Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/e59ba1-3d5b-4299-a852-37c86e355267/1/vMHZsJpgBNqMWVWNajiq-ixCFCI.roa
File: vMHZsJpgBNqMWVWNajiq-ixCFCI.roa (raw, json)
Hash identifier: RG5qsestSauewNMCyqfM/o7J2bpwUGmFyT4Uw2OgPy4=
Subject key identifier: BC:C1:D9:B0:9A:60:04:DA:8C:59:55:8D:6A:38:AA:FA:2C:42:14:22
Certificate issuer: /CN=7b8985faea08598c05cc30b82e282306af793316
Certificate serial: 0183D66E9BE8D14FC7EF23749A15B9FE1E34
Authority key identifier: 7B:89:85:FA:EA:08:59:8C:05:CC:30:B8:2E:28:23:06:AF:79:33:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e4mF-uoIWYwFzDC4LigjBq95MxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/e59ba1-3d5b-4299-a852-37c86e355267/1/vMHZsJpgBNqMWVWNajiq-ixCFCI.roa
Signing time: Fri 14 Oct 2022 12:18:36 +0000
ROA not before: Fri 14 Oct 2022 12:18:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203352
IP address blocks: 185.131.80.0/22 maxlen: 24
185.131.80.0/23 maxlen: 23
185.131.82.0/23 maxlen: 23
2a06:97c0::/29 maxlen: 29
2a06:97c4::/30 maxlen: 30
2a06:97c0::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d6:6e:9b:e8:d1:4f:c7:ef:23:74:9a:15:b9:fe:1e:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b8985faea08598c05cc30b82e282306af793316
Validity
Not Before: Oct 14 12:18:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bcc1d9b09a6004da8c59558d6a38aafa2c421422
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:98:4d:52:22:d2:8a:2b:0a:c5:90:76:b7:de:
17:04:32:91:1c:26:f5:33:70:cb:b7:3e:6d:54:ce:
92:58:5e:47:93:78:76:df:4d:71:a6:4e:a2:aa:1e:
06:d5:9d:f5:b6:dd:cf:77:52:62:6b:81:7c:02:62:
f9:b7:0c:ae:69:a3:0b:1b:80:8d:59:3b:08:be:5c:
35:cb:85:8f:98:85:bf:9a:da:2b:4a:e3:29:b1:4b:
e9:a0:36:fb:60:11:ad:3d:7a:18:f4:00:7e:c0:a3:
38:5d:56:11:6a:ca:71:2c:f5:03:c0:b3:7c:3d:1e:
ca:26:d0:44:0b:f1:72:d0:4f:30:76:82:b8:05:d3:
5a:a7:86:0b:1f:40:73:ca:a7:ea:3b:e8:88:e8:16:
d3:a4:4e:43:58:d1:fc:40:f8:06:f4:63:18:38:6d:
c5:cf:24:df:d0:f0:27:07:20:1d:48:a7:83:c2:19:
db:14:56:8e:8a:07:e4:e5:a6:8a:73:0e:3b:43:9d:
dd:97:ba:fd:81:ce:cd:99:c7:ad:e4:bf:2f:09:4e:
ca:66:24:41:2e:b9:ea:59:bb:8b:34:04:a5:ae:a3:
f5:d1:b1:fd:be:e2:86:7b:b8:09:3d:6e:93:8c:26:
89:c7:f3:10:5c:b1:0d:71:6a:e7:fa:d7:d9:e5:9a:
10:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:C1:D9:B0:9A:60:04:DA:8C:59:55:8D:6A:38:AA:FA:2C:42:14:22
X509v3 Authority Key Identifier:
keyid:7B:89:85:FA:EA:08:59:8C:05:CC:30:B8:2E:28:23:06:AF:79:33:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4mF-uoIWYwFzDC4LigjBq95MxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/e59ba1-3d5b-4299-a852-37c86e355267/1/vMHZsJpgBNqMWVWNajiq-ixCFCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/e59ba1-3d5b-4299-a852-37c86e355267/1/e4mF-uoIWYwFzDC4LigjBq95MxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.131.80.0/22
