Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/vYwnG5znFtux9Zv95D9U5dpOPGY.roa
File: vYwnG5znFtux9Zv95D9U5dpOPGY.roa (raw, json)
Hash identifier: eJTrDtRxjqSeGx9jaeslX1fl4fF4iv8PWpSC5MBi31o=
Subject key identifier: BD:8C:27:1B:9C:E7:16:DB:B1:F5:9B:FD:E4:3F:54:E5:DA:4E:3C:66
Certificate issuer: /CN=996721831afb8b38307b49f5b9ee6292ad1e5850
Certificate serial: 078FEF53
Authority key identifier: 99:67:21:83:1A:FB:8B:38:30:7B:49:F5:B9:EE:62:92:AD:1E:58:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/vYwnG5znFtux9Zv95D9U5dpOPGY.roa
Signing time: Wed 23 Mar 2022 08:33:46 +0000
ROA not before: Wed 23 Mar 2022 08:33:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44407
IP address blocks: 37.140.224.0/21 maxlen: 21
185.204.252.0/22 maxlen: 22
79.132.144.0/20 maxlen: 20
86.105.88.0/21 maxlen: 21
185.243.120.0/22 maxlen: 22
185.16.48.0/22 maxlen: 22
80.240.160.0/20 maxlen: 20
217.26.192.0/20 maxlen: 20
89.43.152.0/21 maxlen: 21
185.176.176.0/22 maxlen: 22
85.112.192.0/19 maxlen: 19
185.223.148.0/22 maxlen: 22
45.87.56.0/22 maxlen: 22
185.183.60.0/22 maxlen: 22
185.183.64.0/22 maxlen: 22
185.181.152.0/22 maxlen: 22
194.36.192.0/22 maxlen: 22
45.148.108.0/22 maxlen: 22
45.156.228.0/22 maxlen: 22
46.247.224.0/19 maxlen: 19
185.183.252.0/22 maxlen: 22
195.123.7.0/24 maxlen: 24
185.198.224.0/22 maxlen: 22
86.107.248.0/21 maxlen: 21
185.209.140.0/22 maxlen: 22
185.184.4.0/22 maxlen: 22
89.35.208.0/21 maxlen: 21
45.81.80.0/22 maxlen: 22
195.177.108.0/22 maxlen: 22
2a0a:1c80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 126873427 (0x78fef53)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=996721831afb8b38307b49f5b9ee6292ad1e5850
Validity
Not Before: Mar 23 08:33:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bd8c271b9ce716dbb1f59bfde43f54e5da4e3c66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:51:f2:fa:7b:0b:b5:27:63:6a:da:57:f6:3e:
57:de:39:a9:6b:a2:40:55:c2:ee:c3:91:45:d7:dc:
fc:ec:fc:59:7f:ff:86:32:b3:80:bb:db:64:de:d9:
06:4a:11:b0:76:10:8f:fa:b9:0f:19:37:a0:a0:fd:
f8:85:c9:1b:92:90:c6:63:8c:72:b6:6d:b6:6c:28:
69:38:e6:b4:a7:d2:b4:5c:c0:b2:06:3f:b3:eb:ac:
a3:f6:de:0b:88:70:a8:5e:32:81:ab:aa:7c:24:bb:
8b:e1:fa:e7:06:6d:05:d0:88:40:c3:75:48:24:c0:
19:9c:fa:ed:a4:3d:af:de:7e:47:5e:44:75:a9:6f:
bd:49:28:07:02:f8:38:56:b7:8b:52:b0:dd:5a:1e:
50:cb:c8:97:b7:e8:fe:e5:7a:d1:df:8c:15:26:57:
a1:fe:c1:f7:eb:4a:fd:24:c5:ac:7c:f1:f9:f9:ba:
b8:bf:4e:c9:b0:f8:bd:f7:9f:6f:0c:4b:89:2b:2f:
73:ff:eb:12:f7:91:9c:11:c8:23:2e:d5:0d:9c:27:
f7:05:bc:a6:7c:10:1a:64:4e:34:54:3a:78:36:9a:
9d:fe:5b:0e:73:e0:a3:0e:25:9a:d3:6b:c3:da:f0:
13:6a:1d:31:84:18:02:86:36:87:2a:0b:9d:4f:a5:
34:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:8C:27:1B:9C:E7:16:DB:B1:F5:9B:FD:E4:3F:54:E5:DA:4E:3C:66
X509v3 Authority Key Identifier:
keyid:99:67:21:83:1A:FB:8B:38:30:7B:49:F5:B9:EE:62:92:AD:1E:58:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/vYwnG5znFtux9Zv95D9U5dpOPGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/mWchgxr7izgwe0n1ue5ikq0eWFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.140.224.0/21
45.81.80.0/22
45.87.56.0/22
45.148.108.0/22
45.156.228.0/22
46.247.224.0/19
79.132.144.0/20
80.240.160.0/20
85.112.192.0/19
