Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/VrfEQVVpCCHHG0-8N_XUBhzZUl0.roa
File: VrfEQVVpCCHHG0-8N_XUBhzZUl0.roa (raw, json)
Hash identifier: fmJiI+g0q/tBSQnugHl4avVM8awnzhhfHbSZrCcg5k0=
Subject key identifier: 56:B7:C4:41:55:69:08:21:C7:1B:4F:BC:37:F5:D4:06:1C:D9:52:5D
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 0182CEFDD58C784D852C47A62FD8637ED6D9
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/VrfEQVVpCCHHG0-8N_XUBhzZUl0.roa
Signing time: Wed 24 Aug 2022 08:35:17 +0000
ROA not before: Wed 24 Aug 2022 08:35:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212238
IP address blocks: 109.166.38.0/24 maxlen: 24
109.166.37.0/24 maxlen: 24
109.166.36.0/24 maxlen: 24
151.248.68.0/24 maxlen: 24
151.248.69.0/24 maxlen: 24
109.166.39.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ce:fd:d5:8c:78:4d:85:2c:47:a6:2f:d8:63:7e:d6:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Aug 24 08:35:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=56b7c44155690821c71b4fbc37f5d4061cd9525d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b7:13:c5:f8:7d:f6:d8:26:c5:c0:cc:e3:5b:
fc:e8:2b:79:2d:ed:66:80:d3:19:e5:b6:c4:55:f1:
10:77:ba:ce:7a:ff:79:a7:4f:d5:60:41:e8:ed:ae:
ec:39:f7:e3:36:b5:b5:9a:7a:ed:53:ed:a5:15:0e:
fa:c3:d6:33:98:b4:a8:05:51:31:1e:55:8c:58:f1:
41:74:7f:5d:66:88:d5:c7:c8:7a:e8:67:b0:11:10:
3e:c6:fd:6f:94:5c:21:5a:67:cd:1b:de:c2:6c:8e:
df:16:9c:80:9a:d6:89:53:4b:f6:05:23:0b:41:d5:
e4:70:2f:50:1f:dc:b3:13:72:aa:8c:d2:71:f0:c3:
89:f1:37:db:47:b7:9a:a8:97:e5:96:bc:cd:4e:e4:
b5:43:cd:5f:3a:5e:10:73:62:6f:de:20:f2:a7:65:
98:ac:9a:95:dd:6c:cf:80:66:71:37:ee:30:fc:5e:
92:fe:68:ff:7a:e0:b2:ee:c2:97:72:25:0b:1f:54:
61:d0:52:88:9b:9e:4c:70:2d:62:9d:bd:1f:ca:f5:
e2:20:c3:ea:63:5a:a7:1a:1c:c7:50:6a:38:bf:e4:
2f:3a:45:5f:5c:76:c5:8a:d7:1b:48:8d:4b:a2:07:
f5:8b:30:12:f1:6e:cb:63:1e:7e:3e:4d:3d:d6:65:
ec:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:B7:C4:41:55:69:08:21:C7:1B:4F:BC:37:F5:D4:06:1C:D9:52:5D
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/VrfEQVVpCCHHG0-8N_XUBhzZUl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.166.36.0/22
151.248.68.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:71:7c:51:df:c8:48:d5:46:48:83:bd:9a:c2:20:f8:f1:73:
8c:5d:15:e8:f4:2a:7a:44:d6:24:fc:af:94:b8:8f:15:2b:93:
34:91:5d:35:6e:11:79:96:ca:10:10:aa:b1:8f:4a:3b:a3:67:
5a:0a:df:39:da:36:e1:8d:37:8c:e6:6b:cb:d8:74:aa:10:c9:
ce:81:3c:95:81:99:06:93:f1:be:00:1b:29:62:53:b2:12:46:
dd:ad:c1:4c:65:46:81:99:70:8e:04:e9:39:7b:61:d4:28:5d:
51:34:d1:ba:f1:54:77:93:bb:67:54:8b:04:00:a6:c3:bd:b0:
c2:5c:8e:d2:f5:1c:8d:d7:e1:8b:bb:63:77:4d:23:1a:45:1a:
3c:5b:a4:9d:c1:2c:0b:0b:b1:c8:2a:43:41:25:a9:73:a9:99:
c8:ad:cc:33:2b:61:63:d1:0d:ad:c7:22:6e:c4:3a:81:04:32:
2c:84:99:ff:f9:ab:ef:52:70:f2:4c:24:5b:77:a4:1a:77:f9:
81:ec:ee:3d:67:20:b7:de:3c:64:9e:ea:54:b7:ec:f4:39:b9:
43:de:53:7e:42:d1:b0:a2:3e:60:c3:8a:ef:17:b7:f1:2a:dc:
6d:7f:0f:30:9a:1c:53:a0:a7:03:22:ff:f9:5a:ae:04:99:6d:
b9:22:59:93
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYLO/dWMeE2FLEemL9hjftbZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjIwODI0MDgzNTE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmI3YzQ0MTU1NjkwODIxYzcxYjRmYmMzN2Y1ZDQwNjFjZDk1MjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7cTxfh99tgmxcDM41v86Ct5Le1m
gNMZ5bbEVfEQd7rOev95p0/VYEHo7a7sOffjNrW1mnrtU+2lFQ76w9YzmLSoBVEx
HlWMWPFBdH9dZojVx8h66GewERA+xv1vlFwhWmfNG97CbI7fFpyAmtaJU0v2BSML
QdXkcC9QH9yzE3KqjNJx8MOJ8TfbR7eaqJfllrzNTuS1Q81fOl4Qc2Jv3iDyp2WY
rJqV3WzPgGZxN+4w/F6S/mj/euCy7sKXciULH1Rh0FKIm55McC1inb0fyvXiIMPq
Y1qnGhzHUGo4v+QvOkVfXHbFitcbSI1Logf1izAS8W7LYx5+Pk091mXs+wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFa3xEFVaQghxxtPvDf11AYc2VJdMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvVnJmRVFWVnBDQ0hIRzAtOE5fWFVCaHpaVWwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCbaYkAwQB
l/hEMA0GCSqGSIb3DQEBCwUAA4IBAQAqcXxR38hI1UZIg72awiD48XOMXRXo9Cp6
RNYk/K+UuI8VK5M0kV01bhF5lsoQEKqxj0o7o2daCt852jbhjTeM5mvL2HSqEMnO
gTyVgZkGk/G+ABspYlOyEkbdrcFMZUaBmXCOBOk5e2HUKF1RNNG68VR3k7tnVIsE
AKbDvbDCXI7S9RyN1+GLu2N3TSMaRRo8W6SdwSwLC7HIKkNBJalzqZnIrcwzK2Fj
0Q2txyJuxDqBBDIshJn/+avvUnDyTCRbd6Qad/mB7O49ZyC33jxknupUt+z0OblD
3lN+QtGwoj5gw4rvF7fxKtxtfw8wmhxToKcDIv/5Wq4EmW25IlmT
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:21 2023 by rpki-client on console-fra.rpki-client.org