Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/34649e-9bc4-4018-b3a0-756f3cc3ec33/1/Vf282Vk-MWtX4VWj25pYJD4nsgg.roa
File: Vf282Vk-MWtX4VWj25pYJD4nsgg.roa (raw, json)
Hash identifier: slJkQ4gTezEEEsPvydh5CY5iQQani+xm+RbK5M4dE7k=
Subject key identifier: 55:FD:BC:D9:59:3E:31:6B:57:E1:55:A3:DB:9A:58:24:3E:27:B2:08
Certificate issuer: /CN=6daacc448c4a23afc94a45a79b76dfbe830b2598
Certificate serial: 326D0973
Authority key identifier: 6D:AA:CC:44:8C:4A:23:AF:C9:4A:45:A7:9B:76:DF:BE:83:0B:25:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/barMRIxKI6_JSkWnm3bfvoMLJZg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/34649e-9bc4-4018-b3a0-756f3cc3ec33/1/Vf282Vk-MWtX4VWj25pYJD4nsgg.roa
Signing time: Sat 01 Jan 2022 10:54:44 +0000
ROA not before: Sat 01 Jan 2022 10:54:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199046
IP address blocks: 185.132.249.0/24 maxlen: 24
185.132.251.0/24 maxlen: 24
185.132.248.0/24 maxlen: 24
185.132.248.0/22 maxlen: 22
185.132.250.0/24 maxlen: 24
5.133.24.0/21 maxlen: 24
2a09:9900::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 846006643 (0x326d0973)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6daacc448c4a23afc94a45a79b76dfbe830b2598
Validity
Not Before: Jan 1 10:54:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=55fdbcd9593e316b57e155a3db9a58243e27b208
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:7e:65:51:33:d4:27:b2:50:9c:ce:75:6a:45:
15:ed:ae:48:76:f1:14:03:bd:ee:43:ef:d5:9d:6f:
b1:d3:9b:c4:0f:68:66:e8:43:79:ad:89:98:60:4c:
c3:f8:7d:6c:78:9d:bc:b5:8f:b8:23:4e:2a:f7:27:
3a:e3:33:13:99:c3:0e:a6:be:51:02:d6:9b:f2:42:
01:96:5a:56:74:5b:f7:5c:03:40:52:de:fc:be:11:
da:8d:bc:97:f5:28:f5:e2:87:ca:2c:e5:b6:d4:79:
52:ba:45:1a:71:f1:cf:4e:60:bb:1e:4d:f3:07:67:
2a:ff:36:bd:ec:37:71:38:af:5d:d7:e0:7a:6a:1a:
c1:e4:53:5a:b0:74:95:b0:84:14:fa:f0:de:16:27:
63:69:ee:09:8e:32:7b:e8:a0:e0:d5:c8:0b:20:03:
aa:2d:45:d8:07:e5:aa:ca:3a:69:90:c2:8f:b6:b1:
2b:b6:b2:3d:ec:bd:1a:10:41:c6:08:5f:8c:43:cd:
f3:a1:95:7b:5e:c5:d4:df:ca:39:9f:a2:61:bf:43:
bb:6a:fa:0f:d1:39:ef:87:b0:b0:6d:08:73:44:14:
29:5d:7c:70:b8:18:46:f2:9f:67:0d:dc:b0:2f:cd:
8a:4e:3b:1d:d3:25:dd:4e:d4:02:a9:2c:d2:ea:59:
06:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:FD:BC:D9:59:3E:31:6B:57:E1:55:A3:DB:9A:58:24:3E:27:B2:08
X509v3 Authority Key Identifier:
keyid:6D:AA:CC:44:8C:4A:23:AF:C9:4A:45:A7:9B:76:DF:BE:83:0B:25:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/barMRIxKI6_JSkWnm3bfvoMLJZg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/34649e-9bc4-4018-b3a0-756f3cc3ec33/1/Vf282Vk-MWtX4VWj25pYJD4nsgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/34649e-9bc4-4018-b3a0-756f3cc3ec33/1/barMRIxKI6_JSkWnm3bfvoMLJZg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.24.0/21
