Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/8e7e30-c2b8-4591-8cfe-7b8e9d335ca8/1/VnsUnKQ8go5qr7suapNuqYSlo4Y.roa
File: VnsUnKQ8go5qr7suapNuqYSlo4Y.roa (raw, json)
Hash identifier: UAZreP8xQnoNQwibH9MG3fbpKfNUrGgDr6WN8v6kGN4=
Subject key identifier: 56:7B:14:9C:A4:3C:82:8E:6A:AF:BB:2E:6A:93:6E:A9:84:A5:A3:86
Certificate issuer: /CN=f7742725862b90bda4510a02e804fef3ad1142dc
Certificate serial: 1AFF444A
Authority key identifier: F7:74:27:25:86:2B:90:BD:A4:51:0A:02:E8:04:FE:F3:AD:11:42:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93QnJYYrkL2kUQoC6AT-860RQtw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/8e7e30-c2b8-4591-8cfe-7b8e9d335ca8/1/VnsUnKQ8go5qr7suapNuqYSlo4Y.roa
Signing time: Sat 01 Jan 2022 06:59:16 +0000
ROA not before: Sat 01 Jan 2022 06:59:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15836
IP address blocks: 5.32.168.0/21 maxlen: 21
185.46.60.0/22 maxlen: 22
212.28.64.0/19 maxlen: 20
87.255.64.0/19 maxlen: 19
217.26.160.0/20 maxlen: 20
2a03:a80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 452936778 (0x1aff444a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7742725862b90bda4510a02e804fef3ad1142dc
Validity
Not Before: Jan 1 06:59:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=567b149ca43c828e6aafbb2e6a936ea984a5a386
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b7:a8:79:26:ba:4b:12:06:df:78:56:fa:f3:
9e:5e:c7:9c:5a:44:f8:30:5a:83:c5:d9:8a:cd:0b:
e8:4b:cd:d4:06:46:3f:0e:1f:40:86:49:dc:ce:63:
de:2c:9a:22:a8:44:e8:3a:3b:90:a9:75:24:5c:13:
8f:30:bf:77:c4:99:45:a2:f0:9d:0c:e0:7c:f2:e3:
1e:05:ca:6f:82:1d:08:26:c4:29:4c:b6:1a:09:e1:
97:fd:c7:35:fd:db:f4:05:1e:3e:1e:03:92:7b:35:
bc:c8:bc:20:19:36:14:12:95:cb:23:6e:ac:44:42:
3e:a5:4e:47:81:a4:e0:e9:16:e5:cb:13:c6:ee:9b:
37:de:64:30:e8:c1:f6:30:b0:67:ea:47:0e:da:8a:
b0:5b:7a:0e:e1:40:17:3b:4d:bf:79:b6:f6:7e:2c:
56:86:05:fb:42:58:9a:cc:3b:40:72:47:cf:f5:9a:
85:a6:fc:96:5b:bb:14:ef:91:e4:e9:7f:25:49:79:
f8:a6:4d:d5:f1:88:ce:d5:13:02:34:12:56:14:0b:
45:ec:d5:6f:7c:89:6d:a1:c3:b9:bb:31:07:dd:7a:
35:07:92:65:28:f8:e0:c4:23:d6:82:bc:82:eb:e0:
71:60:ae:66:bf:db:ea:dd:f5:c5:46:7b:fa:ac:3f:
6b:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:7B:14:9C:A4:3C:82:8E:6A:AF:BB:2E:6A:93:6E:A9:84:A5:A3:86
X509v3 Authority Key Identifier:
keyid:F7:74:27:25:86:2B:90:BD:A4:51:0A:02:E8:04:FE:F3:AD:11:42:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93QnJYYrkL2kUQoC6AT-860RQtw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/8e7e30-c2b8-4591-8cfe-7b8e9d335ca8/1/VnsUnKQ8go5qr7suapNuqYSlo4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/8e7e30-c2b8-4591-8cfe-7b8e9d335ca8/1/93QnJYYrkL2kUQoC6AT-860RQtw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.32.168.0/21
