Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/294fa1-e938-4cd2-9a89-29062e870b64/1/VQvFKu629wC3Q0Z4KYFOFd_m5Hc.roa
File: VQvFKu629wC3Q0Z4KYFOFd_m5Hc.roa (raw, json)
Hash identifier: rjtJdRAiosg32oVsgE1CTtIktVVXlKADoIg77Oj3YQA=
Subject key identifier: 55:0B:C5:2A:EE:B6:F7:00:B7:43:46:78:29:81:4E:15:DF:E6:E4:77
Certificate issuer: /CN=f22bed3f37cd72826511c574560deb55542550e4
Certificate serial: 142CE746
Authority key identifier: F2:2B:ED:3F:37:CD:72:82:65:11:C5:74:56:0D:EB:55:54:25:50:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8ivtPzfNcoJlEcV0Vg3rVVQlUOQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/294fa1-e938-4cd2-9a89-29062e870b64/1/VQvFKu629wC3Q0Z4KYFOFd_m5Hc.roa
Signing time: Sat 01 Jan 2022 10:56:44 +0000
ROA not before: Sat 01 Jan 2022 10:56:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24586
IP address blocks: 188.66.16.0/21 maxlen: 24
46.22.180.0/22 maxlen: 24
46.22.184.0/21 maxlen: 24
80.95.160.0/21 maxlen: 24
80.95.168.0/22 maxlen: 24
80.95.172.0/22 maxlen: 24
93.92.96.0/22 maxlen: 24
93.92.100.0/22 maxlen: 24
2001:4c10::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 338487110 (0x142ce746)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f22bed3f37cd72826511c574560deb55542550e4
Validity
Not Before: Jan 1 10:56:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=550bc52aeeb6f700b743467829814e15dfe6e477
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:ba:3c:fb:48:26:a5:60:0b:05:ea:64:f1:6e:
93:f6:b5:f6:49:e1:b7:ff:f5:29:1b:57:88:d3:28:
6f:b1:1c:23:82:d3:63:b5:53:d7:b3:d7:e4:68:01:
e0:a4:1d:5a:c3:59:ed:ad:9f:d1:07:c1:1b:6e:b9:
bc:39:03:4b:6e:50:cd:10:96:2a:dd:ad:e8:17:98:
75:61:aa:7a:d3:30:0e:5e:83:f1:49:42:dc:71:99:
95:cb:2a:cd:0b:ff:72:40:5d:41:73:3c:27:9f:62:
cc:9f:f1:6c:46:6f:d3:67:0e:da:81:cb:51:93:8f:
3f:e5:6b:c2:8c:ad:15:73:ef:b6:62:df:e7:60:31:
55:b9:2b:0c:70:55:61:5c:e2:ea:ff:ab:ca:89:0f:
ce:9d:88:1a:60:52:45:ce:05:4a:68:80:41:5a:47:
1b:84:50:44:1f:27:04:4f:9c:a2:59:c1:8c:c3:f7:
e4:d9:22:7f:a5:19:3f:59:9a:dc:05:42:31:24:ce:
e9:ce:01:9f:8e:81:f4:fd:d9:46:33:ae:bd:e5:85:
4c:55:de:6f:2f:44:e9:a1:47:f2:73:cf:2f:24:c8:
4c:aa:9c:d3:2d:3f:02:dc:06:c0:6a:dd:d6:0e:d8:
11:5f:71:1d:f7:0a:ed:47:5e:e4:f0:52:29:69:d9:
93:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:0B:C5:2A:EE:B6:F7:00:B7:43:46:78:29:81:4E:15:DF:E6:E4:77
X509v3 Authority Key Identifier:
keyid:F2:2B:ED:3F:37:CD:72:82:65:11:C5:74:56:0D:EB:55:54:25:50:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8ivtPzfNcoJlEcV0Vg3rVVQlUOQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/294fa1-e938-4cd2-9a89-29062e870b64/1/VQvFKu629wC3Q0Z4KYFOFd_m5Hc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/294fa1-e938-4cd2-9a89-29062e870b64/1/8ivtPzfNcoJlEcV0Vg3rVVQlUOQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.22.180.0-46.22.191.255
