Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/4d089e-5d1c-4e34-9465-fa6348f695b5/1/VtktASSxxBi2fmv1u5dm_RcbLkE.roa
File: VtktASSxxBi2fmv1u5dm_RcbLkE.roa (raw, json)
Hash identifier: pGxKK5VBakx29sWDfbgoCSoQz8ulZW4Oufjrt/316lI=
Subject key identifier: 56:D9:2D:01:24:B1:C4:18:B6:7E:6B:F5:BB:97:66:FD:17:1B:2E:41
Certificate issuer: /CN=e4b1306101cc9ec9fce985280c1db0f37c135a3a
Certificate serial: 0183C50C3A195C2E13943E3957AA0811A250
Authority key identifier: E4:B1:30:61:01:CC:9E:C9:FC:E9:85:28:0C:1D:B0:F3:7C:13:5A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5LEwYQHMnsn86YUoDB2w83wTWjo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/4d089e-5d1c-4e34-9465-fa6348f695b5/1/VtktASSxxBi2fmv1u5dm_RcbLkE.roa
Signing time: Tue 11 Oct 2022 03:17:36 +0000
ROA not before: Tue 11 Oct 2022 03:17:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47165
IP address blocks: 185.13.176.0/22 maxlen: 22
62.182.192.0/21 maxlen: 21
178.74.64.0/18 maxlen: 18
94.137.16.0/20 maxlen: 20
94.137.32.0/20 maxlen: 20
94.137.48.0/20 maxlen: 20
176.62.64.0/18 maxlen: 18
109.120.0.0/20 maxlen: 20
109.120.16.0/20 maxlen: 20
46.233.192.0/18 maxlen: 18
217.25.208.0/20 maxlen: 20
109.120.32.0/20 maxlen: 20
94.137.0.0/20 maxlen: 20
109.120.48.0/20 maxlen: 20
2a02:ddc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c5:0c:3a:19:5c:2e:13:94:3e:39:57:aa:08:11:a2:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4b1306101cc9ec9fce985280c1db0f37c135a3a
Validity
Not Before: Oct 11 03:17:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=56d92d0124b1c418b67e6bf5bb9766fd171b2e41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:93:dc:89:06:01:cd:df:4d:8c:16:a8:ee:c4:
44:fa:5f:2d:9c:00:f2:b8:61:c7:28:84:03:fa:a0:
d9:e3:1b:4e:53:95:0a:ee:d7:fd:6d:6e:79:8a:02:
01:97:76:00:03:3d:4c:23:a9:88:04:fc:20:b0:d1:
c1:71:73:a3:37:6b:58:fb:e4:3a:27:2d:3f:9b:8e:
a8:d6:64:fc:6c:b3:f6:26:c3:f3:62:3a:6b:b3:a4:
37:dc:66:04:e1:50:19:de:86:90:a6:ed:15:ad:a9:
77:c4:fe:70:29:15:88:ec:62:37:12:eb:bd:dd:62:
c4:9d:fc:52:19:06:97:09:74:d2:78:e7:4a:ef:73:
20:f0:65:41:14:e9:b1:86:99:e7:41:ec:dc:45:84:
0b:d3:5a:62:98:51:b7:44:f4:ed:60:20:72:d0:f8:
87:fb:d7:bd:77:6f:bd:00:67:6a:e2:f2:3f:7c:53:
6e:fb:05:20:98:19:36:2a:79:9c:5c:48:ff:71:ad:
ed:67:68:e1:a2:1f:67:76:60:d7:6f:02:c2:2a:42:
fc:18:2d:a6:41:90:5a:8d:50:42:8a:c8:c9:69:36:
fe:78:ad:f3:3d:f0:9d:4a:c9:54:de:88:13:76:b5:
ea:70:14:02:d3:8a:3c:98:02:77:ba:df:48:36:7a:
f0:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:D9:2D:01:24:B1:C4:18:B6:7E:6B:F5:BB:97:66:FD:17:1B:2E:41
X509v3 Authority Key Identifier:
keyid:E4:B1:30:61:01:CC:9E:C9:FC:E9:85:28:0C:1D:B0:F3:7C:13:5A:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5LEwYQHMnsn86YUoDB2w83wTWjo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4d089e-5d1c-4e34-9465-fa6348f695b5/1/VtktASSxxBi2fmv1u5dm_RcbLkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4d089e-5d1c-4e34-9465-fa6348f695b5/1/5LEwYQHMnsn86YUoDB2w83wTWjo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.233.192.0/18
