Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/voDk27hetw9fbkTPp3kgj8IVGuE.roa
File: voDk27hetw9fbkTPp3kgj8IVGuE.roa (raw, json)
Hash identifier: wwjhwm6Y1b4GEJqgXIpn8CFMhHb7O1UUOuyIrA2ia9I=
Subject key identifier: BE:80:E4:DB:B8:5E:B7:0F:5F:6E:44:CF:A7:79:20:8F:C2:15:1A:E1
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 3842C352
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/voDk27hetw9fbkTPp3kgj8IVGuE.roa
Signing time: Wed 11 May 2022 15:28:03 +0000
ROA not before: Wed 11 May 2022 15:28:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213220
IP address blocks: 109.248.168.0/23 maxlen: 24
188.130.209.0/24 maxlen: 24
109.248.6.0/23 maxlen: 24
95.182.110.0/24 maxlen: 24
95.182.108.0/24 maxlen: 24
109.248.33.0/24 maxlen: 24
109.248.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 943899474 (0x3842c352)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: May 11 15:28:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=be80e4dbb85eb70f5f6e44cfa779208fc2151ae1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:58:95:86:a1:14:1c:ef:a0:31:ae:06:68:ef:
44:03:30:a5:3a:f2:16:1b:ee:e4:34:3a:11:64:8b:
e3:a8:0d:d2:29:67:a1:e2:ea:07:45:0b:e2:5a:f8:
f1:dd:7f:8e:c0:a1:5e:e7:c0:cd:f8:2b:a1:a4:4a:
24:9f:e0:1a:ab:31:d9:d4:e0:6d:8a:1f:08:39:bf:
0f:76:67:9f:25:65:7b:ae:21:47:45:2b:90:ca:e7:
8e:47:e4:c0:d2:63:03:60:17:9c:ae:6e:5d:74:8f:
fc:a3:cf:d3:07:9b:0e:64:62:c9:e1:92:64:7f:ed:
f5:d7:fc:8e:e5:ac:f4:a7:38:6c:27:19:b3:04:7a:
c5:6d:75:08:28:6a:80:a5:15:ac:97:03:6b:f8:4a:
4a:e4:f7:f8:0b:2a:4f:7c:99:df:7c:9e:6b:cd:dd:
85:99:36:5e:fd:f3:c2:ee:91:5b:5f:9b:e3:10:ae:
94:ca:d5:f3:3e:7e:7e:01:17:10:79:c3:d4:d5:57:
81:93:ee:e8:65:1f:f7:f8:5e:b3:56:e1:4a:16:65:
43:ce:93:07:0f:f3:74:cd:72:9f:db:7e:f6:ed:cb:
ce:41:74:d2:27:2a:2d:57:ae:ea:7f:e1:3b:2a:a3:
22:fd:16:98:eb:00:a0:9f:92:4b:0e:e4:c2:5e:84:
cf:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:80:E4:DB:B8:5E:B7:0F:5F:6E:44:CF:A7:79:20:8F:C2:15:1A:E1
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/voDk27hetw9fbkTPp3kgj8IVGuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.182.108.0/24
95.182.110.0/24
109.248.6.0/23
109.248.33.0/24
109.248.45.0/24
109.248.168.0/23
188.130.209.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:88:67:08:d7:ea:23:af:18:ca:de:8e:f0:ba:4c:e8:36:74:
7b:4a:5b:10:e0:2c:a6:fc:7b:c1:3e:ac:cd:e3:96:18:0d:d2:
31:f9:a6:7a:75:bd:13:cb:da:3e:1b:17:e9:9c:55:cb:7c:39:
