Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/9b1f95-3b18-4812-924e-7bfda62544ce/1/vzrnAb_8thDwKl7LHeAGnhoZpvQ.roa
File: vzrnAb_8thDwKl7LHeAGnhoZpvQ.roa (raw, json)
Hash identifier: pDJ8aSiHg8C/jin608UEkktRvo5G55/FqKhR5jNeVVY=
Subject key identifier: BF:3A:E7:01:BF:FC:B6:10:F0:2A:5E:CB:1D:E0:06:9E:1A:19:A6:F4
Certificate issuer: /CN=05d658594b65364b2c2e56a6a45ebb06847b3849
Certificate serial: 375834C8
Authority key identifier: 05:D6:58:59:4B:65:36:4B:2C:2E:56:A6:A4:5E:BB:06:84:7B:38:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BdZYWUtlNkssLlampF67BoR7OEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/9b1f95-3b18-4812-924e-7bfda62544ce/1/vzrnAb_8thDwKl7LHeAGnhoZpvQ.roa
Signing time: Sat 01 Jan 2022 10:59:58 +0000
ROA not before: Sat 01 Jan 2022 10:59:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35625
IP address blocks: 195.74.80.0/24 maxlen: 24
45.138.192.0/22 maxlen: 22
185.161.44.0/22 maxlen: 22
185.252.156.0/22 maxlen: 22
37.235.88.0/21 maxlen: 21
46.29.120.0/21 maxlen: 21
194.213.30.0/24 maxlen: 24
185.75.140.0/22 maxlen: 22
2a02:21c8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 928527560 (0x375834c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05d658594b65364b2c2e56a6a45ebb06847b3849
Validity
Not Before: Jan 1 10:59:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bf3ae701bffcb610f02a5ecb1de0069e1a19a6f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d9:8b:b7:fb:46:96:66:cc:af:f4:02:f0:d3:
1b:21:4f:8a:1a:7d:c5:1a:5b:60:18:3d:bc:02:17:
1b:f2:1c:43:a6:42:69:37:f9:76:01:af:62:a5:61:
32:a3:15:a4:fe:a6:76:e9:b4:66:b3:ca:5f:34:c0:
c9:b3:98:c7:ce:7d:83:ac:9d:cb:fb:7c:3d:16:39:
b7:96:a5:d9:0d:33:a6:f2:c4:a1:49:97:58:b8:6c:
91:1d:b3:08:d2:2a:62:d0:0f:33:9e:db:63:c7:36:
10:7b:49:1a:db:5b:a5:91:bf:84:f1:40:8e:1e:88:
bd:f9:33:28:cb:d4:25:a3:93:2d:a0:d6:2d:d4:f1:
eb:82:5f:75:f5:7d:4a:6d:b7:e6:38:4a:99:ed:eb:
6d:75:cd:87:a7:7b:2f:4d:3d:f6:a1:ff:28:86:ed:
1e:a4:68:d2:62:8a:dd:95:f0:6e:96:09:9f:53:4b:
a2:97:80:bf:3c:10:8f:3a:eb:d0:ae:41:14:bb:90:
ef:4a:b4:d5:f0:66:c2:b4:c4:da:a0:03:40:e0:9f:
73:02:df:d4:3f:9d:3d:d4:92:ba:2c:53:60:0f:99:
7e:0c:8d:db:0a:88:6d:44:25:4c:99:78:85:74:05:
73:0c:bb:3e:9a:a0:63:9e:3e:36:ca:38:0c:ef:bd:
52:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:3A:E7:01:BF:FC:B6:10:F0:2A:5E:CB:1D:E0:06:9E:1A:19:A6:F4
X509v3 Authority Key Identifier:
keyid:05:D6:58:59:4B:65:36:4B:2C:2E:56:A6:A4:5E:BB:06:84:7B:38:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BdZYWUtlNkssLlampF67BoR7OEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/9b1f95-3b18-4812-924e-7bfda62544ce/1/vzrnAb_8thDwKl7LHeAGnhoZpvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/9b1f95-3b18-4812-924e-7bfda62544ce/1/BdZYWUtlNkssLlampF67BoR7OEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.88.0/21
45.138.192.0/22
