Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/fc80f0-5c27-4898-84ac-28e416cf11cf/1/Vyu45EqdLxh8US75ZM1f5fn6Y_c.roa
File: Vyu45EqdLxh8US75ZM1f5fn6Y_c.roa (raw, json)
Hash identifier: cBqchGSxhl1U5TWyD7GDIha6DE2VIRgTMWoqE6DK9+U=
Subject key identifier: 57:2B:B8:E4:4A:9D:2F:18:7C:51:2E:F9:64:CD:5F:E5:F9:FA:63:F7
Certificate issuer: /CN=be8c0a74f47312df298a46095e47525d515854a1
Certificate serial: 0184568F6BBFAD99C0742A50F83D4DE54450
Authority key identifier: BE:8C:0A:74:F4:73:12:DF:29:8A:46:09:5E:47:52:5D:51:58:54:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vowKdPRzEt8pikYJXkdSXVFYVKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/fc80f0-5c27-4898-84ac-28e416cf11cf/1/Vyu45EqdLxh8US75ZM1f5fn6Y_c.roa
Signing time: Tue 08 Nov 2022 09:25:50 +0000
ROA not before: Tue 08 Nov 2022 09:25:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12963
IP address blocks: 94.232.210.0/24 maxlen: 24
94.232.211.0/24 maxlen: 24
94.232.212.0/24 maxlen: 24
176.97.4.0/22 maxlen: 22
91.218.72.0/24 maxlen: 24
91.197.171.0/24 maxlen: 24
91.218.73.0/24 maxlen: 24
91.218.74.0/24 maxlen: 24
91.218.75.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:56:8f:6b:bf:ad:99:c0:74:2a:50:f8:3d:4d:e5:44:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be8c0a74f47312df298a46095e47525d515854a1
Validity
Not Before: Nov 8 09:25:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=572bb8e44a9d2f187c512ef964cd5fe5f9fa63f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:82:b0:28:bd:87:5f:08:7d:ac:9c:42:5e:1e:
e3:8d:00:37:a4:c1:5f:b5:32:e7:1e:7a:05:54:71:
e3:89:53:c0:ab:2f:fa:29:d7:22:7e:79:69:cd:3d:
37:01:23:25:41:15:cd:d0:01:bd:cf:54:bc:62:71:
20:74:45:1e:06:3d:e4:d0:d1:9b:ac:15:cf:21:08:
11:ff:b8:5a:45:e2:66:5d:09:20:1b:dd:c3:11:1a:
40:1b:dc:69:00:c5:d4:64:6c:40:8b:71:32:8b:04:
d3:f6:1c:d6:c2:b9:1f:24:4b:b4:72:50:a9:3b:4a:
e7:df:19:df:66:c4:30:b3:8e:f3:28:07:61:f2:1b:
a2:7e:64:e6:4b:09:b5:35:77:e9:06:7c:8f:e1:8a:
4d:9a:3f:82:b1:81:62:1c:9d:1f:98:3b:ce:00:4e:
db:dc:82:b0:d9:88:46:c9:01:5e:2a:0b:b2:67:e3:
98:d6:43:6f:cd:f1:b1:50:47:0b:bc:3b:77:03:05:
06:92:b6:61:4c:5e:6a:9d:9a:f4:a1:11:79:00:d6:
37:7e:a9:ad:f8:5f:f6:f6:cb:b3:8a:f3:fc:ee:8d:
99:9c:da:cb:df:92:06:a4:2b:fe:90:43:04:60:2d:
c1:b3:0b:d7:ba:ba:1e:31:67:ad:7b:1e:27:a2:5e:
4c:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:2B:B8:E4:4A:9D:2F:18:7C:51:2E:F9:64:CD:5F:E5:F9:FA:63:F7
X509v3 Authority Key Identifier:
keyid:BE:8C:0A:74:F4:73:12:DF:29:8A:46:09:5E:47:52:5D:51:58:54:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vowKdPRzEt8pikYJXkdSXVFYVKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/fc80f0-5c27-4898-84ac-28e416cf11cf/1/Vyu45EqdLxh8US75ZM1f5fn6Y_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/fc80f0-5c27-4898-84ac-28e416cf11cf/1/vowKdPRzEt8pikYJXkdSXVFYVKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.171.0/24
