Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/VzRnuCaK5x64VvWKi_KvPZKzY6U.roa
File: VzRnuCaK5x64VvWKi_KvPZKzY6U.roa (raw, json)
Hash identifier: EgeOW2yyXw0k3ou2JS4/PC+TPZeYoxd+8kWziu82YkE=
Subject key identifier: 57:34:67:B8:26:8A:E7:1E:B8:56:F5:8A:8B:F2:AF:3D:92:B3:63:A5
Certificate issuer: /CN=b1a4a601ca35c6c8376b89aaf443b63ea439cdb8
Certificate serial: 01837DAE266A52F1E356E894EF6A693A884A
Authority key identifier: B1:A4:A6:01:CA:35:C6:C8:37:6B:89:AA:F4:43:B6:3E:A4:39:CD:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saSmAco1xsg3a4mq9EO2PqQ5zbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/VzRnuCaK5x64VvWKi_KvPZKzY6U.roa
Signing time: Tue 27 Sep 2022 06:41:48 +0000
ROA not before: Tue 27 Sep 2022 06:41:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15435
IP address blocks: 81.172.128.0/17 maxlen: 24
141.224.192.0/18 maxlen: 24
149.143.32.0/19 maxlen: 24
204.168.128.0/17 maxlen: 24
149.143.64.0/18 maxlen: 24
87.99.128.0/17 maxlen: 24
2a07:31c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7d:ae:26:6a:52:f1:e3:56:e8:94:ef:6a:69:3a:88:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a4a601ca35c6c8376b89aaf443b63ea439cdb8
Validity
Not Before: Sep 27 06:41:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=573467b8268ae71eb856f58a8bf2af3d92b363a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:2e:92:b9:2d:5b:39:d1:18:00:64:6c:0f:88:
61:df:86:ff:f3:c6:e0:b1:6d:dd:29:8b:e1:ae:9d:
a2:2f:91:6d:4f:c6:e0:79:d5:ad:3c:66:26:9a:17:
80:d8:62:e5:a9:83:a0:a5:5f:d2:01:f8:8d:56:fb:
bd:83:06:a5:4b:c5:8f:9f:c7:2f:37:1a:81:f9:31:
bb:b1:37:a1:d9:18:7a:df:fd:66:07:c9:c5:35:cc:
f3:3e:5e:01:e5:87:50:6c:bb:cd:c5:bf:ec:66:55:
ea:ad:b8:8c:d2:3d:23:93:d1:93:a7:a5:e4:68:24:
2c:ec:b2:9d:44:16:b3:d8:ef:e6:c2:38:61:2a:c3:
ff:e8:65:73:bd:45:5f:7d:dd:6d:ea:f7:85:d7:41:
64:ca:51:be:fd:b3:9c:c0:4c:ff:b8:d2:92:9d:ab:
ed:d0:91:57:c1:e5:a1:f4:7c:b3:d3:5a:ad:ee:48:
1c:61:dd:67:8b:07:03:48:b0:80:f1:fc:56:51:88:
57:00:41:86:41:45:8f:0c:5c:44:8e:b0:d0:db:76:
97:af:c4:23:77:5a:a4:65:f1:c6:fa:27:af:1e:df:
00:84:0e:95:27:23:5d:9d:57:1b:65:65:cf:6a:d9:
b8:33:3d:0c:29:30:e4:9c:f3:64:4a:6a:52:67:80:
3d:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:34:67:B8:26:8A:E7:1E:B8:56:F5:8A:8B:F2:AF:3D:92:B3:63:A5
X509v3 Authority Key Identifier:
keyid:B1:A4:A6:01:CA:35:C6:C8:37:6B:89:AA:F4:43:B6:3E:A4:39:CD:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saSmAco1xsg3a4mq9EO2PqQ5zbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/VzRnuCaK5x64VvWKi_KvPZKzY6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/saSmAco1xsg3a4mq9EO2PqQ5zbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.172.128.0/17
87.99.128.0/17
141.224.192.0/18
