Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/c212a2-37e9-4ad6-bbe6-835a5842b94c/1/vydzNs44l4aQjD0lhf7nLRtXMtc.roa
File: vydzNs44l4aQjD0lhf7nLRtXMtc.roa (raw, json)
Hash identifier: 9NgnXq+mZNXst+I+kVpZOf5LUX74GgXP07qDnPwZxDo=
Subject key identifier: BF:27:73:36:CE:38:97:86:90:8C:3D:25:85:FE:E7:2D:1B:57:32:D7
Certificate issuer: /CN=bb4731884ba0f573fa618b6e7ad503a12c965af3
Certificate serial: 0183FA7F0604E34500AA16D2E57D098FD487
Authority key identifier: BB:47:31:88:4B:A0:F5:73:FA:61:8B:6E:7A:D5:03:A1:2C:96:5A:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u0cxiEug9XP6YYtuetUDoSyWWvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/c212a2-37e9-4ad6-bbe6-835a5842b94c/1/vydzNs44l4aQjD0lhf7nLRtXMtc.roa
Signing time: Fri 21 Oct 2022 12:22:52 +0000
ROA not before: Fri 21 Oct 2022 12:22:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200308
IP address blocks: 195.189.245.0/24 maxlen: 24
185.248.28.0/22 maxlen: 22
2a0d:dd80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:fa:7f:06:04:e3:45:00:aa:16:d2:e5:7d:09:8f:d4:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb4731884ba0f573fa618b6e7ad503a12c965af3
Validity
Not Before: Oct 21 12:22:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bf277336ce389786908c3d2585fee72d1b5732d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:54:08:41:22:79:aa:e8:58:f8:2f:e9:f2:e3:
ca:f9:90:03:ec:90:94:a2:0f:79:25:a0:63:a4:f3:
46:3e:c2:1c:9d:c4:94:6f:61:d8:e6:28:83:a6:a7:
27:cd:3b:7e:86:ef:5a:6f:ad:f6:fd:70:b8:48:5f:
29:0a:b3:07:2d:86:6a:3e:dd:88:39:6e:b5:d4:10:
f1:9e:d0:4e:bf:38:8a:48:01:aa:a2:46:f4:a0:be:
d8:d5:8b:84:4b:68:3f:37:d2:d3:41:8a:1a:99:a6:
09:f3:f8:e2:7c:96:62:16:3b:01:9a:e9:9d:ec:9d:
68:b0:16:48:94:e2:1f:be:b9:9a:57:c9:e5:32:a1:
e5:40:af:c5:eb:53:ec:a8:6f:0a:9e:6a:3b:5d:38:
62:c2:a2:42:7f:fa:16:b6:43:d3:09:59:45:01:33:
f2:15:6a:7d:07:58:d4:a5:c7:bd:40:0e:44:51:44:
13:66:ad:f8:c0:8f:dd:b1:ae:6d:14:59:f5:ef:c9:
01:2c:bf:44:d1:30:d2:76:19:ab:97:b6:91:d2:cc:
11:7f:4a:49:7f:78:e3:ef:ef:8a:7c:1c:1f:15:30:
ab:13:c2:a8:58:4a:5b:08:00:12:2d:34:cd:d5:14:
3a:e7:13:0a:2c:a6:87:93:d7:7c:6f:c1:d8:b3:e8:
c6:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:27:73:36:CE:38:97:86:90:8C:3D:25:85:FE:E7:2D:1B:57:32:D7
X509v3 Authority Key Identifier:
keyid:BB:47:31:88:4B:A0:F5:73:FA:61:8B:6E:7A:D5:03:A1:2C:96:5A:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u0cxiEug9XP6YYtuetUDoSyWWvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/c212a2-37e9-4ad6-bbe6-835a5842b94c/1/vydzNs44l4aQjD0lhf7nLRtXMtc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/c212a2-37e9-4ad6-bbe6-835a5842b94c/1/u0cxiEug9XP6YYtuetUDoSyWWvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.28.0/22
