Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/VXoAoBrDPoH_NoLJF4oREjydrCA.roa
File: VXoAoBrDPoH_NoLJF4oREjydrCA.roa (raw, json)
Hash identifier: 1VAxp6JJRvHMOSEJHBGUBa9eQMPrXyDqOmmu/FOCP50=
Subject key identifier: 55:7A:00:A0:1A:C3:3E:81:FF:36:82:C9:17:8A:11:12:3C:9D:AC:20
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0184E86D30375738ECFD38EA14579832ED71
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/VXoAoBrDPoH_NoLJF4oREjydrCA.roa
Signing time: Tue 06 Dec 2022 17:13:00 +0000
ROA not before: Tue 06 Dec 2022 17:13:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207023
IP address blocks: 91.245.88.0/23 maxlen: 23
91.234.122.0/23 maxlen: 24
194.33.64.0/23 maxlen: 23
176.118.200.0/22 maxlen: 22
176.118.204.0/22 maxlen: 22
77.36.72.0/21 maxlen: 21
91.200.133.0/24 maxlen: 24
192.162.186.0/23 maxlen: 24
176.116.238.0/23 maxlen: 24
91.237.92.0/24 maxlen: 24
91.232.18.0/24 maxlen: 24
46.173.252.0/23 maxlen: 23
91.229.147.0/24 maxlen: 24
37.97.116.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e8:6d:30:37:57:38:ec:fd:38:ea:14:57:98:32:ed:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Dec 6 17:13:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=557a00a01ac33e81ff3682c9178a11123c9dac20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e7:85:9c:be:dc:b1:f2:45:13:2a:33:53:03:
52:2b:21:40:1f:b2:b6:c0:5a:c1:c4:c2:aa:38:2d:
35:33:f7:fa:f3:5c:e2:a5:28:0a:1f:9a:63:15:12:
f5:48:cc:28:c4:2f:a8:dc:ff:6e:84:93:cc:cb:10:
c7:6d:45:27:5c:88:3e:72:07:81:f8:4d:27:8a:71:
8d:e8:25:f4:bb:f3:e2:b8:26:56:4c:48:5d:65:0e:
db:c5:c1:88:73:b0:e6:2c:df:24:77:26:c7:6e:ef:
75:1c:d3:7a:4b:75:2b:02:fb:c1:4d:8d:18:b8:e0:
d8:e3:39:43:4a:fb:e2:8f:cf:5d:06:ca:a3:72:2c:
25:7a:ae:a9:b3:8a:51:1a:5f:d9:9a:00:17:e5:ea:
39:3b:b8:84:31:55:c8:3d:6a:65:1f:aa:ba:df:f1:
82:3e:61:fa:db:4a:61:9b:7b:a0:db:c3:9a:c4:12:
00:57:2d:df:81:cb:e3:4a:d3:cf:ab:e4:df:fd:f6:
bd:2e:84:c3:25:5b:39:85:d3:b3:60:ee:3a:fa:d9:
2d:5f:7b:91:2b:86:59:5b:ca:b6:60:9d:52:45:1e:
c0:ae:97:14:87:da:8b:2d:36:71:20:fe:42:0a:80:
c4:37:14:2c:7c:be:a3:8d:6f:3e:8b:69:56:4c:80:
3c:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:7A:00:A0:1A:C3:3E:81:FF:36:82:C9:17:8A:11:12:3C:9D:AC:20
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/VXoAoBrDPoH_NoLJF4oREjydrCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.116.0/22
46.173.252.0/23
77.36.72.0/21
91.200.133.0/24
91.229.147.0/24
91.232.18.0/24
