Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/VGxcXBX6kSGnz-8yztIRHCj68DU.roa
File: VGxcXBX6kSGnz-8yztIRHCj68DU.roa (raw, json)
Hash identifier: 7Fd5ghwCbG9BcOYIHgcCF0sSJ9CAfRiIMlVY5YeEQ7U=
Subject key identifier: 54:6C:5C:5C:15:FA:91:21:A7:CF:EF:32:CE:D2:11:1C:28:FA:F0:35
Certificate issuer: /CN=210da9e7af01de75448f4906aac41bd2964e8847
Certificate serial: 44D3FDE3
Authority key identifier: 21:0D:A9:E7:AF:01:DE:75:44:8F:49:06:AA:C4:1B:D2:96:4E:88:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQ2p568B3nVEj0kGqsQb0pZOiEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/VGxcXBX6kSGnz-8yztIRHCj68DU.roa
Signing time: Sat 01 Jan 2022 00:51:00 +0000
ROA not before: Sat 01 Jan 2022 00:51:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9121
IP address blocks: 46.197.69.0/24 maxlen: 24
178.233.156.0/23 maxlen: 23
178.233.164.0/23 maxlen: 23
24.133.118.0/23 maxlen: 23
176.240.2.0/24 maxlen: 24
176.240.3.0/24 maxlen: 24
176.240.0.0/23 maxlen: 23
46.197.16.0/21 maxlen: 21
176.240.228.0/22 maxlen: 22
94.54.8.0/22 maxlen: 22
94.54.12.0/23 maxlen: 23
178.233.112.0/20 maxlen: 20
94.55.116.0/22 maxlen: 24
178.233.36.0/22 maxlen: 22
94.55.124.0/23 maxlen: 24
94.55.120.0/21 maxlen: 24
94.55.122.0/23 maxlen: 24
94.55.126.0/24 maxlen: 24
94.55.127.0/24 maxlen: 24
24.133.225.0/24 maxlen: 24
2a00:1d58::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1154743779 (0x44d3fde3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=210da9e7af01de75448f4906aac41bd2964e8847
Validity
Not Before: Jan 1 00:51:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=546c5c5c15fa9121a7cfef32ced2111c28faf035
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:7a:ee:6e:1d:62:0b:01:be:a5:a8:d5:42:ca:
23:5b:a2:45:df:cb:3a:1a:a3:fb:33:54:99:31:d3:
19:9a:96:03:87:56:72:a8:87:3b:e4:3f:9e:95:41:
bf:02:50:c1:d0:56:f8:ed:19:48:e0:4a:52:c0:64:
58:73:d0:a4:46:1d:d7:93:a4:6f:95:b4:15:3a:37:
77:7e:f9:6a:7f:4b:e3:3b:43:05:9a:64:af:03:e1:
f9:a2:e2:e4:80:4a:d1:02:2e:50:ef:12:b6:af:b2:
70:4f:81:cf:e2:40:59:59:e6:87:b1:75:b5:4c:91:
a5:62:c3:99:f2:e1:1f:e2:57:93:b6:69:6d:e9:c9:
0d:8b:95:1c:cf:34:b6:c3:99:86:e2:91:45:74:94:
b7:6c:cf:70:c0:bb:44:94:18:9a:3c:07:31:4a:a6:
cd:61:e9:03:ff:f5:53:c2:46:c5:7c:5f:4f:ce:4e:
d9:8c:77:a7:73:7f:fb:cb:da:c9:47:cc:21:dd:84:
e0:d4:04:fe:7e:03:61:2f:ab:3d:e8:bb:fd:36:f0:
e7:a1:4a:7f:f4:59:b7:18:e9:1f:20:e7:02:bf:1f:
c2:1d:50:a3:7c:3f:ed:59:65:af:84:9d:fa:b2:3a:
90:d6:c1:57:00:7c:4c:62:af:1b:be:0e:0f:a9:e2:
9d:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:6C:5C:5C:15:FA:91:21:A7:CF:EF:32:CE:D2:11:1C:28:FA:F0:35
X509v3 Authority Key Identifier:
keyid:21:0D:A9:E7:AF:01:DE:75:44:8F:49:06:AA:C4:1B:D2:96:4E:88:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQ2p568B3nVEj0kGqsQb0pZOiEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/VGxcXBX6kSGnz-8yztIRHCj68DU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/IQ2p568B3nVEj0kGqsQb0pZOiEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
