Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/vYAeYvkBWwC4MWopnpGAXL9Ji4o.roa
File: vYAeYvkBWwC4MWopnpGAXL9Ji4o.roa (raw, json)
Hash identifier: OhBsANR6ziSuawTxXsXIL/evChimmBlqlLPxm/BHDsM=
Subject key identifier: BD:80:1E:62:F9:01:5B:00:B8:31:6A:29:9E:91:80:5C:BF:49:8B:8A
Certificate issuer: /CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Certificate serial: 17D95EC7
Authority key identifier: 92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/vYAeYvkBWwC4MWopnpGAXL9Ji4o.roa
Signing time: Sat 01 Jan 2022 02:01:37 +0000
ROA not before: Sat 01 Jan 2022 02:01:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8283
IP address blocks: 94.142.242.0/24 maxlen: 24
94.142.240.0/21 maxlen: 21
94.142.241.0/24 maxlen: 24
94.142.245.0/24 maxlen: 24
94.142.246.0/24 maxlen: 24
94.142.244.0/24 maxlen: 24
94.142.247.0/24 maxlen: 24
185.52.225.0/24 maxlen: 24
185.52.226.0/24 maxlen: 24
185.52.224.0/24 maxlen: 24
185.52.224.0/22 maxlen: 22
185.52.227.0/24 maxlen: 24
94.142.240.0/24 maxlen: 24
2a02:898::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 400121543 (0x17d95ec7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78
Validity
Not Before: Jan 1 02:01:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bd801e62f9015b00b8316a299e91805cbf498b8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:0f:2e:42:d3:7b:cb:f0:5d:bf:e0:ce:ed:0d:
10:db:ba:af:81:63:26:61:55:44:25:7d:a6:9d:b8:
3d:70:4b:1c:08:b2:77:f4:cb:77:c1:e6:be:74:e2:
eb:b8:0e:de:bc:a9:11:90:49:6d:c4:80:f4:39:b2:
82:dc:88:93:79:61:d9:59:37:c4:c1:97:bb:c0:23:
86:6e:df:38:db:dd:9d:e0:bb:19:67:16:c3:a2:81:
ac:f6:7f:63:1b:9e:59:0e:cc:8f:07:a0:db:aa:36:
2f:bd:10:2f:33:06:c0:c7:48:b9:e2:50:09:1e:95:
6d:05:48:be:32:1a:38:23:e4:a2:c9:1a:31:ca:ba:
a8:02:6a:33:c6:d3:7c:9e:e2:a3:d0:1b:fb:b0:c0:
a6:05:00:96:15:63:f5:e6:d8:16:1e:93:7c:31:7d:
e0:1e:6e:ff:12:9a:21:2b:32:7f:d4:4e:bf:c1:e2:
a1:40:f3:de:a4:ea:ce:0b:02:74:62:63:f0:63:75:
01:9c:35:f2:d5:ad:29:82:9a:8f:cb:82:32:01:82:
0b:cf:68:13:77:66:40:19:8f:99:86:31:55:42:d2:
fc:20:0d:86:82:23:5e:68:da:a0:b8:2e:c9:3f:69:
04:20:8a:3a:53:64:2f:db:35:7d:6a:a8:63:a2:80:
68:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:80:1E:62:F9:01:5B:00:B8:31:6A:29:9E:91:80:5C:BF:49:8B:8A
X509v3 Authority Key Identifier:
keyid:92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/vYAeYvkBWwC4MWopnpGAXL9Ji4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.142.240.0/21
185.52.224.0/22
IPv6:
2a02:898::/32
Signature Algorithm: sha256WithRSAEncryption
