Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/30112f-0e9d-4fc8-b854-b1565b255854/1/bVzypWoS2CLbc_YVCqvz1K6g-KQ.roa
File: bVzypWoS2CLbc_YVCqvz1K6g-KQ.roa (raw, json)
Hash identifier: faE6gKiUld30tRCjjA10I42UNGrNoUSHwjrHTbQKx8I=
Subject key identifier: 6D:5C:F2:A5:6A:12:D8:22:DB:73:F6:15:0A:AB:F3:D4:AE:A0:F8:A4
Certificate issuer: /CN=a5472b1473bc781b70440315c83d119c8abc86fc
Certificate serial: 0181DCA7F4E1B95CAB14760005ECFFC7B540
Authority key identifier: A5:47:2B:14:73:BC:78:1B:70:44:03:15:C8:3D:11:9C:8A:BC:86:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pUcrFHO8eBtwRAMVyD0RnIq8hvw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/30112f-0e9d-4fc8-b854-b1565b255854/1/bVzypWoS2CLbc_YVCqvz1K6g-KQ.roa
Signing time: Fri 08 Jul 2022 07:13:23 +0000
ROA not before: Fri 08 Jul 2022 07:13:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15457
IP address blocks: 89.109.64.0/18 maxlen: 18
188.125.192.0/19 maxlen: 19
185.80.76.0/22 maxlen: 22
213.138.224.0/19 maxlen: 19
95.172.160.0/19 maxlen: 19
213.190.192.0/19 maxlen: 19
159.255.48.0/20 maxlen: 20
83.223.160.0/19 maxlen: 19
84.23.192.0/19 maxlen: 19
2a00:d180::/29 maxlen: 29
2a00:d180::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:dc:a7:f4:e1:b9:5c:ab:14:76:00:05:ec:ff:c7:b5:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5472b1473bc781b70440315c83d119c8abc86fc
Validity
Not Before: Jul 8 07:13:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6d5cf2a56a12d822db73f6150aabf3d4aea0f8a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:bc:b3:bf:dc:b4:44:f1:7e:ce:65:16:15:69:
7f:04:bd:36:40:24:45:0f:58:8e:b3:f4:9f:46:b5:
1e:e5:67:55:9f:ea:a7:47:d9:08:20:b6:3c:43:0e:
2f:35:53:9f:d2:b6:e1:35:0a:c3:79:84:8a:98:54:
5d:82:28:e6:47:63:28:a1:65:0f:48:28:14:7c:ea:
93:0c:42:d4:40:16:5a:36:24:88:c3:32:46:3a:f2:
d8:48:0f:30:be:69:d1:c3:15:a5:68:ab:85:70:5f:
07:dd:21:ab:20:de:37:b6:8f:1e:d6:f9:8d:ac:20:
16:6e:39:0c:52:af:e1:47:22:de:ef:2d:c9:9b:80:
bb:9b:a8:1a:ff:bd:b5:08:1c:f6:b3:41:77:a5:da:
61:af:1c:4f:ab:a9:fa:45:eb:bd:1a:18:40:1e:35:
09:c8:11:11:81:e1:04:99:fd:b9:53:00:e1:d3:04:
85:96:0c:67:d1:18:7c:87:da:35:c9:60:70:d3:74:
08:d0:ff:09:34:58:3a:fc:ff:67:6f:d8:55:ab:e2:
bb:aa:08:37:65:86:e0:85:4b:b3:bf:53:9b:11:e8:
6d:26:7b:32:a9:1d:de:b9:9b:f4:b2:9d:46:88:38:
58:20:75:76:52:86:5e:ea:1e:92:52:55:2c:9c:06:
19:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:5C:F2:A5:6A:12:D8:22:DB:73:F6:15:0A:AB:F3:D4:AE:A0:F8:A4
X509v3 Authority Key Identifier:
keyid:A5:47:2B:14:73:BC:78:1B:70:44:03:15:C8:3D:11:9C:8A:BC:86:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pUcrFHO8eBtwRAMVyD0RnIq8hvw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/30112f-0e9d-4fc8-b854-b1565b255854/1/bVzypWoS2CLbc_YVCqvz1K6g-KQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/30112f-0e9d-4fc8-b854-b1565b255854/1/pUcrFHO8eBtwRAMVyD0RnIq8hvw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.223.160.0/19
