rpki-client.org