Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/VFnIKqndqVYOfBCLMIaqUZOJFWA.roa
File: VFnIKqndqVYOfBCLMIaqUZOJFWA.roa (raw, json)
Hash identifier: C89mjiq6PRl1Z6EmLq5b5LV0rToR+Ht8ydvkqbN49Vw=
Subject key identifier: 54:59:C8:2A:A9:DD:A9:56:0E:7C:10:8B:30:86:AA:51:93:89:15:60
Certificate issuer: /CN=fb987244611b5230536744b6a89f044f32f462ea
Certificate serial: 0985219F
Authority key identifier: FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/VFnIKqndqVYOfBCLMIaqUZOJFWA.roa
Signing time: Mon 02 May 2022 11:52:43 +0000
ROA not before: Mon 02 May 2022 11:52:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43811
IP address blocks: 194.176.54.0/23 maxlen: 23
85.206.140.0/24 maxlen: 24
85.206.141.0/24 maxlen: 24
85.206.142.0/24 maxlen: 24
85.206.143.0/24 maxlen: 24
82.135.217.0/24 maxlen: 24
82.135.218.0/24 maxlen: 24
85.206.148.0/22 maxlen: 22
195.12.180.0/24 maxlen: 24
194.176.36.0/24 maxlen: 24
194.176.32.0/24 maxlen: 24
194.176.33.0/24 maxlen: 24
194.176.35.0/24 maxlen: 24
88.119.222.0/24 maxlen: 24
88.119.220.0/24 maxlen: 24
88.119.221.0/24 maxlen: 24
212.47.123.0/24 maxlen: 24
88.119.246.0/24 maxlen: 24
31.193.192.0/24 maxlen: 24
31.193.197.0/24 maxlen: 24
31.193.198.0/24 maxlen: 24
31.193.199.0/24 maxlen: 24
31.193.193.0/24 maxlen: 24
31.193.194.0/24 maxlen: 24
31.193.195.0/24 maxlen: 24
31.193.196.0/24 maxlen: 24
88.119.180.0/24 maxlen: 24
81.7.105.0/24 maxlen: 24
88.118.143.0/24 maxlen: 24
81.7.107.0/24 maxlen: 24
81.7.106.0/24 maxlen: 24
81.7.114.0/24 maxlen: 24
81.7.115.0/24 maxlen: 24
82.135.132.0/24 maxlen: 24
92.61.32.0/20 maxlen: 32
185.3.231.0/24 maxlen: 24
185.3.228.0/24 maxlen: 24
185.3.229.0/24 maxlen: 24
185.3.230.0/24 maxlen: 24
2a00:1eb8:c004::/48 maxlen: 48
2a02:118:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 159719839 (0x985219f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb987244611b5230536744b6a89f044f32f462ea
Validity
Not Before: May 2 11:52:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5459c82aa9dda9560e7c108b3086aa5193891560
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:0a:bc:81:ff:40:4b:df:02:5f:80:66:a2:25:
e7:72:31:a9:eb:c4:9e:4e:57:3c:ed:a7:da:dd:92:
bf:4a:6e:47:fe:a9:35:e5:c7:84:fd:fa:ce:90:17:
78:3e:da:03:d9:cf:f1:b1:ce:7e:01:53:34:98:05:
44:4b:68:09:34:67:ff:d7:65:10:13:42:d6:bf:48:
13:2d:ae:26:71:95:12:07:44:68:8b:97:35:eb:ed:
6e:48:85:9c:70:dd:8c:95:11:85:0d:c3:4b:14:6c:
ef:15:b9:c9:a8:a3:94:75:21:1a:72:ca:ea:17:3c:
2e:05:8f:a3:56:d4:6c:9a:97:92:9d:4e:5e:cf:c9:
13:3b:1c:60:2d:87:6e:75:40:c5:3c:01:c6:fd:0f:
85:6b:24:60:92:40:44:36:a4:47:3e:c7:dd:31:55:
7d:70:b4:c3:ed:6b:3d:f7:f0:22:36:4a:e8:6f:24:
ba:dd:d7:4c:cf:76:58:52:46:a5:a0:30:c6:01:7e:
39:37:fc:28:b3:77:8a:07:e7:9a:51:4c:ed:5a:73:
71:b4:e5:f6:45:aa:3a:51:5b:6e:d4:3a:0a:fe:c3:
a3:32:25:b9:e1:e3:98:04:a0:03:b6:22:79:8a:9a:
ec:50:29:da:ec:b1:50:20:a2:06:e3:53:4e:16:a4:
74:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:59:C8:2A:A9:DD:A9:56:0E:7C:10:8B:30:86:AA:51:93:89:15:60
X509v3 Authority Key Identifier:
keyid:FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/VFnIKqndqVYOfBCLMIaqUZOJFWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.192.0/21
