Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/VEparfIFcUMv3K8ocCaTNcEtii4.roa
File: VEparfIFcUMv3K8ocCaTNcEtii4.roa (raw, json)
Hash identifier: UVxzQVozAM40wFs4UyXh8UsUaCXqPhcgOJ12vyskW2E=
Subject key identifier: 54:4A:5A:AD:F2:05:71:43:2F:DC:AF:28:70:26:93:35:C1:2D:8A:2E
Certificate issuer: /CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Certificate serial: 01852AB72F8985F4DCFB189A9C7CA0257C1D
Authority key identifier: 1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/VEparfIFcUMv3K8ocCaTNcEtii4.roa
Signing time: Mon 19 Dec 2022 14:08:46 +0000
ROA not before: Mon 19 Dec 2022 14:08:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 26383
IP address blocks: 91.149.232.0/23 maxlen: 23
91.149.240.0/24 maxlen: 24
91.149.236.0/23 maxlen: 23
91.149.243.0/24 maxlen: 24
91.149.242.0/24 maxlen: 24
91.149.241.0/24 maxlen: 24
91.149.253.0/24 maxlen: 24
91.149.255.0/24 maxlen: 24
91.149.254.0/24 maxlen: 24
91.149.202.0/23 maxlen: 23
91.149.218.0/24 maxlen: 24
91.149.222.0/23 maxlen: 23
91.149.221.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2a:b7:2f:89:85:f4:dc:fb:18:9a:9c:7c:a0:25:7c:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Validity
Not Before: Dec 19 14:08:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=544a5aadf20571432fdcaf2870269335c12d8a2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:c6:0f:e6:b5:3b:be:1e:05:81:6a:9f:dd:ea:
3e:ef:e1:50:40:e5:52:d9:43:16:5b:3f:cf:43:da:
d5:13:da:a5:0d:25:1d:b7:5f:92:19:eb:36:94:4f:
35:85:58:aa:b0:a6:2d:ea:35:eb:1a:92:b5:8e:5c:
f6:69:1a:8f:77:2a:00:98:1c:76:24:bb:35:4b:7f:
e0:6a:64:92:4e:45:2e:42:c4:ea:94:3f:55:b0:09:
c4:bf:fa:28:2f:25:10:fd:a1:55:c7:10:c5:62:f5:
d8:50:0f:42:ca:bb:42:6d:f0:ff:c0:ad:54:89:98:
50:c1:51:5d:ad:56:c7:dc:b3:84:67:29:81:99:a1:
c1:12:dd:ed:85:79:2d:a6:9f:93:e3:f3:ac:2d:90:
59:19:04:aa:97:04:bd:9c:00:c0:4a:fb:8e:03:5d:
31:b5:f8:df:0a:86:e3:b9:9b:d3:f9:04:05:fe:89:
44:7b:25:c3:15:c7:8e:97:b1:52:c4:c7:7d:d9:29:
10:c1:9e:30:67:46:8b:13:1a:1b:b6:34:4c:93:bd:
ee:b1:56:a2:b5:23:f1:94:d8:76:af:94:60:ea:fc:
bb:0c:bf:c9:06:66:d0:cc:4c:a9:25:7a:39:1a:55:
b8:30:57:21:ea:0c:1c:fb:99:fc:98:28:55:5d:2d:
14:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:4A:5A:AD:F2:05:71:43:2F:DC:AF:28:70:26:93:35:C1:2D:8A:2E
X509v3 Authority Key Identifier:
keyid:1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/VEparfIFcUMv3K8ocCaTNcEtii4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.149.202.0/23
91.149.218.0/24
91.149.221.0-91.149.223.255
91.149.232.0/23
91.149.236.0/23