46.29.120.0/21
185.75.140.0/22
185.161.44.0/22
185.252.156.0/22
194.213.30.0/24
195.74.80.0/24
IPv6:
2a02:21c8::/32
Signature Algorithm: sha256WithRSAEncryption
61:6c:da:61:4e:9f:63:77:da:45:2d:ca:cd:eb:8f:bb:6c:a3:
8e:5e:f4:25:8d:5a:d8:80:bc:5e:8b:04:5f:ce:e5:a4:9f:20:
dd:a2:96:32:6b:c8:a5:6f:df:1f:0f:23:b2:1f:f0:ac:a3:af:
1a:5e:ce:74:9c:c8:ba:64:ff:a4:7c:8f:fa:1d:19:b0:0e:cd:
89:38:0e:a2:a3:0d:8d:f2:7f:bc:55:ad:01:8e:76:9c:29:a2:
0f:d5:64:0b:b1:dc:cb:2d:7e:06:0f:cb:ab:6d:44:d4:29:a9:
d9:24:f5:84:9f:11:1f:56:34:a8:22:7e:e8:93:9d:8f:cc:e7:
f9:7a:4b:5d:d0:ea:4b:f2:96:93:f8:31:70:5f:e7:07:c8:e1:
03:bd:cf:47:a4:6e:14:da:6e:a6:a4:c4:c0:fd:00:85:7d:b7:
a2:eb:fb:39:fd:f5:c7:f1:6b:fd:b0:10:b8:f9:b2:c8:bc:58:
a6:14:27:1d:8b:0e:82:02:51:be:61:53:ad:a9:e5:ab:90:06:
fb:2d:67:5e:d1:f8:93:94:6b:42:d1:1d:8f:b2:22:b7:26:c9:
9b:25:0b:a7:c7:a4:65:93:46:7f:57:36:6c:bf:49:13:8e:46:
17:24:3b:17:c0:5d:26:80:9e:48:4e:a0:97:33:ab:2c:50:35:
2f:ee:b6:bb
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIEN1g0yDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NWQ2NTg1OTRiNjUzNjRiMmMyZTU2YTZhNDVlYmIwNjg0N2IzODQ5MB4XDTIyMDEw
MTEwNTk1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmYzYWU3MDFiZmZj
YjYxMGYwMmE1ZWNiMWRlMDA2OWUxYTE5YTZmNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALrZi7f7RpZmzK/0AvDTGyFPihp9xRpbYBg9vAIXG/IcQ6ZC
aTf5dgGvYqVhMqMVpP6mdum0ZrPKXzTAybOYx859g6ydy/t8PRY5t5al2Q0zpvLE
oUmXWLhskR2zCNIqYtAPM57bY8c2EHtJGttbpZG/hPFAjh6IvfkzKMvUJaOTLaDW
LdTx64JfdfV9Sm235jhKme3rbXXNh6d7L0099qH/KIbtHqRo0mKK3ZXwbpYJn1NL
opeAvzwQjzrr0K5BFLuQ70q01fBmwrTE2qADQOCfcwLf1D+dPdSSuixTYA+ZfgyN
2wqIbUQlTJl4hXQFcwy7PpqgY54+Nso4DO+9UpkCAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBS/OucBv/y2EPAqXssd4AaeGhmm9DAfBgNVHSMEGDAWgBQF1lhZS2U2Sywu
VqakXrsGhHs4STAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JkWllXVXRsTmtzc0xsYW1wRjY3Qm9SN09Fay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGEvOWIxZjk1LTNiMTgtNDgxMi05MjRlLTdiZmRhNjI1NDRjZS8x
L3Z6cm5BYl84dGhEd0tsN0xIZUFHbmhvWnB2US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEv
OWIxZjk1LTNiMTgtNDgxMi05MjRlLTdiZmRhNjI1NDRjZS8xL0JkWllXVXRsTmtz
c0xsYW1wRjY3Qm9SN09Fay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBY
BggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEAyXrWAMEAi2KwAMEAy4deAMEArlL
jAMEArmhLAMEArn8nAMEAMLVHgMEAMNKUDANBAIAAjAHAwUAKgIhyDANBgkqhkiG
9w0BAQsFAAOCAQEAYWzaYU6fY3faRS3KzeuPu2yjjl70JY1a2IC8XosEX87lpJ8g
3aKWMmvIpW/fHw8jsh/wrKOvGl7OdJzIumT/pHyP+h0ZsA7NiTgOoqMNjfJ/vFWt
AY52nCmiD9VkC7Hcyy1+Bg/Lq21E1Cmp2ST1hJ8RH1Y0qCJ+6JOdj8zn+XpLXdDq
S/KWk/gxcF/nB8jhA73PR6RuFNpupqTEwP0AhX23ouv7Of31x/Fr/bAQuPmyyLxY
phQnHYsOggJRvmFTranlq5AG+y1nXtH4k5RrQtEdj7IitybJmyULp8ekZZNGf1c2
bL9JE45GFyQ7F8BdJoCeSE6glzOrLFA1L+62uw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:39 2023 by rpki-client on console-fra.rpki-client.org