Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/vCwQzghw8O9VUQOEKJRZbzBbdwk.roa
File: vCwQzghw8O9VUQOEKJRZbzBbdwk.roa (raw, json)
Hash identifier: F2cCK01mk66VBg9Ovndkvwg49hhnZ6CAr9VIZgjbReM=
Subject key identifier: BC:2C:10:CE:08:70:F0:EF:55:51:03:84:28:94:59:6F:30:5B:77:09
Certificate issuer: /CN=4c2b89c3c57a3e296aa4061e962840be7ae8f018
Certificate serial: 07F1D1A6
Authority key identifier: 4C:2B:89:C3:C5:7A:3E:29:6A:A4:06:1E:96:28:40:BE:7A:E8:F0:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/vCwQzghw8O9VUQOEKJRZbzBbdwk.roa
Signing time: Mon 28 Mar 2022 10:05:19 +0000
ROA not before: Mon 28 Mar 2022 10:05:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202806
IP address blocks: 85.234.103.0/24 maxlen: 24
85.234.102.0/23 maxlen: 24
85.234.102.0/24 maxlen: 24
85.234.115.0/24 maxlen: 24
85.234.114.0/23 maxlen: 24
85.234.114.0/24 maxlen: 24
2a0a:6f40:2::/48 maxlen: 48
2a0a:6f40:2::/47 maxlen: 48
2a0a:6f40:5::/48 maxlen: 48
2a0a:6f40:3::/48 maxlen: 48
2a0a:6f40:4::/48 maxlen: 48
2a0a:6f40:4::/47 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 133288358 (0x7f1d1a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c2b89c3c57a3e296aa4061e962840be7ae8f018
Validity
Not Before: Mar 28 10:05:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bc2c10ce0870f0ef555103842894596f305b7709
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:5d:e0:8d:07:42:f3:6e:45:0f:73:e3:de:17:
5d:59:a3:fa:25:3b:79:d0:c4:00:3c:3b:68:ce:8e:
12:7f:22:1c:10:52:36:4e:bc:2c:01:8c:f7:92:2c:
89:ab:32:18:21:43:41:36:a0:f2:bc:27:1c:a4:92:
0a:2a:b9:90:d9:0e:1a:72:10:f4:af:32:27:8e:f1:
a0:1c:f6:85:d2:74:45:d3:53:06:3b:71:20:1a:9a:
8e:e5:3c:86:bf:0b:d1:65:e7:7d:3d:95:55:68:a6:
28:6c:13:0d:8d:42:58:ba:76:12:bb:dc:1e:8d:06:
04:86:13:9f:98:60:91:16:78:2a:ea:28:0e:63:03:
d1:63:13:88:39:e5:1f:21:e0:85:94:92:ba:1f:2c:
c4:dd:c7:78:94:41:9d:f0:88:73:de:43:8a:ca:13:
16:f2:1f:d9:a4:6c:5e:dc:11:fd:36:92:d9:59:17:
a2:19:6e:24:c4:c0:26:00:39:9f:ad:06:92:35:9c:
31:a2:d8:0a:2c:5d:b1:38:03:55:7c:16:ed:b2:0d:
23:2e:7d:f1:a8:71:58:71:fc:5e:5f:a5:f0:cb:dd:
25:ce:f4:23:7e:ee:1e:ee:ec:1f:55:f3:fd:7b:3b:
38:67:f7:c2:2a:bb:4a:b7:04:eb:0c:d4:e0:28:56:
9d:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:2C:10:CE:08:70:F0:EF:55:51:03:84:28:94:59:6F:30:5B:77:09
X509v3 Authority Key Identifier:
keyid:4C:2B:89:C3:C5:7A:3E:29:6A:A4:06:1E:96:28:40:BE:7A:E8:F0:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/vCwQzghw8O9VUQOEKJRZbzBbdwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/TCuJw8V6PilqpAYelihAvnro8Bg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.234.102.0/23
85.234.114.0/23
IPv6:
