Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/7473ac-8437-4c21-ac13-0b477ca73ac6/1/VGAsj6eucHXydB_EN4DJlo6Cj34.roa
File: VGAsj6eucHXydB_EN4DJlo6Cj34.roa (raw, json)
Hash identifier: KxWoigYCzDAIWn1eE5R5GsHnyJAVy2fAHdrO86DKlkw=
Subject key identifier: 54:60:2C:8F:A7:AE:70:75:F2:74:1F:C4:37:80:C9:96:8E:82:8F:7E
Certificate issuer: /CN=509fe7e8b9de675913121e7ebb4226b62d03b1cb
Certificate serial: 0183A1E7D715D2C5309B21B152CB4CC881EA
Authority key identifier: 50:9F:E7:E8:B9:DE:67:59:13:12:1E:7E:BB:42:26:B6:2D:03:B1:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UJ_n6LneZ1kTEh5-u0Imti0Dscs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/7473ac-8437-4c21-ac13-0b477ca73ac6/1/VGAsj6eucHXydB_EN4DJlo6Cj34.roa
Signing time: Tue 04 Oct 2022 07:31:09 +0000
ROA not before: Tue 04 Oct 2022 07:31:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25413
IP address blocks: 194.105.120.0/21 maxlen: 24
194.156.12.0/22 maxlen: 24
146.106.0.0/16 maxlen: 24
2a0d:c40::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a1:e7:d7:15:d2:c5:30:9b:21:b1:52:cb:4c:c8:81:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=509fe7e8b9de675913121e7ebb4226b62d03b1cb
Validity
Not Before: Oct 4 07:31:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=54602c8fa7ae7075f2741fc43780c9968e828f7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ee:26:90:f0:ef:b2:28:da:7f:f4:82:12:6a:
32:4b:fc:2c:5f:95:a1:fe:0a:e9:b2:b5:99:b1:15:
db:4e:60:74:1b:03:ba:00:04:0d:8b:f9:e3:3b:4c:
ee:4e:64:a0:b4:78:1d:a3:63:0c:90:82:9e:c8:eb:
b9:35:6d:a5:99:ed:6b:47:a9:a8:1b:e6:82:df:21:
cb:d1:ae:f0:98:e0:89:7e:45:35:1e:3c:78:7a:46:
01:c5:91:70:9c:a7:c5:d1:f7:bf:48:92:d1:2f:8a:
cd:ba:88:2c:c8:2f:fd:11:1b:66:16:1b:1b:84:d6:
f9:a2:a6:54:19:6b:61:c7:bf:d6:18:64:af:92:10:
94:38:88:19:26:89:aa:34:2b:31:9a:38:57:84:fa:
45:0d:f0:a2:ec:9f:f7:d4:d7:ce:2e:95:db:4d:f9:
ec:4f:2d:a0:5b:e0:a8:be:03:a9:0d:d5:0b:42:f7:
26:e2:f1:b5:bb:4d:7f:e5:6a:10:89:96:b9:a1:52:
45:16:0b:b7:5a:2d:1e:69:8a:e6:ec:85:61:cf:a8:
66:a1:e2:25:04:2c:1e:cc:16:00:af:f2:8c:30:b5:
7f:c4:5f:c1:5b:5d:69:de:82:a0:08:77:62:c3:ca:
fd:15:ef:f7:be:e3:01:8f:5d:b9:5e:2a:6b:c7:ed:
e0:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:60:2C:8F:A7:AE:70:75:F2:74:1F:C4:37:80:C9:96:8E:82:8F:7E
X509v3 Authority Key Identifier:
keyid:50:9F:E7:E8:B9:DE:67:59:13:12:1E:7E:BB:42:26:B6:2D:03:B1:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UJ_n6LneZ1kTEh5-u0Imti0Dscs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/7473ac-8437-4c21-ac13-0b477ca73ac6/1/VGAsj6eucHXydB_EN4DJlo6Cj34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/7473ac-8437-4c21-ac13-0b477ca73ac6/1/UJ_n6LneZ1kTEh5-u0Imti0Dscs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.106.0.0/16
