Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/VCrfxkH5PbqHMHWag0fANsMHXKo.roa
File: VCrfxkH5PbqHMHWag0fANsMHXKo.roa (raw, json)
Hash identifier: 9/G2V9NVJ2s4AInJYAbDsSmGtm5ZHs6A8NoM/geUkrw=
Subject key identifier: 54:2A:DF:C6:41:F9:3D:BA:87:30:75:9A:83:47:C0:36:C3:07:5C:AA
Certificate issuer: /CN=3ad65216812ed24fd1c719871a59a971dec30a26
Certificate serial: 0182C57FFD135195F0DD1A93254BA825D43F
Authority key identifier: 3A:D6:52:16:81:2E:D2:4F:D1:C7:19:87:1A:59:A9:71:DE:C3:0A:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OtZSFoEu0k_RxxmHGlmpcd7DCiY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/VCrfxkH5PbqHMHWag0fANsMHXKo.roa
Signing time: Mon 22 Aug 2022 12:21:15 +0000
ROA not before: Mon 22 Aug 2022 12:21:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35579
IP address blocks: 92.63.213.0/24 maxlen: 24
78.142.66.0/23 maxlen: 23
78.142.85.0/24 maxlen: 24
78.142.80.0/22 maxlen: 24
78.142.86.0/23 maxlen: 23
78.142.90.0/24 maxlen: 24
78.142.88.0/23 maxlen: 23
2a04:5080::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:c5:7f:fd:13:51:95:f0:dd:1a:93:25:4b:a8:25:d4:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ad65216812ed24fd1c719871a59a971dec30a26
Validity
Not Before: Aug 22 12:21:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=542adfc641f93dba8730759a8347c036c3075caa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:47:d0:73:b5:fd:cd:1a:74:88:e6:bf:30:3a:
5a:0f:8d:71:21:b7:ac:a0:f9:7f:cc:5c:30:cd:94:
3b:23:0a:95:a6:3f:c9:ef:b5:1b:41:d9:04:79:a5:
c4:92:92:9d:94:0d:39:d6:70:72:82:36:3c:3d:c2:
ee:bf:6e:bc:58:75:a6:1a:74:61:87:10:b9:c3:7f:
5f:1a:1e:01:4d:08:b5:7b:71:55:22:0e:b7:f5:38:
8f:85:f3:3d:d5:8a:b5:00:bc:66:c7:8e:af:25:6b:
b4:b8:f0:26:ba:60:e5:b4:f0:cf:ec:09:34:50:62:
d3:9a:08:4d:53:19:a9:df:63:6a:ef:14:1c:10:cb:
8b:3f:01:ef:e5:f7:95:ba:cb:25:25:b7:38:54:44:
29:3c:b0:6c:c5:4b:53:60:ea:50:61:82:8f:a0:58:
85:58:75:19:07:50:50:08:10:0b:4a:58:4b:8f:9a:
4d:cf:57:7e:f8:26:5c:0f:8e:c8:9a:43:6b:1d:79:
01:5d:0e:05:f6:bc:b5:13:41:97:12:91:fd:96:b1:
12:c3:f5:0c:ea:4f:c6:35:79:a4:c0:8c:8f:15:ad:
bb:70:70:1b:f2:65:0c:16:99:26:39:40:35:a5:2d:
99:18:a1:60:8f:2b:45:db:25:b2:ec:59:24:3f:07:
ba:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:2A:DF:C6:41:F9:3D:BA:87:30:75:9A:83:47:C0:36:C3:07:5C:AA
X509v3 Authority Key Identifier:
keyid:3A:D6:52:16:81:2E:D2:4F:D1:C7:19:87:1A:59:A9:71:DE:C3:0A:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OtZSFoEu0k_RxxmHGlmpcd7DCiY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/VCrfxkH5PbqHMHWag0fANsMHXKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/OtZSFoEu0k_RxxmHGlmpcd7DCiY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.142.66.0/23
78.142.80.0/22
