Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6891df-971e-4e60-8cbc-e3c2f32cf3b7/1/vvJQ-EVl4X2_Aots7wQQ_OzfzXQ.roa
File: vvJQ-EVl4X2_Aots7wQQ_OzfzXQ.roa (raw, json)
Hash identifier: 4aECuwwUoZtnbK9CUoLzZ6BkxqNjr/UIHqB2ZHQ8bYY=
Subject key identifier: BE:F2:50:F8:45:65:E1:7D:BF:02:8B:6C:EF:04:10:FC:EC:DF:CD:74
Certificate issuer: /CN=966b05c661c76a5bcc48da838eedb6973f153b86
Certificate serial: 018C02CEE1943CD28EF5C9F0AC51E49AE88A
Authority key identifier: 96:6B:05:C6:61:C7:6A:5B:CC:48:DA:83:8E:ED:B6:97:3F:15:3B:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lmsFxmHHalvMSNqDju22lz8VO4Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/6891df-971e-4e60-8cbc-e3c2f32cf3b7/1/vvJQ-EVl4X2_Aots7wQQ_OzfzXQ.roa
Signing time: Fri 24 Nov 2023 19:29:21 +0000
ROA not before: Fri 24 Nov 2023 19:29:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206316
IP address blocks: 195.242.177.0/24 maxlen: 24
195.242.178.0/24 maxlen: 24
5.183.97.0/24 maxlen: 24
5.183.98.0/24 maxlen: 24
5.183.96.0/22 maxlen: 22
5.183.96.0/24 maxlen: 24
5.183.99.0/24 maxlen: 24
195.238.248.0/24 maxlen: 24
195.238.252.0/24 maxlen: 24
185.219.130.0/24 maxlen: 24
185.219.131.0/24 maxlen: 24
185.219.128.0/22 maxlen: 22
185.219.129.0/24 maxlen: 24
185.219.128.0/24 maxlen: 24
2a0e:bc00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:02:ce:e1:94:3c:d2:8e:f5:c9:f0:ac:51:e4:9a:e8:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=966b05c661c76a5bcc48da838eedb6973f153b86
Validity
Not Before: Nov 24 19:29:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bef250f84565e17dbf028b6cef0410fcecdfcd74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:dc:71:51:18:36:c0:4f:59:3a:0b:98:9d:21:
93:e2:a9:2d:97:d3:c4:56:ad:3f:88:e6:03:c4:bc:
32:87:ac:8e:f3:84:28:a2:f3:60:f5:7a:a2:ed:2c:
b8:03:b2:9a:ee:20:09:4c:57:59:ca:0a:e9:61:6d:
c4:8d:4c:9b:54:ea:f7:73:ec:18:90:55:f0:0a:07:
1e:da:70:70:d3:64:14:e1:c0:22:83:0b:42:45:4f:
b8:9a:83:46:39:32:b7:a1:de:9c:79:5c:2b:58:83:
da:65:ab:0a:76:2d:7c:1b:22:8a:0a:38:b4:28:50:
c4:c4:11:f3:29:17:be:0f:02:80:b3:63:cc:12:ae:
57:4d:67:71:78:98:36:2f:6f:ee:39:fa:a1:09:0e:
66:97:47:0d:5c:2b:88:aa:75:d0:69:2d:cc:e2:30:
ce:4d:d9:d9:da:fb:de:18:75:bd:b8:08:4d:40:25:
f9:7e:1d:c0:25:49:ff:80:ac:6d:fe:e0:b1:f8:d2:
a6:17:29:0a:20:88:3b:0a:df:87:22:e0:e2:67:4e:
15:66:31:6f:53:97:3e:97:83:57:07:da:b4:09:94:
86:1a:94:37:39:67:5b:0a:e5:fa:d0:2f:83:c0:e7:
ab:67:69:7f:f3:ac:5d:a3:3c:41:f0:33:18:f8:8c:
a2:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:F2:50:F8:45:65:E1:7D:BF:02:8B:6C:EF:04:10:FC:EC:DF:CD:74
X509v3 Authority Key Identifier:
keyid:96:6B:05:C6:61:C7:6A:5B:CC:48:DA:83:8E:ED:B6:97:3F:15:3B:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lmsFxmHHalvMSNqDju22lz8VO4Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6891df-971e-4e60-8cbc-e3c2f32cf3b7/1/vvJQ-EVl4X2_Aots7wQQ_OzfzXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6891df-971e-4e60-8cbc-e3c2f32cf3b7/1/lmsFxmHHalvMSNqDju22lz8VO4Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.96.0/22
