Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/5273a4-10c8-40bf-b24f-5c1d5a6992d8/1/VXW_O8ALAuKB1dbVzNhX5rHU9Uo.roa
File: VXW_O8ALAuKB1dbVzNhX5rHU9Uo.roa (raw, json)
Hash identifier: qb0f6UjBHQWBYuCrZ1coVwXNu/+OENEg7kyvxLkrIwQ=
Subject key identifier: 55:75:BF:3B:C0:0B:02:E2:81:D5:D6:D5:CC:D8:57:E6:B1:D4:F5:4A
Certificate issuer: /CN=d9f866fb0aa83a271a0cb7dc9030188c89d23e5d
Certificate serial: 0BEA9D67
Authority key identifier: D9:F8:66:FB:0A:A8:3A:27:1A:0C:B7:DC:90:30:18:8C:89:D2:3E:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fhm-wqoOicaDLfckDAYjInSPl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/5273a4-10c8-40bf-b24f-5c1d5a6992d8/1/VXW_O8ALAuKB1dbVzNhX5rHU9Uo.roa
Signing time: Sat 01 Jan 2022 07:55:46 +0000
ROA not before: Sat 01 Jan 2022 07:55:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206451
IP address blocks: 176.97.232.0/22 maxlen: 22
176.97.232.0/21 maxlen: 21
176.97.236.0/22 maxlen: 22
212.85.232.0/22 maxlen: 22
212.85.232.0/23 maxlen: 23
212.85.234.0/23 maxlen: 23
89.33.180.0/22 maxlen: 22
89.36.168.0/24 maxlen: 24
89.39.160.0/24 maxlen: 24
185.155.4.0/22 maxlen: 24
89.36.175.0/24 maxlen: 24
31.14.24.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 199925095 (0xbea9d67)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9f866fb0aa83a271a0cb7dc9030188c89d23e5d
Validity
Not Before: Jan 1 07:55:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5575bf3bc00b02e281d5d6d5ccd857e6b1d4f54a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:86:8f:ed:09:ee:72:90:e5:48:9c:8d:66:24:
62:5c:79:1e:96:f8:7b:b5:b9:4a:d1:c2:a5:3c:a2:
ae:3f:d7:c2:65:86:30:e6:46:2f:96:56:b8:1a:a0:
a1:f8:2a:3c:3f:72:09:67:60:99:87:29:f9:53:da:
f7:58:35:0a:82:f9:63:50:1b:c4:36:e0:c8:26:73:
b8:9f:a0:d5:f6:b1:b3:ce:30:b0:cf:8a:dd:d9:ad:
8b:12:6a:74:87:f4:f0:d5:f4:6e:72:bd:05:7e:15:
e3:ad:0e:87:43:51:09:2c:69:ca:cc:9c:ad:0e:8e:
8b:70:e4:75:89:13:31:73:a4:57:1b:50:c2:96:69:
2e:a9:c8:7a:19:36:fd:5e:20:ef:eb:86:ac:4f:d4:
fd:30:e5:99:10:a9:64:01:bc:15:cd:d9:17:5b:31:
59:a5:1e:86:37:f0:9d:36:c3:9b:09:82:19:5c:0c:
4f:84:df:ad:8e:46:b5:bd:ca:29:e0:c4:ea:f6:b7:
29:24:3e:c8:24:30:d9:f3:31:f6:4f:49:e6:ff:de:
09:8d:ff:74:c2:39:5e:a3:65:65:44:fa:74:f4:17:
f3:32:7d:74:28:3a:68:91:66:ec:ec:4b:ad:58:6f:
f4:d2:b9:1c:44:78:af:7b:2f:81:cb:fb:34:6e:e5:
4e:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:75:BF:3B:C0:0B:02:E2:81:D5:D6:D5:CC:D8:57:E6:B1:D4:F5:4A
X509v3 Authority Key Identifier:
keyid:D9:F8:66:FB:0A:A8:3A:27:1A:0C:B7:DC:90:30:18:8C:89:D2:3E:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fhm-wqoOicaDLfckDAYjInSPl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5273a4-10c8-40bf-b24f-5c1d5a6992d8/1/VXW_O8ALAuKB1dbVzNhX5rHU9Uo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5273a4-10c8-40bf-b24f-5c1d5a6992d8/1/2fhm-wqoOicaDLfckDAYjInSPl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.24.0/24
