Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/vgGUJyr1cRggvo-2xWSEaxo6hYo.roa
File: vgGUJyr1cRggvo-2xWSEaxo6hYo.roa (raw, json)
Hash identifier: /HOo5Z4AkI5+TVrU8dHtuYAtRuk6yw0I40oFYMj1xtw=
Subject key identifier: BE:01:94:27:2A:F5:71:18:20:BE:8F:B6:C5:64:84:6B:1A:3A:85:8A
Certificate issuer: /CN=ae7a9b1745a5a70c3bf7bcc2c2ee166460aff7a8
Certificate serial: 3820472B
Authority key identifier: AE:7A:9B:17:45:A5:A7:0C:3B:F7:BC:C2:C2:EE:16:64:60:AF:F7:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnqbF0Wlpww797zCwu4WZGCv96g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/vgGUJyr1cRggvo-2xWSEaxo6hYo.roa
Signing time: Wed 23 Mar 2022 21:20:22 +0000
ROA not before: Wed 23 Mar 2022 21:20:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34700
IP address blocks: 31.202.0.0/17 maxlen: 17
46.160.88.0/21 maxlen: 21
178.165.0.0/17 maxlen: 18
31.202.128.0/18 maxlen: 18
185.147.96.0/22 maxlen: 22
5.255.160.0/20 maxlen: 20
79.171.120.0/21 maxlen: 21
2a00:1210::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 941639467 (0x3820472b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7a9b1745a5a70c3bf7bcc2c2ee166460aff7a8
Validity
Not Before: Mar 23 21:20:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=be0194272af5711820be8fb6c564846b1a3a858a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:6c:16:db:ce:cd:52:f8:69:d3:d1:be:55:61:
6b:a1:9b:73:ce:3e:c4:d1:57:3d:6a:96:51:f0:10:
de:09:b8:10:33:32:9f:84:59:0f:6a:bb:70:13:44:
b4:31:ab:6c:a0:90:15:54:dd:39:0f:c9:e7:fa:39:
f9:16:c3:3b:de:9f:10:d2:25:4c:5f:6c:83:82:65:
5f:31:8f:6c:45:52:a3:46:82:f5:97:1c:ac:b5:eb:
2f:5a:4f:a5:f6:9c:a5:47:2a:55:0b:69:57:c2:ad:
0a:f5:50:22:6d:a8:68:0e:3e:9c:4f:fb:05:af:92:
66:44:7f:b6:26:7e:b1:fd:46:8d:12:5c:4f:05:63:
4a:d3:13:b6:6a:28:be:cc:d7:06:ac:ed:f9:73:4b:
d3:8f:84:a4:05:a1:28:4e:38:2c:83:e3:a8:a2:ff:
82:a8:fe:92:fe:58:f5:0b:fa:2d:e4:04:b9:fe:30:
56:1f:72:cb:4d:67:72:27:0b:ed:cf:c1:90:e9:20:
33:a2:84:51:ec:66:62:f7:80:63:c2:1b:23:cd:e4:
67:03:ea:3a:5a:b9:83:22:35:ab:be:d4:9b:fa:a9:
4e:27:83:44:44:f8:53:e5:80:09:74:32:ee:a3:03:
82:70:c6:24:86:c2:30:6c:5e:13:11:55:3f:f7:dc:
1f:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:01:94:27:2A:F5:71:18:20:BE:8F:B6:C5:64:84:6B:1A:3A:85:8A
X509v3 Authority Key Identifier:
keyid:AE:7A:9B:17:45:A5:A7:0C:3B:F7:BC:C2:C2:EE:16:64:60:AF:F7:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnqbF0Wlpww797zCwu4WZGCv96g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/vgGUJyr1cRggvo-2xWSEaxo6hYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/rnqbF0Wlpww797zCwu4WZGCv96g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.255.160.0/20
31.202.0.0-31.202.191.255
46.160.88.0/21
79.171.120.0/21
178.165.0.0/17