2a0a:6f40:2::-2a0a:6f40:5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
40:e8:a2:4f:39:9d:7c:cc:42:11:07:7d:06:a3:df:ff:97:c9:
e6:9a:9d:bd:e2:79:ed:8c:6a:cf:43:d1:68:f0:9f:61:34:50:
b3:29:63:54:53:37:db:f9:08:16:8d:3e:ec:82:0f:f8:1b:ce:
6c:2f:cb:5c:1f:d4:bf:15:7e:dc:20:c1:e3:e5:19:ff:ed:ae:
83:b5:ba:0c:45:91:e4:f0:0f:0a:fd:5d:8a:43:55:41:89:0f:
6b:6d:63:e3:a0:c5:d2:0a:6b:be:94:bc:7a:cc:1e:28:66:c8:
24:90:9a:b3:91:db:d9:e4:f2:48:9f:f7:3c:8b:19:ed:c4:75:
b3:0c:d8:8d:d1:e9:da:8e:4b:70:1b:ae:01:9a:7e:15:7d:74:
2a:7d:1b:bc:15:56:d3:82:f0:0a:b2:f4:8f:d1:a8:93:09:b0:
9e:ae:2d:2b:06:6c:cb:50:06:9a:0b:86:44:61:24:9f:ca:52:
df:04:ea:ee:fe:6c:47:f4:13:79:6e:27:e4:d6:85:3f:57:06:
af:b0:28:5b:0a:af:49:0d:a7:6e:65:46:4d:36:3b:bf:da:56:
2c:a4:64:73:be:9e:ad:e3:f9:d7:e2:53:1d:6b:95:3f:eb:4c:
a2:1e:2e:3b:ad:94:27:4c:15:fc:c2:26:72:68:8b:f6:71:76:
91:c5:53:85
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEB/HRpjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YzJiODljM2M1N2EzZTI5NmFhNDA2MWU5NjI4NDBiZTdhZThmMDE4MB4XDTIyMDMy
ODEwMDUxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmMyYzEwY2UwODcw
ZjBlZjU1NTEwMzg0Mjg5NDU5NmYzMDViNzcwOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL1d4I0HQvNuRQ9z494XXVmj+iU7edDEADw7aM6OEn8iHBBS
Nk68LAGM95IsiasyGCFDQTag8rwnHKSSCiq5kNkOGnIQ9K8yJ47xoBz2hdJ0RdNT
BjtxIBqajuU8hr8L0WXnfT2VVWimKGwTDY1CWLp2ErvcHo0GBIYTn5hgkRZ4Kuoo
DmMD0WMTiDnlHyHghZSSuh8sxN3HeJRBnfCIc95DisoTFvIf2aRsXtwR/TaS2VkX
ohluJMTAJgA5n60GkjWcMaLYCixdsTgDVXwW7bINIy598ahxWHH8Xl+l8MvdJc70
I37uHu7sH1Xz/Xs7OGf3wiq7SrcE6wzU4ChWnc8CAwEAAaOCAiswggInMB0GA1Ud
DgQWBBS8LBDOCHDw71VRA4QolFlvMFt3CTAfBgNVHSMEGDAWgBRMK4nDxXo+KWqk
Bh6WKEC+eujwGDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RDdUp3OFY2UGlscXBBWWVsaWhBdm5ybzhCZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODYvNzIxNTVhLWQxMDktNGMyZC1iOTc0LTExMjhlNWNlNmE1Yi8x
L3ZDd1F6Z2h3OE85VlVRT0VLSlJaYnpCYmR3ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYv
NzIxNTVhLWQxMDktNGMyZC1iOTc0LTExMjhlNWNlNmE1Yi8xL1RDdUp3OFY2UGls
cXBBWWVsaWhBdm5ybzhCZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwEgQCAAEwDAMEAVXqZgMEAVXqcjAaBAIAAjAUMBID
BwEqCm9AAAIDBwEqCm9AAAQwDQYJKoZIhvcNAQELBQADggEBAEDook85nXzMQhEH
fQaj3/+Xyeaanb3iee2Mas9D0Wjwn2E0ULMpY1RTN9v5CBaNPuyCD/gbzmwvy1wf
1L8VftwgwePlGf/troO1ugxFkeTwDwr9XYpDVUGJD2ttY+OgxdIKa76UvHrMHihm
yCSQmrOR29nk8kif9zyLGe3EdbMM2I3R6dqOS3AbrgGafhV9dCp9G7wVVtOC8Aqy
9I/RqJMJsJ6uLSsGbMtQBpoLhkRhJJ/KUt8E6u7+bEf0E3luJ+TWhT9XBq+wKFsK
r0kNp25lRk02O7/aViykZHO+nq3j+dfiUx1rlT/rTKIeLjutlCdMFfzCJnJoi/Zx
dpHFU4U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:38 2024 by rpki-client on console-fra.rpki-client.org