Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/VX24SNE6hYFHFZFg8r3CLEEQXw4.roa
File: VX24SNE6hYFHFZFg8r3CLEEQXw4.roa (raw, json)
Hash identifier: g8VkyvvILwvPmJQunreaMXjjtZCuB/AcEJaRyMSaT9g=
Subject key identifier: 55:7D:B8:48:D1:3A:85:81:47:15:91:60:F2:BD:C2:2C:41:10:5F:0E
Certificate issuer: /CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Certificate serial: 0183343FAACFA8D96D35118DF34F0DB80CCB
Authority key identifier: A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/VX24SNE6hYFHFZFg8r3CLEEQXw4.roa
Signing time: Tue 13 Sep 2022 00:28:51 +0000
ROA not before: Tue 13 Sep 2022 00:28:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12708
IP address blocks: 87.242.128.0/17 maxlen: 24
217.8.0.0/19 maxlen: 24
212.67.96.0/19 maxlen: 24
185.175.48.0/22 maxlen: 24
84.43.0.0/17 maxlen: 24
213.78.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:34:3f:aa:cf:a8:d9:6d:35:11:8d:f3:4f:0d:b8:0c:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Validity
Not Before: Sep 13 00:28:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=557db848d13a858147159160f2bdc22c41105f0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:bb:90:e1:a8:f7:5d:69:b7:88:ec:1c:c0:3d:
b5:f5:a4:f1:98:33:9e:7f:05:03:54:aa:f4:28:7d:
e9:14:5e:22:0c:f8:02:d8:6e:64:1c:4f:3b:3d:60:
16:6c:70:4e:10:67:f1:c0:88:97:80:61:63:30:ee:
1f:43:6a:6d:5f:eb:a5:eb:1f:a5:5a:2d:93:cc:29:
69:33:d2:e2:67:e2:62:00:38:75:74:1f:a2:a2:ca:
ec:b5:87:5f:57:e8:ec:11:c7:99:d1:92:33:ac:9b:
46:d0:e3:0a:d6:3f:ae:be:73:7a:60:ad:79:d1:f6:
5a:f7:72:48:13:b7:a8:94:8e:cc:ed:ac:31:18:ed:
76:9d:20:c2:a0:36:fe:28:05:82:dc:ef:ae:9c:d5:
f0:cd:22:71:72:01:bd:04:c5:de:e6:b8:6c:88:26:
91:22:45:91:7d:bb:dd:11:e7:7b:ed:ff:a9:b1:b9:
cf:c5:df:b0:75:9d:4c:39:4d:3f:77:bb:19:21:d2:
1c:74:a0:44:76:37:ea:e3:a2:bc:17:ba:40:96:89:
ae:57:54:b2:da:04:1d:c7:1e:56:4f:51:3e:a6:31:
91:a6:24:3c:0d:5a:55:27:81:b5:d1:58:6e:8c:31:
82:3e:e0:9d:3d:71:73:8c:d3:d4:05:cf:98:09:21:
b2:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:7D:B8:48:D1:3A:85:81:47:15:91:60:F2:BD:C2:2C:41:10:5F:0E
X509v3 Authority Key Identifier:
keyid:A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/VX24SNE6hYFHFZFg8r3CLEEQXw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.43.0.0/17
87.242.128.0/17
185.175.48.0/22
212.67.96.0/19
213.78.0.0/16
217.8.0.0/19
Signature Algorithm: sha256WithRSAEncryption
