Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/e68770-edf2-4358-b821-914d5dc5197f/1/VJxKWBQO6ouxyESbT0Mzqmsx1H0.roa
File: VJxKWBQO6ouxyESbT0Mzqmsx1H0.roa (raw, json)
Hash identifier: 6gj7KyR7J3Zl9qin5xzrteiOul/nzRL3L7RUTYpR+NE=
Subject key identifier: 54:9C:4A:58:14:0E:EA:8B:B1:C8:44:9B:4F:43:33:AA:6B:31:D4:7D
Certificate issuer: /CN=822b30d89b1bcff699f641f88026942d16a72bcc
Certificate serial: 4464E007
Authority key identifier: 82:2B:30:D8:9B:1B:CF:F6:99:F6:41:F8:80:26:94:2D:16:A7:2B:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gisw2Jsbz_aZ9kH4gCaULRanK8w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/e68770-edf2-4358-b821-914d5dc5197f/1/VJxKWBQO6ouxyESbT0Mzqmsx1H0.roa
Signing time: Sat 01 Jan 2022 14:57:29 +0000
ROA not before: Sat 01 Jan 2022 14:57:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3243
IP address blocks: 85.240.0.0/13 maxlen: 24
213.13.0.0/16 maxlen: 24
37.189.0.0/16 maxlen: 24
144.64.0.0/16 maxlen: 24
188.80.0.0/14 maxlen: 24
2.80.0.0/14 maxlen: 24
81.193.0.0/16 maxlen: 24
194.65.0.0/16 maxlen: 24
185.2.84.0/22 maxlen: 24
212.55.128.0/19 maxlen: 24
188.250.0.0/15 maxlen: 24
82.154.0.0/15 maxlen: 24
176.78.0.0/15 maxlen: 24
168.182.128.0/17 maxlen: 24
2001:8a0:c000::/34 maxlen: 34
2001:8a0:4000::/34 maxlen: 34
2001:8a0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1147461639 (0x4464e007)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=822b30d89b1bcff699f641f88026942d16a72bcc
Validity
Not Before: Jan 1 14:57:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=549c4a58140eea8bb1c8449b4f4333aa6b31d47d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:7f:9d:f4:49:9e:ab:9f:53:24:3e:ba:31:ad:
af:2f:e1:a0:07:86:6c:19:66:6b:6a:9e:4a:56:7e:
c7:22:1e:59:cb:08:9d:e7:20:8c:84:0d:c9:59:1e:
6c:0b:49:09:a7:5b:df:aa:28:d8:9e:4e:66:15:b6:
8f:7e:5b:c1:b3:9a:e9:2b:08:40:e7:96:82:3c:9e:
19:29:6f:e3:4d:0f:93:e3:32:08:cb:59:25:d0:f9:
89:56:4a:b7:ed:0b:eb:c0:45:79:cc:7f:6c:79:58:
9e:0b:fc:f3:57:f7:5f:25:a7:b8:29:c9:66:55:57:
b8:4e:2f:a7:70:68:dd:e5:de:99:1e:d9:cf:87:08:
28:43:63:30:68:16:d5:84:62:d9:aa:cc:02:ca:b1:
63:53:34:c6:b1:74:2b:02:b0:23:c8:6a:19:1d:15:
38:99:54:fe:03:eb:f5:ee:a6:40:fe:96:2b:4b:1b:
01:cd:47:e4:c7:29:66:2d:3b:33:38:d3:ae:2d:77:
de:08:09:08:8b:f0:65:84:82:44:f4:15:2b:ca:34:
be:76:b9:d4:d4:a7:32:53:67:fa:71:e2:f9:24:df:
2d:41:87:25:4b:6f:b7:58:ed:c4:d9:b9:20:7a:21:
72:12:80:ae:60:ee:ff:86:86:02:fd:7b:82:bf:73:
4d:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:9C:4A:58:14:0E:EA:8B:B1:C8:44:9B:4F:43:33:AA:6B:31:D4:7D
X509v3 Authority Key Identifier:
keyid:82:2B:30:D8:9B:1B:CF:F6:99:F6:41:F8:80:26:94:2D:16:A7:2B:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gisw2Jsbz_aZ9kH4gCaULRanK8w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/e68770-edf2-4358-b821-914d5dc5197f/1/VJxKWBQO6ouxyESbT0Mzqmsx1H0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/e68770-edf2-4358-b821-914d5dc5197f/1/gisw2Jsbz_aZ9kH4gCaULRanK8w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.80.0.0/14
