Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/VXPO766JmcnrvTpkihyJjYyjPfU.roa
File: VXPO766JmcnrvTpkihyJjYyjPfU.roa (raw, json)
Hash identifier: CL3o6t6AGCK0RaMGHU3kNRIQvwlzUhQHfurBiD8UDxE=
Subject key identifier: 55:73:CE:EF:AE:89:99:C9:EB:BD:3A:64:8A:1C:89:8D:8C:A3:3D:F5
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0184E62005B35AAB5286660A43C3C447D351
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/VXPO766JmcnrvTpkihyJjYyjPfU.roa
Signing time: Tue 06 Dec 2022 06:29:28 +0000
ROA not before: Tue 06 Dec 2022 06:29:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209737
IP address blocks: 82.163.172.0/22 maxlen: 24
82.163.168.0/22 maxlen: 24
92.114.40.0/22 maxlen: 24
149.126.92.0/22 maxlen: 24
31.186.176.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e6:20:05:b3:5a:ab:52:86:66:0a:43:c3:c4:47:d3:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Dec 6 06:29:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5573ceefae8999c9ebbd3a648a1c898d8ca33df5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:93:f3:a5:b0:b0:3a:6f:91:d8:53:f2:53:c2:
da:a6:95:f0:5c:3c:c9:06:f6:6c:a6:ee:90:df:44:
cc:32:13:af:50:c2:46:17:d1:cd:b7:25:db:b8:ed:
83:29:3a:de:e0:7e:86:66:0b:6f:94:b3:cc:c5:81:
27:fd:cc:da:8c:b1:35:cb:e9:1c:29:74:6d:88:b9:
f2:28:6d:e3:1c:d1:79:2e:f2:68:d6:b2:c5:32:4d:
ba:6f:bf:c4:11:e0:76:2c:d0:6f:49:43:83:bf:a4:
77:51:2b:9a:c6:47:e7:c7:3d:3f:ff:05:36:db:8a:
f6:d7:72:9c:ad:77:ef:db:29:68:a6:72:7c:46:69:
5e:ee:23:0e:a0:6a:f5:f9:4c:67:72:a6:79:fb:1c:
bf:f2:d0:3d:e2:2a:ae:50:5f:6d:fb:fe:85:89:08:
15:6f:05:9e:4a:05:13:ef:b1:3d:d8:c5:4b:53:80:
ac:7d:68:05:c3:c4:71:dc:22:c1:1c:c2:6e:92:f3:
d6:af:87:32:48:b2:ba:82:7d:20:8f:81:dc:b0:0f:
17:53:46:c2:9b:16:46:46:d7:6e:15:c5:e8:0f:c4:
25:ca:89:96:84:4a:b1:cb:6f:80:87:91:62:9a:67:
58:c2:0d:a4:18:f9:a0:ed:d9:ca:24:c0:a3:7c:73:
82:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:73:CE:EF:AE:89:99:C9:EB:BD:3A:64:8A:1C:89:8D:8C:A3:3D:F5
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/VXPO766JmcnrvTpkihyJjYyjPfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.176.0/22
82.163.168.0/21
92.114.40.0/22
149.126.92.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:a8:6b:bd:2a:b2:a9:d8:10:2f:8e:2b:2b:e5:aa:43:5d:79:
f0:e9:a2:86:7a:48:20:18:a3:98:46:75:03:97:97:52:20:c9:
45:b3:94:91:77:c5:18:74:cf:36:67:13:7c:1b:ae:62:f5:5d:
8f:50:ac:01:93:59:8c:6b:f7:e4:ec:d0:4c:90:18:e5:9e:28:
bf:6d:c1:69:7f:ff:f9:ba:d7:0f:58:9e:46:22:76:8d:2c:49:
bb:17:28:ae:81:d5:96:c3:d4:18:5e:91:d0:de:4f:24:d5:bf:
8c:5b:0a:b6:b3:35:11:f3:7b:ab:92:2c:aa:1d:1b:0d:4a:48:
d2:84:80:82:20:a3:32:0e:a3:64:4b:8f:25:b9:90:4a:f7:53:
1e:24:6c:b4:35:40:34:6c:d9:82:eb:8b:9d:23:7d:3c:f4:12:
05:26:33:16:cd:ae:5d:dc:17:d0:fe:73:88:25:28:c3:88:be:
c0:a3:9d:a0:29:b8:a5:23:43:30:3e:54:74:c6:a9:75:a7:71:
d2:73:07:c4:01:db:83:e7:cf:6a:68:6a:74:d0:b8:c0:89:23:
56:9f:07:85:89:51:21:6a:54:35:fd:b6:8c:32:52:12:b4:e9:
b9:eb:b7:a0:4f:45:6b:25:ab:11:60:41:8f:5e:f1:ba:f2:41:
95:9b:e6:46
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYTmIAWzWqtShmYKQ8PER9NRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjIxMjA2MDYyOTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTczY2VlZmFlODk5OWM5ZWJiZDNhNjQ4YTFjODk4ZDhjYTMzZGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5PzpbCwOm+R2FPyU8LappXwXDzJ
BvZspu6Q30TMMhOvUMJGF9HNtyXbuO2DKTre4H6GZgtvlLPMxYEn/czajLE1y+kc
KXRtiLnyKG3jHNF5LvJo1rLFMk26b7/EEeB2LNBvSUODv6R3USuaxkfnxz0//wU2
24r213KcrXfv2ylopnJ8Rmle7iMOoGr1+UxncqZ5+xy/8tA94iquUF9t+/6FiQgV
bwWeSgUT77E92MVLU4CsfWgFw8Rx3CLBHMJukvPWr4cySLK6gn0gj4HcsA8XU0bC
mxZGRtduFcXoD8QlyomWhEqxy2+Ah5FimmdYwg2kGPmg7dnKJMCjfHOCSQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFVzzu+uiZnJ6706ZIociY2Moz31MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvVlhQTzc2NkptY25ydlRwa2loeUpqWXlqUGZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCH7qwAwQD
UqOoAwQCXHIoAwQClX5cMA0GCSqGSIb3DQEBCwUAA4IBAQANqGu9KrKp2BAvjisr
5apDXXnw6aKGekggGKOYRnUDl5dSIMlFs5SRd8UYdM82ZxN8G65i9V2PUKwBk1mM
a/fk7NBMkBjlnii/bcFpf//5utcPWJ5GInaNLEm7FyiugdWWw9QYXpHQ3k8k1b+M
Wwq2szUR83urkiyqHRsNSkjShICCIKMyDqNkS48luZBK91MeJGy0NUA0bNmC64ud
I3089BIFJjMWza5d3BfQ/nOIJSjDiL7Ao52gKbilI0MwPlR0xql1p3HScwfEAduD
589qaGp00LjAiSNWnweFiVEhalQ1/baMMlIStOm567egT0VrJasRYEGPXvG68kGV
m+ZG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org