Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/87b768-1545-494a-84f9-1cf50a536026/1/vPMqB4F0PxIKWzrTKwmAU0hueCY.roa
File: vPMqB4F0PxIKWzrTKwmAU0hueCY.roa (raw, json)
Hash identifier: nPwadVfqTI7S8ypj3YHfL5Jw6XN7cCTLOihZHjAXaN4=
Subject key identifier: BC:F3:2A:07:81:74:3F:12:0A:5B:3A:D3:2B:09:80:53:48:6E:78:26
Certificate issuer: /CN=a7967d76c2d46720d4cfac0459fa3c3d22005044
Certificate serial: 01856F020A1415B93FCA548B9BC82AF0FCD3
Authority key identifier: A7:96:7D:76:C2:D4:67:20:D4:CF:AC:04:59:FA:3C:3D:22:00:50:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p5Z9dsLUZyDUz6wEWfo8PSIAUEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/87b768-1545-494a-84f9-1cf50a536026/1/vPMqB4F0PxIKWzrTKwmAU0hueCY.roa
Signing time: Sun 01 Jan 2023 20:24:42 +0000
ROA not before: Sun 01 Jan 2023 20:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39422
IP address blocks: 176.108.232.0/21 maxlen: 21
176.108.232.0/22 maxlen: 22
176.108.236.0/22 maxlen: 22
176.108.236.0/24 maxlen: 24
195.182.203.0/24 maxlen: 24
195.182.202.0/24 maxlen: 24
195.182.202.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:0a:14:15:b9:3f:ca:54:8b:9b:c8:2a:f0:fc:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7967d76c2d46720d4cfac0459fa3c3d22005044
Validity
Not Before: Jan 1 20:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bcf32a0781743f120a5b3ad32b098053486e7826
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:4a:54:b5:25:f7:29:a3:3a:9f:18:2e:d8:a7:
12:46:4e:ca:46:7d:c9:aa:c7:f5:fa:cd:0f:c8:71:
d5:89:d5:87:42:39:45:6a:6f:2d:28:b1:71:59:25:
75:ca:c7:61:2d:6c:9b:5c:29:ee:7e:30:98:e1:bc:
95:bc:b6:79:1e:ce:2a:28:8c:b4:96:78:67:f9:2f:
07:fa:38:c0:ff:8c:b6:85:85:d0:7f:56:cd:fb:bc:
9f:32:d2:36:74:8c:36:e8:d2:f2:bf:2f:c2:5c:e1:
d1:55:cd:cb:f5:af:16:9a:87:87:79:37:c2:05:38:
94:47:b1:26:a3:82:25:6e:a3:48:dd:fd:9d:d5:75:
1b:92:65:67:44:8d:bd:70:17:22:0e:ba:f1:d5:13:
6b:84:6e:3e:38:6c:0a:5c:cb:13:96:77:ac:84:77:
12:38:d5:07:60:c1:93:0c:05:27:59:24:87:2e:a8:
ca:96:a4:99:50:f0:65:8a:4d:85:e7:aa:e8:d0:db:
15:a6:a3:0f:a6:44:06:6f:96:f4:45:a9:e9:45:28:
f9:5e:09:e9:2e:9c:0e:45:13:48:57:9a:3f:bf:e4:
cc:76:10:43:5f:cd:2c:44:9e:f3:75:51:3e:3c:a9:
00:85:b0:81:a9:7b:3c:3f:29:83:6b:c6:29:b3:dd:
45:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:F3:2A:07:81:74:3F:12:0A:5B:3A:D3:2B:09:80:53:48:6E:78:26
X509v3 Authority Key Identifier:
keyid:A7:96:7D:76:C2:D4:67:20:D4:CF:AC:04:59:FA:3C:3D:22:00:50:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p5Z9dsLUZyDUz6wEWfo8PSIAUEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/87b768-1545-494a-84f9-1cf50a536026/1/vPMqB4F0PxIKWzrTKwmAU0hueCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/87b768-1545-494a-84f9-1cf50a536026/1/p5Z9dsLUZyDUz6wEWfo8PSIAUEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.108.232.0/21