195.189.245.0/24
IPv6:
2a0d:dd80::/29
Signature Algorithm: sha256WithRSAEncryption
19:49:83:4b:69:84:e4:a9:44:ed:bd:67:46:db:01:94:ac:7c:
c4:7c:05:6d:c6:a4:45:79:06:47:3f:6a:2d:2a:37:ef:95:0e:
bf:ba:01:e4:53:2e:c4:47:e5:c3:84:a6:fb:64:43:f3:3e:e7:
65:f1:a6:53:ee:c8:62:ba:a7:52:2a:bf:16:b5:3f:05:39:e5:
4b:4e:de:74:af:58:7f:5c:66:a6:a6:9f:3f:24:af:08:e2:ac:
7f:85:a9:b2:02:69:34:ba:89:0b:c7:08:2b:56:f1:28:af:df:
0c:e3:6d:5e:f5:97:69:bb:25:a2:a0:7b:fd:b7:16:db:5b:68:
0a:a1:b9:4a:95:b1:93:18:35:11:13:10:58:f8:2f:37:34:cd:
67:55:26:e9:e4:de:05:59:df:86:24:a8:a3:61:ad:e8:42:48:
49:a9:46:d5:b9:77:36:a3:80:57:7e:81:0e:50:b7:8b:e8:fa:
f0:2e:83:ab:b5:d0:92:76:4f:8f:aa:f2:b8:f4:20:9e:8a:a0:
6b:6d:ff:f3:a9:f3:3e:4e:4d:28:52:20:d4:d7:ba:e2:c4:a4:
1d:ca:b5:8f:52:c8:b8:96:48:73:8f:11:7c:2a:c9:22:88:9d:
71:59:8c:b8:8f:f1:69:18:80:5e:9e:46:80:ff:ec:bf:c1:ed:
41:91:3b:64
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYP6fwYE40UAqhbS5X0Jj9SHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNDczMTg4NGJhMGY1NzNmYTYxOGI2ZTdhZDUwM2ExMmM5
NjVhZjMwHhcNMjIxMDIxMTIyMjUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjI3NzMzNmNlMzg5Nzg2OTA4YzNkMjU4NWZlZTcyZDFiNTczMmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhlQIQSJ5quhY+C/p8uPK+ZAD7JCU
og95JaBjpPNGPsIcncSUb2HY5iiDpqcnzTt+hu9ab632/XC4SF8pCrMHLYZqPt2I
OW611BDxntBOvziKSAGqokb0oL7Y1YuES2g/N9LTQYoamaYJ8/jifJZiFjsBmumd
7J1osBZIlOIfvrmaV8nlMqHlQK/F61PsqG8Knmo7XThiwqJCf/oWtkPTCVlFATPy
FWp9B1jUpce9QA5EUUQTZq34wI/dsa5tFFn178kBLL9E0TDSdhmrl7aR0swRf0pJ
f3jj7++KfBwfFTCrE8KoWEpbCAASLTTN1RQ65xMKLKaHk9d8b8HYs+jGdQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFL8nczbOOJeGkIw9JYX+5y0bVzLXMB8GA1UdIwQY
MBaAFLtHMYhLoPVz+mGLbnrVA6EsllrzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTBjeGlFdWc5WFA2WVl0dWV0VURvU3lXV3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9jMjEyYTItMzdlOS00YWQ2LWJiZTYt
ODM1YTU4NDJiOTRjLzEvdnlkek5zNDRsNGFRakQwbGhmN25MUnRYTXRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9jMjEyYTItMzdlOS00YWQ2LWJiZTYtODM1YTU4NDJiOTRj
LzEvdTBjeGlFdWc5WFA2WVl0dWV0VURvU3lXV3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCufgcAwQA
w731MA0EAgACMAcDBQMqDd2AMA0GCSqGSIb3DQEBCwUAA4IBAQAZSYNLaYTkqUTt
vWdG2wGUrHzEfAVtxqRFeQZHP2otKjfvlQ6/ugHkUy7ER+XDhKb7ZEPzPudl8aZT
7shiuqdSKr8WtT8FOeVLTt50r1h/XGampp8/JK8I4qx/hamyAmk0uokLxwgrVvEo
r98M421e9ZdpuyWioHv9txbbW2gKoblKlbGTGDURExBY+C83NM1nVSbp5N4FWd+G
JKijYa3oQkhJqUbVuXc2o4BXfoEOULeL6PrwLoOrtdCSdk+PqvK49CCeiqBrbf/z
qfM+Tk0oUiDU17rixKQdyrWPUsi4lkhzjxF8KskiiJ1xWYy4j/FpGIBenkaA/+y/
we1BkTtk
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:03 2023 by rpki-client on console-fra.rpki-client.org