Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/VPSuGiOWiYC5xaJl3CFoQ0MXAXY.roa
File: VPSuGiOWiYC5xaJl3CFoQ0MXAXY.roa (raw, json)
Hash identifier: MM4HKjDrEmzB/sTYdbc28P6hviQMAJgBpdODE5KMLtE=
Subject key identifier: 54:F4:AE:1A:23:96:89:80:B9:C5:A2:65:DC:21:68:43:43:17:01:76
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018501CBF38602A9494C23C8288F1396CCD1
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/VPSuGiOWiYC5xaJl3CFoQ0MXAXY.roa
Signing time: Sun 11 Dec 2022 15:27:01 +0000
ROA not before: Sun 11 Dec 2022 15:27:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204160
IP address blocks: 2a0e:97c0:b75::/48 maxlen: 48
2a0e:97c0:b70::/44 maxlen: 48
2a0e:97c0:b70::/48 maxlen: 48
2a0e:97c0:b73::/48 maxlen: 48
2a0e:97c1:100::/44 maxlen: 48
2a0e:97c0:b71::/48 maxlen: 48
2a0e:97c0:b74::/48 maxlen: 48
2a0e:97c0:b72::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:01:cb:f3:86:02:a9:49:4c:23:c8:28:8f:13:96:cc:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 11 15:27:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=54f4ae1a23968980b9c5a265dc21684343170176
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:8a:ef:9a:b1:7a:75:c5:0c:44:a9:69:14:5d:
dd:89:bf:6f:01:7b:cd:ac:18:e7:c3:a7:3e:84:c3:
9e:e5:6a:bd:d5:e4:cf:ce:bb:11:b2:6d:86:44:4f:
2b:8d:b3:e6:e2:42:33:ec:06:da:26:6d:ac:a4:fb:
95:96:1f:0d:ff:30:94:9e:45:ee:c0:86:aa:c2:1e:
63:58:7d:0a:d7:a3:fd:ce:3c:d5:2e:94:db:05:aa:
13:fb:3a:24:98:f9:09:b6:45:4c:f1:71:09:79:aa:
c8:a5:d0:f9:d6:a1:83:fe:8d:12:3a:3c:e7:ba:53:
26:fe:cf:44:6f:bb:46:20:64:15:a9:15:76:0e:38:
69:78:d9:82:83:ca:00:44:89:f1:ba:80:b3:0f:a1:
a7:25:0a:9d:ce:3d:d9:f6:1a:63:66:a4:45:4e:8a:
5f:ea:74:f9:18:94:65:05:6f:71:0e:48:14:bd:2d:
b8:24:f4:12:7d:74:0e:ae:be:87:61:41:a8:44:83:
45:6a:f1:c1:18:19:57:d8:5b:65:a2:a2:7d:d9:6a:
5d:8a:fb:3c:7f:c2:d4:bd:42:79:d7:c4:88:db:3d:
65:b9:cb:65:01:a2:cd:38:a7:35:7b:4c:c2:4b:03:
55:51:51:6b:c4:68:d4:4c:97:cb:44:a9:2b:f4:2e:
2f:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:F4:AE:1A:23:96:89:80:B9:C5:A2:65:DC:21:68:43:43:17:01:76
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/VPSuGiOWiYC5xaJl3CFoQ0MXAXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:b70::/44
2a0e:97c1:100::/44
Signature Algorithm: sha256WithRSAEncryption
63:d2:33:53:90:f4:d2:c5:fd:06:9d:67:6c:69:57:41:00:09:
2b:5d:56:b2:35:34:bd:8f:f8:81:ad:52:3b:eb:90:73:59:39:
c4:34:85:05:4e:e1:c5:20:59:12:d8:78:1a:76:74:4c:40:07:
2e:a5:e8:cf:88:a9:c8:26:bb:02:f7:1c:ed:0e:0a:7b:8f:55:
f9:ac:26:2e:9e:e0:4b:53:81:db:0a:e3:18:0f:3e:4c:9d:98:
83:29:5e:30:91:d2:f9:ef:72:ca:99:9a:b0:45:b3:6f:c3:bc:
41:8d:20:82:7c:d8:74:9c:84:d7:20:78:7b:fc:6a:77:12:76:
fe:47:f7:9d:43:bc:b2:ed:7b:3e:44:05:7f:3c:26:ed:18:52:
13:fc:ec:16:47:f6:ff:93:d4:42:e9:24:01:37:3c:fb:75:98:
95:ea:80:63:c9:2f:fa:8f:02:56:78:95:66:a6:86:33:e6:92:
5d:c3:6c:a3:d7:04:8b:64:80:86:b0:66:bc:07:51:f9:41:c5:
12:78:04:f5:92:67:cb:7e:2d:83:6e:b3:75:df:78:77:a8:d7:
2b:76:b1:47:7d:49:ae:89:fb:9e:47:2c:0a:5b:66:6c:52:7b:
f2:f9:3e:52:53:93:3c:83:5c:ec:e1:2b:0b:42:f3:d7:0a:fe:
8d:36:9b:57
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYUBy/OGAqlJTCPIKI8TlszRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMjExMTUyNzAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGY0YWUxYTIzOTY4OTgwYjljNWEyNjVkYzIxNjg0MzQzMTcwMTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04rvmrF6dcUMRKlpFF3dib9vAXvN
rBjnw6c+hMOe5Wq91eTPzrsRsm2GRE8rjbPm4kIz7AbaJm2spPuVlh8N/zCUnkXu
wIaqwh5jWH0K16P9zjzVLpTbBaoT+zokmPkJtkVM8XEJearIpdD51qGD/o0SOjzn
ulMm/s9Eb7tGIGQVqRV2DjhpeNmCg8oARInxuoCzD6GnJQqdzj3Z9hpjZqRFTopf
6nT5GJRlBW9xDkgUvS24JPQSfXQOrr6HYUGoRINFavHBGBlX2FtloqJ92Wpdivs8
f8LUvUJ518SI2z1luctlAaLNOKc1e0zCSwNVUVFrxGjUTJfLRKkr9C4v0QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFT0rhojlomAucWiZdwhaENDFwF2MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVlBTdUdpT1dpWUM1eGFKbDNDRm9RME1YQVhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6XwAtw
AwcEKg6XwQEAMA0GCSqGSIb3DQEBCwUAA4IBAQBj0jNTkPTSxf0GnWdsaVdBAAkr
XVayNTS9j/iBrVI765BzWTnENIUFTuHFIFkS2HgadnRMQAcupejPiKnIJrsC9xzt
Dgp7j1X5rCYunuBLU4HbCuMYDz5MnZiDKV4wkdL573LKmZqwRbNvw7xBjSCCfNh0
nITXIHh7/Gp3Enb+R/edQ7yy7Xs+RAV/PCbtGFIT/OwWR/b/k9RC6SQBNzz7dZiV
6oBjyS/6jwJWeJVmpoYz5pJdw2yj1wSLZICGsGa8B1H5QcUSeAT1kmfLfi2DbrN1
33h3qNcrdrFHfUmuifueRywKW2ZsUnvy+T5SU5M8g1zs4SsLQvPXCv6NNptX
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:16 2023 by rpki-client on console-fra.rpki-client.org