91.234.122.0/23
91.237.92.0/24
91.245.88.0/23
176.116.238.0/23
176.118.200.0/21
192.162.186.0/23
194.33.64.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:94:9e:53:d2:63:c5:51:27:9c:d5:ec:a2:70:2e:21:e6:9e:
fb:79:ea:e3:f7:99:d8:0c:26:c7:eb:6c:0d:09:c2:f7:ed:d7:
a5:17:86:69:ce:18:e7:1c:ff:c2:d0:99:92:89:56:3d:2f:d9:
ae:13:24:b3:06:a0:69:97:58:ee:1c:6f:93:77:1d:69:35:e9:
af:8e:03:72:47:d9:e3:53:94:cd:bf:5d:f7:73:c8:a0:ec:c4:
c2:f8:11:06:01:2d:8d:68:d9:5f:2f:e5:ff:f8:50:d5:61:46:
79:b1:4d:ca:ee:9e:95:f9:2f:cf:c2:c6:03:a0:7f:0f:89:7e:
4d:65:60:07:94:38:09:93:96:6c:eb:3e:be:83:42:38:b6:4e:
30:e7:44:ff:f9:59:e1:ee:f0:9b:b3:5b:2f:18:77:8a:57:30:
d5:fe:e4:67:b5:30:df:dc:13:4d:87:78:d1:46:14:cc:11:17:
8c:ed:f0:8d:fe:22:62:5d:21:bd:22:4e:c8:ae:8e:15:ac:df:
10:58:02:70:d7:8c:1a:c5:0d:be:63:91:e5:06:9c:1a:be:c7:
43:18:3e:57:66:ce:b9:1d:72:7c:93:3b:84:df:df:1f:01:69:
cf:e7:aa:6b:f0:f9:c2:fd:37:a2:ae:5a:4c:18:93:54:06:29:
a6:82:5f:37
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYTobTA3Vzjs/TjqFFeYMu1xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjIxMjA2MTcxMzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTdhMDBhMDFhYzMzZTgxZmYzNjgyYzkxNzhhMTExMjNjOWRhYzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+eFnL7csfJFEyozUwNSKyFAH7K2
wFrBxMKqOC01M/f681zipSgKH5pjFRL1SMwoxC+o3P9uhJPMyxDHbUUnXIg+cgeB
+E0ninGN6CX0u/PiuCZWTEhdZQ7bxcGIc7DmLN8kdybHbu91HNN6S3UrAvvBTY0Y
uODY4zlDSvvij89dBsqjciwleq6ps4pRGl/ZmgAX5eo5O7iEMVXIPWplH6q63/GC
PmH620phm3ug28OaxBIAVy3fgcvjStPPq+Tf/fa9LoTDJVs5hdOzYO46+tktX3uR
K4ZZW8q2YJ1SRR7ArpcUh9qLLTZxIP5CCoDENxQsfL6jjW8+i2lWTIA8CQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFFV6AKAawz6B/zaCyReKERI8nawgMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvVlhvQW9CckRQb0hfTm9MSkY0b1JFanlkckNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQCJWF0AwQB
Lq38AwQDTSRIAwQAW8iFAwQAW+WTAwQAW+gSAwQBW+p6AwQAW+1cAwQBW/VYAwQB
sHTuAwQDsHbIAwQBwKK6AwQBwiFAMA0GCSqGSIb3DQEBCwUAA4IBAQBblJ5T0mPF
USec1eyicC4h5p77eerj95nYDCbH62wNCcL37delF4ZpzhjnHP/C0JmSiVY9L9mu
EySzBqBpl1juHG+Tdx1pNemvjgNyR9njU5TNv133c8ig7MTC+BEGAS2NaNlfL+X/
+FDVYUZ5sU3K7p6V+S/PwsYDoH8PiX5NZWAHlDgJk5Zs6z6+g0I4tk4w50T/+Vnh
7vCbs1svGHeKVzDV/uRntTDf3BNNh3jRRhTMEReM7fCN/iJiXSG9Ik7Iro4VrN8Q
WAJw14waxQ2+Y5HlBpwavsdDGD5XZs65HXJ8kzuE398fAWnP56pr8PnC/TeirlpM
GJNUBimmgl83
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:55 2023 by rpki-client on console-fra.rpki-client.org