Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/47b413-6416-402a-b5e1-6596d5036362/1/VYEAbdhZDzU9dlQ5qwAlAT-o254.roa
File: VYEAbdhZDzU9dlQ5qwAlAT-o254.roa (raw, json)
Hash identifier: ULTMNdwXYzGheHHyooZKkITASLBkAemXXfLeENw/yFY=
Subject key identifier: 55:81:00:6D:D8:59:0F:35:3D:76:54:39:AB:00:25:01:3F:A8:DB:9E
Certificate issuer: /CN=2d4873e6e8be4f9d3764184f13e5750f8c61f68b
Certificate serial: 0182211FB85DFF5B7874B7696DDD5E236DF3
Authority key identifier: 2D:48:73:E6:E8:BE:4F:9D:37:64:18:4F:13:E5:75:0F:8C:61:F6:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LUhz5ui-T503ZBhPE-V1D4xh9os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/47b413-6416-402a-b5e1-6596d5036362/1/VYEAbdhZDzU9dlQ5qwAlAT-o254.roa
Signing time: Thu 21 Jul 2022 14:18:23 +0000
ROA not before: Thu 21 Jul 2022 14:18:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35712
IP address blocks: 91.132.180.0/24 maxlen: 24
91.132.180.0/22 maxlen: 22
91.132.183.0/24 maxlen: 24
91.132.182.0/24 maxlen: 24
91.132.181.0/24 maxlen: 24
2a09:cc84::/31 maxlen: 31
2a09:cc86::/31 maxlen: 31
2a09:cc82::/31 maxlen: 31
2a09:cc80::/29 maxlen: 29
2a09:cc80::/31 maxlen: 31
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:21:1f:b8:5d:ff:5b:78:74:b7:69:6d:dd:5e:23:6d:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d4873e6e8be4f9d3764184f13e5750f8c61f68b
Validity
Not Before: Jul 21 14:18:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5581006dd8590f353d765439ab0025013fa8db9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:eb:45:c3:dc:d4:2c:af:6f:39:10:8e:1d:be:
80:2f:88:de:5e:82:4d:5c:7c:db:db:4d:5f:3e:36:
8a:8c:e5:e4:3f:cb:a5:d5:cb:be:2d:78:35:13:40:
d3:a3:36:8a:c8:0f:c4:b9:df:24:55:73:e7:5f:28:
ea:87:5b:61:fe:ca:97:5f:b1:bd:bf:68:0d:69:7c:
d2:06:12:e2:7f:06:2f:0f:a5:aa:f9:f3:89:86:7e:
f5:e0:10:fa:71:04:cf:a2:a2:01:14:d0:8d:a1:ae:
1f:77:2f:7a:69:00:01:47:4f:1f:3a:a3:b6:38:c9:
ee:15:26:52:fd:9f:ce:1e:41:74:4b:c3:18:bf:16:
1a:e3:20:60:5e:18:ad:38:e0:1d:c5:76:29:39:be:
51:9f:66:86:23:6e:3a:cf:d0:86:99:4e:d1:5f:ec:
3e:a9:70:8d:cb:fd:d2:32:39:6f:c2:5c:9c:ea:de:
72:4b:58:5e:ba:d2:f3:16:21:6a:c4:ff:e3:48:af:
1b:06:11:c5:29:ef:26:61:6d:6c:20:5c:4a:16:17:
0b:d9:68:1c:3f:30:40:32:5d:80:d0:e5:bd:3a:7b:
b0:91:22:2b:2e:b8:53:9a:26:57:f2:a4:59:b7:2f:
17:97:18:29:d6:e2:af:0b:f5:9b:a1:ea:69:a7:3a:
09:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:81:00:6D:D8:59:0F:35:3D:76:54:39:AB:00:25:01:3F:A8:DB:9E
X509v3 Authority Key Identifier:
keyid:2D:48:73:E6:E8:BE:4F:9D:37:64:18:4F:13:E5:75:0F:8C:61:F6:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LUhz5ui-T503ZBhPE-V1D4xh9os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/47b413-6416-402a-b5e1-6596d5036362/1/VYEAbdhZDzU9dlQ5qwAlAT-o254.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/47b413-6416-402a-b5e1-6596d5036362/1/LUhz5ui-T503ZBhPE-V1D4xh9os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.180.0/22
