Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/vgnt_H6eZbOS8P492YZ6XF78kH0.roa
File: vgnt_H6eZbOS8P492YZ6XF78kH0.roa (raw, json)
Hash identifier: 5WYTsMEc3u5ZqSgruQD4RcWVmq9OxhhhGNXShaZoTxM=
Subject key identifier: BE:09:ED:FC:7E:9E:65:B3:92:F0:FE:3D:D9:86:7A:5C:5E:FC:90:7D
Certificate issuer: /CN=5a376c8008d6abd962341563dd2a4dccaf153cba
Certificate serial: 01845BB2EFC332C25411D2522231A912F8B9
Authority key identifier: 5A:37:6C:80:08:D6:AB:D9:62:34:15:63:DD:2A:4D:CC:AF:15:3C:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WjdsgAjWq9liNBVj3SpNzK8VPLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/vgnt_H6eZbOS8P492YZ6XF78kH0.roa
Signing time: Wed 09 Nov 2022 09:22:44 +0000
ROA not before: Wed 09 Nov 2022 09:22:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197071
IP address blocks: 31.214.240.0/21 maxlen: 32
95.156.226.0/23 maxlen: 32
95.156.225.0/24 maxlen: 32
109.230.252.0/22 maxlen: 32
95.156.228.0/22 maxlen: 32
95.156.232.0/24 maxlen: 32
185.87.20.0/22 maxlen: 32
109.230.195.0/24 maxlen: 32
46.251.225.0/24 maxlen: 32
46.251.227.0/24 maxlen: 32
109.230.224.0/20 maxlen: 32
31.214.149.0/24 maxlen: 32
134.255.220.0/22 maxlen: 32
134.255.224.0/22 maxlen: 32
134.255.228.0/23 maxlen: 32
134.255.230.0/24 maxlen: 32
134.255.235.0/24 maxlen: 32
134.255.236.0/22 maxlen: 32
134.255.252.0/22 maxlen: 32
193.25.201.0/24 maxlen: 32
2a05:bec0::/29 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5b:b2:ef:c3:32:c2:54:11:d2:52:22:31:a9:12:f8:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a376c8008d6abd962341563dd2a4dccaf153cba
Validity
Not Before: Nov 9 09:22:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=be09edfc7e9e65b392f0fe3dd9867a5c5efc907d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ba:99:2e:ad:c3:7f:96:b9:b5:03:fc:b2:30:
d4:46:26:6d:36:95:f7:26:44:ad:f8:1f:0f:81:a8:
7d:35:51:3a:90:05:65:fa:bd:73:19:21:fe:57:d2:
6d:3a:76:92:bb:5c:4e:89:f8:fb:50:34:6c:b0:19:
41:4d:4d:91:11:7c:99:a0:61:46:53:2d:28:d6:ad:
f5:78:9b:41:18:93:23:52:bc:cc:34:7b:28:ba:33:
a9:65:d9:41:35:fb:ce:19:7e:55:d1:45:01:e3:e7:
20:39:28:af:dd:24:fa:ce:40:0d:03:5a:48:17:ce:
e9:70:c3:6b:35:ca:eb:c8:73:df:21:a8:c2:98:a5:
c4:c8:e5:a4:93:77:53:bb:c0:97:c5:c8:7e:af:94:
10:f0:ff:f0:19:ca:d5:13:be:cf:78:c5:9a:54:f9:
82:0f:82:93:25:1d:63:c2:cb:84:f5:45:54:56:da:
19:85:29:cc:1a:ed:16:01:55:f2:89:f4:67:0f:35:
45:fc:cf:75:6e:c1:84:40:fa:50:95:91:d2:ad:7e:
94:7a:a6:d6:a1:37:7c:c2:f2:9b:46:6b:7e:6a:b6:
6b:5f:cd:91:90:9e:66:1f:f1:c1:a8:d9:24:0b:94:
9e:21:3f:a5:a9:eb:6a:00:b6:a5:3a:47:b4:aa:b7:
12:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:09:ED:FC:7E:9E:65:B3:92:F0:FE:3D:D9:86:7A:5C:5E:FC:90:7D
X509v3 Authority Key Identifier:
keyid:5A:37:6C:80:08:D6:AB:D9:62:34:15:63:DD:2A:4D:CC:AF:15:3C:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WjdsgAjWq9liNBVj3SpNzK8VPLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/vgnt_H6eZbOS8P492YZ6XF78kH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/WjdsgAjWq9liNBVj3SpNzK8VPLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.149.0/24
