Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/aedb03-b04c-4212-813b-ff25ba599031/1/vlZNevA8aG43_ve4QME_8p-EK5I.roa
File: vlZNevA8aG43_ve4QME_8p-EK5I.roa (raw, json)
Hash identifier: 1l20FPzkPsCbAi3P/r4MV2FQl5gQO0mfRKeGC2k7a8k=
Subject key identifier: BE:56:4D:7A:F0:3C:68:6E:37:FE:F7:B8:40:C1:3F:F2:9F:84:2B:92
Certificate issuer: /CN=550b7c0c8bae610f7e519c0485a4773bceb48dab
Certificate serial: 382D7D00
Authority key identifier: 55:0B:7C:0C:8B:AE:61:0F:7E:51:9C:04:85:A4:77:3B:CE:B4:8D:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VQt8DIuuYQ9-UZwEhaR3O860jas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/aedb03-b04c-4212-813b-ff25ba599031/1/vlZNevA8aG43_ve4QME_8p-EK5I.roa
Signing time: Sat 01 Jan 2022 11:56:35 +0000
ROA not before: Sat 01 Jan 2022 11:56:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34619
IP address blocks: 94.73.128.0/18 maxlen: 24
185.22.186.0/24 maxlen: 24
185.22.184.0/22 maxlen: 24
185.22.184.0/24 maxlen: 24
185.22.185.0/24 maxlen: 24
80.253.240.0/22 maxlen: 24
89.19.0.0/19 maxlen: 24
85.159.64.0/21 maxlen: 24
37.148.208.0/21 maxlen: 24
2a02:2020::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 942505216 (0x382d7d00)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=550b7c0c8bae610f7e519c0485a4773bceb48dab
Validity
Not Before: Jan 1 11:56:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=be564d7af03c686e37fef7b840c13ff29f842b92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:10:02:10:96:31:79:f6:fa:1c:04:6f:42:d9:
24:c3:97:67:a3:71:ac:0e:6d:c9:a6:ac:31:5b:e7:
ac:74:50:b7:c8:f0:6c:72:60:9a:21:0b:15:f6:dc:
7c:55:1b:b2:1b:3b:ed:8e:96:4f:82:cd:01:43:ae:
46:ee:77:62:1e:e0:0d:16:4c:ee:23:ea:b8:3f:6d:
33:e9:9d:90:1a:76:bc:57:a8:48:18:f6:41:fc:2b:
b5:de:12:1f:30:87:81:d8:0c:8f:fd:b9:b1:4f:91:
19:88:91:66:ea:92:f5:d3:8f:09:e1:41:02:02:01:
0b:af:dc:26:1a:7a:63:bb:b4:c7:e8:d1:bd:43:e1:
5e:cd:ac:e6:74:dd:8c:42:11:86:ab:c9:f5:36:75:
b4:b2:19:16:a5:b6:d6:df:b0:ff:9b:cd:01:68:ba:
5d:0a:ed:60:63:ba:12:0e:1d:b3:2c:7f:d3:1d:13:
1d:f4:c7:b3:97:77:f5:3c:74:fa:f4:c3:a8:ba:84:
3d:a0:d2:58:fc:2d:13:04:7f:c9:86:1f:f3:7f:5a:
36:ec:2d:78:be:12:d2:16:98:af:38:0d:ae:cb:df:
7b:86:5f:4c:e9:33:47:dc:dd:13:a3:de:c9:fe:35:
1a:f3:c8:f2:3a:eb:3a:bb:12:77:ea:e0:7f:be:9e:
d4:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:56:4D:7A:F0:3C:68:6E:37:FE:F7:B8:40:C1:3F:F2:9F:84:2B:92
X509v3 Authority Key Identifier:
keyid:55:0B:7C:0C:8B:AE:61:0F:7E:51:9C:04:85:A4:77:3B:CE:B4:8D:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VQt8DIuuYQ9-UZwEhaR3O860jas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/aedb03-b04c-4212-813b-ff25ba599031/1/vlZNevA8aG43_ve4QME_8p-EK5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/aedb03-b04c-4212-813b-ff25ba599031/1/VQt8DIuuYQ9-UZwEhaR3O860jas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.208.0/21
