Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/4a1305-391c-446c-9a33-4c08ffe10076/1/VVXeQXNWmGpdfRAbuDbeVSkr-dY.roa
File: VVXeQXNWmGpdfRAbuDbeVSkr-dY.roa (raw, json)
Hash identifier: gim0wns0yAfQpx6Te3MXo2B9RjI4HAGYWhpmTQVY0Kk=
Subject key identifier: 55:55:DE:41:73:56:98:6A:5D:7D:10:1B:B8:36:DE:55:29:2B:F9:D6
Certificate issuer: /CN=668e9b2eefb205342382b6072a903f9d9837071a
Certificate serial: 0187802947D0F1CEAE5F8EDCF89967BC8B05
Authority key identifier: 66:8E:9B:2E:EF:B2:05:34:23:82:B6:07:2A:90:3F:9D:98:37:07:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zo6bLu-yBTQjgrYHKpA_nZg3Bxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/4a1305-391c-446c-9a33-4c08ffe10076/1/VVXeQXNWmGpdfRAbuDbeVSkr-dY.roa
Signing time: Fri 14 Apr 2023 14:26:41 +0000
ROA not before: Fri 14 Apr 2023 14:26:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44056
IP address blocks: 176.125.192.0/19 maxlen: 19
46.148.128.0/22 maxlen: 22
46.148.128.0/20 maxlen: 20
31.135.224.0/20 maxlen: 20
31.135.232.0/22 maxlen: 22
31.135.236.0/23 maxlen: 23
46.148.143.0/24 maxlen: 24
195.2.238.0/23 maxlen: 23
109.196.64.0/22 maxlen: 22
109.196.64.0/20 maxlen: 24
109.196.68.0/22 maxlen: 22
91.195.130.0/23 maxlen: 23
91.230.146.0/24 maxlen: 24
83.97.104.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:80:29:47:d0:f1:ce:ae:5f:8e:dc:f8:99:67:bc:8b:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=668e9b2eefb205342382b6072a903f9d9837071a
Validity
Not Before: Apr 14 14:26:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5555de417356986a5d7d101bb836de55292bf9d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:6d:9a:d3:97:79:b2:d2:29:0d:7a:94:9c:6b:
5b:88:06:3a:b5:66:01:43:e3:63:44:96:4a:7e:c4:
e9:c0:04:52:81:80:50:81:28:e6:59:c7:ef:83:61:
2f:80:a1:91:53:0c:d0:cf:fb:62:16:c4:02:a0:65:
86:92:65:89:f2:e6:51:f7:44:0f:2f:59:11:79:d5:
00:74:01:d3:43:40:e4:f4:df:7a:d7:74:c3:14:0b:
3f:64:1a:87:cf:8d:cb:bb:2b:0d:b5:f2:12:5f:3b:
5a:16:48:d4:b8:3e:53:f3:c3:04:7e:9c:f1:19:aa:
f0:55:2e:15:c4:1a:2a:e8:23:e1:33:ed:d4:13:dc:
d8:41:26:19:4d:cf:02:05:d9:0f:16:1d:c8:09:c1:
42:a8:21:94:cd:1d:6b:97:cf:f8:57:a4:22:ca:f0:
db:07:54:ce:e9:e2:3c:56:4c:29:4f:44:e7:d8:f9:
70:d8:2a:f6:fc:15:85:33:14:aa:c3:30:8e:a5:b4:
2f:0e:f1:e4:03:72:79:4b:ab:9a:0f:2d:2e:b3:78:
a6:88:7a:29:8a:de:7e:81:8a:34:5d:ff:21:24:7b:
ec:12:e7:75:8f:8c:de:2f:bf:75:67:ca:8a:83:d8:
e7:c9:ee:1d:7e:ca:4d:fb:a1:25:32:29:19:a3:80:
47:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:55:DE:41:73:56:98:6A:5D:7D:10:1B:B8:36:DE:55:29:2B:F9:D6
X509v3 Authority Key Identifier:
keyid:66:8E:9B:2E:EF:B2:05:34:23:82:B6:07:2A:90:3F:9D:98:37:07:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zo6bLu-yBTQjgrYHKpA_nZg3Bxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/4a1305-391c-446c-9a33-4c08ffe10076/1/VVXeQXNWmGpdfRAbuDbeVSkr-dY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/4a1305-391c-446c-9a33-4c08ffe10076/1/Zo6bLu-yBTQjgrYHKpA_nZg3Bxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.224.0/20