80.95.160.0/20
93.92.96.0/21
188.66.16.0/21
IPv6:
2001:4c10::/32
Signature Algorithm: sha256WithRSAEncryption
1c:a4:fa:04:06:a7:ad:11:02:66:25:85:dc:c0:10:35:c3:74:
71:da:01:68:37:ba:27:33:48:10:0a:58:20:2e:82:a3:06:85:
65:d8:80:ed:3e:6c:9c:02:90:e9:8b:74:c0:c2:32:59:26:c7:
2e:fd:6f:4a:fa:63:40:5d:12:a8:58:c5:84:49:fd:f5:1c:4c:
21:b8:f8:68:83:ac:40:7a:06:c7:8f:56:3f:f1:43:c9:f3:e0:
ba:ec:48:5e:d8:47:c1:32:3e:70:9e:6c:3e:c9:a1:e1:29:eb:
a9:94:cd:42:11:a6:21:2b:3b:17:cc:d8:fa:a6:72:f2:5a:d2:
da:11:3b:d3:e7:6c:b0:d4:60:4d:05:f2:32:b1:8f:8d:6f:da:
61:a1:af:eb:f7:be:97:21:37:ae:8f:32:bf:22:7e:d6:ee:83:
b3:27:5c:3c:07:3e:7e:f2:ef:1d:2c:b7:25:b3:e8:39:4b:21:
f1:65:cc:72:16:20:2c:ad:15:34:21:88:39:ba:d8:2b:18:86:
95:e3:6b:92:ab:96:8d:c6:6a:2d:e2:0d:a7:de:ef:09:69:42:
f0:d2:87:35:f7:4b:0d:2b:bd:76:be:01:cb:4b:45:d3:55:8f:
2a:b6:f2:26:5b:0e:c2:c3:4e:61:45:a6:4d:a0:e8:d7:5e:f9:
9b:ac:cb:87
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIEFCznRjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MjJiZWQzZjM3Y2Q3MjgyNjUxMWM1NzQ1NjBkZWI1NTU0MjU1MGU0MB4XDTIyMDEw
MTEwNTY0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTUwYmM1MmFlZWI2
ZjcwMGI3NDM0Njc4Mjk4MTRlMTVkZmU2ZTQ3NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOS6PPtIJqVgCwXqZPFuk/a19knht//1KRtXiNMob7EcI4LT
Y7VT17PX5GgB4KQdWsNZ7a2f0QfBG265vDkDS25QzRCWKt2t6BeYdWGqetMwDl6D
8UlC3HGZlcsqzQv/ckBdQXM8J59izJ/xbEZv02cO2oHLUZOPP+VrwoytFXPvtmLf
52AxVbkrDHBVYVzi6v+ryokPzp2IGmBSRc4FSmiAQVpHG4RQRB8nBE+colnBjMP3
5Nkif6UZP1ma3AVCMSTO6c4Bn46B9P3ZRjOuveWFTFXeby9E6aFH8nPPLyTITKqc
0y0/AtwGwGrd1g7YEV9xHfcK7Ude5PBSKWnZk7UCAwEAAaOCAjIwggIuMB0GA1Ud
DgQWBBRVC8Uq7rb3ALdDRngpgU4V3+bkdzAfBgNVHSMEGDAWgBTyK+0/N81ygmUR
xXRWDetVVCVQ5DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhpdnRQemZOY29KbEVjVjBWZzNyVlZRbFVPUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2UvMjk0ZmExLWU5MzgtNGNkMi05YTg5LTI5MDYyZTg3MGI2NC8x
L1ZRdkZLdTYyOXdDM1EwWjRLWUZPRmRfbTVIYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Uv
Mjk0ZmExLWU5MzgtNGNkMi05YTg5LTI5MDYyZTg3MGI2NC8xLzhpdnRQemZOY29K
bEVjVjBWZzNyVlZRbFVPUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBI
BggrBgEFBQcBBwEB/wQ5MDcwJgQCAAEwIDAMAwQCLha0AwQGLhaAAwQEUF+gAwQD
XVxgAwQDvEIQMA0EAgACMAcDBQAgAUwQMA0GCSqGSIb3DQEBCwUAA4IBAQAcpPoE
BqetEQJmJYXcwBA1w3Rx2gFoN7onM0gQClggLoKjBoVl2IDtPmycApDpi3TAwjJZ
Jscu/W9K+mNAXRKoWMWESf31HEwhuPhog6xAegbHj1Y/8UPJ8+C67Ehe2EfBMj5w
nmw+yaHhKeuplM1CEaYhKzsXzNj6pnLyWtLaETvT52yw1GBNBfIysY+Nb9phoa/r
976XITeujzK/In7W7oOzJ1w8Bz5+8u8dLLcls+g5SyHxZcxyFiAsrRU0IYg5utgr
GIaV42uSq5aNxmot4g2n3u8JaULw0oc190sNK712vgHLS0XTVY8qtvImWw7Cw05h
RaZNoOjXXvmbrMuH
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:28 2023 by rpki-client on console-fra.rpki-client.org