Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/316020-9fc5-4b7c-ae41-e9554483ffa7/1/vzCEzrRRs1wRdpedeLzME_Dpt9I.roa
File: vzCEzrRRs1wRdpedeLzME_Dpt9I.roa (raw, json)
Hash identifier: Yz7wIsXQKT59VE1/PxvqZ3OgURUmWz+Q60dHd4MwFbY=
Subject key identifier: BF:30:84:CE:B4:51:B3:5C:11:76:97:9D:78:BC:CC:13:F0:E9:B7:D2
Certificate issuer: /CN=9ff3396374cbf5d767125f02dcf0f97296323092
Certificate serial: 0182676315E76EC87514630D8FF5936A4B83
Authority key identifier: 9F:F3:39:63:74:CB:F5:D7:67:12:5F:02:DC:F0:F9:72:96:32:30:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n_M5Y3TL9ddnEl8C3PD5cpYyMJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/316020-9fc5-4b7c-ae41-e9554483ffa7/1/vzCEzrRRs1wRdpedeLzME_Dpt9I.roa
Signing time: Thu 04 Aug 2022 05:45:23 +0000
ROA not before: Thu 04 Aug 2022 05:45:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59890
IP address blocks: 147.78.248.0/22 maxlen: 22
194.208.176.0/21 maxlen: 21
185.67.172.0/22 maxlen: 22
185.251.200.0/22 maxlen: 22
194.208.128.0/19 maxlen: 19
2a05:1140::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:67:63:15:e7:6e:c8:75:14:63:0d:8f:f5:93:6a:4b:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ff3396374cbf5d767125f02dcf0f97296323092
Validity
Not Before: Aug 4 05:45:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bf3084ceb451b35c1176979d78bccc13f0e9b7d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:30:f1:7c:72:ba:53:54:d2:20:05:ba:87:62:
05:f2:96:fc:2a:d1:c4:77:eb:52:3e:f1:93:76:8c:
71:86:93:d8:9f:d2:7f:ed:b4:06:52:27:5c:32:b3:
61:38:5b:8d:1a:aa:49:3e:80:c5:b5:12:f6:32:1b:
5b:2e:f2:ff:b1:79:dc:b6:1e:72:c6:e8:78:7e:df:
5d:3a:b3:14:ed:85:49:c2:eb:cb:fe:6d:75:62:77:
bb:86:09:ad:5e:65:d0:45:49:38:b0:ac:bb:1a:f5:
21:39:ef:0a:40:bf:48:08:88:eb:bc:bd:74:4a:d2:
42:a5:bf:ff:6e:97:9a:5f:11:41:23:5c:31:03:a9:
75:0a:13:e5:c3:cc:ae:10:3c:09:d7:47:9b:08:70:
02:5f:cf:1c:23:33:e1:b5:bc:a1:7c:44:2f:5f:e7:
16:a7:2f:08:8e:60:1c:67:21:9d:7e:17:a5:b4:6b:
b7:83:a7:38:eb:11:95:2e:a1:8e:ac:62:eb:63:ce:
23:0f:70:b9:ce:19:5c:ef:1b:2a:65:fa:1d:b0:06:
9d:33:0f:34:ef:87:03:d4:4f:33:44:d0:02:16:ba:
5e:da:26:a7:1d:60:62:33:9c:d5:99:71:76:21:f4:
4b:e3:b9:58:20:f8:4e:83:2b:e0:52:18:62:09:43:
1c:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:30:84:CE:B4:51:B3:5C:11:76:97:9D:78:BC:CC:13:F0:E9:B7:D2
X509v3 Authority Key Identifier:
keyid:9F:F3:39:63:74:CB:F5:D7:67:12:5F:02:DC:F0:F9:72:96:32:30:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n_M5Y3TL9ddnEl8C3PD5cpYyMJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/316020-9fc5-4b7c-ae41-e9554483ffa7/1/vzCEzrRRs1wRdpedeLzME_Dpt9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/316020-9fc5-4b7c-ae41-e9554483ffa7/1/n_M5Y3TL9ddnEl8C3PD5cpYyMJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.248.0/22