30:f2:ac:15:0e:ec:6b:97:43:68:e9:ea:ad:8a:0a:1d:76:5e:
49:8d:07:09:65:e2:82:5d:0a:f9:df:6e:bf:86:fe:dc:da:73:
53:f0:54:7b:07:b8:ca:b0:cb:95:42:db:00:4f:f1:a2:2b:0f:
c8:49:0c:60:5e:85:79:62:cf:d5:9c:56:a8:c6:33:58:af:d8:
7a:4b:73:75:69:d9:86:8d:02:c0:d6:c5:b6:f7:2c:7c:62:cc:
8f:00:7f:16:b0:45:b0:01:6e:39:32:90:0a:59:12:15:fa:f9:
26:86:6a:68:77:0a:be:ee:a8:e7:7f:55:75:e4:47:98:89:76:
ed:7a:6b:eb:68:db:9c:03:3e:ae:ad:e6:b6:24:03:75:da:06:
97:54:64:67:46:da:5e:c5:19:1e:36:4d:e7:48:bd:ec:26:9d:
dc:a4:c8:bb:49:95:64:73:53:1f:d1:43:72:bb:36:0e:54:04:
83:4c:d6:94:40:c1:e7:b2:3f:da:f3:da:8e:fc:ac:38:2f:67:
59:b6:5f:dd:af:16:91:fa:8c:69:2f:94:9b:a3:7c:99:71:e7:
2e:78:33:d6:70:44:ca:47:4e:15:da:c1:d0:3c:3f:38:2a:73:
dd:f4:9f:a8:e4:f3:3a:f5:53:06:39:84:ad:91:7e:35:3b:9b:
ea:59:d1:e3
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYM0P6rPqNltNRGN808NuAzLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODA3ZjZkNTBkOTdkOTcxZGNmMmUyZTUwNjRlOWI5MDdh
ZGIzZWMwHhcNMjIwOTEzMDAyODUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTdkYjg0OGQxM2E4NTgxNDcxNTkxNjBmMmJkYzIyYzQxMTA1ZjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7uQ4aj3XWm3iOwcwD219aTxmDOe
fwUDVKr0KH3pFF4iDPgC2G5kHE87PWAWbHBOEGfxwIiXgGFjMO4fQ2ptX+ul6x+l
Wi2TzClpM9LiZ+JiADh1dB+iosrstYdfV+jsEceZ0ZIzrJtG0OMK1j+uvnN6YK15
0fZa93JIE7eolI7M7awxGO12nSDCoDb+KAWC3O+unNXwzSJxcgG9BMXe5rhsiCaR
IkWRfbvdEed77f+psbnPxd+wdZ1MOU0/d7sZIdIcdKBEdjfq46K8F7pAlomuV1Sy
2gQdxx5WT1E+pjGRpiQ8DVpVJ4G10VhujDGCPuCdPXFzjNPUBc+YCSGy8QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFFV9uEjROoWBRxWRYPK9wixBEF8OMB8GA1UdIwQY
MBaAFKmAf21Q2X2XHc8uLlBk6bkHrbPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzIt
MGQ4ZjdkZDhjY2U2LzEvVlgyNFNORTZoWUZIRlpGZzhyM0NMRUVRWHc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzItMGQ4ZjdkZDhjY2U2
LzEvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAATAjAwQHVCsAAwQH
V/KAAwQCua8wAwQF1ENgAwMA1U4DBAXZCAAwDQYJKoZIhvcNAQELBQADggEBADDy
rBUO7GuXQ2jp6q2KCh12XkmNBwll4oJdCvnfbr+G/tzac1PwVHsHuMqwy5VC2wBP
8aIrD8hJDGBehXliz9WcVqjGM1iv2HpLc3Vp2YaNAsDWxbb3LHxizI8AfxawRbAB
bjkykApZEhX6+SaGamh3Cr7uqOd/VXXkR5iJdu16a+to25wDPq6t5rYkA3XaBpdU
ZGdG2l7FGR42TedIvewmndykyLtJlWRzUx/RQ3K7Ng5UBINM1pRAweeyP9rz2o78
rDgvZ1m2X92vFpH6jGkvlJujfJlx5y54M9ZwRMpHThXawdA8Pzgqc930n6jk8zr1
UwY5hK2RfjU7m+pZ0eM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:51 2023 by rpki-client on console-fra.rpki-client.org