Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/vtEUVec1TEyNTPtMqJu0NpH4WHk.roa
File: vtEUVec1TEyNTPtMqJu0NpH4WHk.roa (raw, json)
Hash identifier: 5vp4acspEFW20GwHeme4xsPLAUF4DHMHoYruUbwZB3U=
Subject key identifier: BE:D1:14:55:E7:35:4C:4C:8D:4C:FB:4C:A8:9B:B4:36:91:F8:58:79
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 365BA51A
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/vtEUVec1TEyNTPtMqJu0NpH4WHk.roa
Signing time: Sat 01 Jan 2022 13:57:18 +0000
ROA not before: Sat 01 Jan 2022 13:57:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33911
IP address blocks: 89.35.158.0/24 maxlen: 24
89.34.24.0/23 maxlen: 23
89.41.176.0/23 maxlen: 23
188.214.88.0/24 maxlen: 24
89.41.182.0/24 maxlen: 24
77.81.181.0/24 maxlen: 24
2001:4d18:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 911975706 (0x365ba51a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 13:57:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bed11455e7354c4c8d4cfb4ca89bb43691f85879
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:df:91:2e:ff:8a:d2:5c:c2:a7:da:12:91:18:
9b:b9:75:b0:8a:d0:f1:5e:32:03:36:82:bc:fd:a8:
93:6a:64:9e:a4:fa:e5:ce:77:c9:6d:cd:35:6b:68:
b8:a6:a6:fe:35:8a:8c:dc:98:08:87:87:87:b5:6d:
dd:16:d2:e6:b2:06:a8:15:bd:33:64:ff:03:5e:19:
3d:d5:ce:9f:f8:02:db:eb:29:a1:24:64:2c:d6:94:
ca:b8:da:1b:43:2f:e5:ea:f5:88:29:f0:cb:9c:a4:
82:d3:b3:93:48:c3:c1:4e:bc:f8:69:3e:cf:40:10:
82:18:10:7a:4e:db:49:6c:ea:59:67:7c:7a:89:78:
55:0a:52:8a:ad:78:d3:35:45:12:0f:e3:19:9f:b1:
20:9a:48:f9:33:26:50:b6:15:7c:15:2c:fb:c5:51:
6c:16:cb:e9:0a:37:32:ae:4e:6b:80:66:d4:cc:9e:
4a:54:20:29:f0:76:a4:39:76:fb:a4:7b:93:6d:e1:
20:62:3a:55:19:80:6f:ae:d0:e9:51:0a:b6:19:4f:
a7:07:9b:1d:9f:aa:f1:df:1a:93:8d:ed:e5:00:db:
ba:65:17:d7:5e:2f:ce:db:9b:47:21:14:26:c4:bc:
4f:ce:8e:cb:a1:3c:72:1e:ec:c2:5a:48:bc:db:18:
f9:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:D1:14:55:E7:35:4C:4C:8D:4C:FB:4C:A8:9B:B4:36:91:F8:58:79
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/vtEUVec1TEyNTPtMqJu0NpH4WHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.181.0/24
89.34.24.0/23
89.35.158.0/24
89.41.176.0/23
89.41.182.0/24
188.214.88.0/24
IPv6:
2001:4d18:2::/48
Signature Algorithm: sha256WithRSAEncryption
63:c4:5b:32:87:d0:73:a3:f5:84:6c:5f:23:74:51:7c:91:6a:
7d:49:af:64:4d:2a:18:ab:9c:2b:44:e5:bf:50:88:57:4b:88:
c5:38:fd:a6:e5:eb:84:bf:1c:80:02:a1:ad:11:db:07:d4:8b:
