Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/vguBbt4hosSJsFALQax1sDjVpzk.roa
File: vguBbt4hosSJsFALQax1sDjVpzk.roa (raw, json)
Hash identifier: mp6ABWwbAG3froW0RK5FPiriIFzpB+m8HZMTWOA+IcA=
Subject key identifier: BE:0B:81:6E:DE:21:A2:C4:89:B0:50:0B:41:AC:75:B0:38:D5:A7:39
Certificate issuer: /CN=93e8f4ed5dd06301c423988e786dabf51c5f5674
Certificate serial: 0183D7C15AD0239DCE9A1C38B319462FC072
Authority key identifier: 93:E8:F4:ED:5D:D0:63:01:C4:23:98:8E:78:6D:AB:F5:1C:5F:56:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k-j07V3QYwHEI5iOeG2r9RxfVnQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/vguBbt4hosSJsFALQax1sDjVpzk.roa
Signing time: Fri 14 Oct 2022 18:28:36 +0000
ROA not before: Fri 14 Oct 2022 18:28:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 217.113.16.0/20 maxlen: 20
45.133.104.0/22 maxlen: 22
5.134.84.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d7:c1:5a:d0:23:9d:ce:9a:1c:38:b3:19:46:2f:c0:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93e8f4ed5dd06301c423988e786dabf51c5f5674
Validity
Not Before: Oct 14 18:28:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=be0b816ede21a2c489b0500b41ac75b038d5a739
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:0b:13:e1:d3:42:fa:ea:7c:63:dd:8f:ab:a9:
d9:24:00:bb:2d:d1:c0:25:c3:55:48:c8:0f:f5:28:
b8:83:e9:a6:8d:20:c3:44:8d:0a:a2:79:2a:dd:e6:
6a:57:a0:b6:28:80:e2:25:a1:f7:ba:47:77:c1:41:
8c:2e:ab:d6:cf:35:9f:46:58:10:91:8e:6d:d3:7c:
2a:b6:d8:e6:4e:d5:56:0a:69:20:4f:12:93:d3:5a:
15:ed:cc:28:b0:5f:46:e0:47:71:a4:e5:70:62:96:
4d:a4:9a:f5:a6:d4:ed:ee:63:8b:b6:1b:e1:79:5e:
7c:1a:ac:87:cf:2b:c8:08:26:16:bf:63:57:9c:d9:
bf:8c:09:a3:15:f9:b9:89:e9:ca:7f:17:64:a7:59:
11:11:f1:ec:8d:f4:e1:89:65:35:0d:34:01:83:ef:
ae:fc:b8:6d:49:8f:43:4c:da:96:1e:d2:96:7a:b6:
77:b0:b0:2c:01:7a:0d:49:49:14:bf:bd:aa:45:ac:
ea:15:4a:a6:5c:68:c0:3a:f1:ce:9a:b6:2c:1e:55:
ce:dd:67:c9:43:a4:ea:0c:95:f7:2e:65:37:3a:fd:
5f:9b:2a:15:78:56:61:6d:7b:b8:2f:1b:97:fa:ea:
79:30:bc:00:0d:3d:f0:b6:ac:50:c0:79:15:9c:86:
d5:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:0B:81:6E:DE:21:A2:C4:89:B0:50:0B:41:AC:75:B0:38:D5:A7:39
X509v3 Authority Key Identifier:
keyid:93:E8:F4:ED:5D:D0:63:01:C4:23:98:8E:78:6D:AB:F5:1C:5F:56:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k-j07V3QYwHEI5iOeG2r9RxfVnQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/vguBbt4hosSJsFALQax1sDjVpzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/k-j07V3QYwHEI5iOeG2r9RxfVnQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.134.84.0/22
45.133.104.0/22
217.113.16.0/20
