Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/vx2gsviX_BYjjujGXG3mdieG1qw.roa
File: vx2gsviX_BYjjujGXG3mdieG1qw.roa (raw, json)
Hash identifier: YwwQRW2wiWlYDoLTU8gnklu0LQo1zdySzEj6Ua/4dsE=
Subject key identifier: BF:1D:A0:B2:F8:97:FC:16:23:8E:E8:C6:5C:6D:E6:76:27:86:D6:AC
Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial: 01849BBEAF76473E6B06C0765D5E9EAA8DBE
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/vx2gsviX_BYjjujGXG3mdieG1qw.roa
Signing time: Mon 21 Nov 2022 19:51:15 +0000
ROA not before: Mon 21 Nov 2022 19:51:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44094
IP address blocks: 185.250.149.0/24 maxlen: 24
45.67.230.0/24 maxlen: 24
2a09:7c47::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9b:be:af:76:47:3e:6b:06:c0:76:5d:5e:9e:aa:8d:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Validity
Not Before: Nov 21 19:51:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bf1da0b2f897fc16238ee8c65c6de6762786d6ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:e2:42:34:e0:5b:ed:6b:e1:99:42:69:f8:b3:
0c:6b:2d:6c:af:49:e0:a1:12:49:21:71:57:a5:6f:
4e:88:93:03:38:47:94:ba:ae:e1:60:a5:fe:94:fb:
5e:55:70:1d:d5:20:8f:38:24:e1:42:ce:ee:07:94:
c6:fc:98:b8:3d:7c:e7:94:43:de:83:6a:62:17:17:
c7:e4:f6:58:e3:80:c6:6d:09:cb:be:6d:e4:66:77:
d8:b3:51:7d:ef:f1:d7:5f:86:c4:8c:4f:3c:ff:95:
5d:6c:35:8b:66:c9:ac:a5:91:22:48:79:64:37:61:
41:28:93:9c:31:fe:88:95:7f:bc:5e:e6:0c:9d:8e:
e3:8b:57:a1:9f:f4:a3:16:cf:08:8e:66:5e:a0:44:
da:16:9c:31:39:83:3f:c6:6c:dd:2e:a3:d5:3b:d7:
3e:cd:a3:2e:e2:80:17:d9:84:bf:9f:90:45:c7:f1:
78:31:6f:0c:9e:4f:f2:75:05:a7:80:0c:e1:c3:84:
bc:91:20:74:0b:90:43:36:63:52:6b:35:22:48:2d:
85:8c:7c:0d:bb:f9:f4:dd:38:f0:01:12:4d:51:e3:
30:ce:ab:e0:28:de:cc:ed:fb:b9:9a:b5:df:ae:ea:
d4:d2:0e:36:af:a6:9f:f5:56:51:07:0d:2a:67:80:
23:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:1D:A0:B2:F8:97:FC:16:23:8E:E8:C6:5C:6D:E6:76:27:86:D6:AC
X509v3 Authority Key Identifier:
keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/vx2gsviX_BYjjujGXG3mdieG1qw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.230.0/24
185.250.149.0/24
IPv6:
2a09:7c47::/32
Signature Algorithm: sha256WithRSAEncryption
69:d3:55:62:29:0a:8a:f3:e9:ea:71:80:c2:02:77:40:12:7f:
e7:5c:d0:f7:b1:f7:56:59:c3:2a:33:0a:3c:b4:d7:be:50:cf:
db:40:e9:1e:d1:27:92:fb:a8:8c:d3:31:45:d4:91:a0:fc:a5:
fc:ce:96:1d:59:f8:3c:06:cf:1b:80:2d:4a:7f:21:0e:6b:cc:
49:76:bc:a9:d5:bb:40:2b:7b:d9:fd:66:86:ba:d5:d9:35:32:
b8:36:0e:5a:d4:b0:bb:bd:98:f1:a1:e3:b0:09:c4:4c:2f:95:
52:4c:1c:6c:cf:1a:be:ff:fb:dd:ab:5e:ec:bf:a1:76:70:15:
ef:1a:ba:b8:47:04:e0:e1:74:93:0a:fe:4f:ba:47:1d:f2:7e:
2d:d0:bf:19:e8:5d:46:4a:4c:66:72:ba:4e:ee:d8:47:e7:c9:
85:30:f2:ba:d0:aa:a2:92:2e:fe:31:2b:f3:f9:6a:00:50:b0:
40:47:be:61:40:7b:8d:82:69:d1:ac:f0:6a:bc:c0:9b:2a:fb:
78:43:08:12:25:5c:43:39:ca:5e:ce:43:ea:08:e7:65:ca:70:
90:13:2a:c3:99:61:ee:78:7e:bd:24:fc:b9:3d:ce:23:7e:d5:
0d:bf:68:18:67:e0:c9:f2:d8:b0:cb:25:62:e9:ef:ed:09:a6:
d4:b4:88:e6
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYSbvq92Rz5rBsB2XV6eqo2+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjIxMTIxMTk1MTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjFkYTBiMmY4OTdmYzE2MjM4ZWU4YzY1YzZkZTY3NjI3ODZkNmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkeJCNOBb7WvhmUJp+LMMay1sr0ng
oRJJIXFXpW9OiJMDOEeUuq7hYKX+lPteVXAd1SCPOCThQs7uB5TG/Ji4PXznlEPe
g2piFxfH5PZY44DGbQnLvm3kZnfYs1F97/HXX4bEjE88/5VdbDWLZsmspZEiSHlk
N2FBKJOcMf6IlX+8XuYMnY7ji1ehn/SjFs8IjmZeoETaFpwxOYM/xmzdLqPVO9c+
zaMu4oAX2YS/n5BFx/F4MW8Mnk/ydQWngAzhw4S8kSB0C5BDNmNSazUiSC2FjHwN
u/n03TjwARJNUeMwzqvgKN7M7fu5mrXfrurU0g42r6af9VZRBw0qZ4AjnwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFL8doLL4l/wWI47oxlxt5nYnhtasMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvdngyZ3N2aVhfQllqanVqR1hHM21kaWVHMXF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALUPmAwQA
ufqVMA0EAgACMAcDBQAqCXxHMA0GCSqGSIb3DQEBCwUAA4IBAQBp01ViKQqK8+nq
cYDCAndAEn/nXND3sfdWWcMqMwo8tNe+UM/bQOke0SeS+6iM0zFF1JGg/KX8zpYd
Wfg8Bs8bgC1KfyEOa8xJdryp1btAK3vZ/WaGutXZNTK4Ng5a1LC7vZjxoeOwCcRM
L5VSTBxszxq+//vdq17sv6F2cBXvGrq4RwTg4XSTCv5Pukcd8n4t0L8Z6F1GSkxm
crpO7thH58mFMPK60Kqiki7+MSvz+WoAULBAR75hQHuNgmnRrPBqvMCbKvt4QwgS
JVxDOcpezkPqCOdlynCQEyrDmWHueH69JPy5Pc4jftUNv2gYZ+DJ8tiwyyVi6e/t
CabUtIjm
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:53 2023 by rpki-client on console-ams.rpki-client.org