Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/0e42e8-746c-4a3a-8d63-cc053f6a1ee6/1/VMoXDzYoIwkljlZ3VMZjWUFaCxY.roa
File: VMoXDzYoIwkljlZ3VMZjWUFaCxY.roa (raw, json)
Hash identifier: Oo9A+TWfjTwMtlRcjSYFM5gt6rDYxs+UaHpYiH4peAg=
Subject key identifier: 54:CA:17:0F:36:28:23:09:25:8E:56:77:54:C6:63:59:41:5A:0B:16
Certificate issuer: /CN=2b9ade3c191278b2aa8ad76742eebbdefe7285e6
Certificate serial: 154B82C6
Authority key identifier: 2B:9A:DE:3C:19:12:78:B2:AA:8A:D7:67:42:EE:BB:DE:FE:72:85:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K5rePBkSeLKqitdnQu673v5yheY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/0e42e8-746c-4a3a-8d63-cc053f6a1ee6/1/VMoXDzYoIwkljlZ3VMZjWUFaCxY.roa
Signing time: Sat 01 Jan 2022 13:57:31 +0000
ROA not before: Sat 01 Jan 2022 13:57:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60163
IP address blocks: 185.54.30.0/24 maxlen: 24
185.54.28.0/24 maxlen: 24
185.54.31.0/24 maxlen: 24
185.54.29.0/24 maxlen: 24
2a02:4261::/32 maxlen: 32
2a02:4263::/32 maxlen: 32
2a02:4260::/32 maxlen: 32
2a02:4264::/30 maxlen: 30
2a02:4262::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 357270214 (0x154b82c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b9ade3c191278b2aa8ad76742eebbdefe7285e6
Validity
Not Before: Jan 1 13:57:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=54ca170f36282309258e567754c66359415a0b16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:78:11:bc:7c:1d:51:1f:fb:4c:9a:ab:23:91:
98:eb:a0:51:d7:88:0f:5a:04:85:7e:6b:a6:4c:b7:
a7:ce:24:1b:9f:7b:ae:23:60:1d:78:20:92:4e:2f:
66:a8:42:cd:bd:e7:26:dc:49:3c:02:38:e2:5c:a8:
ae:8f:4f:4c:60:6b:a2:9c:01:78:c6:46:67:8b:54:
41:77:c2:50:7c:ac:94:52:8d:1b:e0:f3:28:1c:8b:
68:83:3a:e6:c4:f2:2d:48:8e:ea:e9:f0:74:b8:5a:
3d:7a:bb:c9:83:d7:af:59:f7:de:2f:66:12:de:31:
07:79:3a:b0:59:15:6e:e4:2f:5f:f9:ad:79:1f:a6:
25:31:a2:78:49:3a:7e:19:ac:c4:e3:0b:be:6b:58:
8a:63:ee:46:5b:b4:96:c2:f3:cf:ce:42:c1:a0:9e:
8c:34:8f:5b:46:ec:ad:fe:1d:c5:29:4e:74:88:c1:
8d:d4:cb:72:c9:2c:cf:00:3f:60:8a:12:86:d6:fa:
13:5f:00:86:41:97:91:68:e4:38:3c:c5:06:43:82:
06:25:95:a5:ae:68:24:5e:1a:86:04:fa:0b:24:7c:
77:bd:d3:4a:99:76:51:9e:ba:f4:fa:11:1c:28:bc:
55:28:3a:5d:31:c1:5d:b0:01:84:84:7a:d1:e1:e6:
e3:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:CA:17:0F:36:28:23:09:25:8E:56:77:54:C6:63:59:41:5A:0B:16
X509v3 Authority Key Identifier:
keyid:2B:9A:DE:3C:19:12:78:B2:AA:8A:D7:67:42:EE:BB:DE:FE:72:85:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5rePBkSeLKqitdnQu673v5yheY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/0e42e8-746c-4a3a-8d63-cc053f6a1ee6/1/VMoXDzYoIwkljlZ3VMZjWUFaCxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/0e42e8-746c-4a3a-8d63-cc053f6a1ee6/1/K5rePBkSeLKqitdnQu673v5yheY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.54.28.0/22
