Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/Vx-C_efwTgjwPUBY2pw79paKe14.roa
File: Vx-C_efwTgjwPUBY2pw79paKe14.roa (raw, json)
Hash identifier: u+T8F55/BcH9J0uYypFPXkbm1vHzPQBwBsjNrJ0vNKw=
Subject key identifier: 57:1F:82:FD:E7:F0:4E:08:F0:3D:40:58:DA:9C:3B:F6:96:8A:7B:5E
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 056894DE
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/Vx-C_efwTgjwPUBY2pw79paKe14.roa
Signing time: Sat 01 Jan 2022 15:07:19 +0000
ROA not before: Sat 01 Jan 2022 15:07:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31251
IP address blocks: 85.203.0.0/24 maxlen: 24
85.203.0.0/22 maxlen: 22
85.203.2.0/24 maxlen: 24
85.203.11.0/24 maxlen: 24
85.203.5.0/24 maxlen: 24
85.203.6.0/24 maxlen: 24
85.203.12.0/24 maxlen: 24
2a02:a10::/29 maxlen: 29
2a03:60c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90739934 (0x56894de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Jan 1 15:07:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=571f82fde7f04e08f03d4058da9c3bf6968a7b5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b3:bc:48:c1:1e:83:8b:60:b8:ce:d3:be:13:
f9:49:9a:43:77:02:e2:46:90:b6:46:d5:53:80:0b:
d5:0f:80:c3:3f:96:37:f8:ff:3e:cd:39:62:5c:3f:
0d:cd:54:d9:6d:95:e4:00:e2:15:ec:9c:4c:7b:00:
64:f3:63:21:86:fc:c3:08:b3:fd:94:99:3d:90:1f:
a3:20:80:cc:13:02:2f:a7:c6:38:ca:e8:71:d8:06:
28:cc:ea:f2:61:0c:cb:e8:7e:67:05:dd:67:b0:bb:
c2:6b:8e:1f:f7:74:f5:cf:bd:7c:cf:19:97:55:14:
1a:22:1a:50:d1:f8:0e:98:19:21:99:ea:fa:ad:c2:
83:66:88:81:b0:da:d8:20:ed:92:91:9d:01:6a:8b:
3e:3d:b0:37:77:9d:f7:25:e4:e7:93:cb:b8:2f:56:
8c:5b:2c:7b:45:41:fb:09:2d:17:a5:86:bf:d3:ad:
32:2f:26:1e:58:fe:ed:1b:73:d1:cb:15:1d:09:62:
92:6f:33:5e:a4:34:51:cc:a5:7b:70:d7:1f:7d:14:
83:2c:6c:04:39:a7:b9:a9:95:24:5a:cb:12:82:ed:
c3:f4:f0:f3:b7:32:82:68:ae:a6:57:0f:cd:cf:3b:
09:80:ee:3e:a0:80:90:af:1f:aa:69:20:2c:98:28:
3b:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:1F:82:FD:E7:F0:4E:08:F0:3D:40:58:DA:9C:3B:F6:96:8A:7B:5E
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/Vx-C_efwTgjwPUBY2pw79paKe14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.0.0/22
85.203.5.0-85.203.6.255
85.203.11.0-85.203.12.255
IPv6:
2a02:a10::/29
2a03:60c0::/29
Signature Algorithm: sha256WithRSAEncryption
40:a8:01:57:05:11:e5:4e:e9:09:2b:5a:bb:3c:f0:01:d8:40:
ec:53:d7:ed:e5:64:a0:5a:7d:03:a9:c7:a7:e5:cc:44:60:ef:
80:2b:60:2b:c3:45:e9:44:f4:90:24:af:86:46:82:27:80:e4:
