Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/vZViPs2te59sxmyf0YEr7y3x2v8.roa
File: vZViPs2te59sxmyf0YEr7y3x2v8.roa (raw, json)
Hash identifier: AR9dAYzpxplBTuSUEtIFzG4REUkiu2ssuDXu1gOw8vk=
Subject key identifier: BD:95:62:3E:CD:AD:7B:9F:6C:C6:6C:9F:D1:81:2B:EF:2D:F1:DA:FF
Certificate issuer: /CN=a23224c5017d34ecdc28d0cf36442d65bef9e0a0
Certificate serial: 018CB0A64EB69DC1D9D90C4767CC043C2BE2
Authority key identifier: A2:32:24:C5:01:7D:34:EC:DC:28:D0:CF:36:44:2D:65:BE:F9:E0:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ojIkxQF9NOzcKNDPNkQtZb754KA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/vZViPs2te59sxmyf0YEr7y3x2v8.roa
Signing time: Thu 28 Dec 2023 13:38:58 +0000
ROA not before: Thu 28 Dec 2023 13:38:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199493
IP address blocks: 193.221.197.0/24 maxlen: 24
193.221.196.0/22 maxlen: 22
193.221.196.0/23 maxlen: 23
193.221.196.0/24 maxlen: 24
193.221.198.0/23 maxlen: 23
193.221.199.0/24 maxlen: 24
193.221.198.0/24 maxlen: 24
37.220.64.0/24 maxlen: 24
37.220.71.0/24 maxlen: 24
37.220.70.0/24 maxlen: 24
37.220.67.0/24 maxlen: 24
37.220.66.0/24 maxlen: 24
37.220.69.0/24 maxlen: 24
37.220.68.0/24 maxlen: 24
37.220.65.0/24 maxlen: 24
37.220.72.0/24 maxlen: 24
37.220.78.0/24 maxlen: 24
37.220.77.0/24 maxlen: 24
37.220.74.0/24 maxlen: 24
37.220.73.0/24 maxlen: 24
37.220.76.0/24 maxlen: 24
37.220.75.0/24 maxlen: 24
80.243.232.0/22 maxlen: 22
80.243.232.0/23 maxlen: 23
80.243.233.0/24 maxlen: 24
80.243.232.0/24 maxlen: 24
37.220.79.0/24 maxlen: 24
80.243.234.0/23 maxlen: 23
80.243.234.0/24 maxlen: 24
80.243.235.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b0:a6:4e:b6:9d:c1:d9:d9:0c:47:67:cc:04:3c:2b:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a23224c5017d34ecdc28d0cf36442d65bef9e0a0
Validity
Not Before: Dec 28 13:38:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd95623ecdad7b9f6cc66c9fd1812bef2df1daff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:44:f2:43:ad:b2:ca:24:5d:f2:b6:12:be:57:
e4:10:8e:11:3c:00:a5:1c:60:de:30:90:80:95:ef:
5c:f8:79:6f:70:16:89:2a:b5:90:a7:9f:58:38:39:
d3:b5:60:8e:dd:e1:e4:a1:a6:4a:a9:05:4c:c1:8a:
4d:54:50:e7:2e:cf:46:32:01:bf:af:1a:d0:1a:82:
4b:0e:95:2c:bf:ee:be:4e:c3:02:05:ad:a3:de:8c:
5a:7a:ca:c9:63:bf:80:e1:24:a9:7f:23:ab:b7:f2:
86:b6:67:63:e7:bb:4a:05:6a:2e:8b:1b:ec:7d:38:
15:6e:af:86:76:39:11:29:b4:e9:d7:16:c4:77:e0:
da:7b:8c:e2:1c:81:f3:1b:db:d4:7c:bd:d7:50:18:
3f:af:45:fe:54:94:93:36:6a:b9:3d:4b:77:8a:b8:
bf:8d:a0:86:e9:66:ee:d9:ac:2f:39:e7:14:d8:11:
ba:a4:c6:c7:09:a7:ca:e5:c1:84:31:91:f7:e2:a3:
2f:0f:16:79:a9:6a:cb:b9:45:c9:e0:78:05:28:7f:
9b:cf:8b:93:f0:81:5f:7b:be:e1:48:bf:9f:19:5f:
62:1d:b0:3c:9f:73:1a:53:1e:8f:f8:b7:f4:47:ed:
77:96:c8:f6:a1:0c:2b:8b:0a:89:5e:5c:94:3a:5a:
20:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:95:62:3E:CD:AD:7B:9F:6C:C6:6C:9F:D1:81:2B:EF:2D:F1:DA:FF
X509v3 Authority Key Identifier:
