Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/468065-2233-4dc7-b95c-a7bb38a1a53d/1/vPO5stDdN4KjE9B3lZlmizkliBA.roa
File: vPO5stDdN4KjE9B3lZlmizkliBA.roa (raw, json)
Hash identifier: 2ml8SNtVF9cNsoqgeMSAndmOhREieTDHWZ0CZPMpnRs=
Subject key identifier: BC:F3:B9:B2:D0:DD:37:82:A3:13:D0:77:95:99:66:8B:39:25:88:10
Certificate issuer: /CN=d32d000368c1d54f08a7782c07673b68a93edfc5
Certificate serial: 02EBECEA
Authority key identifier: D3:2D:00:03:68:C1:D5:4F:08:A7:78:2C:07:67:3B:68:A9:3E:DF:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0y0AA2jB1U8Ip3gsB2c7aKk-38U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/468065-2233-4dc7-b95c-a7bb38a1a53d/1/vPO5stDdN4KjE9B3lZlmizkliBA.roa
Signing time: Sat 01 Jan 2022 04:56:06 +0000
ROA not before: Sat 01 Jan 2022 04:56:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29492
IP address blocks: 94.102.32.0/20 maxlen: 20
95.169.32.0/19 maxlen: 19
185.20.244.0/22 maxlen: 22
37.148.144.0/21 maxlen: 21
77.106.128.0/18 maxlen: 18
87.248.0.0/19 maxlen: 19
109.203.0.0/19 maxlen: 19
82.147.32.0/19 maxlen: 19
2a02:a18::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 49016042 (0x2ebecea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d32d000368c1d54f08a7782c07673b68a93edfc5
Validity
Not Before: Jan 1 04:56:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bcf3b9b2d0dd3782a313d0779599668b39258810
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:16:81:11:bf:a6:b9:85:f2:88:2d:75:8a:9e:
88:b5:07:8b:1a:1b:ea:ef:66:1e:47:a0:38:17:37:
9a:56:53:94:f9:72:6c:15:53:d6:cc:5a:15:fe:f8:
3c:7f:b9:e2:c0:09:4d:e3:00:2e:ef:69:13:42:5f:
e0:58:00:a8:2a:74:ae:09:15:7f:4e:12:e5:f3:97:
35:21:42:8a:27:ca:e0:34:a0:f6:db:cd:0d:e0:d6:
f2:0b:58:10:6c:ed:78:6a:d5:44:b6:e7:45:de:21:
20:c0:7b:6b:b4:33:8d:20:c1:ae:a9:f0:1e:f8:f6:
32:66:ce:0b:71:4d:83:23:d7:69:5b:47:8c:bd:cf:
fb:62:01:35:7c:71:c0:ac:39:4b:73:d2:03:8a:83:
d4:39:32:27:cf:64:b1:7d:fb:00:f1:22:84:22:d3:
72:78:5c:ab:35:80:b8:df:12:2e:0d:29:60:ec:b7:
4c:4e:78:a4:7f:bb:1b:2b:e3:06:b1:48:22:d9:01:
3f:d4:41:19:a0:12:19:c8:e7:de:be:3e:32:9e:20:
68:2e:8e:c2:14:63:d8:e6:de:a3:0f:7f:59:bc:57:
9f:16:8f:e8:6e:2f:bd:44:f8:fe:83:63:29:c2:b5:
a6:d0:72:8d:76:33:39:e7:fc:7d:b2:43:64:c1:63:
e1:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:F3:B9:B2:D0:DD:37:82:A3:13:D0:77:95:99:66:8B:39:25:88:10
X509v3 Authority Key Identifier:
keyid:D3:2D:00:03:68:C1:D5:4F:08:A7:78:2C:07:67:3B:68:A9:3E:DF:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0y0AA2jB1U8Ip3gsB2c7aKk-38U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/468065-2233-4dc7-b95c-a7bb38a1a53d/1/vPO5stDdN4KjE9B3lZlmizkliBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/468065-2233-4dc7-b95c-a7bb38a1a53d/1/0y0AA2jB1U8Ip3gsB2c7aKk-38U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.144.0/21
77.106.128.0/18