84.23.192.0/19
89.109.64.0/18
95.172.160.0/19
159.255.48.0/20
185.80.76.0/22
188.125.192.0/19
213.138.224.0/19
213.190.192.0/19
IPv6:
2a00:d180::/29
Signature Algorithm: sha256WithRSAEncryption
4b:09:be:46:bc:1c:0a:ed:21:9d:5d:bd:22:e4:b5:9d:b6:b3:
43:ec:5d:ab:34:2d:c7:01:85:b2:ed:b8:da:a4:8f:77:ef:db:
45:44:7e:0c:34:59:5d:7e:fe:65:43:1f:d5:fd:59:41:a3:db:
c8:fb:17:d8:24:60:7c:d6:68:a6:29:e5:31:54:fa:1a:2e:ac:
b4:f7:ac:42:1e:db:6e:cc:c6:38:06:7f:a5:b8:2e:bc:be:94:
65:ca:54:13:fd:36:9f:4e:4e:6e:a4:17:07:b9:da:f2:7e:2f:
67:c3:b5:02:33:cc:f5:57:c7:d1:e6:1b:11:44:63:dd:1e:ee:
bc:02:2f:f5:04:99:03:be:2a:2a:6a:be:b6:ad:66:c9:6d:35:
bc:70:c6:87:52:15:3c:b6:d4:6c:7b:a7:84:94:c0:34:93:64:
9a:b6:22:a9:85:e6:dd:d6:ed:47:8a:c7:01:ce:e3:41:6d:8d:
17:76:04:ff:60:ed:9a:9c:f3:32:a7:da:75:6e:4d:62:f1:f2:
5b:42:5a:bd:cc:2a:2c:49:04:00:f5:2a:b9:b5:53:7f:65:f0:
d2:b8:a8:1b:e8:27:08:c9:09:a0:8a:85:fe:c8:4e:c4:ff:24:
a4:f5:3e:1f:96:f5:58:17:4c:5c:2d:a9:ee:2c:74:fe:f4:61:
e3:1b:e4:93
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYHcp/ThuVyrFHYABez/x7VAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NDcyYjE0NzNiYzc4MWI3MDQ0MDMxNWM4M2QxMTljOGFi
Yzg2ZmMwHhcNMjIwNzA4MDcxMzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDVjZjJhNTZhMTJkODIyZGI3M2Y2MTUwYWFiZjNkNGFlYTBmOGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbyzv9y0RPF+zmUWFWl/BL02QCRF
D1iOs/SfRrUe5WdVn+qnR9kIILY8Qw4vNVOf0rbhNQrDeYSKmFRdgijmR2MooWUP
SCgUfOqTDELUQBZaNiSIwzJGOvLYSA8wvmnRwxWlaKuFcF8H3SGrIN43to8e1vmN
rCAWbjkMUq/hRyLe7y3Jm4C7m6ga/721CBz2s0F3pdphrxxPq6n6Reu9GhhAHjUJ
yBERgeEEmf25UwDh0wSFlgxn0Rh8h9o1yWBw03QI0P8JNFg6/P9nb9hVq+K7qgg3
ZYbghUuzv1ObEehtJnsyqR3euZv0sp1GiDhYIHV2UoZe6h6SUlUsnAYZKQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFG1c8qVqEtgi23P2FQqr89SuoPikMB8GA1UdIwQY
MBaAFKVHKxRzvHgbcEQDFcg9EZyKvIb8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFVjckZITzhlQnR3UkFNVnlEMFJuSXE4aHZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8zMDExMmYtMGU5ZC00ZmM4LWI4NTQt
YjE1NjViMjU1ODU0LzEvYlZ6eXBXb1MyQ0xiY19ZVkNxdnoxSzZnLUtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8zMDExMmYtMGU5ZC00ZmM4LWI4NTQtYjE1NjViMjU1ODU0
LzEvcFVjckZITzhlQnR3UkFNVnlEMFJuSXE4aHZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQFU9+gAwQF
VBfAAwQGWW1AAwQFX6ygAwQEn/8wAwQCuVBMAwQFvH3AAwQF1YrgAwQF1b7AMA0E
AgACMAcDBQMqANGAMA0GCSqGSIb3DQEBCwUAA4IBAQBLCb5GvBwK7SGdXb0i5LWd
trND7F2rNC3HAYWy7bjapI9379tFRH4MNFldfv5lQx/V/VlBo9vI+xfYJGB81mim
KeUxVPoaLqy096xCHttuzMY4Bn+luC68vpRlylQT/TafTk5upBcHudryfi9nw7UC
M8z1V8fR5hsRRGPdHu68Ai/1BJkDvioqar62rWbJbTW8cMaHUhU8ttRse6eElMA0
k2SatiKphebd1u1HiscBzuNBbY0XdgT/YO2anPMyp9p1bk1i8fJbQlq9zCosSQQA
9Sq5tVN/ZfDSuKgb6CcIyQmgioX+yE7E/ySk9T4flvVYF0xcLanuLHT+9GHjG+ST
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:20 2024 by rpki-client on console-fra.rpki-client.org