Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/VauA4tAZ87x3YzHRf40uPqV376M.roa
File: VauA4tAZ87x3YzHRf40uPqV376M.roa (raw, json)
Hash identifier: B00WgG9Z8qrq9fyH2QnaFx3pxp98/+AB5gp3ioOE87k=
Subject key identifier: 55:AB:80:E2:D0:19:F3:BC:77:63:31:D1:7F:8D:2E:3E:A5:77:EF:A3
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 018452F48FE4B613FAA8BE504CED162688B2
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/VauA4tAZ87x3YzHRf40uPqV376M.roa
Signing time: Mon 07 Nov 2022 16:37:49 +0000
ROA not before: Mon 07 Nov 2022 16:37:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209087
IP address blocks: 179.189.212.0/22 maxlen: 22
185.227.92.0/22 maxlen: 22
85.8.137.0/24 maxlen: 24
85.8.136.0/24 maxlen: 24
85.8.136.0/23 maxlen: 23
85.8.136.0/22 maxlen: 22
85.8.139.0/24 maxlen: 24
85.8.138.0/23 maxlen: 23
85.8.138.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:52:f4:8f:e4:b6:13:fa:a8:be:50:4c:ed:16:26:88:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Nov 7 16:37:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=55ab80e2d019f3bc776331d17f8d2e3ea577efa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e0:e2:61:ec:fc:96:45:ed:a8:ed:6b:f5:a6:
03:99:d2:e7:a2:25:66:4d:3c:78:5f:3a:45:5c:60:
54:9d:9b:1f:44:03:42:4a:ba:9a:6f:40:1a:7c:49:
b4:2f:17:9c:7f:8a:18:46:bd:0c:56:69:6e:c2:1e:
33:f8:de:78:7a:6f:93:be:88:4c:40:fb:14:05:a7:
87:d1:9c:4c:04:55:d1:b3:b0:c8:0c:81:5c:cd:e2:
b3:bf:60:f7:f5:3a:f4:31:fe:bd:4b:4f:37:71:b2:
1e:7f:f4:10:79:b2:3c:e1:45:1f:a8:b7:83:55:f5:
13:b4:49:ac:e1:ee:79:20:f1:76:ee:4b:56:f5:49:
6d:4c:df:19:7e:c1:f4:9e:45:09:63:03:67:cd:0c:
86:e3:cf:67:b5:a5:63:e1:71:5f:ad:52:4b:6c:04:
78:17:3b:3b:7d:53:b3:03:23:b4:ad:63:06:1c:d5:
fa:0c:20:27:c7:26:a6:49:76:57:19:21:dd:ec:23:
87:71:24:cb:c2:94:5c:59:55:a2:d3:48:eb:38:1c:
0d:75:45:4e:67:3a:40:3f:8f:6c:a5:ab:ba:87:de:
bb:dd:ab:39:cd:4e:76:14:c3:3c:47:00:b6:14:21:
9f:49:73:fd:7b:31:a0:fa:02:c2:19:c8:1b:4c:b3:
02:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:AB:80:E2:D0:19:F3:BC:77:63:31:D1:7F:8D:2E:3E:A5:77:EF:A3
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/VauA4tAZ87x3YzHRf40uPqV376M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.8.136.0/22
179.189.212.0/22
185.227.92.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:4a:87:44:0d:9c:be:70:21:30:00:3b:4d:20:02:2b:c4:0d:
23:65:d1:9e:cd:18:0d:02:a5:b9:74:50:32:8b:0c:a0:09:ce:
b5:1c:50:24:b9:3b:87:8f:a4:43:21:4e:6b:7b:29:5a:05:af:
2f:d3:af:de:00:cf:c9:96:bf:46:87:ea:26:4e:a7:a4:5a:ae:
8f:8f:ca:69:d6:c4:b4:3e:9d:fa:04:29:fc:c7:67:81:e0:e5:
af:b2:5a:3f:03:6e:b1:2a:0e:d1:0f:f1:c4:99:e9:43:ba:f6:
2a:ec:8c:20:c1:e2:89:42:23:8f:9e:70:f3:5d:3b:0a:4d:24:
d0:1b:d3:b6:ea:d6:a4:d3:ec:e5:45:44:ef:3b:75:6c:9b:91:
89:be:bb:a1:12:94:95:e6:d4:d1:fe:10:78:db:e7:0e:62:b7:
1c:f3:81:d1:a3:4d:38:de:02:d2:30:8e:5a:e0:57:bb:3f:d6:
96:e6:e5:e8:6e:3a:58:c6:56:0b:95:f3:36:ca:e6:45:0c:bf:
2d:a3:cd:bc:57:f0:a0:5e:6c:1c:33:98:4f:a1:db:dc:26:cd:
3b:f6:b3:32:70:c8:71:dc:7a:37:18:48:7a:d7:36:15:d2:de:
cd:c4:d7:6c:41:69:b8:10:36:aa:96:90:e2:78:28:94:ae:11:
f3:89:c0:3e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYRS9I/kthP6qL5QTO0WJoiyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjIxMTA3MTYzNzQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWFiODBlMmQwMTlmM2JjNzc2MzMxZDE3ZjhkMmUzZWE1NzdlZmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuODiYez8lkXtqO1r9aYDmdLnoiVm
TTx4XzpFXGBUnZsfRANCSrqab0AafEm0Lxecf4oYRr0MVmluwh4z+N54em+TvohM
QPsUBaeH0ZxMBFXRs7DIDIFczeKzv2D39Tr0Mf69S083cbIef/QQebI84UUfqLeD
VfUTtEms4e55IPF27ktW9UltTN8ZfsH0nkUJYwNnzQyG489ntaVj4XFfrVJLbAR4
Fzs7fVOzAyO0rWMGHNX6DCAnxyamSXZXGSHd7COHcSTLwpRcWVWi00jrOBwNdUVO
ZzpAP49spau6h9673as5zU52FMM8RwC2FCGfSXP9ezGg+gLCGcgbTLMCLQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFWrgOLQGfO8d2Mx0X+NLj6ld++jMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvVmF1QTR0QVo4N3gzWXpIUmY0MHVQcVYzNzZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCVQiIAwQC
s73UAwQCueNcMA0GCSqGSIb3DQEBCwUAA4IBAQBvSodEDZy+cCEwADtNIAIrxA0j
ZdGezRgNAqW5dFAyiwygCc61HFAkuTuHj6RDIU5reylaBa8v06/eAM/Jlr9Gh+om
TqekWq6Pj8pp1sS0Pp36BCn8x2eB4OWvslo/A26xKg7RD/HEmelDuvYq7IwgweKJ
QiOPnnDzXTsKTSTQG9O26tak0+zlRUTvO3Vsm5GJvruhEpSV5tTR/hB42+cOYrcc
84HRo0043gLSMI5a4Fe7P9aW5uXobjpYxlYLlfM2yuZFDL8to828V/CgXmwcM5hP
odvcJs079rMycMhx3Ho3GEh61zYV0t7NxNdsQWm4EDaqlpDieCiUrhHzicA+
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:49 2023 by rpki-client on console-fra.rpki-client.org