Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/5a6eee-a09a-44e1-88db-2878203a009d/1/vYl0LscvSB4RF27ccPjTBqzOlLY.roa
File: vYl0LscvSB4RF27ccPjTBqzOlLY.roa (raw, json)
Hash identifier: jYRJQmN//Kd/53sWTcD/ojs7MponBBSbnNC5svbdVyM=
Subject key identifier: BD:89:74:2E:C7:2F:48:1E:11:17:6E:DC:70:F8:D3:06:AC:CE:94:B6
Certificate issuer: /CN=677b43f538f0ae720e527b2a6c0b8a876d96c947
Certificate serial: 01831C5B38F027C29D00460CE9F15340DC51
Authority key identifier: 67:7B:43:F5:38:F0:AE:72:0E:52:7B:2A:6C:0B:8A:87:6D:96:C9:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z3tD9TjwrnIOUnsqbAuKh22WyUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/5a6eee-a09a-44e1-88db-2878203a009d/1/vYl0LscvSB4RF27ccPjTBqzOlLY.roa
Signing time: Thu 08 Sep 2022 09:08:03 +0000
ROA not before: Thu 08 Sep 2022 09:08:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62113
IP address blocks: 185.38.172.0/23 maxlen: 24
185.38.174.0/24 maxlen: 24
2a01:4260::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:1c:5b:38:f0:27:c2:9d:00:46:0c:e9:f1:53:40:dc:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=677b43f538f0ae720e527b2a6c0b8a876d96c947
Validity
Not Before: Sep 8 09:08:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bd89742ec72f481e11176edc70f8d306acce94b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:63:0b:76:6a:27:a2:3f:f1:ff:7d:78:75:6f:
a9:a6:67:51:62:80:19:2a:a6:9f:f7:af:d4:0d:f0:
5b:dd:c6:3a:63:e9:04:4b:23:be:db:c2:0e:15:03:
82:51:70:23:d9:d4:1c:2f:1f:7e:dd:60:0e:c7:0e:
00:23:5c:12:de:49:7b:df:53:fc:b0:a2:23:e8:34:
36:0d:77:83:98:83:6f:98:ec:8d:62:83:27:bc:0d:
a4:8d:0b:12:e3:7c:71:19:1a:38:ea:29:b5:be:94:
b4:a7:98:44:05:ba:f4:75:52:ae:f4:06:34:8e:fc:
fe:e1:e9:3c:9f:14:29:75:39:2c:30:a2:aa:31:58:
7d:a4:7f:cb:8f:2c:3e:39:3b:bf:d4:f4:68:74:0d:
84:78:4f:b6:b4:c3:d3:25:72:71:2d:eb:e3:06:43:
dd:a0:ee:21:2c:72:3a:8d:e7:17:2a:71:79:d3:cc:
82:8e:df:57:d4:32:d6:5d:e9:36:de:a2:34:b4:9a:
98:46:ac:62:47:3b:54:82:7f:d8:99:9b:ad:d7:36:
b4:86:11:c6:42:70:69:22:c8:11:8a:70:fb:a7:6c:
2c:04:d8:bc:df:86:18:25:01:ac:4b:d1:bf:e8:71:
21:43:23:10:b7:00:17:f3:1a:dc:68:8a:73:a4:88:
8c:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:89:74:2E:C7:2F:48:1E:11:17:6E:DC:70:F8:D3:06:AC:CE:94:B6
X509v3 Authority Key Identifier:
keyid:67:7B:43:F5:38:F0:AE:72:0E:52:7B:2A:6C:0B:8A:87:6D:96:C9:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z3tD9TjwrnIOUnsqbAuKh22WyUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5a6eee-a09a-44e1-88db-2878203a009d/1/vYl0LscvSB4RF27ccPjTBqzOlLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5a6eee-a09a-44e1-88db-2878203a009d/1/Z3tD9TjwrnIOUnsqbAuKh22WyUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.38.172.0-185.38.174.255
