Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/ViUAjg_3ydpWemm6RRw5oJXlfY0.roa
File: ViUAjg_3ydpWemm6RRw5oJXlfY0.roa (raw, json)
Hash identifier: eKK5gDgsOtSEmaB5O3UAoz2a6oXkRb/vqFpxvxN1fnc=
Subject key identifier: 56:25:00:8E:0F:F7:C9:DA:56:7A:69:BA:45:1C:39:A0:95:E5:7D:8D
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 04B18B90
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/ViUAjg_3ydpWemm6RRw5oJXlfY0.roa
Signing time: Thu 21 Apr 2022 11:42:33 +0000
ROA not before: Thu 21 Apr 2022 11:42:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211443
IP address blocks: 192.162.100.0/24 maxlen: 24
192.162.102.0/24 maxlen: 24
192.162.101.0/24 maxlen: 24
192.162.103.0/24 maxlen: 24
193.0.203.0/24 maxlen: 24
193.0.200.0/24 maxlen: 24
194.63.141.0/24 maxlen: 24
194.63.143.0/24 maxlen: 24
194.63.140.0/24 maxlen: 24
194.63.142.0/24 maxlen: 24
193.168.226.0/24 maxlen: 24
91.217.77.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78744464 (0x4b18b90)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Apr 21 11:42:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5625008e0ff7c9da567a69ba451c39a095e57d8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:97:ae:1c:a2:71:85:fa:e6:23:95:b6:3e:94:
12:ab:e8:4d:3a:41:d7:ef:73:ec:e6:5f:7d:26:93:
8b:68:fd:12:e8:8a:1d:28:bc:e0:fc:f5:77:c2:83:
64:39:53:dd:49:2b:a3:d4:40:3a:46:f0:c3:7f:1a:
7c:4a:fe:33:c8:29:44:17:24:3d:58:94:2f:5e:d1:
84:32:f9:0b:ab:75:e9:c7:fe:28:a1:dd:fd:2e:4f:
40:0c:58:9b:64:42:41:99:66:e9:eb:88:29:28:eb:
45:49:dc:cf:de:5c:5b:af:31:aa:33:ea:e2:d1:8c:
8e:c1:b9:71:7d:51:de:16:8d:f3:c1:12:b8:c9:f5:
23:c3:2a:af:41:58:a4:06:63:da:c7:43:83:00:86:
0c:e2:88:e1:6f:c3:38:e0:cc:17:aa:9e:2a:e1:00:
ee:d0:7b:49:45:12:ee:ea:b8:22:02:92:a3:4d:3a:
98:cf:0b:4b:f5:5f:83:d0:e6:41:88:e5:85:4f:a8:
72:6a:7d:c1:8d:28:cd:e0:61:7d:78:e0:84:f3:0c:
b7:d5:cb:38:c5:74:1b:72:59:5d:e3:ba:e0:06:0c:
16:6d:87:36:91:6c:6e:09:44:00:50:ea:af:a9:69:
63:a0:61:24:ce:1b:35:4a:72:3d:97:8a:3e:c9:6b:
0b:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:25:00:8E:0F:F7:C9:DA:56:7A:69:BA:45:1C:39:A0:95:E5:7D:8D
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/ViUAjg_3ydpWemm6RRw5oJXlfY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.77.0/24
192.162.100.0/22
193.0.200.0/24
193.0.203.0/24
193.168.226.0/24
194.63.140.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:b8:97:a5:f1:e5:2d:cb:7a:f8:de:2b:1f:56:37:29:08:d7:
a8:82:df:a6:42:90:22:32:f1:15:cc:2d:d9:5f:23:37:a8:b5:
c6:7b:fc:f2:1b:94:99:56:da:5a:d9:f9:a3:65:b1:7b:f4:1a:
34:72:a7:c6:ad:58:9b:5e:8f:aa:10:61:19:8e:67:ee:a4:0a:
d8:30:45:85:96:3d:a8:c7:b7:dc:d7:7b:03:17:be:40:64:61:
4f:30:65:83:a3:9a:50:5c:67:ca:05:25:a4:30:ea:24:f6:3d:
50:01:10:4f:ae:f1:5a:90:ce:a1:ca:20:c4:2e:98:bb:24:f0:
7a:17:6f:be:5f:e5:d6:82:d6:d1:65:78:7c:5c:df:f3:17:6e:
05:2f:8d:cf:47:ec:1f:c6:e6:e5:aa:49:8e:ec:d2:b8:cb:d9:
ae:4d:02:0d:04:67:c0:a7:49:da:bd:06:54:b2:56:ca:db:81:
35:26:0e:15:2c:f6:75:3e:df:11:01:da:5b:f3:c9:f6:dc:ec:
74:0b:2a:1c:14:ae:6c:2d:ca:f2:e4:ac:26:a4:95:38:73:4b:
a8:83:ae:19:60:61:24:1f:45:a4:62:a2:bc:3d:87:ee:21:6e:
5c:64:45:45:9f:18:61:48:92:93:14:5c:8f:c9:4c:63:b2:73:
2d:8b:ee:a6
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEBLGLkDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDQy
MTExNDIzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTYyNTAwOGUwZmY3
YzlkYTU2N2E2OWJhNDUxYzM5YTA5NWU1N2Q4ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK2XrhyicYX65iOVtj6UEqvoTTpB1+9z7OZffSaTi2j9EuiK
HSi84Pz1d8KDZDlT3Ukro9RAOkbww38afEr+M8gpRBckPViUL17RhDL5C6t16cf+
KKHd/S5PQAxYm2RCQZlm6euIKSjrRUncz95cW68xqjPq4tGMjsG5cX1R3haN88ES
uMn1I8Mqr0FYpAZj2sdDgwCGDOKI4W/DOODMF6qeKuEA7tB7SUUS7uq4IgKSo006
mM8LS/Vfg9DmQYjlhU+ocmp9wY0ozeBhfXjghPMMt9XLOMV0G3JZXeO64AYMFm2H
NpFsbglEAFDqr6lpY6BhJM4bNUpyPZeKPslrC0UCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBRWJQCOD/fJ2lZ6abpFHDmgleV9jTAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
L1ZpVUFqZ18zeWRwV2VtbTZSUnc1b0pYbGZZMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAFvZTQMEAsCiZAMEAMEAyAMEAMEA
ywMEAMGo4gMEAsI/jDANBgkqhkiG9w0BAQsFAAOCAQEAPLiXpfHlLct6+N4rH1Y3
KQjXqILfpkKQIjLxFcwt2V8jN6i1xnv88huUmVbaWtn5o2Wxe/QaNHKnxq1Ym16P
qhBhGY5n7qQK2DBFhZY9qMe33Nd7Axe+QGRhTzBlg6OaUFxnygUlpDDqJPY9UAEQ
T67xWpDOocogxC6YuyTwehdvvl/l1oLW0WV4fFzf8xduBS+Nz0fsH8bm5apJjuzS
uMvZrk0CDQRnwKdJ2r0GVLJWytuBNSYOFSz2dT7fEQHaW/PJ9tzsdAsqHBSubC3K
8uSsJqSVOHNLqIOuGWBhJB9FpGKivD2H7iFuXGRFRZ8YYUiSkxRcj8lMY7JzLYvu
pg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org