Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/VvuCnBVsjHqwYC1fpvNK9XO63GM.roa
File: VvuCnBVsjHqwYC1fpvNK9XO63GM.roa (raw, json)
Hash identifier: 5pFQlUK9CUnB43FXsAS0DrAaAGer8XR8iHgxUJr+/2I=
Subject key identifier: 56:FB:82:9C:15:6C:8C:7A:B0:60:2D:5F:A6:F3:4A:F5:73:BA:DC:63
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018514D04C5190F27F822F77F55CD2D40207
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/VvuCnBVsjHqwYC1fpvNK9XO63GM.roa
Signing time: Thu 15 Dec 2022 08:04:33 +0000
ROA not before: Thu 15 Dec 2022 08:04:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3320
IP address blocks: 46.20.216.0/21 maxlen: 24
31.186.176.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:14:d0:4c:51:90:f2:7f:82:2f:77:f5:5c:d2:d4:02:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Dec 15 08:04:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=56fb829c156c8c7ab0602d5fa6f34af573badc63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:38:c3:a3:b9:36:37:68:0e:9b:cd:b0:c1:6a:
d0:2a:53:3d:5e:ad:7e:f0:bc:0d:4f:17:ab:c3:43:
95:c0:c0:53:8f:89:ee:af:b1:04:af:e7:67:a4:ba:
23:d2:c1:21:55:44:ea:14:6f:b6:19:55:d8:0c:1b:
51:b5:6b:e0:f2:89:22:b2:9f:42:47:d9:f7:6c:7e:
ac:d6:b1:1f:05:5a:3b:18:d9:4c:00:95:f5:e3:8b:
1d:6e:5f:d7:4a:00:3e:14:e4:d2:a7:a9:38:b6:ac:
ae:70:ca:9f:24:f0:67:0c:1e:22:a8:93:b5:15:b4:
3d:be:2c:bb:b3:4b:a9:03:31:db:fa:7a:2a:a4:37:
cc:ba:94:e6:68:d8:6b:fe:4f:c8:ac:f0:d7:f4:48:
71:0f:7f:73:20:da:12:7d:cb:87:0a:b3:dc:40:17:
95:e5:de:43:45:61:e1:fa:90:d8:bd:10:27:e6:c2:
42:39:75:f0:59:2e:ea:0f:e1:fd:b0:69:63:25:65:
24:01:a1:35:06:85:db:d0:f7:5c:5f:a9:d6:47:85:
76:e8:65:8c:9a:15:82:4b:b5:b8:55:2b:bd:35:42:
77:bb:04:e5:e9:55:52:b4:9e:0f:82:8c:b2:65:91:
7e:22:02:df:55:0a:fe:7c:6e:61:d2:ac:f3:32:78:
94:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:FB:82:9C:15:6C:8C:7A:B0:60:2D:5F:A6:F3:4A:F5:73:BA:DC:63
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/VvuCnBVsjHqwYC1fpvNK9XO63GM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.176.0/22
46.20.216.0/21
Signature Algorithm: sha256WithRSAEncryption
16:e0:29:43:cc:72:70:be:f9:eb:fb:5d:d1:9d:d5:5e:51:56:
38:ae:4f:60:d0:93:d9:57:10:2c:01:6a:cd:2b:f8:cc:f6:8b:
b6:e8:a4:49:f4:ca:8b:02:a4:ca:fd:df:8d:2e:c3:b8:bb:0c:
28:e8:e5:5e:c6:b4:45:40:7e:68:ab:e6:10:71:56:2d:7d:45:
1b:3f:bf:c2:0e:6e:ee:5b:08:f1:1d:ae:7b:28:bc:48:68:ae:
1d:70:56:bc:d8:20:71:65:e2:d2:3b:49:d3:e9:5f:1c:ac:54:
cd:cb:3c:da:a4:f7:79:a9:9b:36:81:17:2d:e8:b8:3a:19:fc:
9b:b3:1c:5f:42:44:2a:71:d9:75:0b:4c:63:be:02:08:b9:9b:
21:27:49:83:c5:2c:6d:23:e3:7d:70:a0:7c:e5:8d:63:31:a8:
e2:03:4c:22:27:58:bb:5d:f3:51:71:3a:82:d8:9f:1d:06:20:
bf:40:19:4c:4e:23:29:bf:97:0d:01:1d:4e:93:0a:b4:e8:35:
53:40:c8:c0:bc:98:d8:37:48:b9:c7:84:d1:14:2c:25:5f:a3:
64:78:f5:74:09:e9:9e:7c:ba:e4:5d:a7:5f:3e:a5:e2:fd:cb:
fb:04:c8:70:c9:1b:48:9e:e4:a8:9a:e1:15:3c:e6:c2:df:e4:
c2:62:bc:f3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYUU0ExRkPJ/gi939VzS1AIHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjIxMjE1MDgwNDMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmZiODI5YzE1NmM4YzdhYjA2MDJkNWZhNmYzNGFmNTczYmFkYzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzjDo7k2N2gOm82wwWrQKlM9Xq1+
8LwNTxerw0OVwMBTj4nur7EEr+dnpLoj0sEhVUTqFG+2GVXYDBtRtWvg8okisp9C
R9n3bH6s1rEfBVo7GNlMAJX144sdbl/XSgA+FOTSp6k4tqyucMqfJPBnDB4iqJO1
FbQ9viy7s0upAzHb+noqpDfMupTmaNhr/k/IrPDX9EhxD39zINoSfcuHCrPcQBeV
5d5DRWHh+pDYvRAn5sJCOXXwWS7qD+H9sGljJWUkAaE1BoXb0PdcX6nWR4V26GWM
mhWCS7W4VSu9NUJ3uwTl6VVStJ4PgoyyZZF+IgLfVQr+fG5h0qzzMniUVwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFb7gpwVbIx6sGAtX6bzSvVzutxjMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvVnZ1Q25CVnNqSHF3WUMxZnB2Tks5WE82M0dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCH7qwAwQD
LhTYMA0GCSqGSIb3DQEBCwUAA4IBAQAW4ClDzHJwvvnr+13RndVeUVY4rk9g0JPZ
VxAsAWrNK/jM9ou26KRJ9MqLAqTK/d+NLsO4uwwo6OVexrRFQH5oq+YQcVYtfUUb
P7/CDm7uWwjxHa57KLxIaK4dcFa82CBxZeLSO0nT6V8crFTNyzzapPd5qZs2gRct
6Lg6GfybsxxfQkQqcdl1C0xjvgIIuZshJ0mDxSxtI+N9cKB85Y1jMajiA0wiJ1i7
XfNRcTqC2J8dBiC/QBlMTiMpv5cNAR1Okwq06DVTQMjAvJjYN0i5x4TRFCwlX6Nk
ePV0CemefLrkXadfPqXi/cv7BMhwyRtInuSomuEVPObC3+TCYrzz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org