IPv6:
2a01:4260::/29
Signature Algorithm: sha256WithRSAEncryption
1a:ed:c1:ea:e2:b2:71:35:10:2a:cb:1d:4d:a1:6b:1a:79:f0:
1a:64:cb:48:59:60:05:5f:bf:70:3f:65:53:bc:f6:11:c6:4b:
fb:1b:cd:96:96:b8:de:9b:94:2b:4b:4b:13:96:e6:83:ef:24:
93:0e:87:2b:cc:ef:76:e9:b0:65:e5:3c:4a:2d:6b:68:cb:cd:
62:ef:d0:a6:87:79:fc:a6:c6:77:b2:04:0c:ca:13:df:57:05:
d9:12:56:f5:e4:b0:a0:91:5c:f1:8c:f5:e2:3d:b7:9a:31:66:
2b:c0:27:20:05:5f:ff:78:42:be:e6:1a:f9:db:cf:9c:a1:70:
d8:8d:4e:70:3b:e0:3d:7e:55:a1:bc:65:05:57:9c:cb:5a:1c:
b3:38:0d:06:f9:a9:50:b5:a5:e4:fa:23:f0:c2:f4:41:4a:f6:
a9:78:95:e1:bc:80:f2:23:e0:e3:77:1f:26:ae:eb:9e:41:92:
2c:e1:48:e2:48:23:77:ad:fd:52:b7:3a:53:46:ec:8a:b0:e3:
cb:20:c4:82:3f:fd:c8:69:13:69:ad:37:b3:91:28:2c:1b:de:
63:52:4f:87:cc:d7:bf:6c:6c:59:a8:ff:ab:4c:a0:d5:53:3a:
7f:57:c4:49:fe:f9:0b:bb:30:3d:14:01:12:58:a5:dd:87:2e:
1a:92:6f:e0
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYMcWzjwJ8KdAEYM6fFTQNxRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3N2I0M2Y1MzhmMGFlNzIwZTUyN2IyYTZjMGI4YTg3NmQ5
NmM5NDcwHhcNMjIwOTA4MDkwODAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDg5NzQyZWM3MmY0ODFlMTExNzZlZGM3MGY4ZDMwNmFjY2U5NGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWMLdmonoj/x/314dW+ppmdRYoAZ
Kqaf96/UDfBb3cY6Y+kESyO+28IOFQOCUXAj2dQcLx9+3WAOxw4AI1wS3kl731P8
sKIj6DQ2DXeDmINvmOyNYoMnvA2kjQsS43xxGRo46im1vpS0p5hEBbr0dVKu9AY0
jvz+4ek8nxQpdTksMKKqMVh9pH/Ljyw+OTu/1PRodA2EeE+2tMPTJXJxLevjBkPd
oO4hLHI6jecXKnF508yCjt9X1DLWXek23qI0tJqYRqxiRztUgn/YmZut1za0hhHG
QnBpIsgRinD7p2wsBNi834YYJQGsS9G/6HEhQyMQtwAX8xrcaIpzpIiMGwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFL2JdC7HL0geERdu3HD40waszpS2MB8GA1UdIwQY
MBaAFGd7Q/U48K5yDlJ7KmwLiodtlslHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjN0RDlUandybklPVW5zcWJBdUtoMjJXeVVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS81YTZlZWUtYTA5YS00NGUxLTg4ZGIt
Mjg3ODIwM2EwMDlkLzEvdllsMExzY3ZTQjRSRjI3Y2NQalRCcXpPbExZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS81YTZlZWUtYTA5YS00NGUxLTg4ZGItMjg3ODIwM2EwMDlk
LzEvWjN0RDlUandybklPVW5zcWJBdUtoMjJXeVVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAK5JqwD
BAC5Jq4wDQQCAAIwBwMFAyoBQmAwDQYJKoZIhvcNAQELBQADggEBABrtwerisnE1
ECrLHU2haxp58Bpky0hZYAVfv3A/ZVO89hHGS/sbzZaWuN6blCtLSxOW5oPvJJMO
hyvM73bpsGXlPEota2jLzWLv0KaHefymxneyBAzKE99XBdkSVvXksKCRXPGM9eI9
t5oxZivAJyAFX/94Qr7mGvnbz5yhcNiNTnA74D1+VaG8ZQVXnMtaHLM4DQb5qVC1
peT6I/DC9EFK9ql4leG8gPIj4ON3Hyau655BkizhSOJII3et/VK3OlNG7Iqw48sg
xII//chpE2mtN7ORKCwb3mNST4fM179sbFmo/6tMoNVTOn9XxEn++Qu7MD0UARJY
pd2HLhqSb+A=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:10 2023 by rpki-client on console-fra.rpki-client.org