12:b0:81:0e:64:8a:04:58:7d:88:c0:42:9b:54:70:f7:b4:1d:
ab:e0:7f:df:81:d2:b0:40:ac:7b:56:d0:1f:3b:18:6b:a4:08:
5b:5c:3d:63:9a:56:97:f8:52:72:df:29:29:17:01:73:7f:91:
d0:57:65:ee:56:bb:cd:19:f8:fb:cd:e4:c0:88:bd:9c:69:c7:
fe:46:26:3f:26:07:63:4a:ab:99:bf:d5:04:5a:62:d4:1f:78:
72:82:d2:34:e4:b5:6f:5c:e2:3d:fb:96:48:0e:e9:11:07:a5:
cb:d0:9f:b4:ea:67:fa:e3:20:41:8b:77:17:de:ad:da:8b:50:
d4:4d:41:98:4b:98:48:4c:15:a9:a3:f8:f7:63:ed:a5:61:ee:
3c:ea:84:8d:d5:67:35:68:4a:bb:f6:0a:98:3c:27:7f:4a:91:
ee:46:08:f0:e5:25:c1:df:54:d4:d2:c4:ed:53:cc:0b:c5:26:
d3:f6:bb:fc:dc:87:82:66:dd:ea:c7:39:01:9b:24:da:ce:0f:
e8:70:f5:71
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIENlulGjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MWQ0NmUwZTNlOGNhYWFlZDRhNTI5YmQ3ZDczMDhiZDFlZjAxYzFkMB4XDTIyMDEw
MTEzNTcxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmVkMTE0NTVlNzM1
NGM0YzhkNGNmYjRjYTg5YmI0MzY5MWY4NTg3OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMDfkS7/itJcwqfaEpEYm7l1sIrQ8V4yAzaCvP2ok2pknqT6
5c53yW3NNWtouKam/jWKjNyYCIeHh7Vt3RbS5rIGqBW9M2T/A14ZPdXOn/gC2+sp
oSRkLNaUyrjaG0Mv5er1iCnwy5ykgtOzk0jDwU68+Gk+z0AQghgQek7bSWzqWWd8
eol4VQpSiq140zVFEg/jGZ+xIJpI+TMmULYVfBUs+8VRbBbL6Qo3Mq5Oa4Bm1Mye
SlQgKfB2pDl2+6R7k23hIGI6VRmAb67Q6VEKthlPpwebHZ+q8d8ak43t5QDbumUX
114vztubRyEUJsS8T86Oy6E8ch7swlpIvNsY+WUCAwEAAaOCAjgwggI0MB0GA1Ud
DgQWBBS+0RRV5zVMTI1M+0yom7Q2kfhYeTAfBgNVHSMEGDAWgBTx1G4OPoyqrtSl
Kb19cwi9HvAcHTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhkUnVEajZNcXE3VXBTbTlmWE1JdlI3d0hCMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWIvODRlYjQ0LWJiZGYtNDZjMS1iMDQzLWI0MmYyM2Q4MjhjMy8x
L3Z0RVVWZWMxVEV5TlRQdE1xSnUwTnBINFdIay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWIv
ODRlYjQ0LWJiZGYtNDZjMS1iMDQzLWI0MmYyM2Q4MjhjMy8xLzhkUnVEajZNcXE3
VXBTbTlmWE1JdlI3d0hCMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBO
BggrBgEFBQcBBwEB/wQ/MD0wKgQCAAEwJAMEAE1RtQMEAVkiGAMEAFkjngMEAVkp
sAMEAFkptgMEALzWWDAPBAIAAjAJAwcAIAFNGAACMA0GCSqGSIb3DQEBCwUAA4IB
AQBjxFsyh9Bzo/WEbF8jdFF8kWp9Sa9kTSoYq5wrROW/UIhXS4jFOP2m5euEvxyA
AqGtEdsH1IsSsIEOZIoEWH2IwEKbVHD3tB2r4H/fgdKwQKx7VtAfOxhrpAhbXD1j
mlaX+FJy3ykpFwFzf5HQV2XuVrvNGfj7zeTAiL2cacf+RiY/JgdjSquZv9UEWmLU
H3hygtI05LVvXOI9+5ZIDukRB6XL0J+06mf64yBBi3cX3q3ai1DUTUGYS5hITBWp
o/j3Y+2lYe486oSN1Wc1aEq79gqYPCd/SpHuRgjw5SXB31TU0sTtU8wLxSbT9rv8
3IeCZt3qxzkBmyTazg/ocPVx
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:56 2023 by rpki-client on console-ams.rpki-client.org