185.132.248.0/22
IPv6:
2a09:9900::/32
Signature Algorithm: sha256WithRSAEncryption
75:93:a2:5f:bc:a6:55:dd:cf:d0:6c:90:9b:a9:36:ca:26:19:
62:ae:54:83:c5:2a:32:00:44:8d:11:e4:fd:ec:f6:db:d6:fe:
b6:ad:6d:09:5f:a3:ec:5d:38:e2:1a:f2:4d:a7:8d:a7:e1:aa:
21:a0:bb:c6:97:7d:e8:42:e4:b5:c2:e5:7e:99:13:8f:46:39:
6b:37:9b:23:d0:f7:30:00:d3:a3:ac:6f:08:49:a2:39:d8:05:
b7:ca:25:63:c9:0f:4b:60:55:5d:96:89:c8:f7:5f:87:6a:e5:
e1:a8:55:1b:d5:49:2c:df:f4:68:5d:1c:cb:c2:2f:fd:09:61:
50:26:45:23:4e:4f:09:49:ca:a7:46:41:de:3d:ad:01:83:09:
af:c9:f6:1e:f8:5b:71:6f:31:ac:dd:02:21:8c:ec:e0:bc:47:
d6:e5:c1:41:73:2b:00:03:a9:4b:73:b4:c0:00:9b:be:70:9f:
ea:ae:44:6c:e1:1d:15:21:f9:cd:c3:5e:c7:51:df:eb:2b:55:
ad:05:86:f4:d9:cf:b7:0d:79:97:92:b0:24:fa:49:8e:06:82:
d6:02:39:e0:3e:15:a6:a7:a4:50:18:11:8e:22:76:4a:c5:2f:
cf:51:ea:5a:04:32:04:0a:ef:61:42:3f:5d:77:22:ad:03:f2:
2b:dc:9b:10
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEMm0JczANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZGFhY2M0NDhjNGEyM2FmYzk0YTQ1YTc5Yjc2ZGZiZTgzMGIyNTk4MB4XDTIyMDEw
MTEwNTQ0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTVmZGJjZDk1OTNl
MzE2YjU3ZTE1NWEzZGI5YTU4MjQzZTI3YjIwODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALp+ZVEz1CeyUJzOdWpFFe2uSHbxFAO97kPv1Z1vsdObxA9o
ZuhDea2JmGBMw/h9bHidvLWPuCNOKvcnOuMzE5nDDqa+UQLWm/JCAZZaVnRb91wD
QFLe/L4R2o28l/Uo9eKHyizlttR5UrpFGnHxz05gux5N8wdnKv82vew3cTivXdfg
emoaweRTWrB0lbCEFPrw3hYnY2nuCY4ye+ig4NXICyADqi1F2Aflqso6aZDCj7ax
K7ayPey9GhBBxghfjEPN86GVe17F1N/KOZ+iYb9Du2r6D9E574ewsG0Ic0QUKV18
cLgYRvKfZw3csC/Nik47HdMl3U7UAqks0upZBsMCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBRV/bzZWT4xa1fhVaPbmlgkPieyCDAfBgNVHSMEGDAWgBRtqsxEjEojr8lK
Raebdt++gwslmDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2Jhck1SSXhLSTZfSlNrV25tM2Jmdm9NTEpaZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjgvMzQ2NDllLTliYzQtNDAxOC1iM2EwLTc1NmYzY2MzZWMzMy8x
L1ZmMjgyVmstTVd0WDRWV2oyNXBZSkQ0bnNnZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjgv
MzQ2NDllLTliYzQtNDAxOC1iM2EwLTc1NmYzY2MzZWMzMy8xL2Jhck1SSXhLSTZf
SlNrV25tM2Jmdm9NTEpaZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAwWFGAMEArmE+DANBAIAAjAHAwUA
KgmZADANBgkqhkiG9w0BAQsFAAOCAQEAdZOiX7ymVd3P0GyQm6k2yiYZYq5Ug8Uq
MgBEjRHk/ez229b+tq1tCV+j7F044hryTaeNp+GqIaC7xpd96ELktcLlfpkTj0Y5
azebI9D3MADTo6xvCEmiOdgFt8olY8kPS2BVXZaJyPdfh2rl4ahVG9VJLN/0aF0c
y8Iv/QlhUCZFI05PCUnKp0ZB3j2tAYMJr8n2HvhbcW8xrN0CIYzs4LxH1uXBQXMr
AAOpS3O0wACbvnCf6q5EbOEdFSH5zcNex1Hf6ytVrQWG9NnPtw15l5KwJPpJjgaC
1gI54D4VpqekUBgRjiJ2SsUvz1HqWgQyBArvYUI/XXcirQPyK9ybEA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:34 2024 by rpki-client on console-ams.rpki-client.org