82.147.32.0/19
87.248.0.0/19
94.102.32.0/20
95.169.32.0/19
109.203.0.0/19
185.20.244.0/22
IPv6:
2a02:a18::/32
Signature Algorithm: sha256WithRSAEncryption
d1:30:b8:dd:0b:09:91:2b:d9:06:44:9d:4f:71:d0:75:23:24:
d5:8a:02:5d:66:26:5e:f5:79:bc:75:fd:1c:c1:0f:1b:a8:69:
ec:38:62:15:0b:f5:a0:97:2c:cb:9e:0d:aa:a1:e4:35:14:76:
d0:96:a7:89:61:d3:db:d0:41:6f:93:e0:07:ae:05:3e:13:51:
3c:66:0d:84:47:5f:8e:5e:95:19:37:25:1b:4f:d9:f6:a7:fb:
69:4f:79:6b:45:41:67:c9:8d:cb:9e:8a:da:53:f6:da:6d:cf:
20:22:0a:00:31:4b:f9:ca:19:ab:90:17:0b:b0:49:b1:d6:07:
58:de:e5:65:ad:85:a4:8f:d1:5d:16:80:7c:95:b9:04:c6:2d:
2f:84:7e:2a:ab:6c:31:dc:db:11:df:0d:ff:dd:9c:1a:b7:71:
99:64:a7:6f:27:82:a5:82:1f:3b:05:92:27:14:2e:e3:fb:ea:
93:59:04:0a:d5:45:0c:3c:01:c4:12:c9:25:8b:f5:b4:a7:53:
9c:15:f5:d4:1b:3f:da:95:cd:46:df:6d:90:f8:e4:c4:25:86:
3d:a3:d0:d6:89:09:25:8c:0a:a4:3b:74:14:9e:83:67:a3:4c:
a7:34:cc:ff:9c:cd:d7:71:8b:69:0e:fc:ad:88:6d:33:03:f6:
a0:22:9d:8d
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIEAuvs6jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MzJkMDAwMzY4YzFkNTRmMDhhNzc4MmMwNzY3M2I2OGE5M2VkZmM1MB4XDTIyMDEw
MTA0NTYwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmNmM2I5YjJkMGRk
Mzc4MmEzMTNkMDc3OTU5OTY2OGIzOTI1ODgxMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPwWgRG/prmF8ogtdYqeiLUHixob6u9mHkegOBc3mlZTlPly
bBVT1sxaFf74PH+54sAJTeMALu9pE0Jf4FgAqCp0rgkVf04S5fOXNSFCiifK4DSg
9tvNDeDW8gtYEGzteGrVRLbnRd4hIMB7a7QzjSDBrqnwHvj2MmbOC3FNgyPXaVtH
jL3P+2IBNXxxwKw5S3PSA4qD1DkyJ89ksX37APEihCLTcnhcqzWAuN8SLg0pYOy3
TE54pH+7GyvjBrFIItkBP9RBGaASGcjn3r4+Mp4gaC6OwhRj2Obeow9/WbxXnxaP
6G4vvUT4/oNjKcK1ptByjXYzOef8fbJDZMFj4XkCAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBS887my0N03gqMT0HeVmWaLOSWIEDAfBgNVHSMEGDAWgBTTLQADaMHVTwin
eCwHZztoqT7fxTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzB5MEFBMmpCMVU4SXAzZ3NCMmM3YUtrLTM4VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTUvNDY4MDY1LTIyMzMtNGRjNy1iOTVjLWE3YmIzOGExYTUzZC8x
L3ZQTzVzdERkTjRLakU5QjNsWmxtaXprbGlCQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTUv
NDY4MDY1LTIyMzMtNGRjNy1iOTVjLWE3YmIzOGExYTUzZC8xLzB5MEFBMmpCMVU4
SXAzZ3NCMmM3YUtrLTM4VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBY
BggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEAyWUkAMEBk1qgAMEBVKTIAMEBVf4
AAMEBF5mIAMEBV+pIAMEBW3LAAMEArkU9DANBAIAAjAHAwUAKgIKGDANBgkqhkiG
9w0BAQsFAAOCAQEA0TC43QsJkSvZBkSdT3HQdSMk1YoCXWYmXvV5vHX9HMEPG6hp
7DhiFQv1oJcsy54NqqHkNRR20JaniWHT29BBb5PgB64FPhNRPGYNhEdfjl6VGTcl
G0/Z9qf7aU95a0VBZ8mNy56K2lP22m3PICIKADFL+coZq5AXC7BJsdYHWN7lZa2F
pI/RXRaAfJW5BMYtL4R+KqtsMdzbEd8N/92cGrdxmWSnbyeCpYIfOwWSJxQu4/vq
k1kECtVFDDwBxBLJJYv1tKdTnBX11Bs/2pXNRt9tkPjkxCWGPaPQ1okJJYwKpDt0
FJ6DZ6NMpzTM/5zN13GLaQ78rYhtMwP2oCKdjQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:33 2023 by rpki-client on console-fra.rpki-client.org