Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/VbrET7NTvlOzmC2zJOuwGwRxa7U.roa
File: VbrET7NTvlOzmC2zJOuwGwRxa7U.roa (raw, json)
Hash identifier: icocRL/QpGnpr4NOfJKNEOveMJ7MGoqiOlkxYm+IK6Y=
Subject key identifier: 55:BA:C4:4F:B3:53:BE:53:B3:98:2D:B3:24:EB:B0:1B:04:71:6B:B5
Certificate issuer: /CN=34f47b73ee8fbedd25f41b3b17b2be08f5bf6563
Certificate serial: 34FDB77E
Authority key identifier: 34:F4:7B:73:EE:8F:BE:DD:25:F4:1B:3B:17:B2:BE:08:F5:BF:65:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NPR7c-6Pvt0l9Bs7F7K-CPW_ZWM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/VbrET7NTvlOzmC2zJOuwGwRxa7U.roa
Signing time: Sat 01 Jan 2022 10:03:38 +0000
ROA not before: Sat 01 Jan 2022 10:03:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15830
IP address blocks: 185.117.176.0/22 maxlen: 32
217.15.32.0/20 maxlen: 32
88.84.64.0/19 maxlen: 32
217.149.144.0/20 maxlen: 32
95.142.0.0/20 maxlen: 32
2a02:2068::/29 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 889042814 (0x34fdb77e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34f47b73ee8fbedd25f41b3b17b2be08f5bf6563
Validity
Not Before: Jan 1 10:03:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=55bac44fb353be53b3982db324ebb01b04716bb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:a8:f3:ab:51:85:16:47:0f:c9:3c:21:2b:b5:
ef:d8:2a:a1:4d:ba:4b:80:b0:fa:47:0c:52:73:0e:
fa:5d:29:5b:01:7c:0c:73:a8:4d:6c:d1:86:6e:32:
45:36:b1:3b:ee:07:d7:5f:cd:08:d3:34:f1:86:d8:
8b:18:ee:4c:bf:e7:05:4d:87:a3:17:d4:e1:dd:97:
52:fe:76:67:f1:a4:0b:9a:55:d6:f6:67:ef:df:c3:
b2:b0:07:2e:fa:90:c0:92:48:0a:ef:47:ca:60:bc:
a3:cd:18:3d:42:c5:f9:de:3a:cc:12:c2:3b:e1:4f:
8f:75:93:12:ea:13:82:5c:9d:8e:20:51:ec:b0:b5:
6f:76:59:48:8e:19:e4:a9:95:02:35:40:c4:d8:fb:
f8:2e:63:12:01:3b:93:8c:99:bf:0c:2c:b7:c4:d1:
94:80:4d:0c:be:e3:ba:17:23:be:12:08:bf:dd:b5:
db:33:7c:06:af:36:71:f6:56:97:61:79:6c:4a:d1:
59:79:61:4f:a2:6a:f0:bd:69:e4:31:d3:83:2a:6b:
b2:4a:81:28:b3:0b:27:c2:8a:75:87:e9:1d:6b:89:
c2:3c:bc:13:aa:14:6c:6f:d3:8d:d4:f0:3c:e1:26:
f1:f0:d5:a6:26:4e:15:d0:5a:e8:d6:b6:96:ac:80:
bd:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:BA:C4:4F:B3:53:BE:53:B3:98:2D:B3:24:EB:B0:1B:04:71:6B:B5
X509v3 Authority Key Identifier:
keyid:34:F4:7B:73:EE:8F:BE:DD:25:F4:1B:3B:17:B2:BE:08:F5:BF:65:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NPR7c-6Pvt0l9Bs7F7K-CPW_ZWM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/VbrET7NTvlOzmC2zJOuwGwRxa7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/NPR7c-6Pvt0l9Bs7F7K-CPW_ZWM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.84.64.0/19
95.142.0.0/20
185.117.176.0/22
217.15.32.0/20
217.149.144.0/20