IPv6:
2a09:cc80::/29
Signature Algorithm: sha256WithRSAEncryption
19:86:78:e0:83:fc:2a:79:f4:58:ac:a3:b0:c3:4b:79:5a:0c:
f7:9d:d9:4a:69:75:23:57:27:49:2b:35:c0:b7:8c:a8:d9:e3:
85:6a:da:68:61:66:74:cf:d3:5c:d0:45:15:89:28:80:4f:e7:
47:2d:16:73:e2:8d:1e:35:12:51:86:bb:25:17:cd:6a:6d:48:
7b:78:d1:88:c5:d8:d4:e1:75:b1:56:2d:56:00:8f:0f:a1:c8:
5e:05:50:19:bb:be:d7:c6:3b:75:19:c0:b0:31:ca:64:d0:0e:
03:5e:1b:76:d7:76:07:6d:e5:5e:00:4e:55:7c:d0:19:a7:04:
4f:ee:cc:3f:e3:f6:1a:f2:0b:16:80:9d:01:2c:10:21:cd:65:
1f:ce:28:1f:50:07:21:39:eb:8d:a8:b0:46:47:29:23:2b:d4:
85:19:10:b4:1d:18:c2:ee:07:9a:0b:28:29:1c:a3:f5:63:3a:
f1:29:7c:a1:37:0c:bb:42:29:b9:f1:98:56:14:71:de:c4:93:
81:eb:35:4c:d4:33:e7:b9:43:80:47:72:1a:6e:3f:d5:44:41:
64:00:87:fe:4e:6b:44:67:d2:c2:db:53:9c:5e:4c:79:c3:8d:
22:54:a1:e9:d4:27:d9:68:39:36:3c:e6:b2:2e:0a:35:4e:c5:
91:53:2a:06
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYIhH7hd/1t4dLdpbd1eI23zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkNDg3M2U2ZThiZTRmOWQzNzY0MTg0ZjEzZTU3NTBmOGM2
MWY2OGIwHhcNMjIwNzIxMTQxODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTgxMDA2ZGQ4NTkwZjM1M2Q3NjU0MzlhYjAwMjUwMTNmYThkYjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOtFw9zULK9vORCOHb6AL4jeXoJN
XHzb201fPjaKjOXkP8ul1cu+LXg1E0DTozaKyA/Eud8kVXPnXyjqh1th/sqXX7G9
v2gNaXzSBhLifwYvD6Wq+fOJhn714BD6cQTPoqIBFNCNoa4fdy96aQABR08fOqO2
OMnuFSZS/Z/OHkF0S8MYvxYa4yBgXhitOOAdxXYpOb5Rn2aGI246z9CGmU7RX+w+
qXCNy/3SMjlvwlyc6t5yS1heutLzFiFqxP/jSK8bBhHFKe8mYW1sIFxKFhcL2Wgc
PzBAMl2A0OW9OnuwkSIrLrhTmiZX8qRZty8Xlxgp1uKvC/WboepppzoJ9wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFWBAG3YWQ81PXZUOasAJQE/qNueMB8GA1UdIwQY
MBaAFC1Ic+bovk+dN2QYTxPldQ+MYfaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFVoejV1aS1UNTAzWkJoUEUtVjFENHhoOW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80N2I0MTMtNjQxNi00MDJhLWI1ZTEt
NjU5NmQ1MDM2MzYyLzEvVllFQWJkaFpEelU5ZGxRNXF3QWxBVC1vMjU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80N2I0MTMtNjQxNi00MDJhLWI1ZTEtNjU5NmQ1MDM2MzYy
LzEvTFVoejV1aS1UNTAzWkJoUEUtVjFENHhoOW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCW4S0MA0E
AgACMAcDBQMqCcyAMA0GCSqGSIb3DQEBCwUAA4IBAQAZhnjgg/wqefRYrKOww0t5
Wgz3ndlKaXUjVydJKzXAt4yo2eOFatpoYWZ0z9Nc0EUViSiAT+dHLRZz4o0eNRJR
hrslF81qbUh7eNGIxdjU4XWxVi1WAI8PocheBVAZu77Xxjt1GcCwMcpk0A4DXht2
13YHbeVeAE5VfNAZpwRP7sw/4/Ya8gsWgJ0BLBAhzWUfzigfUAchOeuNqLBGRykj
K9SFGRC0HRjC7geaCygpHKP1YzrxKXyhNwy7Qim58ZhWFHHexJOB6zVM1DPnuUOA
R3Iabj/VREFkAIf+TmtEZ9LC21OcXkx5w40iVKHp1CfZaDk2POayLgo1TsWRUyoG
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:20 2023 by rpki-client on console-fra.rpki-client.org