46.148.128.0/20
83.97.104.0/21
91.195.130.0/23
91.230.146.0/24
109.196.64.0/20
176.125.192.0/19
195.2.238.0/23
Signature Algorithm: sha256WithRSAEncryption
41:9f:a0:89:bf:ae:d9:15:b3:9e:21:9c:c5:5f:42:e9:7e:bf:
4a:a9:9f:b7:1c:19:44:50:0f:7d:b2:76:fb:2f:72:fd:f0:92:
80:a7:31:4a:d0:22:22:a0:1b:9b:e8:68:17:ab:c6:a1:a7:83:
88:22:58:a3:92:45:1e:d3:70:e9:9a:9f:bb:f9:67:d7:07:e6:
29:95:c5:36:b9:65:0d:be:cf:b5:58:ad:f9:26:51:0c:f3:86:
57:99:e6:a3:4b:5a:28:18:0a:0d:db:ed:d3:3a:c9:ae:00:02:
4a:bb:25:db:ea:34:a8:16:df:4b:09:f4:e7:e5:9d:37:e9:ad:
ba:64:6e:ee:bd:eb:ac:e5:73:f7:59:39:6b:fc:21:08:fa:36:
e0:f4:85:16:44:e4:04:17:56:e5:b3:ce:86:8d:c3:7d:31:18:
8f:4e:3e:c6:4c:b1:de:0f:16:65:a7:85:66:ee:81:64:53:65:
67:43:8a:61:22:c5:af:ed:37:18:bc:71:7b:2d:15:a8:b1:50:
bd:0d:fc:18:2f:ab:1c:82:f0:57:a6:15:84:e5:71:b5:cc:b5:
b1:cf:f4:a0:60:d5:23:9f:6a:3b:86:30:eb:f1:a4:42:06:1d:
85:e7:57:09:2f:47:80:f8:2a:4c:89:d5:c4:d9:b6:e6:f8:d1:
98:f3:98:8e
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYeAKUfQ8c6uX47c+JlnvIsFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OGU5YjJlZWZiMjA1MzQyMzgyYjYwNzJhOTAzZjlkOTgz
NzA3MWEwHhcNMjMwNDE0MTQyNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTU1ZGU0MTczNTY5ODZhNWQ3ZDEwMWJiODM2ZGU1NTI5MmJmOWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvW2a05d5stIpDXqUnGtbiAY6tWYB
Q+NjRJZKfsTpwARSgYBQgSjmWcfvg2EvgKGRUwzQz/tiFsQCoGWGkmWJ8uZR90QP
L1kRedUAdAHTQ0Dk9N9613TDFAs/ZBqHz43LuysNtfISXztaFkjUuD5T88MEfpzx
GarwVS4VxBoq6CPhM+3UE9zYQSYZTc8CBdkPFh3ICcFCqCGUzR1rl8/4V6QiyvDb
B1TO6eI8VkwpT0Tn2Plw2Cr2/BWFMxSqwzCOpbQvDvHkA3J5S6uaDy0us3imiHop
it5+gYo0Xf8hJHvsEud1j4zeL791Z8qKg9jnye4dfspN+6ElMikZo4BHmQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFFVV3kFzVphqXX0QG7g23lUpK/nWMB8GA1UdIwQY
MBaAFGaOmy7vsgU0I4K2ByqQP52YNwcaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm82Ykx1LXlCVFFqZ3JZSEtwQV9uWmczQnhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC80YTEzMDUtMzkxYy00NDZjLTlhMzMt
NGMwOGZmZTEwMDc2LzEvVlZYZVFYTldtR3BkZlJBYnVEYmVWU2tyLWRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC80YTEzMDUtMzkxYy00NDZjLTlhMzMtNGMwOGZmZTEwMDc2
LzEvWm82Ykx1LXlCVFFqZ3JZSEtwQV9uWmczQnhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQEH4fgAwQE
LpSAAwQDU2FoAwQBW8OCAwQAW+aSAwQEbcRAAwQFsH3AAwQBwwLuMA0GCSqGSIb3
DQEBCwUAA4IBAQBBn6CJv67ZFbOeIZzFX0Lpfr9KqZ+3HBlEUA99snb7L3L98JKA
pzFK0CIioBub6GgXq8ahp4OIIlijkkUe03Dpmp+7+WfXB+YplcU2uWUNvs+1WK35
JlEM84ZXmeajS1ooGAoN2+3TOsmuAAJKuyXb6jSoFt9LCfTn5Z036a26ZG7uveus
5XP3WTlr/CEI+jbg9IUWROQEF1bls86GjcN9MRiPTj7GTLHeDxZlp4Vm7oFkU2Vn
Q4phIsWv7TcYvHF7LRWosVC9DfwYL6scgvBXphWE5XG1zLWxz/SgYNUjn2o7hjDr
8aRCBh2F51cJL0eA+CpMidXE2bbm+NGY85iO
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:43 2025 by rpki-client