194.105.120.0/21
194.156.12.0/22
IPv6:
2a0d:c40::/29
Signature Algorithm: sha256WithRSAEncryption
c8:6c:0a:d6:0e:64:12:ad:53:9a:fd:ec:b4:74:7a:f6:67:da:
b3:a3:a1:48:d7:f0:fc:a1:6e:ef:1a:b1:95:ff:84:64:f3:dc:
de:ae:6f:21:1a:67:c5:7f:d5:5a:9f:72:f1:43:6c:eb:e0:4e:
15:e7:1e:6a:70:a6:4e:d2:50:11:97:1a:b7:48:82:91:64:6a:
24:fd:91:84:db:2a:ab:1d:2f:9f:ae:ba:13:7b:89:65:f6:68:
e7:bb:62:6c:9a:a1:e6:fb:b5:6d:ba:8a:7b:6b:ac:4a:21:52:
a0:42:0b:b3:63:99:1d:e7:f6:e0:07:a2:10:a1:0e:bf:54:93:
78:0e:9f:6f:99:4e:88:0e:ad:0b:4e:ce:2f:0f:b6:4d:aa:fe:
ed:b4:2b:e6:81:65:da:9d:fb:f3:72:f3:32:c8:98:fd:d1:40:
1e:e9:e8:d1:25:6d:1a:c0:f3:4f:ba:2f:41:cc:2c:6d:a6:fa:
75:65:d0:4e:26:be:fa:22:8b:bb:63:5d:a0:09:07:4f:a3:55:
a3:e5:63:db:a4:a9:49:5e:3a:3d:2c:91:b5:ba:90:71:5a:8a:
95:e8:e3:c9:bd:5a:df:90:a1:6e:24:6b:ac:54:2e:87:14:17:
ab:4b:79:ce:b0:3a:5d:64:87:05:54:99:18:3f:c7:4f:1f:09:
d4:c2:4a:0f
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYOh59cV0sUwmyGxUstMyIHqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwOWZlN2U4YjlkZTY3NTkxMzEyMWU3ZWJiNDIyNmI2MmQw
M2IxY2IwHhcNMjIxMDA0MDczMTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDYwMmM4ZmE3YWU3MDc1ZjI3NDFmYzQzNzgwYzk5NjhlODI4ZjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApO4mkPDvsijaf/SCEmoyS/wsX5Wh
/grpsrWZsRXbTmB0GwO6AAQNi/njO0zuTmSgtHgdo2MMkIKeyOu5NW2lme1rR6mo
G+aC3yHL0a7wmOCJfkU1Hjx4ekYBxZFwnKfF0fe/SJLRL4rNuogsyC/9ERtmFhsb
hNb5oqZUGWthx7/WGGSvkhCUOIgZJomqNCsxmjhXhPpFDfCi7J/31NfOLpXbTfns
Ty2gW+CovgOpDdULQvcm4vG1u01/5WoQiZa5oVJFFgu3Wi0eaYrm7IVhz6hmoeIl
BCwezBYAr/KMMLV/xF/BW11p3oKgCHdiw8r9Fe/3vuMBj125Xiprx+3gBQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFFRgLI+nrnB18nQfxDeAyZaOgo9+MB8GA1UdIwQY
MBaAFFCf5+i53mdZExIefrtCJrYtA7HLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUpfbjZMbmVaMWtURWg1LXUwSW10aTBEc2NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy83NDczYWMtODQzNy00YzIxLWFjMTMt
MGI0NzdjYTczYWM2LzEvVkdBc2o2ZXVjSFh5ZEJfRU40REpsbzZDajM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy83NDczYWMtODQzNy00YzIxLWFjMTMtMGI0NzdjYTczYWM2
LzEvVUpfbjZMbmVaMWtURWg1LXUwSW10aTBEc2NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwMAkmoDBAPC
aXgDBALCnAwwDQQCAAIwBwMFAyoNDEAwDQYJKoZIhvcNAQELBQADggEBAMhsCtYO
ZBKtU5r97LR0evZn2rOjoUjX8Pyhbu8asZX/hGTz3N6ubyEaZ8V/1VqfcvFDbOvg
ThXnHmpwpk7SUBGXGrdIgpFkaiT9kYTbKqsdL5+uuhN7iWX2aOe7Ymyaoeb7tW26
intrrEohUqBCC7NjmR3n9uAHohChDr9Uk3gOn2+ZTogOrQtOzi8Ptk2q/u20K+aB
Zdqd+/Ny8zLImP3RQB7p6NElbRrA80+6L0HMLG2m+nVl0E4mvvoii7tjXaAJB0+j
VaPlY9ukqUleOj0skbW6kHFaipXo48m9Wt+QoW4ka6xULocUF6tLec6wOl1khwVU
mRg/x08fCdTCSg8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:15 2025 by rpki-client