91.218.72.0/22
94.232.210.0-94.232.212.255
176.97.4.0/22
Signature Algorithm: sha256WithRSAEncryption
52:28:07:63:e4:c5:2c:be:89:4e:ee:ad:f6:91:05:94:87:e1:
3f:9d:77:5b:47:5f:20:15:09:64:af:5a:6c:30:1b:f9:dd:e6:
83:cc:2c:3b:f3:ac:7a:28:de:d1:0e:2d:10:2f:e8:e9:bb:db:
0e:bb:c9:94:93:8b:49:92:8c:11:29:a0:17:01:a7:5f:76:a2:
52:84:5e:fc:50:ae:4f:05:3f:bc:6a:4c:25:e0:fb:2f:f5:d5:
72:3c:f6:14:b9:4b:00:7c:a4:8b:97:bb:46:c9:0e:0a:17:72:
a0:1c:ec:2e:13:d1:70:83:a1:46:4a:73:a9:31:6c:65:25:84:
b3:66:8e:87:89:33:79:24:14:7a:fe:b0:55:79:2d:34:40:d5:
99:a6:66:47:79:f6:97:53:61:88:bb:37:64:f4:1f:65:31:11:
58:be:22:10:08:85:4c:46:c0:8c:22:26:6a:a0:6a:01:fe:2e:
ea:66:9d:c4:a4:f2:d1:8d:e4:0f:a6:d8:13:d0:f9:f7:45:02:
6a:a7:13:2d:c4:f2:67:1f:85:7c:7a:a7:f8:a0:53:d1:23:99:
dd:a7:a0:12:1d:f9:23:5e:6b:18:11:22:70:af:43:61:cf:d9:
30:4c:21:f8:c4:e9:c2:6f:5c:f8:dd:f3:03:46:38:27:6a:de:
b0:13:4f:a8
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYRWj2u/rZnAdCpQ+D1N5URQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlOGMwYTc0ZjQ3MzEyZGYyOThhNDYwOTVlNDc1MjVkNTE1
ODU0YTEwHhcNMjIxMTA4MDkyNTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzJiYjhlNDRhOWQyZjE4N2M1MTJlZjk2NGNkNWZlNWY5ZmE2M2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoKwKL2HXwh9rJxCXh7jjQA3pMFf
tTLnHnoFVHHjiVPAqy/6KdcifnlpzT03ASMlQRXN0AG9z1S8YnEgdEUeBj3k0NGb
rBXPIQgR/7haReJmXQkgG93DERpAG9xpAMXUZGxAi3EyiwTT9hzWwrkfJEu0clCp
O0rn3xnfZsQws47zKAdh8huifmTmSwm1NXfpBnyP4YpNmj+CsYFiHJ0fmDvOAE7b
3IKw2YhGyQFeKguyZ+OY1kNvzfGxUEcLvDt3AwUGkrZhTF5qnZr0oRF5ANY3fqmt
+F/29suzivP87o2ZnNrL35IGpCv+kEMEYC3BswvXuroeMWetex4nol5MxwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFFcruORKnS8YfFEu+WTNX+X5+mP3MB8GA1UdIwQY
MBaAFL6MCnT0cxLfKYpGCV5HUl1RWFShMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdm93S2RQUnpFdDhwaWtZSlhrZFNYVkZZVktFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9mYzgwZjAtNWMyNy00ODk4LTg0YWMt
MjhlNDE2Y2YxMWNmLzEvVnl1NDVFcWRMeGg4VVM3NVpNMWY1Zm42WV9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9mYzgwZjAtNWMyNy00ODk4LTg0YWMtMjhlNDE2Y2YxMWNm
LzEvdm93S2RQUnpFdDhwaWtZSlhrZFNYVkZZVktFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAW8WrAwQC
W9pIMAwDBAFe6NIDBABe6NQDBAKwYQQwDQYJKoZIhvcNAQELBQADggEBAFIoB2Pk
xSy+iU7urfaRBZSH4T+dd1tHXyAVCWSvWmwwG/nd5oPMLDvzrHoo3tEOLRAv6Om7
2w67yZSTi0mSjBEpoBcBp192olKEXvxQrk8FP7xqTCXg+y/11XI89hS5SwB8pIuX
u0bJDgoXcqAc7C4T0XCDoUZKc6kxbGUlhLNmjoeJM3kkFHr+sFV5LTRA1ZmmZkd5
9pdTYYi7N2T0H2UxEVi+IhAIhUxGwIwiJmqgagH+LupmncSk8tGN5A+m2BPQ+fdF
AmqnEy3E8mcfhXx6p/igU9Ejmd2noBId+SNeaxgRInCvQ2HP2TBMIfjE6cJvXPjd
8wNGOCdq3rATT6g=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:51 2023 by rpki-client on console-fra.rpki-client.org