80.253.240.0/22
85.159.64.0/21
89.19.0.0/19
94.73.128.0/18
185.22.184.0/22
IPv6:
2a02:2020::/32
Signature Algorithm: sha256WithRSAEncryption
0d:89:74:df:01:16:9f:d5:42:79:06:7c:3f:71:44:c5:10:e8:
b8:20:1a:d6:0e:0a:8d:db:09:f2:ad:14:be:22:ea:92:47:6b:
9a:44:d6:92:e2:43:f8:75:1a:c1:c6:22:28:aa:f6:c0:80:54:
f3:50:10:86:aa:82:3f:29:08:37:16:31:51:3a:6e:0b:46:9e:
e1:cb:d5:e6:7e:16:8b:67:57:2f:b9:e2:23:d0:26:01:8b:fd:
93:15:93:ea:1d:de:ff:18:a6:ab:b1:30:8b:5e:fe:46:56:42:
8a:fc:7e:2f:99:d0:65:dd:76:a0:c3:dc:b7:29:3f:e1:e6:3c:
a1:0c:0b:e0:dd:09:a6:dc:98:4a:e1:fb:4e:1f:7c:21:24:a1:
96:da:aa:d6:a0:bb:4e:c2:e4:9f:4a:82:74:c5:d0:a4:8e:00:
0e:99:c9:35:a3:fc:5b:37:f2:13:5e:6c:1f:b1:26:d9:d9:36:
2f:68:5a:1e:2e:d5:92:1a:30:45:db:97:ba:41:d1:15:fe:72:
9c:2d:e4:76:2a:f2:a4:7b:da:58:d2:80:50:a8:64:cd:32:35:
34:f4:ab:8c:e5:72:78:7e:ae:4c:46:91:04:f0:3a:c0:1c:9a:
16:b8:e5:f5:85:7b:15:b8:59:2a:02:99:c7:80:b4:25:bf:87:
aa:1a:96:99
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEOC19ADANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NTBiN2MwYzhiYWU2MTBmN2U1MTljMDQ4NWE0NzczYmNlYjQ4ZGFiMB4XDTIyMDEw
MTExNTYzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmU1NjRkN2FmMDNj
Njg2ZTM3ZmVmN2I4NDBjMTNmZjI5Zjg0MmI5MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKwQAhCWMXn2+hwEb0LZJMOXZ6NxrA5tyaasMVvnrHRQt8jw
bHJgmiELFfbcfFUbshs77Y6WT4LNAUOuRu53Yh7gDRZM7iPquD9tM+mdkBp2vFeo
SBj2Qfwrtd4SHzCHgdgMj/25sU+RGYiRZuqS9dOPCeFBAgIBC6/cJhp6Y7u0x+jR
vUPhXs2s5nTdjEIRhqvJ9TZ1tLIZFqW21t+w/5vNAWi6XQrtYGO6Eg4dsyx/0x0T
HfTHs5d39Tx0+vTDqLqEPaDSWPwtEwR/yYYf839aNuwteL4S0haYrzgNrsvfe4Zf
TOkzR9zdE6Peyf41GvPI8jrrOrsSd+rgf76e1E0CAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBS+Vk168Dxobjf+97hAwT/yn4QrkjAfBgNVHSMEGDAWgBRVC3wMi65hD35R
nASFpHc7zrSNqzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZRdDhESXV1WVE5LVVad0VoYVIzTzg2MGphcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmEvYWVkYjAzLWIwNGMtNDIxMi04MTNiLWZmMjViYTU5OTAzMS8x
L3ZsWk5ldkE4YUc0M192ZTRRTUVfOHAtRUs1SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEv
YWVkYjAzLWIwNGMtNDIxMi04MTNiLWZmMjViYTU5OTAzMS8xL1ZRdDhESXV1WVE5
LVVad0VoYVIzTzg2MGphcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAyWU0AMEAlD98AMEA1WfQAMEBVkT
AAMEBl5JgAMEArkWuDANBAIAAjAHAwUAKgIgIDANBgkqhkiG9w0BAQsFAAOCAQEA
DYl03wEWn9VCeQZ8P3FExRDouCAa1g4KjdsJ8q0UviLqkkdrmkTWkuJD+HUawcYi
KKr2wIBU81AQhqqCPykINxYxUTpuC0ae4cvV5n4Wi2dXL7niI9AmAYv9kxWT6h3e
/ximq7Ewi17+RlZCivx+L5nQZd12oMPctyk/4eY8oQwL4N0JptyYSuH7Th98ISSh
ltqq1qC7TsLkn0qCdMXQpI4ADpnJNaP8WzfyE15sH7Em2dk2L2haHi7VkhowRduX
ukHRFf5ynC3kdirypHvaWNKAUKhkzTI1NPSrjOVyeH6uTEaRBPA6wByaFrjl9YV7
FbhZKgKZx4C0Jb+HqhqWmQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:47 2024 by rpki-client on console-fra.rpki-client.org