185.147.96.0/22
IPv6:
2a00:1210::/32
Signature Algorithm: sha256WithRSAEncryption
01:77:7f:d6:e2:60:7e:ca:78:61:6b:d9:fe:60:01:de:99:64:
69:cb:91:e5:bb:43:0f:a6:44:89:2b:1a:95:b5:91:25:ac:b9:
5c:1c:e4:15:12:5c:84:3e:71:dc:d5:c9:92:28:e3:f3:8e:4d:
a6:c9:9b:18:bc:e8:ed:15:45:da:5d:24:60:65:23:60:03:14:
ba:cb:73:30:26:41:3a:1c:fd:cd:74:f2:c3:47:69:42:78:5e:
fe:f7:fd:57:15:ba:60:2c:12:60:aa:6d:97:2b:a7:5d:d7:b6:
00:90:a4:8f:59:4d:9f:fa:89:db:d5:26:cd:7a:92:9b:6e:b9:
cf:66:65:69:07:61:9f:86:a1:cd:a5:26:e1:ef:ea:79:4e:9e:
04:36:c5:2e:8c:09:aa:c7:8f:dd:f8:2a:6c:6e:91:4f:3a:f9:
ad:fd:e4:32:8d:06:87:09:e7:1b:76:29:6d:ac:d3:83:ad:76:
29:a7:06:e5:39:ce:f1:78:65:a8:be:73:0a:c3:b5:01:84:5d:
eb:22:fb:a1:96:69:22:1e:93:07:b8:4f:3d:c3:b4:a5:54:f3:
a0:65:aa:e4:b4:e1:bf:ad:93:e7:38:63:f8:ca:5a:08:b9:1b:
bb:44:d9:34:09:87:02:f5:63:64:5e:19:e1:3b:2e:54:25:8b:
ce:5a:ac:c9
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIEOCBHKzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZTdhOWIxNzQ1YTVhNzBjM2JmN2JjYzJjMmVlMTY2NDYwYWZmN2E4MB4XDTIyMDMy
MzIxMjAyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmUwMTk0MjcyYWY1
NzExODIwYmU4ZmI2YzU2NDg0NmIxYTNhODU4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALpsFtvOzVL4adPRvlVha6Gbc84+xNFXPWqWUfAQ3gm4EDMy
n4RZD2q7cBNEtDGrbKCQFVTdOQ/J5/o5+RbDO96fENIlTF9sg4JlXzGPbEVSo0aC
9ZccrLXrL1pPpfacpUcqVQtpV8KtCvVQIm2oaA4+nE/7Ba+SZkR/tiZ+sf1GjRJc
TwVjStMTtmoovszXBqzt+XNL04+EpAWhKE44LIPjqKL/gqj+kv5Y9Qv6LeQEuf4w
Vh9yy01ncicL7c/BkOkgM6KEUexmYveAY8IbI83kZwPqOlq5gyI1q77Um/qpTieD
RET4U+WACXQy7qMDgnDGJIbCMGxeExFVP/fcH6ECAwEAAaOCAj0wggI5MB0GA1Ud
DgQWBBS+AZQnKvVxGCC+j7bFZIRrGjqFijAfBgNVHSMEGDAWgBSuepsXRaWnDDv3
vMLC7hZkYK/3qDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JucWJGMFdscHd3Nzk3ekN3dTRXWkdDdjk2Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWMvNmU5MDlkLWQzMjUtNDhhMS05NDQzLWNjOWE3NThjOTkxNi8x
L3ZnR1VKeXIxY1JnZ3ZvLTJ4V1NFYXhvNmhZby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMv
NmU5MDlkLWQzMjUtNDhhMS05NDQzLWNjOWE3NThjOTkxNi8xL3JucWJGMFdscHd3
Nzk3ekN3dTRXWkdDdjk2Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBT
BggrBgEFBQcBBwEB/wREMEIwMQQCAAEwKwMEBAX/oDALAwMBH8oDBAYfyoADBAMu
oFgDBANPq3gDBAeypQADBAK5k2AwDQQCAAIwBwMFACoAEhAwDQYJKoZIhvcNAQEL
BQADggEBAAF3f9biYH7KeGFr2f5gAd6ZZGnLkeW7Qw+mRIkrGpW1kSWsuVwc5BUS
XIQ+cdzVyZIo4/OOTabJmxi86O0VRdpdJGBlI2ADFLrLczAmQToc/c108sNHaUJ4
Xv73/VcVumAsEmCqbZcrp13XtgCQpI9ZTZ/6idvVJs16kptuuc9mZWkHYZ+Goc2l
JuHv6nlOngQ2xS6MCarHj934KmxukU86+a395DKNBocJ5xt2KW2s04OtdimnBuU5
zvF4Zai+cwrDtQGEXesi+6GWaSIekwe4Tz3DtKVU86BlquS04b+tk+c4Y/jKWgi5
G7tE2TQJhwL1Y2ReGeE7LlQli85arMk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:04 2024 by rpki-client on console-ams.rpki-client.org