Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/c502c1-f314-40b1-a024-8d10fee584fe/1/VEBCCJ86KneN-H715ebNke5uYzs.roa
File: VEBCCJ86KneN-H715ebNke5uYzs.roa (raw, json)
Hash identifier: e9wTxO3pn5CHD3Xt9oTSv9VjGKvNz2niCK/bJA7loYw=
Subject key identifier: 54:40:42:08:9F:3A:2A:77:8D:F8:7E:F5:E5:E6:CD:91:EE:6E:63:3B
Certificate issuer: /CN=19622650048107918adf1b22cdf087c8a834f79c
Certificate serial: 018C7DEAC2602577C1AD0F32B96F53933C0A
Authority key identifier: 19:62:26:50:04:81:07:91:8A:DF:1B:22:CD:F0:87:C8:A8:34:F7:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GWImUASBB5GK3xsizfCHyKg095w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/c502c1-f314-40b1-a024-8d10fee584fe/1/VEBCCJ86KneN-H715ebNke5uYzs.roa
Signing time: Mon 18 Dec 2023 17:13:06 +0000
ROA not before: Mon 18 Dec 2023 17:13:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206170
IP address blocks: 185.132.127.0/24 maxlen: 24
86.106.25.0/24 maxlen: 24
195.85.54.0/24 maxlen: 24
62.3.44.0/24 maxlen: 24
86.107.103.0/24 maxlen: 24
109.205.246.0/24 maxlen: 24
188.66.60.0/22 maxlen: 22
188.66.62.0/24 maxlen: 24
188.66.60.0/24 maxlen: 24
185.189.48.0/22 maxlen: 22
188.66.61.0/24 maxlen: 24
188.66.63.0/24 maxlen: 24
2a0b:dc80::/29 maxlen: 29
2a12:fe00::/29 maxlen: 29
2a0d:5f47:ffff::/48 maxlen: 48
2001:67c:750::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7d:ea:c2:60:25:77:c1:ad:0f:32:b9:6f:53:93:3c:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19622650048107918adf1b22cdf087c8a834f79c
Validity
Not Before: Dec 18 17:13:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=544042089f3a2a778df87ef5e5e6cd91ee6e633b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:31:b6:e9:ac:94:4f:97:97:b0:a1:df:b3:8a:
fb:a5:a0:5d:55:e3:8b:84:d5:df:a9:3a:68:80:bc:
07:01:5c:eb:4a:f5:fc:b2:bb:0c:90:3d:60:fa:f8:
29:45:bf:2e:50:cf:9a:3e:30:50:a3:1e:9d:0f:85:
3b:f1:aa:be:b6:64:ee:c4:88:89:38:90:68:cf:e4:
f9:ec:eb:77:c4:5d:e9:e2:8f:e8:53:1e:bf:b8:c1:
ce:8e:5e:4f:49:45:d5:d9:0d:dc:79:0e:1b:9f:3a:
cf:55:ac:30:01:8b:b9:4c:c0:37:89:0a:13:aa:f8:
8a:1c:04:d0:b7:a8:8b:d6:01:b7:49:4e:7b:df:14:
ea:f8:70:f5:98:e4:11:1b:05:b6:e7:90:2d:b8:99:
86:2e:32:9a:35:5b:55:34:11:a9:95:08:ac:0c:15:
64:03:4a:20:45:69:cb:e2:6b:32:41:b5:88:9c:99:
45:f7:9b:24:31:28:57:07:72:bc:4e:e7:17:43:80:
e1:a8:41:91:3f:0d:f7:78:4a:02:ef:60:4d:01:e1:
8b:8f:d3:db:f5:1f:8e:db:a2:39:c2:6a:91:90:3d:
35:ed:f6:68:84:1b:65:9e:3c:5b:ab:27:9e:04:7d:
7c:9e:a2:48:47:8a:50:a3:96:cb:10:5f:1e:84:f3:
da:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:40:42:08:9F:3A:2A:77:8D:F8:7E:F5:E5:E6:CD:91:EE:6E:63:3B
X509v3 Authority Key Identifier:
keyid:19:62:26:50:04:81:07:91:8A:DF:1B:22:CD:F0:87:C8:A8:34:F7:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GWImUASBB5GK3xsizfCHyKg095w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c502c1-f314-40b1-a024-8d10fee584fe/1/VEBCCJ86KneN-H715ebNke5uYzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c502c1-f314-40b1-a024-8d10fee584fe/1/GWImUASBB5GK3xsizfCHyKg095w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.44.0/24