149.143.32.0-149.143.127.255
204.168.128.0/17
IPv6:
2a07:31c0::/29
Signature Algorithm: sha256WithRSAEncryption
42:56:73:b8:99:c9:f7:9e:74:cb:72:90:e1:cc:1d:36:17:0e:
52:0b:ea:c8:61:5c:ff:ac:dc:d6:fb:36:33:3b:0a:01:72:c9:
25:a2:f0:7e:9c:8d:a6:32:7b:81:13:13:13:01:9f:50:7e:6f:
44:3f:ba:d0:37:79:62:d7:c0:29:62:c6:18:24:a8:72:f5:20:
62:f5:c1:93:12:b3:fa:b1:e3:9b:43:9f:ab:43:5a:a4:18:50:
ea:3e:9e:db:6e:a3:a0:93:7d:94:d9:a6:c9:fe:73:3a:14:0c:
0a:d8:90:aa:96:a5:19:70:32:33:52:1f:7a:fe:21:fb:77:57:
3d:5d:17:54:c5:86:8e:17:fd:a7:f5:60:31:39:68:45:97:9a:
14:83:7e:43:f6:13:c0:4f:9f:d4:95:a4:e7:72:ed:e0:8d:03:
b0:6d:9e:2d:0b:f1:43:3b:bf:17:d4:dd:84:19:c8:61:f9:36:
82:ef:94:8a:8f:01:81:ba:a4:3e:e9:17:82:7d:6c:da:e0:47:
a5:af:23:35:fa:4b:ea:92:61:9e:46:8e:60:b9:a5:35:89:f1:
e9:89:37:d3:1a:37:10:e6:7c:2a:6f:a4:2e:10:ce:dc:66:ce:
28:ae:35:e6:c2:91:90:00:b2:0f:80:df:ee:a7:6f:f1:ef:da:
8a:48:b5:82
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYN9riZqUvHjVuiU72ppOohKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTRhNjAxY2EzNWM2YzgzNzZiODlhYWY0NDNiNjNlYTQz
OWNkYjgwHhcNMjIwOTI3MDY0MTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzM0NjdiODI2OGFlNzFlYjg1NmY1OGE4YmYyYWYzZDkyYjM2M2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApy6SuS1bOdEYAGRsD4hh34b/88bg
sW3dKYvhrp2iL5FtT8bgedWtPGYmmheA2GLlqYOgpV/SAfiNVvu9gwalS8WPn8cv
NxqB+TG7sTeh2Rh63/1mB8nFNczzPl4B5YdQbLvNxb/sZlXqrbiM0j0jk9GTp6Xk
aCQs7LKdRBaz2O/mwjhhKsP/6GVzvUVffd1t6veF10FkylG+/bOcwEz/uNKSnavt
0JFXweWh9Hyz01qt7kgcYd1niwcDSLCA8fxWUYhXAEGGQUWPDFxEjrDQ23aXr8Qj
d1qkZfHG+ievHt8AhA6VJyNdnVcbZWXPatm4Mz0MKTDknPNkSmpSZ4A9yQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFFc0Z7gmiuceuFb1iovyrz2Ss2OlMB8GA1UdIwQY
MBaAFLGkpgHKNcbIN2uJqvRDtj6kOc24MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FTbUFjbzF4c2czYTRtcTlFTzJQcVE1emJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kZmVjNDAtYjg2ZS00OTRjLWJhMTAt
M2E1NjI4Y2M4MWQ5LzEvVnpSbnVDYUs1eDY0VnZXS2lfS3ZQWkt6WTZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kZmVjNDAtYjg2ZS00OTRjLWJhMTAtM2E1NjI4Y2M4MWQ5
LzEvc2FTbUFjbzF4c2czYTRtcTlFTzJQcVE1emJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQHUayAAwQH
V2OAAwQGjeDAMAwDBAWVjyADBAeVjwADBAfMqIAwDQQCAAIwBwMFAyoHMcAwDQYJ
KoZIhvcNAQELBQADggEBAEJWc7iZyfeedMtykOHMHTYXDlIL6shhXP+s3Nb7NjM7
CgFyySWi8H6cjaYye4ETExMBn1B+b0Q/utA3eWLXwClixhgkqHL1IGL1wZMSs/qx
45tDn6tDWqQYUOo+nttuo6CTfZTZpsn+czoUDArYkKqWpRlwMjNSH3r+Ift3Vz1d
F1TFho4X/af1YDE5aEWXmhSDfkP2E8BPn9SVpOdy7eCNA7Btni0L8UM7vxfU3YQZ
yGH5NoLvlIqPAYG6pD7pF4J9bNrgR6WvIzX6S+qSYZ5GjmC5pTWJ8emJN9MaNxDm
fCpvpC4QztxmziiuNebCkZAAsg+A3+6nb/Hv2opItYI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:21 2024 by rpki-client on console-fra.rpki-client.org