81.7.105.0-81.7.107.255
81.7.114.0/23
82.135.132.0/24
82.135.217.0-82.135.218.255
85.206.140.0/22
85.206.148.0/22
88.118.143.0/24
88.119.180.0/24
88.119.220.0-88.119.222.255
88.119.246.0/24
92.61.32.0/20
185.3.228.0/22
194.176.32.0/23
194.176.35.0-194.176.36.255
194.176.54.0/23
195.12.180.0/24
212.47.123.0/24
IPv6:
2a00:1eb8:c004::/48
2a02:118:2::/48
Signature Algorithm: sha256WithRSAEncryption
0f:f7:4e:0d:66:43:d3:2d:5a:5d:b8:ca:11:34:76:ab:4b:ab:
c0:b5:a2:c4:89:42:66:0a:a3:70:1e:e8:c6:0c:5b:e9:00:8a:
f0:1d:41:f1:15:97:60:58:a6:ab:c5:2c:4a:b0:62:8c:d7:67:
f6:24:05:ed:f9:59:e5:97:6a:73:cb:85:07:c9:d6:a3:1d:1e:
63:89:ea:ee:a7:60:77:3d:87:ba:78:c1:2a:1a:80:a9:27:d6:
0f:1e:6b:f1:24:6f:d8:b7:89:f2:42:a7:6d:e5:d5:1b:85:7b:
48:17:84:9d:dd:7c:07:f0:e6:6f:3a:c0:40:be:fe:bd:38:16:
37:70:50:7b:6f:18:b5:b3:14:e0:fc:fc:d6:90:e0:bd:9c:1d:
d8:3d:98:1a:1e:70:4d:7c:45:97:3b:f2:84:a0:00:f7:f4:c1:
e4:0a:64:7d:f8:94:a5:54:e1:7e:79:8a:a9:49:7a:6c:43:a2:
d2:02:6c:b8:fe:a3:b3:60:be:f7:23:fe:54:51:2d:5f:6c:07:
81:af:81:10:02:ca:6a:3a:a2:99:f1:d5:04:40:f4:19:82:11:
6d:8a:3c:f2:1f:a0:12:10:ed:72:69:8d:b5:16:cc:41:12:19:
5c:66:ac:1a:cd:a5:f3:8c:ef:28:85:ee:3e:78:5d:0b:65:e6:
62:ea:0d:cf
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgIECYUhnzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
Yjk4NzI0NDYxMWI1MjMwNTM2NzQ0YjZhODlmMDQ0ZjMyZjQ2MmVhMB4XDTIyMDUw
MjExNTI0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTQ1OWM4MmFhOWRk
YTk1NjBlN2MxMDhiMzA4NmFhNTE5Mzg5MTU2MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI0KvIH/QEvfAl+AZqIl53IxqevEnk5XPO2n2t2Sv0puR/6p
NeXHhP36zpAXeD7aA9nP8bHOfgFTNJgFREtoCTRn/9dlEBNC1r9IEy2uJnGVEgdE
aIuXNevtbkiFnHDdjJURhQ3DSxRs7xW5yaijlHUhGnLK6hc8LgWPo1bUbJqXkp1O
Xs/JEzscYC2HbnVAxTwBxv0PhWskYJJARDakRz7H3TFVfXC0w+1rPffwIjZK6G8k
ut3XTM92WFJGpaAwxgF+OTf8KLN3igfnmlFM7VpzcbTl9kWqOlFbbtQ6Cv7DozIl
ueHjmASgA7YieYqa7FAp2uyxUCCiBuNTThakdPsCAwEAAaOCArAwggKsMB0GA1Ud
DgQWBBRUWcgqqd2pVg58EIswhqpRk4kVYDAfBgNVHSMEGDAWgBT7mHJEYRtSMFNn
RLaonwRPMvRi6jAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtNWh5UkdFYlVqQlRaMFMycUo4RVR6TDBZdW8uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzQ0LzMxOWQ3Yy03ZTc2LTQzMDgtYmMwMC1iZTU4MzJkNWY3YWEv
MS9WRm5JS3FuZHFWWU9mQkNMTUlhcVVaT0pGV0Eucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ0
LzMxOWQ3Yy03ZTc2LTQzMDgtYmMwMC1iZTU4MzJkNWY3YWEvMS8xLTVoeVJHRWJV
akJUWjBTMnFKOEVUekwwWXVvLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MIHDBggrBgEFBQcBBwEB/wSBszCBsDCBkwQCAAEwgYwDBAMfwcAwDAMEAFEHaQME
AlEHaAMEAVEHcgMEAFKHhDAMAwQAUofZAwQAUofaAwQCVc6MAwQCVc6UAwQAWHaP
AwQAWHe0MAwDBAJYd9wDBABYd94DBABYd/YDBARcPSADBAK5A+QDBAHCsCAwDAME
AMKwIwMEAMKwJAMEAcKwNgMEAMMMtAMEANQvezAYBAIAAjASAwcAKgAeuMAEAwcA
KgIBGAACMA0GCSqGSIb3DQEBCwUAA4IBAQAP904NZkPTLVpduMoRNHarS6vAtaLE
iUJmCqNwHujGDFvpAIrwHUHxFZdgWKarxSxKsGKM12f2JAXt+Vnll2pzy4UHydaj
HR5jierup2B3PYe6eMEqGoCpJ9YPHmvxJG/Yt4nyQqdt5dUbhXtIF4Sd3XwH8OZv
OsBAvv69OBY3cFB7bxi1sxTg/PzWkOC9nB3YPZgaHnBNfEWXO/KEoAD39MHkCmR9
+JSlVOF+eYqpSXpsQ6LSAmy4/qOzYL73I/5UUS1fbAeBr4EQAspqOqKZ8dUEQPQZ
ghFtijzyH6ASEO1yaY21FsxBEhlcZqwazaXzjO8ohe4+eF0LZeZi6g3P
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:56 2023 by rpki-client on console-ams.rpki-client.org