78.142.85.0-78.142.90.255
92.63.213.0/24
IPv6:
2a04:5080::/29
Signature Algorithm: sha256WithRSAEncryption
01:7e:da:47:65:a1:71:37:8a:69:f3:94:24:c9:e4:f1:7b:71:
42:c2:72:cf:6a:a4:22:5e:59:82:53:2f:68:4b:d1:49:24:7d:
70:e4:d7:54:fa:10:99:91:ba:24:0d:a6:4b:1b:f6:64:dc:08:
17:f5:35:c2:e1:45:1f:8a:ee:1a:94:49:7b:bf:47:df:f8:94:
9b:51:9b:11:8f:c2:8d:41:d9:eb:52:d8:8e:f5:cd:af:06:39:
12:93:87:55:6b:12:77:38:d1:51:aa:51:d3:ac:04:43:92:21:
26:62:54:47:f0:cb:95:bc:6e:f2:97:fa:b1:a8:e0:e6:bc:e2:
86:8f:a5:31:0c:10:b7:28:c6:33:c5:94:e1:b7:7c:73:79:ec:
d9:f6:1f:be:e1:72:25:5f:ad:ab:91:9e:10:8f:d8:62:59:a6:
fd:a6:0d:37:00:e4:27:c3:59:76:ef:6a:b5:2a:94:04:1d:4d:
b1:7b:32:53:67:d3:dd:db:65:e4:46:22:9b:4a:66:ef:94:9c:
16:c4:6c:f7:ed:4a:6f:24:43:f8:79:c5:48:c8:53:a8:78:c7:
2b:c4:d7:55:14:f1:79:43:2f:a6:42:dd:65:24:8e:4e:05:24:
e2:f8:00:82:d6:57:60:d0:3c:4c:b5:79:71:13:77:1d:50:3a:
91:d7:36:a6
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYLFf/0TUZXw3RqTJUuoJdQ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZDY1MjE2ODEyZWQyNGZkMWM3MTk4NzFhNTlhOTcxZGVj
MzBhMjYwHhcNMjIwODIyMTIyMTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDJhZGZjNjQxZjkzZGJhODczMDc1OWE4MzQ3YzAzNmMzMDc1Y2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgkfQc7X9zRp0iOa/MDpaD41xIbes
oPl/zFwwzZQ7IwqVpj/J77UbQdkEeaXEkpKdlA051nBygjY8PcLuv268WHWmGnRh
hxC5w39fGh4BTQi1e3FVIg639TiPhfM91Yq1ALxmx46vJWu0uPAmumDltPDP7Ak0
UGLTmghNUxmp32Nq7xQcEMuLPwHv5feVusslJbc4VEQpPLBsxUtTYOpQYYKPoFiF
WHUZB1BQCBALSlhLj5pNz1d++CZcD47ImkNrHXkBXQ4F9ry1E0GXEpH9lrESw/UM
6k/GNXmkwIyPFa27cHAb8mUMFpkmOUA1pS2ZGKFgjytF2yWy7FkkPwe6wQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFFQq38ZB+T26hzB1moNHwDbDB1yqMB8GA1UdIwQY
MBaAFDrWUhaBLtJP0ccZhxpZqXHewwomMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3RaU0ZvRXUwa19SeHhtSEdsbXBjZDdEQ2lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9iOGNhZTQtYjVhZi00MzgwLTk4MTct
NDY1MzhjYTUzODNjLzEvVkNyZnhrSDVQYnFITUhXYWcwZkFOc01IWEtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9iOGNhZTQtYjVhZi00MzgwLTk4MTctNDY1MzhjYTUzODNj
LzEvT3RaU0ZvRXUwa19SeHhtSEdsbXBjZDdEQ2lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQBTo5CAwQC
To5QMAwDBABOjlUDBABOjloDBABcP9UwDQQCAAIwBwMFAyoEUIAwDQYJKoZIhvcN
AQELBQADggEBAAF+2kdloXE3imnzlCTJ5PF7cULCcs9qpCJeWYJTL2hL0UkkfXDk
11T6EJmRuiQNpksb9mTcCBf1NcLhRR+K7hqUSXu/R9/4lJtRmxGPwo1B2etS2I71
za8GORKTh1VrEnc40VGqUdOsBEOSISZiVEfwy5W8bvKX+rGo4Oa84oaPpTEMELco
xjPFlOG3fHN57Nn2H77hciVfrauRnhCP2GJZpv2mDTcA5CfDWXbvarUqlAQdTbF7
MlNn093bZeRGIptKZu+UnBbEbPftSm8kQ/h5xUjIU6h4xyvE11UU8XlDL6ZC3WUk
jk4FJOL4AILWV2DQPEy1eXETdx1QOpHXNqY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:49 2024 by rpki-client on console-ams.rpki-client.org