89.33.180.0/22
89.36.168.0/24
89.36.175.0/24
89.39.160.0/24
176.97.232.0/21
185.155.4.0/22
212.85.232.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:aa:7e:88:b6:20:d0:11:04:f8:2b:3a:2f:65:d0:f2:9a:d5:
cc:7e:57:4a:43:de:f5:57:a7:13:cd:70:46:59:35:e9:6e:b2:
1b:18:82:e6:6b:3e:ea:f0:ea:74:ff:55:96:c3:5f:05:9d:97:
c7:c3:b4:55:6a:ae:d5:bd:26:57:19:ef:1f:d8:76:c6:5e:42:
a2:c2:f0:e2:b1:f3:b6:09:49:0b:8d:9f:06:d5:7a:8b:ef:5b:
8e:2f:5c:00:df:35:ab:b2:18:ba:f7:ab:cc:35:3b:6c:f2:55:
b5:51:b9:99:ff:6a:c3:ce:de:5b:1c:6c:11:51:18:62:86:5b:
af:fe:d5:eb:d5:fa:d3:68:e5:f3:6c:d0:93:0e:63:8c:ea:64:
97:65:0b:e3:ec:05:7d:fd:0b:58:5c:e6:1e:b3:b2:06:80:d0:
e2:35:1c:2c:91:72:b5:df:f6:03:06:66:a9:ce:51:f4:b8:cf:
f9:73:c1:dc:ed:85:c3:31:26:46:dd:b7:5f:d7:01:e7:4b:8d:
1e:e5:d7:53:38:70:0f:ba:b6:07:29:b6:42:b0:23:e6:6a:81:
48:34:54:0f:e5:89:f0:12:e7:85:e8:e8:0b:2d:1c:9b:fc:20:
62:be:d6:8f:9a:b0:8f:bf:62:ff:20:51:be:9c:6c:c4:1c:14:
69:9b:4a:a1
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEC+qdZzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OWY4NjZmYjBhYTgzYTI3MWEwY2I3ZGM5MDMwMTg4Yzg5ZDIzZTVkMB4XDTIyMDEw
MTA3NTU0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTU3NWJmM2JjMDBi
MDJlMjgxZDVkNmQ1Y2NkODU3ZTZiMWQ0ZjU0YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALWGj+0J7nKQ5UicjWYkYlx5Hpb4e7W5StHCpTyirj/XwmWG
MOZGL5ZWuBqgofgqPD9yCWdgmYcp+VPa91g1CoL5Y1AbxDbgyCZzuJ+g1faxs84w
sM+K3dmtixJqdIf08NX0bnK9BX4V460Oh0NRCSxpysycrQ6Oi3DkdYkTMXOkVxtQ
wpZpLqnIehk2/V4g7+uGrE/U/TDlmRCpZAG8Fc3ZF1sxWaUehjfwnTbDmwmCGVwM
T4TfrY5Gtb3KKeDE6va3KSQ+yCQw2fMx9k9J5v/eCY3/dMI5XqNlZUT6dPQX8zJ9
dCg6aJFm7OxLrVhv9NK5HER4r3svgcv7NG7lTjECAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBRVdb87wAsC4oHV1tXM2FfmsdT1SjAfBgNVHSMEGDAWgBTZ+Gb7Cqg6JxoM
t9yQMBiMidI+XTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJmaG0td3FvT2ljYURMZmNrREFZakluU1BsMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2UvNTI3M2E0LTEwYzgtNDBiZi1iMjRmLTVjMWQ1YTY5OTJkOC8x
L1ZYV19POEFMQXVLQjFkYlZ6TmhYNXJIVTlVby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Uv
NTI3M2E0LTEwYzgtNDBiZi1iMjRmLTVjMWQ1YTY5OTJkOC8xLzJmaG0td3FvT2lj
YURMZmNrREFZakluU1BsMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAB8OGAMEAlkhtAMEAFkkqAMEAFkk
rwMEAFknoAMEA7Bh6AMEArmbBAMEAtRV6DANBgkqhkiG9w0BAQsFAAOCAQEAj6p+
iLYg0BEE+Cs6L2XQ8prVzH5XSkPe9VenE81wRlk16W6yGxiC5ms+6vDqdP9VlsNf
BZ2Xx8O0VWqu1b0mVxnvH9h2xl5CosLw4rHztglJC42fBtV6i+9bji9cAN81q7IY
uverzDU7bPJVtVG5mf9qw87eWxxsEVEYYoZbr/7V69X602jl82zQkw5jjOpkl2UL
4+wFff0LWFzmHrOyBoDQ4jUcLJFytd/2AwZmqc5R9LjP+XPB3O2FwzEmRt23X9cB
50uNHuXXUzhwD7q2Bym2QrAj5mqBSDRUD+WJ8BLnhejoCy0cm/wgYr7Wj5qwj79i
/yBRvpxsxBwUaZtKoQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:10 2023 by rpki-client on console-fra.rpki-client.org