keyid:A2:32:24:C5:01:7D:34:EC:DC:28:D0:CF:36:44:2D:65:BE:F9:E0:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ojIkxQF9NOzcKNDPNkQtZb754KA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/vZViPs2te59sxmyf0YEr7y3x2v8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/ojIkxQF9NOzcKNDPNkQtZb754KA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.220.64.0/20
80.243.232.0/22
193.221.196.0/22
Signature Algorithm: sha256WithRSAEncryption
81:a0:c9:bf:ac:12:22:35:48:19:d4:2e:70:45:76:30:6b:30:
38:51:bc:43:21:f5:f3:4b:53:70:8d:b5:c4:7f:2f:36:1d:0c:
a2:17:ba:79:db:ac:6a:eb:ba:75:99:4e:b4:0a:b3:79:b9:d3:
c9:34:7a:f8:0f:f7:9a:0f:1f:bf:7d:d8:43:d1:cc:95:92:9f:
f3:29:36:7c:04:18:34:10:61:20:cd:4e:d6:6d:d5:a1:0c:37:
b2:5d:3a:b9:f8:3f:26:0f:22:2d:80:8d:ef:2f:a9:f3:02:84:
5c:1f:c4:14:f7:6b:d8:ce:65:81:5f:f5:5f:47:8c:a8:db:18:
a7:6b:ba:c6:85:29:4c:0e:69:28:9d:71:e8:69:2e:1d:5e:52:
4a:f3:6b:66:0b:24:65:53:6c:ac:35:64:fa:3a:8d:8a:8c:08:
a8:4c:c8:9e:67:b4:b4:4f:65:79:e3:55:58:4b:08:b6:50:a7:
07:88:1b:82:08:e4:0b:39:fb:b4:51:e6:9e:71:f3:8d:c1:1d:
3b:f9:85:b6:47:2e:5b:89:c5:b0:57:a7:7e:df:86:b5:c9:3f:
63:73:f1:7c:35:c5:5b:fc:c2:20:0a:ec:55:6a:57:c8:99:b8:
95:85:7b:aa:b2:55:a4:a1:2a:6f:7a:2c:bc:43:9e:a6:d8:79:
a1:74:76:13
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYywpk62ncHZ2QxHZ8wEPCviMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMzIyNGM1MDE3ZDM0ZWNkYzI4ZDBjZjM2NDQyZDY1YmVm
OWUwYTAwHhcNMjMxMjI4MTMzODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDk1NjIzZWNkYWQ3YjlmNmNjNjZjOWZkMTgxMmJlZjJkZjFkYWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0TyQ62yyiRd8rYSvlfkEI4RPACl
HGDeMJCAle9c+HlvcBaJKrWQp59YODnTtWCO3eHkoaZKqQVMwYpNVFDnLs9GMgG/
rxrQGoJLDpUsv+6+TsMCBa2j3oxaesrJY7+A4SSpfyOrt/KGtmdj57tKBWouixvs
fTgVbq+GdjkRKbTp1xbEd+Dae4ziHIHzG9vUfL3XUBg/r0X+VJSTNmq5PUt3iri/
jaCG6Wbu2awvOecU2BG6pMbHCafK5cGEMZH34qMvDxZ5qWrLuUXJ4HgFKH+bz4uT
8IFfe77hSL+fGV9iHbA8n3MaUx6P+Lf0R+13lsj2oQwriwqJXlyUOlog1QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFL2VYj7NrXufbMZsn9GBK+8t8dr/MB8GA1UdIwQY
MBaAFKIyJMUBfTTs3CjQzzZELWW++eCgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2pJa3hRRjlOT3pjS05EUE5rUXRaYjc1NEtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8yMjdkMTQtZDc1MS00NTczLTk5MTkt
ZmVjOGE4MGVkMjMzLzEvdlpWaVBzMnRlNTlzeG15ZjBZRXI3eTN4MnY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8yMjdkMTQtZDc1MS00NTczLTk5MTktZmVjOGE4MGVkMjMz
LzEvb2pJa3hRRjlOT3pjS05EUE5rUXRaYjc1NEtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEJdxAAwQC
UPPoAwQCwd3EMA0GCSqGSIb3DQEBCwUAA4IBAQCBoMm/rBIiNUgZ1C5wRXYwazA4
UbxDIfXzS1NwjbXEfy82HQyiF7p526xq67p1mU60CrN5udPJNHr4D/eaDx+/fdhD
0cyVkp/zKTZ8BBg0EGEgzU7WbdWhDDeyXTq5+D8mDyItgI3vL6nzAoRcH8QU92vY
zmWBX/VfR4yo2xina7rGhSlMDmkonXHoaS4dXlJK82tmCyRlU2ysNWT6Oo2KjAio
TMieZ7S0T2V541VYSwi2UKcHiBuCCOQLOfu0UeaecfONwR07+YW2Ry5bicWwV6d+
34a1yT9jc/F8NcVb/MIgCuxValfImbiVhXuqslWkoSpveiy8Q56m2HmhdHYT
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:44 2025 by rpki-client