IPv6:
2a06:97c0::/29
Signature Algorithm: sha256WithRSAEncryption
86:c8:53:4a:c8:b2:6e:7a:d3:e1:0f:77:ee:3e:35:bd:5e:b7:
5e:4d:81:fb:51:5b:87:d6:0b:bb:a8:ab:71:e1:e6:ea:40:2d:
05:20:c9:78:16:16:3c:93:47:ea:fb:b1:8a:fb:18:10:13:83:
8c:60:ab:8b:a4:1b:b6:c9:27:6d:0a:84:ad:64:b8:4e:38:a4:
e3:77:9d:b4:75:ce:0b:5b:b4:ee:1e:ab:ee:57:a8:59:29:05:
fb:12:18:30:f5:a9:ad:c1:9a:80:77:c6:67:1b:58:3b:95:dc:
44:2a:f8:34:a3:f8:04:cf:c7:25:7c:d3:0f:2b:c5:ba:15:48:
c5:d3:13:46:bb:58:53:84:3c:b7:bb:b8:d6:d9:40:10:fb:14:
b2:dd:a7:cf:31:35:40:de:63:12:6f:9a:a7:b1:54:5f:a4:d0:
18:af:b2:c6:55:2c:a5:c3:d9:f1:6b:70:d3:99:28:2d:89:a2:
51:56:d2:ea:af:d4:be:25:d4:0d:4d:d4:02:79:81:14:b8:79:
a1:32:f0:7e:bd:91:2a:34:3f:a8:2c:52:1b:ae:43:41:38:0c:
e4:04:ea:ad:4e:be:6c:b7:bf:e7:3e:5c:96:f8:bf:5a:a6:d9:
67:da:01:6a:08:f1:12:30:21:4d:b4:88:5d:25:c3:e2:fa:f4:
66:da:e7:e1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYPWbpvo0U/H7yN0mhW5/h40MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiODk4NWZhZWEwODU5OGMwNWNjMzBiODJlMjgyMzA2YWY3
OTMzMTYwHhcNMjIxMDE0MTIxODM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2MxZDliMDlhNjAwNGRhOGM1OTU1OGQ2YTM4YWFmYTJjNDIxNDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjphNUiLSiisKxZB2t94XBDKRHCb1
M3DLtz5tVM6SWF5Hk3h2301xpk6iqh4G1Z31tt3Pd1Jia4F8AmL5twyuaaMLG4CN
WTsIvlw1y4WPmIW/mtorSuMpsUvpoDb7YBGtPXoY9AB+wKM4XVYRaspxLPUDwLN8
PR7KJtBEC/Fy0E8wdoK4BdNap4YLH0BzyqfqO+iI6BbTpE5DWNH8QPgG9GMYOG3F
zyTf0PAnByAdSKeDwhnbFFaOigfk5aaKcw47Q53dl7r9gc7Nmcet5L8vCU7KZiRB
LrnqWbuLNASlrqP10bH9vuKGe7gJPW6TjCaJx/MQXLENcWrn+tfZ5ZoQ4QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLzB2bCaYATajFlVjWo4qvosQhQiMB8GA1UdIwQY
MBaAFHuJhfrqCFmMBcwwuC4oIwaveTMWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTRtRi11b0lXWXdGekRDNExpZ2pCcTk1TXhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9lNTliYTEtM2Q1Yi00Mjk5LWE4NTIt
MzdjODZlMzU1MjY3LzEvdk1IWnNKcGdCTnFNV1ZXTmFqaXEtaXhDRkNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9lNTliYTEtM2Q1Yi00Mjk5LWE4NTItMzdjODZlMzU1MjY3
LzEvZTRtRi11b0lXWXdGekRDNExpZ2pCcTk1TXhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYNQMA0E
AgACMAcDBQMqBpfAMA0GCSqGSIb3DQEBCwUAA4IBAQCGyFNKyLJuetPhD3fuPjW9
XrdeTYH7UVuH1gu7qKtx4ebqQC0FIMl4FhY8k0fq+7GK+xgQE4OMYKuLpBu2ySdt
CoStZLhOOKTjd520dc4LW7TuHqvuV6hZKQX7Ehgw9amtwZqAd8ZnG1g7ldxEKvg0
o/gEz8clfNMPK8W6FUjF0xNGu1hThDy3u7jW2UAQ+xSy3afPMTVA3mMSb5qnsVRf
pNAYr7LGVSylw9nxa3DTmSgtiaJRVtLqr9S+JdQNTdQCeYEUuHmhMvB+vZEqND+o
LFIbrkNBOAzkBOqtTr5st7/nPlyW+L9aptln2gFqCPESMCFNtIhdJcPi+vRm2ufh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:01 2024 by rpki-client on console-fra.rpki-client.org