Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vdmkUAxM_FOuet5t88LGCYa1n3A.roa
File: vdmkUAxM_FOuet5t88LGCYa1n3A.roa (raw, json)
Hash identifier: AQlYpyKl1j1MUYA6G5eMAUyIY4K5r9abe8iou2OOPg8=
Subject key identifier: BD:D9:A4:50:0C:4C:FC:53:AE:7A:DE:6D:F3:C2:C6:09:86:B5:9F:70
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0184BD89C8DFB04FF6BE043CCEC38AF8EC1C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vdmkUAxM_FOuet5t88LGCYa1n3A.roa
Signing time: Mon 28 Nov 2022 09:20:34 +0000
ROA not before: Mon 28 Nov 2022 09:20:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14445
IP address blocks: 82.153.132.0/24 maxlen: 24
82.153.4.0/24 maxlen: 24
82.153.10.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:bd:89:c8:df:b0:4f:f6:be:04:3c:ce:c3:8a:f8:ec:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 28 09:20:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bdd9a4500c4cfc53ae7ade6df3c2c60986b59f70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c5:cf:22:0c:89:18:b0:d7:bc:03:e5:3f:03:
dd:2f:2a:8e:21:fd:1d:0d:02:c0:bf:d9:07:f0:16:
69:f1:c0:95:f9:5a:5d:05:d2:99:e2:6f:8b:63:b7:
78:90:f1:53:29:41:97:27:08:60:23:90:7e:b3:dc:
e4:63:44:65:5f:e7:d1:3d:14:79:99:e8:8a:2a:45:
95:49:b7:ef:02:05:2a:3b:52:b0:e3:88:94:9a:f0:
30:ce:81:fd:b6:4a:62:4e:98:b4:01:b0:6b:3a:27:
0e:3c:bb:fb:46:46:31:24:30:db:7e:60:19:44:2a:
e8:1e:92:b4:77:98:d6:70:59:40:d1:f1:e4:dd:72:
ee:c2:d4:65:2d:c7:28:08:d9:de:1c:52:f2:5d:6f:
b1:c9:2e:93:21:4e:1d:a7:f3:9a:ae:6a:6e:d4:14:
4b:a2:3e:8f:0f:39:9c:ab:7c:b9:7b:89:7c:5c:b2:
33:2b:66:c0:0b:4d:3a:7b:9b:04:33:7d:40:c6:79:
89:6f:56:fe:60:52:08:c9:8a:3b:83:2e:d7:7c:3b:
56:55:30:f7:9f:f9:d2:1a:c9:4d:3b:4c:fb:f2:d1:
63:24:49:3b:42:2c:e2:6f:d7:41:60:01:7a:62:fb:
8d:70:9c:e8:7c:0b:93:7d:d1:6f:28:b0:13:f5:49:
62:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:D9:A4:50:0C:4C:FC:53:AE:7A:DE:6D:F3:C2:C6:09:86:B5:9F:70
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vdmkUAxM_FOuet5t88LGCYa1n3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.4.0/24
82.153.10.0/24
82.153.132.0/24
Signature Algorithm: sha256WithRSAEncryption
56:48:90:cf:8f:e8:91:66:4c:85:e0:4b:14:b1:64:28:82:2b:
f9:9a:e7:12:0c:fe:f8:e8:1e:2a:52:b1:88:ca:ba:ed:07:3a:
14:c2:8f:72:c6:5f:06:81:f3:4a:75:3b:f0:32:89:9f:b2:c3:
1d:a4:8f:a5:8a:06:9b:16:dc:8e:f0:05:f6:14:7c:5f:bc:30:
69:2f:97:9e:de:2e:b1:f6:9a:cd:65:c1:33:24:cb:56:e3:75:
68:eb:10:cd:27:29:fc:8c:18:75:95:08:4c:d6:cc:bf:ee:5a:
46:37:df:c0:85:ea:5c:47:02:55:08:d7:d3:71:f1:b8:38:c4:
cf:ad:2a:13:c4:12:7b:40:09:1c:34:2b:60:02:cf:e0:6b:37:
65:f9:73:d4:ac:75:4e:bd:31:15:27:3d:38:80:ca:38:78:8b:
a8:27:cb:a0:59:b9:f0:34:d2:89:8c:37:1b:43:2a:0c:bc:7d:
0a:fd:47:3f:9c:0d:1a:77:51:84:2e:e9:34:57:fb:a5:b7:d3:
43:8c:f9:d5:52:3f:a0:72:f7:13:28:05:ba:c7:02:75:2f:b0:
ba:2f:4b:3b:63:d6:81:d9:62:d5:d1:78:a7:d6:3b:f4:54:de:
6c:ad:22:ad:f4:7f:14:ae:b5:4d:6f:f6:f3:fa:7c:df:68:6e:
42:20:dd:5c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYS9icjfsE/2vgQ8zsOK+OwcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjIxMTI4MDkyMDM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGQ5YTQ1MDBjNGNmYzUzYWU3YWRlNmRmM2MyYzYwOTg2YjU5ZjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMXPIgyJGLDXvAPlPwPdLyqOIf0d
DQLAv9kH8BZp8cCV+VpdBdKZ4m+LY7d4kPFTKUGXJwhgI5B+s9zkY0RlX+fRPRR5
meiKKkWVSbfvAgUqO1Kw44iUmvAwzoH9tkpiTpi0AbBrOicOPLv7RkYxJDDbfmAZ
RCroHpK0d5jWcFlA0fHk3XLuwtRlLccoCNneHFLyXW+xyS6TIU4dp/Oarmpu1BRL
oj6PDzmcq3y5e4l8XLIzK2bAC006e5sEM31AxnmJb1b+YFIIyYo7gy7XfDtWVTD3
n/nSGslNO0z78tFjJEk7Qizib9dBYAF6YvuNcJzofAuTfdFvKLAT9UlivQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFL3ZpFAMTPxTrnrebfPCxgmGtZ9wMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdmRta1VBeE1fRk91ZXQ1dDg4TEdDWWExbjNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUpkEAwQA
UpkKAwQAUpmEMA0GCSqGSIb3DQEBCwUAA4IBAQBWSJDPj+iRZkyF4EsUsWQogiv5
mucSDP746B4qUrGIyrrtBzoUwo9yxl8GgfNKdTvwMomfssMdpI+ligabFtyO8AX2
FHxfvDBpL5ee3i6x9prNZcEzJMtW43Vo6xDNJyn8jBh1lQhM1sy/7lpGN9/Ahepc
RwJVCNfTcfG4OMTPrSoTxBJ7QAkcNCtgAs/gazdl+XPUrHVOvTEVJz04gMo4eIuo
J8ugWbnwNNKJjDcbQyoMvH0K/Uc/nA0ad1GELuk0V/ult9NDjPnVUj+gcvcTKAW6
xwJ1L7C6L0s7Y9aB2WLV0Xin1jv0VN5srSKt9H8UrrVNb/bz+nzfaG5CIN1c
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org