IPv6:
2a02:4260::/29
Signature Algorithm: sha256WithRSAEncryption
8d:f2:c0:56:e1:c9:a3:5d:62:7f:84:d4:74:a2:8b:c9:79:8e:
9b:f3:95:55:be:eb:57:d5:e6:ca:52:ef:50:c3:e1:c7:14:c6:
f4:08:8c:80:3f:40:db:39:17:7a:a6:26:9e:98:77:ea:c7:45:
59:d9:fd:48:ce:ef:f4:12:48:f7:90:8a:be:59:32:8a:4a:84:
65:5c:b4:f7:29:86:d5:ec:92:7b:bd:d6:e0:4d:06:b7:2b:fa:
a4:5f:47:a8:a0:cf:b5:56:79:0b:f0:94:38:82:46:22:9a:ee:
90:a0:55:41:4f:4b:27:aa:6a:bc:0e:31:67:bd:7b:59:5c:f0:
59:e4:7c:cb:97:41:d5:fb:86:07:ee:b0:1a:1e:60:b8:6b:ca:
3f:8c:56:e0:5c:ff:05:d8:93:38:b8:6b:80:ed:b8:a2:24:a1:
b0:f2:7c:93:cf:4a:6a:00:30:ae:6d:33:1d:e1:59:07:8f:41:
ce:0a:f0:a9:5a:49:85:83:61:c6:35:39:a6:de:b7:af:06:5f:
c1:98:f4:38:0c:a0:79:18:05:de:0b:0d:b9:c7:18:bd:a6:e2:
42:a2:87:ba:9a:fb:6c:30:43:9a:c1:a0:44:fb:75:37:ff:db:
28:3b:0f:fd:d6:f2:29:fb:6b:8b:97:eb:4b:10:f3:fc:38:2e:
d9:be:0b:9d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEFUuCxjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YjlhZGUzYzE5MTI3OGIyYWE4YWQ3Njc0MmVlYmJkZWZlNzI4NWU2MB4XDTIyMDEw
MTEzNTczMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTRjYTE3MGYzNjI4
MjMwOTI1OGU1Njc3NTRjNjYzNTk0MTVhMGIxNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKd4Ebx8HVEf+0yaqyORmOugUdeID1oEhX5rpky3p84kG597
riNgHXggkk4vZqhCzb3nJtxJPAI44lyoro9PTGBropwBeMZGZ4tUQXfCUHyslFKN
G+DzKByLaIM65sTyLUiO6unwdLhaPXq7yYPXr1n33i9mEt4xB3k6sFkVbuQvX/mt
eR+mJTGieEk6fhmsxOMLvmtYimPuRlu0lsLzz85CwaCejDSPW0bsrf4dxSlOdIjB
jdTLcskszwA/YIoShtb6E18AhkGXkWjkODzFBkOCBiWVpa5oJF4ahgT6CyR8d73T
Spl2UZ669PoRHCi8VSg6XTHBXbABhIR60eHm400CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRUyhcPNigjCSWOVndUxmNZQVoLFjAfBgNVHSMEGDAWgBQrmt48GRJ4sqqK
12dC7rve/nKF5jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0s1cmVQQmtTZUxLcWl0ZG5RdTY3M3Y1eWhlWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGIvMGU0MmU4LTc0NmMtNGEzYS04ZDYzLWNjMDUzZjZhMWVlNi8x
L1ZNb1hEellvSXdrbGpsWjNWTVpqV1VGYUN4WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGIv
MGU0MmU4LTc0NmMtNGEzYS04ZDYzLWNjMDUzZjZhMWVlNi8xL0s1cmVQQmtTZUxL
cWl0ZG5RdTY3M3Y1eWhlWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArk2HDANBAIAAjAHAwUDKgJCYDAN
BgkqhkiG9w0BAQsFAAOCAQEAjfLAVuHJo11if4TUdKKLyXmOm/OVVb7rV9XmylLv
UMPhxxTG9AiMgD9A2zkXeqYmnph36sdFWdn9SM7v9BJI95CKvlkyikqEZVy09ymG
1eySe73W4E0Gtyv6pF9HqKDPtVZ5C/CUOIJGIprukKBVQU9LJ6pqvA4xZ717WVzw
WeR8y5dB1fuGB+6wGh5guGvKP4xW4Fz/BdiTOLhrgO24oiShsPJ8k89KagAwrm0z
HeFZB49BzgrwqVpJhYNhxjU5pt63rwZfwZj0OAygeRgF3gsNuccYvabiQqKHupr7
bDBDmsGgRPt1N//bKDsP/dbyKftri5frSxDz/Dgu2b4LnQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:52 2023 by rpki-client on console-ams.rpki-client.org