24.133.118.0/23
24.133.225.0/24
46.197.16.0/21
46.197.69.0/24
94.54.8.0-94.54.13.255
94.55.116.0-94.55.127.255
176.240.0.0/22
176.240.228.0/22
178.233.36.0/22
178.233.112.0/20
178.233.156.0/23
178.233.164.0/23
IPv6:
2a00:1d58::/36
Signature Algorithm: sha256WithRSAEncryption
91:8a:b3:a9:e1:a8:fd:2a:03:b9:5d:bd:f2:6a:94:49:94:fe:
93:31:f5:88:9b:09:8d:82:26:be:a2:7c:79:39:e9:b1:5b:80:
92:78:29:26:8f:82:0e:fc:f9:6f:f1:a4:e3:b1:91:20:89:1c:
f0:ba:84:ee:c8:0f:17:3f:21:1c:b2:42:09:8a:51:c3:10:64:
41:ee:1d:be:4c:c9:7c:f5:7a:ec:3b:09:01:88:e6:d6:60:14:
fe:4e:6d:0b:69:ce:e4:70:e9:6e:aa:15:f7:dd:59:d6:90:01:
ce:04:1a:e1:a1:13:c5:fb:3b:00:e4:f1:08:d6:7f:68:aa:01:
30:0f:4e:7e:e7:87:e1:de:c0:43:7f:83:18:48:58:cb:92:cf:
dc:08:80:1a:a6:f4:9a:df:55:79:12:9a:71:7a:08:b7:f3:a6:
8d:f5:fd:4c:e8:4a:67:1b:19:5e:e6:82:3b:94:4a:6b:3f:b3:
a4:ee:e9:d9:36:80:c1:2e:e6:be:dc:f5:a7:ba:ba:ed:e6:51:
c2:45:68:b9:16:f1:81:cf:10:e8:bd:52:43:a3:46:7a:63:92:
eb:1d:bf:a4:22:72:84:94:2c:e1:19:a3:2d:0e:61:81:a9:31:
33:21:89:f2:aa:ee:e5:5e:c5:03:be:88:ea:a4:c1:31:97:04:
c1:69:bf:05
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgIERNP94zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTBkYTllN2FmMDFkZTc1NDQ4ZjQ5MDZhYWM0MWJkMjk2NGU4ODQ3MB4XDTIyMDEw
MTAwNTEwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTQ2YzVjNWMxNWZh
OTEyMWE3Y2ZlZjMyY2VkMjExMWMyOGZhZjAzNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM967m4dYgsBvqWo1ULKI1uiRd/LOhqj+zNUmTHTGZqWA4dW
cqiHO+Q/npVBvwJQwdBW+O0ZSOBKUsBkWHPQpEYd15Okb5W0FTo3d375an9L4ztD
BZpkrwPh+aLi5IBK0QIuUO8Stq+ycE+Bz+JAWVnmh7F1tUyRpWLDmfLhH+JXk7Zp
benJDYuVHM80tsOZhuKRRXSUt2zPcMC7RJQYmjwHMUqmzWHpA//1U8JGxXxfT85O
2Yx3p3N/+8vayUfMId2E4NQE/n4DYS+rPei7/Tbw56FKf/RZtxjpHyDnAr8fwh1Q
o3w/7Vllr4Sd+rI6kNbBVwB8TGKvG74OD6ninWMCAwEAAaOCAmwwggJoMB0GA1Ud
DgQWBBRUbFxcFfqRIafP7zLO0hEcKPrwNTAfBgNVHSMEGDAWgBQhDannrwHedUSP
SQaqxBvSlk6IRzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lRMnA1NjhCM25WRWowa0dxc1FiMHBaT2lFYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjQvZjI3ODIxLTRjY2YtNGQyZS04YjE1LTZlMTI3NzRmODUxZS8x
L1ZHeGNYQlg2a1NHbnotOHl6dElSSENqNjhEVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjQv
ZjI3ODIxLTRjY2YtNGQyZS04YjE1LTZlMTI3NzRmODUxZS8xL0lRMnA1NjhCM25W
RWowa0dxc1FiMHBaT2lFYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
gQYIKwYBBQUHAQcBAf8EcjBwMF4EAgABMFgDBAEYhXYDBAAYheEDBAMuxRADBAAu
xUUwDAMEA142CAMEAV42DDAMAwQCXjd0AwQHXjcAAwQCsPAAAwQCsPDkAwQCsukk
AwQEsulwAwQBsumcAwQBsumkMA4EAgACMAgDBgQqAB1YADANBgkqhkiG9w0BAQsF
AAOCAQEAkYqzqeGo/SoDuV298mqUSZT+kzH1iJsJjYImvqJ8eTnpsVuAkngpJo+C
Dvz5b/Gk47GRIIkc8LqE7sgPFz8hHLJCCYpRwxBkQe4dvkzJfPV67DsJAYjm1mAU
/k5tC2nO5HDpbqoV991Z1pABzgQa4aETxfs7AOTxCNZ/aKoBMA9OfueH4d7AQ3+D
GEhYy5LP3AiAGqb0mt9VeRKacXoIt/OmjfX9TOhKZxsZXuaCO5RKaz+zpO7p2TaA
wS7mvtz1p7q67eZRwkVouRbxgc8Q6L1SQ6NGemOS6x2/pCJyhJQs4RmjLQ5hgakx
MyGJ8qru5V7FA76I6qTBMZcEwWm/BQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 03:03:13 2025 by rpki-client