91.149.240.0/22
91.149.253.0-91.149.255.255
Signature Algorithm: sha256WithRSAEncryption
12:92:3c:ae:8a:bb:96:19:1c:99:e0:bc:3c:8d:38:4a:bd:17:
c9:63:dd:d6:f1:f4:a0:5d:fd:14:13:b2:7f:af:a0:eb:6c:ac:
f3:60:c8:9b:a3:b6:ac:7c:7e:bb:f0:16:fa:c1:2c:fd:7a:fa:
19:18:a7:ee:cd:6f:c3:a5:15:55:be:b2:c0:88:73:0e:a0:b3:
33:79:17:ce:04:71:37:db:ad:0b:3d:5d:e1:e8:bc:9f:21:d4:
81:da:03:7f:6b:03:ef:e0:51:11:51:9e:38:c7:92:d5:8e:60:
0c:f8:d9:06:9d:e1:58:4f:6d:00:4b:f6:fc:5f:e9:4f:76:64:
31:ac:2b:36:81:e2:a0:fc:e2:ff:9d:07:9a:df:f2:7a:14:1a:
82:c6:cd:68:b3:9f:9a:ec:6e:6a:5a:c4:66:2b:d4:a3:dd:f8:
71:af:97:29:e9:6f:96:84:3c:11:81:4d:a4:80:73:6f:83:26:
36:c5:d3:61:90:34:13:7f:2b:c7:2f:ed:30:6b:ad:7a:1e:56:
42:41:51:cc:99:b1:06:78:c5:03:81:30:5e:fb:4d:5e:f2:11:
01:61:07:6f:a0:f4:25:03:46:d3:6f:85:aa:8f:59:72:97:fd:
c6:76:c1:c2:a6:7a:bb:d2:6c:63:2d:eb:64:d5:c2:4a:6b:9a:
79:74:f3:80
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYUqty+JhfTc+xianHygJXwdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2I2Mzc2YTE2NDhkNDlkNTVlNGQ3YjAxMzcxMzY3YjBk
YzJhZjkwHhcNMjIxMjE5MTQwODQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDRhNWFhZGYyMDU3MTQzMmZkY2FmMjg3MDI2OTMzNWMxMmQ4YTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6sYP5rU7vh4FgWqf3eo+7+FQQOVS
2UMWWz/PQ9rVE9qlDSUdt1+SGes2lE81hViqsKYt6jXrGpK1jlz2aRqPdyoAmBx2
JLs1S3/gamSSTkUuQsTqlD9VsAnEv/ooLyUQ/aFVxxDFYvXYUA9CyrtCbfD/wK1U
iZhQwVFdrVbH3LOEZymBmaHBEt3thXktpp+T4/OsLZBZGQSqlwS9nADASvuOA10x
tfjfCobjuZvT+QQF/olEeyXDFceOl7FSxMd92SkQwZ4wZ0aLExobtjRMk73usVai
tSPxlNh2r5Rg6vy7DL/JBmbQzEypJXo5GlW4MFch6gwc+5n8mChVXS0UQwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFFRKWq3yBXFDL9yvKHAmkzXBLYouMB8GA1UdIwQY
MBaAFBrLY3ahZI1J1V5NewE3E2ew3Cr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAt
N2E5MzY3NTFkYjFiLzEvVkVwYXJmSUZjVU12M0s4b2NDYVROY0V0aWk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAtN2E5MzY3NTFkYjFi
LzEvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAATA5AwQBW5XKAwQA
W5XaMAwDBABbld0DBAVblcADBAFblegDBAFblewDBAJblfAwCwMEAFuV/QMDAVuU
MA0GCSqGSIb3DQEBCwUAA4IBAQASkjyuiruWGRyZ4Lw8jThKvRfJY93W8fSgXf0U
E7J/r6DrbKzzYMibo7asfH678Bb6wSz9evoZGKfuzW/DpRVVvrLAiHMOoLMzeRfO
BHE3260LPV3h6LyfIdSB2gN/awPv4FERUZ44x5LVjmAM+NkGneFYT20AS/b8X+lP
dmQxrCs2geKg/OL/nQea3/J6FBqCxs1os5+a7G5qWsRmK9Sj3fhxr5cp6W+WhDwR
gU2kgHNvgyY2xdNhkDQTfyvHL+0wa616HlZCQVHMmbEGeMUDgTBe+01e8hEBYQdv
oPQlA0bTb4Wqj1lyl/3GdsHCpnq70mxjLetk1cJKa5p5dPOA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:21 2024 by rpki-client on console-fra.rpki-client.org