Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/VON3abkTZlbvrSTGcfFtgba7lCQ.roa
File: VON3abkTZlbvrSTGcfFtgba7lCQ.roa (raw, json)
Hash identifier: sx7hsw0teCXowxo6RYwm8TzUPUKbcrHZgpLwdIcsoXA=
Subject key identifier: 54:E3:77:69:B9:13:66:56:EF:AD:24:C6:71:F1:6D:81:B6:BB:94:24
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 01837576453A5A66A78257EABB265A882A6A
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/VON3abkTZlbvrSTGcfFtgba7lCQ.roa
Signing time: Sun 25 Sep 2022 16:23:48 +0000
ROA not before: Sun 25 Sep 2022 16:23:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 949
IP address blocks: 141.98.196.0/22 maxlen: 24
80.66.196.0/22 maxlen: 24
45.142.124.0/22 maxlen: 24
45.87.92.0/22 maxlen: 24
94.124.116.0/24 maxlen: 24
94.124.116.0/22 maxlen: 24
185.200.64.0/22 maxlen: 24
149.62.44.0/22 maxlen: 24
45.139.192.0/22 maxlen: 24
195.245.219.0/24 maxlen: 24
45.141.44.0/22 maxlen: 24
185.213.151.0/24 maxlen: 24
45.130.20.0/22 maxlen: 24
194.114.136.0/24 maxlen: 24
195.245.229.0/24 maxlen: 24
195.245.242.0/24 maxlen: 24
195.245.241.0/24 maxlen: 24
194.104.144.0/24 maxlen: 24
194.104.152.0/22 maxlen: 24
45.147.48.0/22 maxlen: 24
194.36.24.0/22 maxlen: 24
95.214.164.0/22 maxlen: 24
45.143.232.0/22 maxlen: 24
194.169.54.0/23 maxlen: 24
91.200.240.0/22 maxlen: 24
185.222.216.0/21 maxlen: 24
185.194.52.0/22 maxlen: 24
193.32.148.0/22 maxlen: 24
2a06:57c0::/29 maxlen: 48
2a07:fa00::/29 maxlen: 48
2a0d:7540::/29 maxlen: 48
2a0d:3640::/29 maxlen: 48
2a0c:ed40::/29 maxlen: 48
2a06:4fc0::/29 maxlen: 48
2a0d:4340::/29 maxlen: 48
2a0d:de80::/29 maxlen: 48
2a0e:6200::/29 maxlen: 48
2a0d:1fc0::/29 maxlen: 48
2a07:e900::/29 maxlen: 48
2a10:2600::/29 maxlen: 48
2a0d:4bc0::/29 maxlen: 48
2a09:6::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:75:76:45:3a:5a:66:a7:82:57:ea:bb:26:5a:88:2a:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Sep 25 16:23:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=54e37769b9136656efad24c671f16d81b6bb9424
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:db:c7:3a:a7:7e:45:17:6c:4c:18:64:86:c0:
20:c7:c0:ce:f3:da:75:b1:36:43:13:95:77:52:a4:
12:fd:14:c7:1a:9d:b9:72:a1:7b:d6:32:a7:07:82:
22:ff:85:6f:55:88:08:41:f5:af:ba:bd:5e:07:1b:
22:ca:f4:0d:f4:1e:9d:3d:bd:70:c5:fa:43:46:74:
d1:2f:90:e2:9a:a0:81:7e:ae:fc:4e:6b:7f:1c:82:
a5:d5:b0:da:0e:ee:fe:5b:20:df:c6:dd:27:22:9b:
a7:98:80:c0:9d:89:8f:f9:3b:e5:b1:47:fc:a1:46:
d1:51:91:03:6e:02:0f:43:21:c5:a4:5b:ed:be:99:
ae:31:6d:95:fd:30:d1:2f:27:85:de:36:42:5e:a7:
f8:77:6b:00:c5:6b:bd:b2:2f:a8:cd:44:72:a6:e1:
55:85:73:f2:a1:a3:41:b3:be:27:86:70:a5:83:d9:
58:52:31:6b:d1:60:05:f6:e6:94:04:00:fe:65:80:
9c:c2:1d:e9:b2:ad:67:22:ef:dc:bd:7b:ab:36:a6:
69:69:73:c7:8a:cf:60:26:55:7a:b8:19:b7:0a:e0:
a8:17:65:37:21:e4:8b:86:0f:83:4d:ce:a5:07:e3:
fc:63:35:fc:a4:ee:0f:47:c5:99:5d:48:c5:55:e1:
a8:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:E3:77:69:B9:13:66:56:EF:AD:24:C6:71:F1:6D:81:B6:BB:94:24
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/VON3abkTZlbvrSTGcfFtgba7lCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.92.0/22
45.130.20.0/22
45.139.192.0/22
45.141.44.0/22
45.142.124.0/22