185.219.128.0/22
195.238.248.0/24
195.238.252.0/24
195.242.177.0-195.242.178.255
IPv6:
2a0e:bc00::/29
Signature Algorithm: sha256WithRSAEncryption
01:f4:9a:f9:26:7f:8c:b6:0a:63:5e:53:0a:f6:ef:5a:3f:c2:
97:8d:4c:5b:54:b1:2e:c6:e4:05:10:de:b8:ea:1c:e4:5c:48:
e7:1e:c5:75:3b:2f:c7:ab:fb:59:52:85:f7:dc:e4:bb:44:9b:
08:48:6c:22:fc:02:48:a4:a1:45:d4:56:42:d0:c3:75:d3:d4:
36:01:f4:94:3f:01:fa:31:4b:91:23:96:ed:b8:7e:52:e3:30:
b2:c6:86:dd:ff:44:db:f7:a3:27:80:6a:f5:3c:89:01:75:4a:
4c:ba:6e:91:7b:80:75:d9:96:2e:ad:bd:5d:60:3f:2f:f2:37:
8c:bc:48:6c:f7:f2:fc:67:da:50:55:49:95:f9:da:9b:98:1f:
bf:15:0a:2c:c2:60:65:08:01:66:3f:8a:90:3b:5c:4d:c2:cf:
3b:f9:7d:e4:a3:da:a4:42:b4:30:4e:ef:fd:e7:58:3a:9a:fe:
a5:98:d0:cf:ad:d8:e6:2c:fa:c0:e8:0f:11:6c:de:90:98:d5:
51:3b:1a:88:f1:93:6d:b6:b6:5f:fb:35:02:30:a2:84:45:c3:
c5:2f:a7:62:3f:a2:c1:9d:55:3a:73:58:bb:e4:89:2d:d1:e4:
eb:f1:77:0a:c9:9d:ad:d5:40:ee:98:3f:f6:1c:fc:2e:f2:b3:
96:4a:3e:8d
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYwCzuGUPNKO9cnwrFHkmuiKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2NmIwNWM2NjFjNzZhNWJjYzQ4ZGE4MzhlZWRiNjk3M2Yx
NTNiODYwHhcNMjMxMTI0MTkyOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWYyNTBmODQ1NjVlMTdkYmYwMjhiNmNlZjA0MTBmY2VjZGZjZDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9xxURg2wE9ZOguYnSGT4qktl9PE
Vq0/iOYDxLwyh6yO84QoovNg9Xqi7Sy4A7Ka7iAJTFdZygrpYW3EjUybVOr3c+wY
kFXwCgce2nBw02QU4cAigwtCRU+4moNGOTK3od6ceVwrWIPaZasKdi18GyKKCji0
KFDExBHzKRe+DwKAs2PMEq5XTWdxeJg2L2/uOfqhCQ5ml0cNXCuIqnXQaS3M4jDO
TdnZ2vveGHW9uAhNQCX5fh3AJUn/gKxt/uCx+NKmFykKIIg7Ct+HIuDiZ04VZjFv
U5c+l4NXB9q0CZSGGpQ3OWdbCuX60C+DwOerZ2l/86xdozxB8DMY+IyiqQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFL7yUPhFZeF9vwKLbO8EEPzs3810MB8GA1UdIwQY
MBaAFJZrBcZhx2pbzEjag47ttpc/FTuGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbG1zRnhtSEhhbHZNU05xRGp1MjJsejhWTzRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82ODkxZGYtOTcxZS00ZTYwLThjYmMt
ZTNjMmYzMmNmM2I3LzEvdnZKUS1FVmw0WDJfQW90czd3UVFfT3pmelhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC82ODkxZGYtOTcxZS00ZTYwLThjYmMtZTNjMmYzMmNmM2I3
LzEvbG1zRnhtSEhhbHZNU05xRGp1MjJsejhWTzRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQCBbdgAwQC
uduAAwQAw+74AwQAw+78MAwDBADD8rEDBADD8rIwDQQCAAIwBwMFAyoOvAAwDQYJ
KoZIhvcNAQELBQADggEBAAH0mvkmf4y2CmNeUwr271o/wpeNTFtUsS7G5AUQ3rjq
HORcSOcexXU7L8er+1lShffc5LtEmwhIbCL8AkikoUXUVkLQw3XT1DYB9JQ/Afox
S5Ejlu24flLjMLLGht3/RNv3oyeAavU8iQF1Sky6bpF7gHXZli6tvV1gPy/yN4y8
SGz38vxn2lBVSZX52puYH78VCizCYGUIAWY/ipA7XE3Czzv5feSj2qRCtDBO7/3n
WDqa/qWY0M+t2OYs+sDoDxFs3pCY1VE7Gojxk222tl/7NQIwooRFw8Uvp2I/osGd
VTpzWLvkiS3R5OvxdwrJna3VQO6YP/Yc/C7ys5ZKPo0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:12 2025 by rpki-client