195.182.202.0/23
Signature Algorithm: sha256WithRSAEncryption
d2:ab:3c:0a:c6:12:7a:4d:48:fd:31:a0:60:81:a1:dd:db:c7:
21:53:f4:e9:18:c2:e4:40:d2:30:a6:94:4b:1f:c1:65:04:1f:
40:1e:cf:0b:37:e2:05:8a:c4:c1:4a:6c:ca:9f:7d:54:19:93:
77:2a:52:ad:c3:ef:09:ae:80:f8:34:91:df:c1:9a:77:99:0a:
e8:f2:4f:73:73:11:03:7c:f8:c7:72:9f:9b:12:09:40:7e:1c:
d5:fb:97:ee:06:85:a3:02:93:e8:c6:5d:db:73:80:13:56:33:
4f:77:62:8d:f5:ee:a3:1b:38:41:b3:13:05:b6:f0:13:81:9c:
4e:c6:e4:cf:37:7f:98:d0:4c:05:31:52:69:f1:a1:71:eb:6d:
5b:bb:36:54:d5:75:1b:71:a0:b2:aa:fc:ce:fe:9a:29:61:0f:
b4:fe:e6:3d:7f:04:0f:db:1c:66:ee:6a:35:98:89:13:d2:f5:
43:6f:a5:77:a8:e6:0d:38:83:b7:4a:76:f1:2f:28:0e:a5:fa:
0d:be:43:9a:f7:a5:b7:5b:f8:ea:bb:b1:8d:ed:38:d0:d5:e0:
22:bc:db:ce:ec:f4:04:6b:b3:61:fc:d6:24:d6:03:9c:09:ac:
e8:f2:38:0d:81:0b:0d:94:b9:99:7b:38:b3:e9:69:85:89:f5:
3a:7c:66:c8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvAgoUFbk/ylSLm8gq8PzTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3OTY3ZDc2YzJkNDY3MjBkNGNmYWMwNDU5ZmEzYzNkMjIw
MDUwNDQwHhcNMjMwMTAxMjAyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2YzMmEwNzgxNzQzZjEyMGE1YjNhZDMyYjA5ODA1MzQ4NmU3ODI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0pUtSX3KaM6nxgu2KcSRk7KRn3J
qsf1+s0PyHHVidWHQjlFam8tKLFxWSV1ysdhLWybXCnufjCY4byVvLZ5Hs4qKIy0
lnhn+S8H+jjA/4y2hYXQf1bN+7yfMtI2dIw26NLyvy/CXOHRVc3L9a8WmoeHeTfC
BTiUR7Emo4IlbqNI3f2d1XUbkmVnRI29cBciDrrx1RNrhG4+OGwKXMsTlneshHcS
ONUHYMGTDAUnWSSHLqjKlqSZUPBlik2F56ro0NsVpqMPpkQGb5b0RanpRSj5Xgnp
LpwORRNIV5o/v+TMdhBDX80sRJ7zdVE+PKkAhbCBqXs8PymDa8Yps91FOwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLzzKgeBdD8SCls60ysJgFNIbngmMB8GA1UdIwQY
MBaAFKeWfXbC1Gcg1M+sBFn6PD0iAFBEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDVaOWRzTFVaeURVejZ3RVdmbzhQU0lBVUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS84N2I3NjgtMTU0NS00OTRhLTg0Zjkt
MWNmNTBhNTM2MDI2LzEvdlBNcUI0RjBQeElLV3pyVEt3bUFVMGh1ZUNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS84N2I3NjgtMTU0NS00OTRhLTg0ZjktMWNmNTBhNTM2MDI2
LzEvcDVaOWRzTFVaeURVejZ3RVdmbzhQU0lBVUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDsGzoAwQB
w7bKMA0GCSqGSIb3DQEBCwUAA4IBAQDSqzwKxhJ6TUj9MaBggaHd28chU/TpGMLk
QNIwppRLH8FlBB9AHs8LN+IFisTBSmzKn31UGZN3KlKtw+8JroD4NJHfwZp3mQro
8k9zcxEDfPjHcp+bEglAfhzV+5fuBoWjApPoxl3bc4ATVjNPd2KN9e6jGzhBsxMF
tvATgZxOxuTPN3+Y0EwFMVJp8aFx621buzZU1XUbcaCyqvzO/popYQ+0/uY9fwQP
2xxm7mo1mIkT0vVDb6V3qOYNOIO3SnbxLygOpfoNvkOa96W3W/jqu7GN7TjQ1eAi
vNvO7PQEa7Nh/NYk1gOcCazo8jgNgQsNlLmZeziz6WmFifU6fGbI
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:35 2025 by rpki-client