45.143.232.0/22
45.147.48.0/22
80.66.196.0/22
91.200.240.0/22
94.124.116.0/22
95.214.164.0/22
141.98.196.0/22
149.62.44.0/22
185.194.52.0/22
185.200.64.0/22
185.213.151.0/24
185.222.216.0/21
193.32.148.0/22
194.36.24.0/22
194.104.144.0/24
194.104.152.0/22
194.114.136.0/24
194.169.54.0/23
195.245.219.0/24
195.245.229.0/24
195.245.241.0-195.245.242.255
IPv6:
2a06:4fc0::/29
2a06:57c0::/29
2a07:e900::/29
2a07:fa00::/29
2a09:6::/32
2a0c:ed40::/29
2a0d:1fc0::/29
2a0d:3640::/29
2a0d:4340::/29
2a0d:4bc0::/29
2a0d:7540::/29
2a0d:de80::/29
2a0e:6200::/29
2a10:2600::/29
Signature Algorithm: sha256WithRSAEncryption
98:70:35:be:d2:55:db:5a:a4:58:ae:e6:69:6d:6a:a0:73:a4:
e7:0c:30:7b:96:8a:bc:15:88:8e:25:6e:25:72:b0:55:59:3c:
90:2b:d4:4a:69:58:fb:4c:17:71:27:39:fe:7e:99:d5:e7:48:
d0:f9:a6:42:9b:77:df:05:8c:2a:22:21:7a:f3:9a:a2:dd:b3:
ac:b1:c2:62:2f:4c:68:63:ce:ad:32:eb:b7:a7:ab:a8:92:4b:
e4:96:2f:e8:fe:72:68:77:df:d8:7a:1b:c2:eb:27:9b:dd:0e:
57:90:e5:36:f5:df:0d:d3:12:46:01:6b:0c:89:11:dc:8f:93:
37:63:14:da:64:48:ee:63:74:d6:14:40:d9:16:b3:99:34:e3:
e4:86:a3:bc:bc:b6:7e:ba:f6:72:a9:b0:f1:ae:7e:96:c1:3f:
68:c4:1f:28:5b:12:da:5d:9a:8d:05:ca:36:77:ff:44:6c:e4:
1d:00:72:b7:2e:70:ab:5b:b7:50:58:2d:2e:bd:5f:0f:0e:b3:
3c:b8:dd:f0:fa:f0:89:36:ef:b6:24:fe:4d:7b:b8:5e:ce:ce:
7f:43:ec:b6:8e:5c:22:22:0f:20:a6:ce:ee:a6:27:46:ef:fb:
c2:3a:d0:71:f4:19:dc:23:f2:ff:06:59:35:60:92:e3:bf:2a:
e7:a0:1d:65
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgISAYN1dkU6WmanglfquyZaiCpqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjIwOTI1MTYyMzQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGUzNzc2OWI5MTM2NjU2ZWZhZDI0YzY3MWYxNmQ4MWI2YmI5NDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9vHOqd+RRdsTBhkhsAgx8DO89p1
sTZDE5V3UqQS/RTHGp25cqF71jKnB4Ii/4VvVYgIQfWvur1eBxsiyvQN9B6dPb1w
xfpDRnTRL5DimqCBfq78Tmt/HIKl1bDaDu7+WyDfxt0nIpunmIDAnYmP+TvlsUf8
oUbRUZEDbgIPQyHFpFvtvpmuMW2V/TDRLyeF3jZCXqf4d2sAxWu9si+ozURypuFV
hXPyoaNBs74nhnClg9lYUjFr0WAF9uaUBAD+ZYCcwh3psq1nIu/cvXurNqZpaXPH
is9gJlV6uBm3CuCoF2U3IeSLhg+DTc6lB+P8YzX8pO4PR8WZXUjFVeGoAwIDAQAB
o4IDGTCCAxUwHQYDVR0OBBYEFFTjd2m5E2ZW760kxnHxbYG2u5QkMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvVk9OM2Fia1RabGJ2clNUR2NmRnRnYmE3bENRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLQYIKwYBBQUHAQcBAf8EggEcMIIBGDCBqwQCAAEwgaQD
BAItV1wDBAItghQDBAIti8ADBAItjSwDBAItjnwDBAItj+gDBAItkzADBAJQQsQD
BAJbyPADBAJefHQDBAJf1qQDBAKNYsQDBAKVPiwDBAK5wjQDBAK5yEADBAC51ZcD
BAO53tgDBALBIJQDBALCJBgDBADCaJADBALCaJgDBADCcogDBAHCqTYDBADD9dsD
BADD9eUwDAMEAMP18QMEAMP18jBoBAIAAjBiAwUDKgZPwAMFAyoGV8ADBQMqB+kA
AwUDKgf6AAMFACoJAAYDBQMqDO1AAwUDKg0fwAMFAyoNNkADBQMqDUNAAwUDKg1L
wAMFAyoNdUADBQMqDd6AAwUDKg5iAAMFAyoQJgAwDQYJKoZIhvcNAQELBQADggEB
AJhwNb7SVdtapFiu5mltaqBzpOcMMHuWirwViI4lbiVysFVZPJAr1EppWPtMF3En
Of5+mdXnSND5pkKbd98FjCoiIXrzmqLds6yxwmIvTGhjzq0y67enq6iSS+SWL+j+
cmh339h6G8LrJ5vdDleQ5Tb13w3TEkYBawyJEdyPkzdjFNpkSO5jdNYUQNkWs5k0
4+SGo7y8tn669nKpsPGufpbBP2jEHyhbEtpdmo0FyjZ3/0Rs5B0AcrcucKtbt1BY
LS69Xw8Oszy43fD68Ik277Yk/k17uF7Ozn9D7LaOXCIiDyCmzu6mJ0bv+8I60HH0
Gdwj8v8GWTVgkuO/KuegHWU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:59 2023 by rpki-client on console-fra.rpki-client.org