86.106.25.0/24
86.107.103.0/24
109.205.246.0/24
185.132.127.0/24
185.189.48.0/22
188.66.60.0/22
195.85.54.0/24
IPv6:
2001:67c:750::/48
2a0b:dc80::/29
2a0d:5f47:ffff::/48
2a12:fe00::/29
Signature Algorithm: sha256WithRSAEncryption
14:65:0f:23:02:61:07:97:56:7a:ea:73:7f:d4:00:3f:15:3b:
3e:61:74:6e:f7:81:0e:07:6c:bf:dd:a9:b4:a3:94:05:79:8b:
f1:dd:9e:74:be:84:93:b9:e5:27:2c:6b:02:e7:61:d2:1f:d9:
fb:d1:96:30:16:c8:8e:64:ed:7d:e8:d7:fa:45:65:5e:c0:73:
dd:e6:9d:63:4f:f9:55:54:64:f5:12:2d:2e:b2:b1:2f:3c:8a:
60:28:66:34:0c:7d:fe:54:7b:04:30:68:19:09:79:7c:56:b9:
08:d5:48:69:b8:3f:36:97:f4:f7:c9:f9:80:38:89:1d:42:bb:
6a:0d:c1:29:9f:25:08:90:b7:4e:28:23:c6:f7:99:48:73:d5:
47:5e:23:7b:6b:06:08:99:be:72:5b:ba:7e:76:e6:7f:53:8f:
52:a3:c8:ed:d6:7c:ff:5c:5b:30:3e:9b:20:5e:f0:80:82:34:
da:14:b9:6d:62:9b:ec:54:ef:31:4c:2e:7c:cc:67:ed:4e:10:
70:9d:f5:57:01:22:16:cd:84:4c:c8:51:94:fb:6d:de:5e:65:
e9:fb:ad:71:a5:1a:7d:39:fe:fa:70:35:c1:10:e7:9f:e0:dd:
c2:cc:c8:2e:2f:a2:a7:b2:ef:aa:72:6c:82:f9:74:e8:61:07:
44:ad:a3:c6
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYx96sJgJXfBrQ8yuW9TkzwKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NjIyNjUwMDQ4MTA3OTE4YWRmMWIyMmNkZjA4N2M4YTgz
NGY3OWMwHhcNMjMxMjE4MTcxMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDQwNDIwODlmM2EyYTc3OGRmODdlZjVlNWU2Y2Q5MWVlNmU2MzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTG26ayUT5eXsKHfs4r7paBdVeOL
hNXfqTpogLwHAVzrSvX8srsMkD1g+vgpRb8uUM+aPjBQox6dD4U78aq+tmTuxIiJ
OJBoz+T57Ot3xF3p4o/oUx6/uMHOjl5PSUXV2Q3ceQ4bnzrPVawwAYu5TMA3iQoT
qviKHATQt6iL1gG3SU573xTq+HD1mOQRGwW255AtuJmGLjKaNVtVNBGplQisDBVk
A0ogRWnL4msyQbWInJlF95skMShXB3K8TucXQ4DhqEGRPw33eEoC72BNAeGLj9Pb
9R+O26I5wmqRkD017fZohBtlnjxbqyeeBH18nqJIR4pQo5bLEF8ehPPaHwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFFRAQgifOip3jfh+9eXmzZHubmM7MB8GA1UdIwQY
MBaAFBliJlAEgQeRit8bIs3wh8ioNPecMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1dJbVVBU0JCNUdLM3hzaXpmQ0h5S2cwOTV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9jNTAyYzEtZjMxNC00MGIxLWEwMjQt
OGQxMGZlZTU4NGZlLzEvVkVCQ0NKODZLbmVOLUg3MTVlYk5rZTV1WXpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9jNTAyYzEtZjMxNC00MGIxLWEwMjQtOGQxMGZlZTU4NGZl
LzEvR1dJbVVBU0JCNUdLM3hzaXpmQ0h5S2cwOTV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDA2BAIAATAwAwQAPgMsAwQA
VmoZAwQAVmtnAwQAbc32AwQAuYR/AwQCub0wAwQCvEI8AwQAw1U2MCYEAgACMCAD
BwAgAQZ8B1ADBQMqC9yAAwcAKg1fR///AwUDKhL+ADANBgkqhkiG9w0BAQsFAAOC
AQEAFGUPIwJhB5dWeupzf9QAPxU7PmF0bveBDgdsv92ptKOUBXmL8d2edL6Ek7nl
JyxrAudh0h/Z+9GWMBbIjmTtfejX+kVlXsBz3eadY0/5VVRk9RItLrKxLzyKYChm
NAx9/lR7BDBoGQl5fFa5CNVIabg/Npf098n5gDiJHUK7ag3BKZ8lCJC3TigjxveZ
SHPVR14je2sGCJm+clu6fnbmf1OPUqPI7dZ8/1xbMD6bIF7wgII02hS5bWKb7FTv
MUwufMxn7U4QcJ31VwEiFs2ETMhRlPtt3l5l6futcaUafTn++nA1wRDnn+DdwszI
Li+ip7LvqnJsgvl06GEHRK2jxg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:51 2025 by rpki-client