IPv6:
2a02:2068::/29
Signature Algorithm: sha256WithRSAEncryption
6f:44:35:a7:0c:ca:4d:60:3a:2e:f7:af:7a:00:5c:26:5c:69:
9b:74:b4:90:c9:ac:93:d8:68:53:89:c5:bb:1b:57:8b:72:14:
31:49:b2:a3:62:c3:37:8c:97:d1:cc:0c:3f:b7:3e:ec:3d:48:
8c:c1:af:11:4b:27:46:23:14:04:73:44:97:f0:d7:d7:f8:cd:
f9:ae:d4:0e:72:4c:ba:f1:e9:47:46:28:b8:78:64:5b:89:95:
85:a6:12:f3:bb:13:dc:fa:56:7f:e7:db:63:fe:04:3d:83:fe:
54:a6:09:4b:3a:6b:6a:24:ee:5d:d6:cc:10:06:ff:8f:1f:51:
a3:08:3c:c6:36:9d:ad:22:a8:13:8f:0e:c9:99:db:82:cb:3e:
0c:86:f9:0d:df:98:89:80:fa:d7:d6:62:2c:af:3c:e9:d1:37:
c8:dd:b0:bf:01:cb:34:98:ba:f1:78:12:94:44:02:e8:b6:18:
5c:18:1c:b7:11:9a:fe:e7:57:0c:81:95:6e:ea:6c:26:39:f6:
23:c2:61:60:7c:98:5e:c4:31:f7:e0:bf:51:f6:7a:3f:b3:95:
2c:cd:96:1f:db:0f:5d:71:83:d3:f2:98:97:20:39:ec:9f:8f:
20:79:18:55:56:f5:fd:e4:4c:5b:2e:76:9e:34:27:d9:ab:aa:
36:b3:db:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIENP23fjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NGY0N2I3M2VlOGZiZWRkMjVmNDFiM2IxN2IyYmUwOGY1YmY2NTYzMB4XDTIyMDEw
MTEwMDMzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTViYWM0NGZiMzUz
YmU1M2IzOTgyZGIzMjRlYmIwMWIwNDcxNmJiNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANGo86tRhRZHD8k8ISu179gqoU26S4Cw+kcMUnMO+l0pWwF8
DHOoTWzRhm4yRTaxO+4H11/NCNM08YbYixjuTL/nBU2HoxfU4d2XUv52Z/GkC5pV
1vZn79/DsrAHLvqQwJJICu9HymC8o80YPULF+d46zBLCO+FPj3WTEuoTglydjiBR
7LC1b3ZZSI4Z5KmVAjVAxNj7+C5jEgE7k4yZvwwst8TRlIBNDL7juhcjvhIIv921
2zN8Bq82cfZWl2F5bErRWXlhT6Jq8L1p5DHTgyprskqBKLMLJ8KKdYfpHWuJwjy8
E6oUbG/TjdTwPOEm8fDVpiZOFdBa6Na2lqyAvVECAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBRVusRPs1O+U7OYLbMk67AbBHFrtTAfBgNVHSMEGDAWgBQ09Htz7o++3SX0
GzsXsr4I9b9lYzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05QUjdjLTZQdnQwbDlCczdGN0stQ1BXX1pXTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTUvMGZjNWM5LTRlYzYtNGRmNi04MmM0LWQ4N2U0MDQ3Zjg1My8x
L1ZickVUN05UdmxPem1DMnpKT3V3R3dSeGE3VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTUv
MGZjNWM5LTRlYzYtNGRmNi04MmM0LWQ4N2U0MDQ3Zjg1My8xL05QUjdjLTZQdnQw
bDlCczdGN0stQ1BXX1pXTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEBVhUQAMEBF+OAAMEArl1sAMEBNkP
IAMEBNmVkDANBAIAAjAHAwUDKgIgaDANBgkqhkiG9w0BAQsFAAOCAQEAb0Q1pwzK
TWA6LvevegBcJlxpm3S0kMmsk9hoU4nFuxtXi3IUMUmyo2LDN4yX0cwMP7c+7D1I
jMGvEUsnRiMUBHNEl/DX1/jN+a7UDnJMuvHpR0YouHhkW4mVhaYS87sT3PpWf+fb
Y/4EPYP+VKYJSzpraiTuXdbMEAb/jx9Rowg8xjadrSKoE48OyZnbgss+DIb5Dd+Y
iYD619ZiLK886dE3yN2wvwHLNJi68XgSlEQC6LYYXBgctxGa/udXDIGVbupsJjn2
I8JhYHyYXsQx9+C/UfZ6P7OVLM2WH9sPXXGD0/KYlyA57J+PIHkYVVb1/eRMWy52
njQn2auqNrPbYA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:34 2024 by rpki-client on console-ams.rpki-client.org