d7:e7:0d:de:3d:7f:88:18:0d:b5:fa:43:05:b0:a5:55:cb:59:
fd:05:46:28:d3:9a:24:d1:29:a0:57:5c:d7:da:30:b7:33:eb:
e6:66:33:84:ac:95:08:df:11:ea:7d:aa:6f:bd:4c:ee:12:5a:
29:41:93:fc:70:cb:66:55:74:cb:9d:c1:7c:60:0f:aa:b3:ff:
0c:53:ac:62:1d:ec:16:79:95:b0:27:a1:03:c4:9b:04:bc:cb:
35:4f:3b:e6:d4:f6:99:3b:b2:b3:8c:e3:9b:7a:af:5d:a6:e7:
c1:78:48:72:8d:76:25:fd:e2:70:05:b2:de:ff:c8:75:e9:ce:
af:0c:f6:c9:b0:a7:aa:26:e6:83:0a:a7:44:c2:db:65:f9:db:
1c:d2:45:3f:b5:16:77:5f:78:7b:39:c0:e9:fa:a2:e8:c6:fa:
e7:fc:c2:65:8c:75:8b:18:67:f5:f2:e4:4f:b6:d5:94:a4:c9:
6d:99:01:20:44:a9:4b:6d:61:19:f6:7b:ce:68:7b:51:21:f9:
8b:8b:e4:1b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIEBWiU3jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NDViZGY2ZWVjMDgzNzBhZTFmNjdlODNmOTliNWFjMWZlMjY4NzJjMB4XDTIyMDEw
MTE1MDcxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTcxZjgyZmRlN2Yw
NGUwOGYwM2Q0MDU4ZGE5YzNiZjY5NjhhN2I1ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK+zvEjBHoOLYLjO074T+UmaQ3cC4kaQtkbVU4AL1Q+Awz+W
N/j/Ps05Ylw/Dc1U2W2V5ADiFeycTHsAZPNjIYb8wwiz/ZSZPZAfoyCAzBMCL6fG
OMrocdgGKMzq8mEMy+h+ZwXdZ7C7wmuOH/d09c+9fM8Zl1UUGiIaUNH4DpgZIZnq
+q3Cg2aIgbDa2CDtkpGdAWqLPj2wN3ed9yXk55PLuC9WjFsse0VB+wktF6WGv9Ot
Mi8mHlj+7Rtz0csVHQlikm8zXqQ0Ucyle3DXH30UgyxsBDmnuamVJFrLEoLtw/Tw
87cygmiuplcPzc87CYDuPqCAkK8fqmkgLJgoOyECAwEAAaOCAjswggI3MB0GA1Ud
DgQWBBRXH4L95/BOCPA9QFjanDv2lop7XjAfBgNVHSMEGDAWgBTUW99u7Ag3CuH2
foP5m1rB/iaHLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFGdmZidXdJTndyaDluNkQtWnRhd2Y0bWh5dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDEvZTJkZmZmLThiYTgtNGJjZi1hYzMxLTk4NDYzODU5ZWNjMS8x
L1Z4LUNfZWZ3VGdqd1BVQlkycHc3OXBhS2UxNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEv
ZTJkZmZmLThiYTgtNGJjZi1hYzMxLTk4NDYzODU5ZWNjMS8xLzFGdmZidXdJTndy
aDluNkQtWnRhd2Y0bWh5dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBR
BggrBgEFBQcBBwEB/wRCMEAwKAQCAAEwIgMEAlXLADAMAwQAVcsFAwQAVcsGMAwD
BABVywsDBABVywwwFAQCAAIwDgMFAyoCChADBQMqA2DAMA0GCSqGSIb3DQEBCwUA
A4IBAQBAqAFXBRHlTukJK1q7PPAB2EDsU9ft5WSgWn0Dqcen5cxEYO+AK2Arw0Xp
RPSQJK+GRoIngOTX5w3ePX+IGA21+kMFsKVVy1n9BUYo05ok0SmgV1zX2jC3M+vm
ZjOErJUI3xHqfapvvUzuElopQZP8cMtmVXTLncF8YA+qs/8MU6xiHewWeZWwJ6ED
xJsEvMs1Tzvm1PaZO7KzjOObeq9dpufBeEhyjXYl/eJwBbLe/8h16c6vDPbJsKeq
JuaDCqdEwttl+dsc0kU/tRZ3X3h7OcDp+qLoxvrn/MJljHWLGGf18uRPttWUpMlt
mQEgRKlLbWEZ9nvOaHtRIfmLi+Qb
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:50 2023 by rpki-client on console-ams.rpki-client.org