62.182.192.0/21
94.137.0.0/18
109.120.0.0/18
176.62.64.0/18
178.74.64.0/18
185.13.176.0/22
217.25.208.0/20
IPv6:
2a02:ddc0::/29
Signature Algorithm: sha256WithRSAEncryption
ad:5c:2f:ae:63:55:ef:ea:18:07:84:7a:b3:df:b6:90:41:20:
df:26:cf:0e:ef:ef:bc:4b:7f:be:b3:82:5f:0a:5d:40:dc:6f:
2b:d3:c0:98:da:58:6c:be:83:78:e5:41:95:14:67:18:d9:f8:
77:f0:54:4c:9f:3f:9f:b9:80:fa:56:93:cb:a2:c5:e6:2b:e4:
4f:44:29:6b:c3:08:c7:ef:d8:8e:b5:73:73:71:db:b3:f6:2b:
19:50:94:14:72:04:f3:58:16:80:b2:e7:af:2d:c2:b3:80:53:
7a:d1:2b:6a:0e:7f:63:1c:e6:fa:82:12:6f:f3:d7:0c:e4:f5:
a4:98:5a:c4:9b:bb:30:90:0b:d3:ce:0f:de:eb:ad:05:71:c3:
4f:1e:d0:44:2b:f0:e8:57:68:cd:17:87:a9:e5:e5:a5:be:f5:
4e:34:2a:89:c7:7c:f3:69:dd:36:59:b9:be:02:2d:df:35:d4:
ed:72:e9:5a:cb:aa:ee:a6:bf:45:ee:7c:21:ee:75:05:27:7f:
6c:38:a1:cb:af:86:60:95:3d:06:42:ef:67:9a:38:29:73:8b:
08:66:9e:eb:4e:18:1d:a8:b8:53:61:49:f7:ed:e3:9f:09:05:
b5:f4:21:a9:fa:c0:3a:31:cc:99:ed:57:4f:c3:b3:df:0f:6e:
2e:52:df:5b
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYPFDDoZXC4TlD45V6oIEaJQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YjEzMDYxMDFjYzllYzlmY2U5ODUyODBjMWRiMGYzN2Mx
MzVhM2EwHhcNMjIxMDExMDMxNzM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmQ5MmQwMTI0YjFjNDE4YjY3ZTZiZjViYjk3NjZmZDE3MWIyZTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpPciQYBzd9NjBao7sRE+l8tnADy
uGHHKIQD+qDZ4xtOU5UK7tf9bW55igIBl3YAAz1MI6mIBPwgsNHBcXOjN2tY++Q6
Jy0/m46o1mT8bLP2JsPzYjprs6Q33GYE4VAZ3oaQpu0Vral3xP5wKRWI7GI3Euu9
3WLEnfxSGQaXCXTSeOdK73Mg8GVBFOmxhpnnQezcRYQL01pimFG3RPTtYCBy0PiH
+9e9d2+9AGdq4vI/fFNu+wUgmBk2KnmcXEj/ca3tZ2jhoh9ndmDXbwLCKkL8GC2m
QZBajVBCisjJaTb+eK3zPfCdSslU3ogTdrXqcBQC04o8mAJ3ut9INnrwjQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFFbZLQEkscQYtn5r9buXZv0XGy5BMB8GA1UdIwQY
MBaAFOSxMGEBzJ7J/OmFKAwdsPN8E1o6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUxFd1lRSE1uc244NllVb0RCMnc4M3dUV2pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS80ZDA4OWUtNWQxYy00ZTM0LTk0NjUt
ZmE2MzQ4ZjY5NWI1LzEvVnRrdEFTU3h4QmkyZm12MXU1ZG1fUmNiTGtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS80ZDA4OWUtNWQxYy00ZTM0LTk0NjUtZmE2MzQ4ZjY5NWI1
LzEvNUxFd1lRSE1uc244NllVb0RCMnc4M3dUV2pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQGLunAAwQD
PrbAAwQGXokAAwQGbXgAAwQGsD5AAwQGskpAAwQCuQ2wAwQE2RnQMA0EAgACMAcD
BQMqAt3AMA0GCSqGSIb3DQEBCwUAA4IBAQCtXC+uY1Xv6hgHhHqz37aQQSDfJs8O
7++8S3++s4JfCl1A3G8r08CY2lhsvoN45UGVFGcY2fh38FRMnz+fuYD6VpPLosXm
K+RPRClrwwjH79iOtXNzcduz9isZUJQUcgTzWBaAsuevLcKzgFN60StqDn9jHOb6
ghJv89cM5PWkmFrEm7swkAvTzg/e660FccNPHtBEK/DoV2jNF4ep5eWlvvVONCqJ
x3zzad02Wbm+Ai3fNdTtculay6rupr9F7nwh7nUFJ39sOKHLr4ZglT0GQu9nmjgp
c4sIZp7rThgdqLhTYUn37eOfCQW19CGp+sA6McyZ7VdPw7PfD24uUt9b
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:40 2023 by rpki-client on console-ams.rpki-client.org