8e:b0:a2:a7:45:0b:e4:d5:62:4a:ce:64:3d:9e:a4:b6:41:f4:
c7:be:d6:a8:bd:46:04:11:a9:69:a0:72:ea:ed:e5:90:f2:87:
72:0a:a6:91:a6:e7:78:0f:07:6a:15:a7:e4:e1:99:d7:c0:b9:
b6:ea:b3:7a:b8:03:6a:4d:88:96:0c:51:71:19:be:87:a7:e7:
75:31:87:9a:40:23:80:2e:af:b8:c2:3b:71:ff:d9:96:33:1d:
d4:d9:f4:cc:ce:da:24:4a:49:d7:16:f9:d8:31:35:2c:3b:ce:
f8:57:09:80:d5:2a:7f:40:1d:bc:38:9f:8e:6f:2d:d0:d1:1b:
a4:65:63:c8:79:ab:c6:bd:0f:33:17:b9:56:4d:92:cd:b4:aa:
b0:a0:4a:bf:59:1c:91:bb:22:5b:fa:1c:a2:2d:59:95:fc:77:
c2:32:a2:40:6f:0a:ed:65:f6:ee:51:30:97:78:9a:cd:56:f9:
1d:3b:a9:af:70:48:31:a5:26:03:7a:a5:b9:06:fb:b9:bb:a5:
55:f4:a9:79:02:da:04:5e:b3:66:c3:3b:47:ea:cd:56:51:e9:
29:35:30:64:dd:46:57:2c:bf:cd:c1:f1:5d:66:f4:70:8b:ff:
56:7e:cb:e5:d3:61:74:f4:5f:8e:f0:48:cd:b0:57:65:ce:10:
0d:b1:34:8c
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEF9lexzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MjFiNGM4NWNhYThkOGIxNjYxOWJmOTQ1YTJmZDZhZjFjNzdmYzc4MB4XDTIyMDEw
MTAyMDEzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmQ4MDFlNjJmOTAx
NWIwMGI4MzE2YTI5OWU5MTgwNWNiZjQ5OGI4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM4PLkLTe8vwXb/gzu0NENu6r4FjJmFVRCV9pp24PXBLHAiy
d/TLd8HmvnTi67gO3rypEZBJbcSA9DmygtyIk3lh2Vk3xMGXu8Ajhm7fONvdneC7
GWcWw6KBrPZ/YxueWQ7Mjweg26o2L70QLzMGwMdIueJQCR6VbQVIvjIaOCPkoska
Mcq6qAJqM8bTfJ7io9Ab+7DApgUAlhVj9ebYFh6TfDF94B5u/xKaISsyf9ROv8Hi
oUDz3qTqzgsCdGJj8GN1AZw18tWtKYKaj8uCMgGCC89oE3dmQBmPmYYxVULS/CAN
hoIjXmjaoLguyT9pBCCKOlNkL9s1fWqoY6KAaBMCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBS9gB5i+QFbALgxaimekYBcv0mLijAfBgNVHSMEGDAWgBSSG0yFyqjYsWYZ
v5RaL9avHHf8eDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2todE1oY3FvMkxGbUdiLVVXaV9Xcnh4M19IZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTQvNDJiMTc5LTQ3OTAtNDUyMC1iMTc0LTUwNTA1MzgyZmQ3Mi8x
L3ZZQWVZdmtCV3dDNE1Xb3BucEdBWEw5Smk0by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQv
NDJiMTc5LTQ3OTAtNDUyMC1iMTc0LTUwNTA1MzgyZmQ3Mi8xL2todE1oY3FvMkxG
bUdiLVVXaV9Xcnh4M19IZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEA16O8AMEArk04DANBAIAAjAHAwUA
KgIImDANBgkqhkiG9w0BAQsFAAOCAQEAjrCip0UL5NViSs5kPZ6ktkH0x77WqL1G
BBGpaaBy6u3lkPKHcgqmkabneA8HahWn5OGZ18C5tuqzergDak2IlgxRcRm+h6fn
dTGHmkAjgC6vuMI7cf/ZljMd1Nn0zM7aJEpJ1xb52DE1LDvO+FcJgNUqf0AdvDif
jm8t0NEbpGVjyHmrxr0PMxe5Vk2SzbSqsKBKv1kckbsiW/ocoi1Zlfx3wjKiQG8K
7WX27lEwl3iazVb5HTupr3BIMaUmA3qluQb7ubulVfSpeQLaBF6zZsM7R+rNVlHp
KTUwZN1GVyy/zcHxXWb0cIv/Vn7L5dNhdPRfjvBIzbBXZc4QDbE0jA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:13 2023 by rpki-client on console-ams.rpki-client.org