66:d4:99:2e:cb:bc:88:bd:35:9b:8c:13:84:e8:73:df:86:d7:
d2:7d:b4:92:eb:3c:14:ae:db:92:0c:0c:fe:fb:e8:d2:cd:30:
4b:22:4c:a0:96:01:cc:8c:99:1f:49:3b:30:c6:65:d1:1b:a6:
ab:5c:3b:08:7b:49:ee:f9:bd:51:cb:0f:cf:d5:8e:b0:63:67:
20:ee:fb:ee:9a:3a:eb:83:5b:a8:ef:a1:b8:0f:3a:ff:5f:a6:
67:09:dd:7f:37:cb:32:cd:35:4f:1e:97:e5:50:2e:92:e1:00:
6b:f4:2e:b2:23:fe:ab:56:b9:ae:26:0a:fb:ec:70:14:0b:80:
50:26:78:42:ac:be:6f:5b:ae:16:f6:55:b9:bc:0f:3c:2a:7b:
dd:4e:71:1d:29:95:56:a2:4d:25:03:00:18:36:e1:55:bf:08:
ee:08:c8:51:ad:dc:b2:08:b4:c9:6d:e0:c7:2a:11:3d:11:34:
7e:02:52:d5:f5:23:4b:94:15:26:a3:4a:5d:77:87:77:16:f4:
04:0d:36:48
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEOELDUjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ODViODU3NzA2ZGFjNTRlMjBjYTBkMTFiZDY0MTZjYjYzNDIwM2I0MB4XDTIyMDUx
MTE1MjgwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmU4MGU0ZGJiODVl
YjcwZjVmNmU0NGNmYTc3OTIwOGZjMjE1MWFlMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJpYlYahFBzvoDGuBmjvRAMwpTryFhvu5DQ6EWSL46gN0iln
oeLqB0UL4lr48d1/jsChXufAzfgroaRKJJ/gGqsx2dTgbYofCDm/D3ZnnyVle64h
R0UrkMrnjkfkwNJjA2AXnK5uXXSP/KPP0webDmRiyeGSZH/t9df8juWs9Kc4bCcZ
swR6xW11CChqgKUVrJcDa/hKSuT3+AsqT3yZ33yea83dhZk2Xv3zwu6RW1+b4xCu
lMrV8z5+fgEXEHnD1NVXgZPu6GUf9/hes1bhShZlQ86TBw/zdM1yn9t+9u3LzkF0
0icqLVeu6n/hOyqjIv0WmOsAoJ+SSw7kwl6Ezz8CAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBS+gOTbuF63D19uRM+neSCPwhUa4TAfBgNVHSMEGDAWgBSIW4V3BtrFTiDK
DRG9ZBbLY0IDtDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lGdUZkd2JheFU0Z3lnMFJ2V1FXeTJOQ0E3US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjUvMzIxY2RjLTIxNDMtNGI1Yy05NzMzLTE2Njk5Yzk2ZGQ1ZS8x
L3ZvRGsyN2hldHc5ZmJrVFBwM2tnajhJVkd1RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUv
MzIxY2RjLTIxNDMtNGI1Yy05NzMzLTE2Njk5Yzk2ZGQ1ZS8xL2lGdUZkd2JheFU0
Z3lnMFJ2V1FXeTJOQ0E3US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAF+2bAMEAF+2bgMEAW34BgMEAG34
IQMEAG34LQMEAW34qAMEALyC0TANBgkqhkiG9w0BAQsFAAOCAQEAtIhnCNfqI68Y
yt6O8LpM6DZ0e0pbEOAspvx7wT6szeOWGA3SMfmmenW9E8vaPhsX6ZxVy3w5ZtSZ
Lsu8iL01m4wThOhz34bX0n20kus8FK7bkgwM/vvo0s0wSyJMoJYBzIyZH0k7MMZl
0Rumq1w7CHtJ7vm9UcsPz9WOsGNnIO777po664NbqO+huA86/1+mZwndfzfLMs01
Tx6X5VAukuEAa/QusiP+q1a5riYK++xwFAuAUCZ4Qqy+b1uuFvZVubwPPCp73U5x
HSmVVqJNJQMAGDbhVb8I7gjIUa3csgi0yW3gxyoRPRE0fgJS1fUjS5QVJqNKXXeH
dxb0BA02SA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:57 2024 by rpki-client on console-fra.rpki-client.org