86.105.88.0/21
86.107.248.0/21
89.35.208.0/21
89.43.152.0/21
185.16.48.0/22
185.176.176.0/22
185.181.152.0/22
185.183.60.0-185.183.67.255
185.183.252.0/22
185.184.4.0/22
185.198.224.0/22
185.204.252.0/22
185.209.140.0/22
185.223.148.0/22
185.243.120.0/22
194.36.192.0/22
195.123.7.0/24
195.177.108.0/22
217.26.192.0/20
IPv6:
2a0a:1c80::/29
Signature Algorithm: sha256WithRSAEncryption
1b:0f:70:fe:db:2d:0f:88:72:18:0b:74:e6:e7:fc:b1:12:71:
8a:63:d0:8b:04:cb:50:2c:5a:95:40:0b:62:ae:00:0f:f1:09:
1a:53:6b:9d:e6:d8:e8:50:f8:48:90:31:0b:ef:3e:f6:9d:37:
81:8d:ca:ca:b7:79:84:c9:32:a2:fe:6a:94:10:5f:02:27:41:
b9:bc:97:bc:f1:ab:8d:be:89:66:69:70:55:8a:da:99:8b:fc:
99:74:9a:96:14:90:36:59:b4:39:09:44:56:0f:c3:5b:47:59:
2b:87:af:de:4e:b1:f0:04:f0:0b:42:7c:52:68:aa:11:67:04:
6a:8a:69:9c:87:bf:cc:f7:38:bb:4c:8f:7e:97:72:38:54:f5:
3a:89:46:b5:88:d0:d9:02:9b:0e:cd:60:36:3e:70:5e:c4:f0:
88:3f:df:79:1a:7e:fc:e8:c1:39:b6:b5:3c:06:1d:c8:e1:98:
26:1a:7d:ec:f5:4f:6a:99:69:68:74:fc:df:f2:87:80:28:03:
cc:bf:ee:06:23:10:4d:93:eb:97:6a:e3:07:7d:43:12:4c:ed:
aa:73:c6:83:ea:63:24:49:b1:b4:54:0a:8c:ef:7e:75:f3:cc:
43:ee:6e:18:16:d6:87:22:eb:d0:66:f1:a3:e5:af:31:a6:f6:
ff:03:f7:3b
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgIEB4/vUzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OTY3MjE4MzFhZmI4YjM4MzA3YjQ5ZjViOWVlNjI5MmFkMWU1ODUwMB4XDTIyMDMy
MzA4MzM0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmQ4YzI3MWI5Y2U3
MTZkYmIxZjU5YmZkZTQzZjU0ZTVkYTRlM2M2NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALFR8vp7C7UnY2raV/Y+V945qWuiQFXC7sORRdfc/Oz8WX//
hjKzgLvbZN7ZBkoRsHYQj/q5Dxk3oKD9+IXJG5KQxmOMcrZttmwoaTjmtKfStFzA
sgY/s+uso/beC4hwqF4ygauqfCS7i+H65wZtBdCIQMN1SCTAGZz67aQ9r95+R15E
dalvvUkoBwL4OFa3i1Kw3VoeUMvIl7fo/uV60d+MFSZXof7B9+tK/STFrHzx+fm6
uL9OybD4vfefbwxLiSsvc//rEveRnBHIIy7VDZwn9wW8pnwQGmRONFQ6eDaanf5b
DnPgow4lmtNrw9rwE2odMYQYAoY2hyoLnU+lNGsCAwEAAaOCAscwggLDMB0GA1Ud
DgQWBBS9jCcbnOcW27H1m/3kP1Tl2k48ZjAfBgNVHSMEGDAWgBSZZyGDGvuLODB7
SfW57mKSrR5YUDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21XY2hneHI3aXpnd2UwbjF1ZTVpa3EwZVdGQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjUvMWMxZWIyLTFmNjUtNGY3MS04YjMyLWI0YmZlNDU2ZGRlMC8x
L3ZZd25HNXpuRnR1eDladjk1RDlVNWRwT1BHWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjUv
MWMxZWIyLTFmNjUtNGY3MS04YjMyLWI0YmZlNDU2ZGRlMC8xL21XY2hneHI3aXpn
d2UwbjF1ZTVpa3EwZVdGQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
3AYIKwYBBQUHAQcBAf8EgcwwgckwgbcEAgABMIGwAwQDJYzgAwQCLVFQAwQCLVc4
AwQCLZRsAwQCLZzkAwQFLvfgAwQET4SQAwQEUPCgAwQFVXDAAwQDVmlYAwQDVmv4
AwQDWSPQAwQDWSuYAwQCuRAwAwQCubCwAwQCubWYMAwDBAK5tzwDBAK5t0ADBAK5
t/wDBAK5uAQDBAK5xuADBAK5zPwDBAK50YwDBAK535QDBAK583gDBALCJMADBADD
ewcDBALDsWwDBATZGsAwDQQCAAIwBwMFAyoKHIAwDQYJKoZIhvcNAQELBQADggEB
ABsPcP7bLQ+IchgLdObn/LEScYpj0IsEy1AsWpVAC2KuAA/xCRpTa53m2OhQ+EiQ
MQvvPvadN4GNysq3eYTJMqL+apQQXwInQbm8l7zxq42+iWZpcFWK2pmL/Jl0mpYU
kDZZtDkJRFYPw1tHWSuHr95OsfAE8AtCfFJoqhFnBGqKaZyHv8z3OLtMj36XcjhU
9TqJRrWI0NkCmw7NYDY+cF7E8Ig/33kafvzowTm2tTwGHcjhmCYafez1T2qZaWh0
/N/yh4AoA8y/7gYjEE2T65dq4wd9QxJM7apzxoPqYyRJsbRUCozvfnXzzEPubhgW
1oci69Bm8aPlrzGm9v8D9zs=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:35 2023 by rpki-client on console-fra.rpki-client.org