Signature Algorithm: sha256WithRSAEncryption
55:2e:63:4c:1b:9e:e9:e7:94:eb:a7:f0:56:b4:53:d0:fd:5d:
44:72:3c:f8:c2:c5:a2:2a:36:dc:6b:5e:50:a6:d9:b7:31:bd:
dc:12:d9:ae:b1:e5:b9:74:7d:9a:99:d9:41:3c:b5:ae:eb:5f:
09:df:91:03:98:a9:ee:8a:9c:a5:96:67:99:7f:4d:d8:93:87:
77:6a:13:70:f8:6b:85:a7:c8:31:c8:11:a0:0b:0a:72:54:14:
6b:fd:49:83:e3:3a:12:7f:0d:54:7a:d6:00:b1:c9:84:bb:50:
27:ce:a0:5e:c6:fe:3e:3d:82:3b:c1:ac:7e:b2:6d:c4:92:7a:
95:fd:f0:50:23:7d:d9:83:c1:10:97:48:ee:9c:4b:76:8e:b4:
05:2e:3f:2e:c8:69:87:47:57:ae:a3:33:0d:b0:97:bb:b8:96:
f4:9b:8c:64:fc:29:ea:25:36:d9:11:27:c8:5e:a7:68:41:b2:
d4:f9:f0:90:8d:6b:14:96:0e:98:bb:06:33:44:61:48:f8:de:
88:c3:6f:5a:d3:66:df:b4:0f:77:7d:11:64:74:c4:c6:76:40:
c4:14:a8:00:82:ba:56:62:b5:70:0d:9d:ac:ac:0a:80:a5:e8:
ce:13:d8:7c:79:a1:c6:24:c8:fb:75:91:b8:e2:2d:8b:dc:d4:
21:60:37:b0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYPXwVrQI53Omhw4sxlGL8ByMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzZThmNGVkNWRkMDYzMDFjNDIzOTg4ZTc4NmRhYmY1MWM1
ZjU2NzQwHhcNMjIxMDE0MTgyODM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTBiODE2ZWRlMjFhMmM0ODliMDUwMGI0MWFjNzViMDM4ZDVhNzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQsT4dNC+up8Y92Pq6nZJAC7LdHA
JcNVSMgP9Si4g+mmjSDDRI0Konkq3eZqV6C2KIDiJaH3ukd3wUGMLqvWzzWfRlgQ
kY5t03wqttjmTtVWCmkgTxKT01oV7cwosF9G4EdxpOVwYpZNpJr1ptTt7mOLthvh
eV58GqyHzyvICCYWv2NXnNm/jAmjFfm5ienKfxdkp1kREfHsjfThiWU1DTQBg++u
/LhtSY9DTNqWHtKWerZ3sLAsAXoNSUkUv72qRazqFUqmXGjAOvHOmrYsHlXO3WfJ
Q6TqDJX3LmU3Ov1fmyoVeFZhbXu4LxuX+up5MLwADT3wtqxQwHkVnIbVmwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFL4LgW7eIaLEibBQC0GsdbA41ac5MB8GA1UdIwQY
MBaAFJPo9O1d0GMBxCOYjnhtq/UcX1Z0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvay1qMDdWM1FZd0hFSTVpT2VHMnI5UnhmVm5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9hNzg5NzktZGQyNC00YmU3LTgxOTQt
MWZjMTllYTczYTJhLzEvdmd1QmJ0NGhvc1NKc0ZBTFFheDFzRGpWcHprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9hNzg5NzktZGQyNC00YmU3LTgxOTQtMWZjMTllYTczYTJh
LzEvay1qMDdWM1FZd0hFSTVpT2VHMnI5UnhmVm5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCBYZUAwQC
LYVoAwQE2XEQMA0GCSqGSIb3DQEBCwUAA4IBAQBVLmNMG57p55Trp/BWtFPQ/V1E
cjz4wsWiKjbca15Qptm3Mb3cEtmuseW5dH2amdlBPLWu618J35EDmKnuipyllmeZ
f03Yk4d3ahNw+GuFp8gxyBGgCwpyVBRr/UmD4zoSfw1UetYAscmEu1AnzqBexv4+
PYI7wax+sm3EknqV/fBQI33Zg8EQl0junEt2jrQFLj8uyGmHR1euozMNsJe7uJb0
m4xk/CnqJTbZESfIXqdoQbLU+fCQjWsUlg6YuwYzRGFI+N6Iw29a02bftA93fRFk
dMTGdkDEFKgAgrpWYrVwDZ2srAqApejOE9h8eaHGJMj7dZG44i2L3NQhYDew
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:42 2023 by rpki-client on console-fra.rpki-client.org