31.214.240.0/21
46.251.225.0/24
46.251.227.0/24
95.156.225.0-95.156.232.255
109.230.195.0/24
109.230.224.0/20
109.230.252.0/22
134.255.220.0-134.255.230.255
134.255.235.0-134.255.239.255
134.255.252.0/22
185.87.20.0/22
193.25.201.0/24
IPv6:
2a05:bec0::/29
Signature Algorithm: sha256WithRSAEncryption
bd:f6:a8:f5:d1:52:dc:a9:ab:ea:ac:d7:a9:bf:88:cd:e4:c1:
19:c5:c3:39:89:1f:e0:86:10:f7:e8:1a:82:44:b8:bc:9e:e9:
91:45:e4:12:89:19:08:bc:c2:f2:aa:a2:c0:77:cf:14:7c:b7:
fa:66:62:d2:51:72:61:ba:15:66:4f:fa:eb:c1:ad:9d:a8:ef:
63:38:a6:a2:93:c5:e1:a8:44:98:91:1e:19:5e:51:a6:97:6a:
4a:4b:51:81:3e:b0:d2:38:db:d4:6c:c3:16:8d:0e:ef:87:ce:
ca:bd:df:62:e8:2e:ad:35:38:bf:33:59:0f:ed:5e:d7:bf:b3:
ce:be:ca:04:f7:c9:9d:47:ea:c7:bd:0e:3d:5d:3e:58:cb:93:
3d:59:08:7c:c6:9b:10:3f:69:6e:12:b9:08:b2:e8:1e:09:3f:
c3:62:b2:b9:65:33:3d:58:ac:07:41:2c:30:9c:71:96:c8:87:
3d:94:b7:6c:e8:28:c4:6e:61:04:e8:21:90:5c:97:ac:70:37:
57:f1:14:09:fd:2d:42:cf:15:c8:44:62:ef:d5:81:97:13:8a:
94:70:5c:86:51:dc:51:f6:c7:c7:a4:0e:00:12:d6:12:3f:70:
a7:7f:3a:3d:3a:9a:e2:53:91:58:c9:5e:86:32:df:22:17:d1:
57:af:ae:fc
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAYRbsu/DMsJUEdJSIjGpEvi5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhMzc2YzgwMDhkNmFiZDk2MjM0MTU2M2RkMmE0ZGNjYWYx
NTNjYmEwHhcNMjIxMTA5MDkyMjQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTA5ZWRmYzdlOWU2NWIzOTJmMGZlM2RkOTg2N2E1YzVlZmM5MDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLqZLq3Df5a5tQP8sjDURiZtNpX3
JkSt+B8Pgah9NVE6kAVl+r1zGSH+V9JtOnaSu1xOifj7UDRssBlBTU2REXyZoGFG
Uy0o1q31eJtBGJMjUrzMNHsoujOpZdlBNfvOGX5V0UUB4+cgOSiv3ST6zkANA1pI
F87pcMNrNcrryHPfIajCmKXEyOWkk3dTu8CXxch+r5QQ8P/wGcrVE77PeMWaVPmC
D4KTJR1jwsuE9UVUVtoZhSnMGu0WAVXyifRnDzVF/M91bsGEQPpQlZHSrX6UeqbW
oTd8wvKbRmt+arZrX82RkJ5mH/HBqNkkC5SeIT+lqetqALalOke0qrcS4wIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFL4J7fx+nmWzkvD+PdmGelxe/JB9MB8GA1UdIwQY
MBaAFFo3bIAI1qvZYjQVY90qTcyvFTy6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2pkc2dBaldxOWxpTkJWajNTcE56SzhWUExvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9jYWE3NDMtMWMxMy00YTI1LTlmNmEt
NjViZTU1MDMxNjVkLzEvdmdudF9INmVaYk9TOFA0OTJZWjZYRjc4a0gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9jYWE3NDMtMWMxMy00YTI1LTlmNmEtNjViZTU1MDMxNjVk
LzEvV2pkc2dBaldxOWxpTkJWajNTcE56SzhWUExvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZgMEAB/WlQME
Ax/W8AMEAC774QMEAC774zAMAwQAX5zhAwQAX5zoAwQAbebDAwQEbebgAwQCbeb8
MAwDBAKG/9wDBACG/+YwDAMEAIb/6wMEBIb/4AMEAob//AMEArlXFAMEAMEZyTAN
BAIAAjAHAwUDKgW+wDANBgkqhkiG9w0BAQsFAAOCAQEAvfao9dFS3Kmr6qzXqb+I
zeTBGcXDOYkf4IYQ9+gagkS4vJ7pkUXkEokZCLzC8qqiwHfPFHy3+mZi0lFyYboV
Zk/668GtnajvYzimopPF4ahEmJEeGV5RppdqSktRgT6w0jjb1GzDFo0O74fOyr3f
YugurTU4vzNZD+1e17+zzr7KBPfJnUfqx70OPV0+WMuTPVkIfMabED9pbhK5CLLo
Hgk/w2KyuWUzPVisB0EsMJxxlsiHPZS3bOgoxG5hBOghkFyXrHA3V/EUCf0tQs8V
yERi79WBlxOKlHBchlHcUfbHx6QOABLWEj9wp386PTqa4lORWMlehjLfIhfRV6+u
/A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:28 2024 by rpki-client on console-ams.rpki-client.org