185.67.172.0/22
185.251.200.0/22
194.208.128.0/19
194.208.176.0/21
IPv6:
2a05:1140::/29
Signature Algorithm: sha256WithRSAEncryption
6a:69:5f:19:db:d2:bd:6e:4a:e7:ee:d7:a7:7b:d3:81:52:fe:
21:34:59:5d:65:c9:59:25:1a:28:30:38:73:bc:a7:49:a9:db:
c7:fe:ed:e7:c3:e0:11:c1:c1:3d:c8:cf:47:2d:17:a8:79:62:
59:43:c7:74:f9:ff:ab:ec:fb:67:6c:08:75:c5:ed:6d:35:43:
6f:f1:c7:72:a9:f9:1f:11:f7:0c:f5:71:36:e4:08:65:5f:1c:
45:f8:60:6a:ae:3d:96:1f:a9:a8:77:cf:f3:76:e2:1d:cd:e5:
11:f2:b0:b2:45:9e:af:c1:fb:f8:b6:12:c9:93:bf:23:d2:3d:
0b:87:2f:f1:7e:b7:ff:56:a9:12:73:94:95:ea:df:37:55:2f:
cd:16:21:f9:4b:a4:7e:ee:5b:f3:6a:8e:74:19:86:74:f5:cd:
05:85:b0:b3:16:36:62:d5:ac:6d:0d:19:66:0a:d0:d7:9f:18:
65:65:43:46:da:a1:ae:2b:2b:cc:69:60:a7:05:4f:98:74:93:
d6:04:e3:6e:0b:1a:06:00:28:6d:19:36:dc:f0:4e:d5:7e:fc:
c4:03:b3:b8:0a:ff:82:a6:9a:1c:a4:ab:c9:11:05:84:55:41:
91:8c:f6:96:55:f7:a0:a9:1a:ed:8b:1f:58:9e:e2:e6:81:d9:
02:42:86:39
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYJnYxXnbsh1FGMNj/WTakuDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmZjMzOTYzNzRjYmY1ZDc2NzEyNWYwMmRjZjBmOTcyOTYz
MjMwOTIwHhcNMjIwODA0MDU0NTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjMwODRjZWI0NTFiMzVjMTE3Njk3OWQ3OGJjY2MxM2YwZTliN2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTDxfHK6U1TSIAW6h2IF8pb8KtHE
d+tSPvGTdoxxhpPYn9J/7bQGUidcMrNhOFuNGqpJPoDFtRL2MhtbLvL/sXncth5y
xuh4ft9dOrMU7YVJwuvL/m11Yne7hgmtXmXQRUk4sKy7GvUhOe8KQL9ICIjrvL10
StJCpb//bpeaXxFBI1wxA6l1ChPlw8yuEDwJ10ebCHACX88cIzPhtbyhfEQvX+cW
py8IjmAcZyGdfheltGu3g6c46xGVLqGOrGLrY84jD3C5zhlc7xsqZfodsAadMw80
74cD1E8zRNACFrpe2ianHWBiM5zVmXF2IfRL47lYIPhOgyvgUhhiCUMclQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFL8whM60UbNcEXaXnXi8zBPw6bfSMB8GA1UdIwQY
MBaAFJ/zOWN0y/XXZxJfAtzw+XKWMjCSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbl9NNVkzVEw5ZGRuRWw4QzNQRDVjcFl5TUpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zMTYwMjAtOWZjNS00YjdjLWFlNDEt
ZTk1NTQ0ODNmZmE3LzEvdnpDRXpyUlJzMXdSZHBlZGVMek1FX0RwdDlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zMTYwMjAtOWZjNS00YjdjLWFlNDEtZTk1NTQ0ODNmZmE3
LzEvbl9NNVkzVEw5ZGRuRWw4QzNQRDVjcFl5TUpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCk074AwQC
uUOsAwQCufvIAwQFwtCAAwQDwtCwMA0EAgACMAcDBQMqBRFAMA0GCSqGSIb3DQEB
CwUAA4IBAQBqaV8Z29K9bkrn7tene9OBUv4hNFldZclZJRooMDhzvKdJqdvH/u3n
w+ARwcE9yM9HLReoeWJZQ8d0+f+r7PtnbAh1xe1tNUNv8cdyqfkfEfcM9XE25Ahl
XxxF+GBqrj2WH6mod8/zduIdzeUR8rCyRZ6vwfv4thLJk78j0j0Lhy/xfrf/VqkS
c5SV6t83VS/NFiH5S6R+7lvzao50GYZ09c0FhbCzFjZi1axtDRlmCtDXnxhlZUNG
2qGuKyvMaWCnBU+YdJPWBONuCxoGAChtGTbc8E7VfvzEA7O4Cv+CppocpKvJEQWE
VUGRjPaWVfegqRrtix9YnuLmgdkCQoY5
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:46 2025 by rpki-client