Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/1VZCGeiszeXiYnfzvqgGZKUhR5U.roa
File: 1VZCGeiszeXiYnfzvqgGZKUhR5U.roa (raw, json)
Hash identifier: codsfe2ai34ySJN9FNZ84a3mhCC5e024ROzhtpbnjsI=
Subject key identifier: D5:56:42:19:E8:AC:CD:E5:E2:62:77:F3:BE:A8:06:64:A5:21:47:95
Certificate issuer: /CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Certificate serial: 136FE550
Authority key identifier: 1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/1VZCGeiszeXiYnfzvqgGZKUhR5U.roa
Signing time: Sat 01 Jan 2022 05:58:26 +0000
ROA not before: Sat 01 Jan 2022 05:58:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198710
IP address blocks: 81.209.132.0/24 maxlen: 24
81.209.151.0/24 maxlen: 24
81.209.159.0/24 maxlen: 24
81.209.154.0/23 maxlen: 24
83.125.106.0/23 maxlen: 23
80.86.180.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 326100304 (0x136fe550)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Validity
Not Before: Jan 1 05:58:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d5564219e8accde5e26277f3bea80664a5214795
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:63:83:12:5d:8e:fa:ce:51:dd:ba:4b:d2:79:
58:4c:9c:0a:5c:aa:a9:a0:ad:03:ab:55:79:0e:00:
89:67:92:b4:85:5a:34:72:15:3d:52:c9:4b:69:e7:
69:b7:da:d1:3f:85:bd:1b:94:37:2a:57:4e:7f:51:
78:97:c0:24:8e:ce:c7:e5:78:0c:1e:db:b5:67:33:
96:2c:f3:30:b0:ad:27:c8:7e:da:dd:6c:f8:f0:6c:
e3:f4:8a:b2:73:56:52:03:b7:e1:05:5d:1f:77:4c:
1b:21:b5:69:ff:f0:ef:5c:21:4b:66:85:38:48:f6:
85:4f:62:13:b3:35:29:4e:8b:65:dd:c1:0a:29:13:
57:84:0c:b2:bb:4f:0e:b4:40:e4:62:6e:b9:16:6b:
50:9d:d3:91:99:92:7c:52:dd:7c:ff:58:a5:a3:34:
e3:6b:90:94:a5:64:37:55:be:ad:b1:13:60:ff:5b:
c4:d0:49:f5:9e:af:28:7d:1e:5c:8b:fb:de:df:73:
82:d8:52:66:86:19:f0:b6:e6:f7:f7:f8:9d:2c:25:
25:a6:fd:fe:1a:68:77:88:83:8f:7c:17:f5:cf:5f:
c0:47:af:98:09:63:4d:aa:b2:6b:8e:ad:f6:33:2a:
bf:60:3e:dd:53:b7:de:80:b6:ea:83:64:35:72:59:
5b:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:56:42:19:E8:AC:CD:E5:E2:62:77:F3:BE:A8:06:64:A5:21:47:95
X509v3 Authority Key Identifier:
keyid:1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/1VZCGeiszeXiYnfzvqgGZKUhR5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.86.180.0/24
81.209.132.0/24
81.209.151.0/24
81.209.154.0/23
81.209.159.0/24
83.125.106.0/23
Signature Algorithm: sha256WithRSAEncryption
94:a5:b1:82:44:c1:d0:24:4b:b1:3a:55:b1:14:5d:f1:dd:22:
1e:ac:1d:65:c9:f4:99:d5:14:27:4c:6c:60:c3:a7:5d:50:f4:
47:39:22:71:14:c5:3b:f1:f5:39:28:ee:78:af:d1:81:8a:02:
f0:c0:cb:a1:61:57:12:fd:2d:e4:28:45:68:1f:07:d7:b6:31:
28:f9:17:29:45:7e:cc:01:41:b5:79:1e:45:a8:b2:f4:bc:b0:
af:0c:6e:52:ef:5d:e9:cf:ae:e3:37:8a:df:4b:f1:1a:14:28:
a6:af:ee:dd:79:ee:fc:06:93:3d:64:82:71:42:56:2a:28:1d:
d5:5f:e8:62:37:6a:0e:71:ea:7f:01:c4:b3:c0:e5:d4:8d:8c:
ae:e8:d7:98:cd:39:26:e7:35:e4:7e:57:06:75:3e:ba:ca:22:
12:68:78:70:a0:33:31:a8:6a:06:8d:cb:f9:57:f6:6c:04:ad:
8a:e5:a2:6d:17:88:4f:0c:a3:cf:35:db:75:f9:3e:f2:b5:1d:
ad:5c:d5:0e:9f:1b:55:0c:48:8a:5a:bb:b8:81:50:41:da:70:
a0:50:c2:d7:9f:8f:a3:99:48:60:4b:06:04:45:56:87:dd:9c:
54:01:95:5b:38:2a:6a:a1:8d:e9:93:f1:54:be:45:43:ad:7c:
57:6d:79:66
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEE2/lUDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZmU5MGZkZTk3ODRhOTFkOTNhN2EyYWY1OWQ0ZDA0M2YxMTcxZmJhMB4XDTIyMDEw
MTA1NTgyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDU1NjQyMTllOGFj
Y2RlNWUyNjI3N2YzYmVhODA2NjRhNTIxNDc5NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKljgxJdjvrOUd26S9J5WEycClyqqaCtA6tVeQ4AiWeStIVa
NHIVPVLJS2nnabfa0T+FvRuUNypXTn9ReJfAJI7Ox+V4DB7btWczlizzMLCtJ8h+
2t1s+PBs4/SKsnNWUgO34QVdH3dMGyG1af/w71whS2aFOEj2hU9iE7M1KU6LZd3B
CikTV4QMsrtPDrRA5GJuuRZrUJ3TkZmSfFLdfP9YpaM042uQlKVkN1W+rbETYP9b
xNBJ9Z6vKH0eXIv73t9zgthSZoYZ8Lbm9/f4nSwlJab9/hpod4iDj3wX9c9fwEev
mAljTaqya46t9jMqv2A+3VO33oC26oNkNXJZW3kCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBTVVkIZ6KzN5eJid/O+qAZkpSFHlTAfBgNVHSMEGDAWgBQf6Q/el4SpHZOn
oq9Z1NBD8RcfujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0gta1AzcGVFcVIyVHA2S3ZXZFRRUV9FWEg3by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTIvYTk0NWY3LTUzYjMtNGRiNS1hZTA0LTIzNzcyZTdmOTJlMy8x
LzFWWkNHZWlzemVYaVluZnp2cWdHWktVaFI1VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIv
YTk0NWY3LTUzYjMtNGRiNS1hZTA0LTIzNzcyZTdmOTJlMy8xL0gta1AzcGVFcVIy
VHA2S3ZXZFRRUV9FWEg3by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAFBWtAMEAFHRhAMEAFHRlwMEAVHR
mgMEAFHRnwMEAVN9ajANBgkqhkiG9w0BAQsFAAOCAQEAlKWxgkTB0CRLsTpVsRRd
8d0iHqwdZcn0mdUUJ0xsYMOnXVD0RzkicRTFO/H1OSjueK/RgYoC8MDLoWFXEv0t
5ChFaB8H17YxKPkXKUV+zAFBtXkeRaiy9LywrwxuUu9d6c+u4zeK30vxGhQopq/u
3Xnu/AaTPWSCcUJWKigd1V/oYjdqDnHqfwHEs8Dl1I2MrujXmM05Juc15H5XBnU+
usoiEmh4cKAzMahqBo3L+Vf2bAStiuWibReITwyjzzXbdfk+8rUdrVzVDp8bVQxI
ilq7uIFQQdpwoFDC15+Po5lIYEsGBEVWh92cVAGVWzgqaqGN6ZPxVL5FQ618V215
Zg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:06 2024 by rpki-client on console-fra.rpki-client.org