37.189.0.0/16
81.193.0.0/16
82.154.0.0/15
85.240.0.0/13
144.64.0.0/16
168.182.128.0/17
176.78.0.0/15
185.2.84.0/22
188.80.0.0/14
188.250.0.0/15
194.65.0.0/16
212.55.128.0/19
213.13.0.0/16
IPv6:
2001:8a0::/32
Signature Algorithm: sha256WithRSAEncryption
9a:a5:54:c8:27:d0:e6:6d:92:71:b5:7e:75:b8:3d:ef:5f:7f:
0d:ff:ab:3e:85:b9:74:8a:27:37:82:da:f5:79:fc:c7:ac:2e:
00:55:27:c4:26:0d:c0:6c:0e:14:b6:d5:31:e9:4b:ad:74:0d:
88:27:b1:46:7d:9f:84:74:e4:ba:d3:62:e5:b3:d2:e7:b7:20:
8c:fc:ce:46:c3:94:40:21:dd:95:81:db:05:42:61:70:2b:0c:
29:24:07:c9:3a:84:e8:1d:71:4f:96:fc:ef:3f:64:bc:5c:38:
95:9a:fb:d6:8a:5c:91:18:db:f3:90:7f:a9:07:14:be:4b:36:
ea:18:d0:dc:27:6c:8d:08:66:8f:e1:f8:e1:3c:75:57:66:a0:
99:3f:cd:66:a6:41:35:f3:7e:3b:df:1d:6f:57:13:be:05:b5:
4a:5e:15:68:87:15:34:e0:c3:f5:49:b0:e0:fe:39:6a:cf:19:
d1:0c:c1:2d:23:a9:57:c3:35:00:bf:36:96:cb:9b:ce:e1:7d:
d2:09:9e:c4:cd:fc:96:f7:b8:28:28:74:12:38:49:0d:79:3f:
d6:2d:62:cd:0f:67:42:d8:6b:8e:49:10:d0:ea:6c:d2:a2:92:
a1:8d:00:b2:91:3f:ad:0a:74:99:9b:7f:3b:74:16:13:c0:2f:
f4:a1:23:5a
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIERGTgBzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MjJiMzBkODliMWJjZmY2OTlmNjQxZjg4MDI2OTQyZDE2YTcyYmNjMB4XDTIyMDEw
MTE0NTcyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTQ5YzRhNTgxNDBl
ZWE4YmIxYzg0NDliNGY0MzMzYWE2YjMxZDQ3ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN5/nfRJnqufUyQ+ujGtry/hoAeGbBlma2qeSlZ+xyIeWcsI
necgjIQNyVkebAtJCadb36oo2J5OZhW2j35bwbOa6SsIQOeWgjyeGSlv400Pk+My
CMtZJdD5iVZKt+0L68BFecx/bHlYngv881f3XyWnuCnJZlVXuE4vp3Bo3eXemR7Z
z4cIKENjMGgW1YRi2arMAsqxY1M0xrF0KwKwI8hqGR0VOJlU/gPr9e6mQP6WK0sb
Ac1H5McpZi07MzjTri133ggJCIvwZYSCRPQVK8o0vna51NSnMlNn+nHi+STfLUGH
JUtvt1jtxNm5IHohchKArmDu/4aGAv17gr9zTRkCAwEAAaOCAlswggJXMB0GA1Ud
DgQWBBRUnEpYFA7qi7HIRJtPQzOqazHUfTAfBgNVHSMEGDAWgBSCKzDYmxvP9pn2
QfiAJpQtFqcrzDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dpc3cySnNiel9hWjlrSDRnQ2FVTFJhbks4dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmYvZTY4NzcwLWVkZjItNDM1OC1iODIxLTkxNGQ1ZGM1MTk3Zi8x
L1ZKeEtXQlFPNm91eHlFU2JUME16cW1zeDFIMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmYv
ZTY4NzcwLWVkZjItNDM1OC1iODIxLTkxNGQ1ZGM1MTk3Zi8xL2dpc3cySnNiel9h
WjlrSDRnQ2FVTFJhbks4dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBx
BggrBgEFBQcBBwEB/wRiMGAwTwQCAAEwSQMDAgJQAwMAJb0DAwBRwQMDAVKaAwMD
VfADAwCQQAMEB6i2gAMDAbBOAwQCuQJUAwMCvFADAwG8+gMDAMJBAwQF1DeAAwMA
1Q0wDQQCAAIwBwMFACABCKAwDQYJKoZIhvcNAQELBQADggEBAJqlVMgn0OZtknG1
fnW4Pe9ffw3/qz6FuXSKJzeC2vV5/MesLgBVJ8QmDcBsDhS21THpS610DYgnsUZ9
n4R05LrTYuWz0ue3IIz8zkbDlEAh3ZWB2wVCYXArDCkkB8k6hOgdcU+W/O8/ZLxc
OJWa+9aKXJEY2/OQf6kHFL5LNuoY0NwnbI0IZo/h+OE8dVdmoJk/zWamQTXzfjvf
HW9XE74FtUpeFWiHFTTgw/VJsOD+OWrPGdEMwS0jqVfDNQC/NpbLm87hfdIJnsTN
/Jb3uCgodBI4SQ15P9YtYs0PZ0LYa45JENDqbNKikqGNALKRP60KdJmbfzt0FhPA
L/ShI1o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:15 2024 by rpki-client on console-fra.rpki-client.org