87.255.64.0/19
185.46.60.0/22
212.28.64.0/19
217.26.160.0/20
IPv6:
2a03:a80::/32
Signature Algorithm: sha256WithRSAEncryption
85:16:e1:f3:1e:f9:8c:3f:15:ba:e2:91:8d:16:a5:a2:3a:28:
60:bb:58:19:dd:df:5d:5f:51:7e:03:90:ab:8c:63:3d:0a:a7:
30:64:94:fe:bb:08:fd:34:9a:d8:50:3b:0a:ac:5d:7a:82:0b:
78:11:02:f7:3f:d4:79:99:50:9f:fb:52:d4:08:a8:61:8b:0c:
b6:50:df:6d:56:62:0e:0e:00:04:46:36:3e:de:34:21:fc:07:
2c:8e:49:ad:10:d8:14:fa:2b:fa:b4:0b:5e:29:0a:98:70:13:
bc:05:ef:a9:4a:d7:0e:88:eb:38:93:32:bb:32:37:6d:c8:39:
b4:5c:da:1e:a8:20:51:ec:b8:47:17:1b:1c:30:ec:4e:6b:10:
bb:88:95:45:c4:40:8d:b9:c0:03:b8:07:b1:05:de:d3:68:8b:
c9:9a:1c:65:ef:dd:0c:9a:f0:82:61:57:ba:07:0a:3f:25:6a:
90:6e:c2:23:2d:36:d4:54:ca:e6:52:30:16:92:ed:32:c6:95:
9b:78:61:96:ae:5e:0d:05:8f:83:07:1f:39:04:6c:33:8d:70:
ca:a1:13:01:6f:d3:5b:f2:66:a8:76:bb:8c:d4:b0:bd:e4:bf:
76:8b:f6:d8:a3:8a:94:92:64:d3:6e:91:5d:f0:e9:9e:b9:82:
fd:81:1a:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEGv9ESjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
Nzc0MjcyNTg2MmI5MGJkYTQ1MTBhMDJlODA0ZmVmM2FkMTE0MmRjMB4XDTIyMDEw
MTA2NTkxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTY3YjE0OWNhNDNj
ODI4ZTZhYWZiYjJlNmE5MzZlYTk4NGE1YTM4NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM23qHkmuksSBt94Vvrznl7HnFpE+DBag8XZis0L6EvN1AZG
Pw4fQIZJ3M5j3iyaIqhE6Do7kKl1JFwTjzC/d8SZRaLwnQzgfPLjHgXKb4IdCCbE
KUy2Ggnhl/3HNf3b9AUePh4Dkns1vMi8IBk2FBKVyyNurERCPqVOR4Gk4OkW5csT
xu6bN95kMOjB9jCwZ+pHDtqKsFt6DuFAFztNv3m29n4sVoYF+0JYmsw7QHJHz/Wa
hab8llu7FO+R5Ol/JUl5+KZN1fGIztUTAjQSVhQLRezVb3yJbaHDubsxB916NQeS
ZSj44MQj1oK8guvgcWCuZr/b6t31xUZ7+qw/axECAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBRWexScpDyCjmqvuy5qk26phKWjhjAfBgNVHSMEGDAWgBT3dCclhiuQvaRR
CgLoBP7zrRFC3DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzkzUW5KWVlya0wya1VRb0M2QVQtODYwUlF0dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDYvOGU3ZTMwLWMyYjgtNDU5MS04Y2ZlLTdiOGU5ZDMzNWNhOC8x
L1Zuc1VuS1E4Z281cXI3c3VhcE51cVlTbG80WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDYv
OGU3ZTMwLWMyYjgtNDU5MS04Y2ZlLTdiOGU5ZDMzNWNhOC8xLzkzUW5KWVlya0wy
a1VRb0M2QVQtODYwUlF0dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAwUgqAMEBVf/QAMEArkuPAMEBdQc
QAMEBNkaoDANBAIAAjAHAwUAKgMKgDANBgkqhkiG9w0BAQsFAAOCAQEAhRbh8x75
jD8VuuKRjRalojooYLtYGd3fXV9RfgOQq4xjPQqnMGSU/rsI/TSa2FA7CqxdeoIL
eBEC9z/UeZlQn/tS1AioYYsMtlDfbVZiDg4ABEY2Pt40IfwHLI5JrRDYFPor+rQL
XikKmHATvAXvqUrXDojrOJMyuzI3bcg5tFzaHqggUey4RxcbHDDsTmsQu4iVRcRA
jbnAA7gHsQXe02iLyZocZe/dDJrwgmFXugcKPyVqkG7CIy021FTK5lIwFpLtMsaV
m3hhlq5eDQWPgwcfOQRsM41wyqETAW/TW/JmqHa7jNSwveS/dov22KOKlJJk026R
XfDpnrmC/YEaFg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:41 2024 by rpki-client on console-fra.rpki-client.org