Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/VV7noftUXwpai9cdn92UJxT_ges.roa
File: VV7noftUXwpai9cdn92UJxT_ges.roa (raw, json)
Hash identifier: blvhd8TUqqq0ZaEOScZ1Aaojat7YT+18Tx1dYJ0O36I=
Subject key identifier: 55:5E:E7:A1:FB:54:5F:0A:5A:8B:D7:1D:9F:DD:94:27:14:FF:81:EB
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0649114E
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/VV7noftUXwpai9cdn92UJxT_ges.roa
Signing time: Sat 01 Jan 2022 06:52:42 +0000
ROA not before: Sat 01 Jan 2022 06:52:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207046
IP address blocks: 185.247.4.0/22 maxlen: 24
194.113.28.0/22 maxlen: 24
185.209.36.0/22 maxlen: 22
194.146.220.0/22 maxlen: 22
185.221.16.0/23 maxlen: 23
185.227.206.0/24 maxlen: 24
45.134.84.0/22 maxlen: 24
185.221.22.0/23 maxlen: 23
185.227.207.0/24 maxlen: 24
185.249.204.0/22 maxlen: 22
185.250.182.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105451854 (0x649114e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 1 06:52:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=555ee7a1fb545f0a5a8bd71d9fdd942714ff81eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ca:51:08:15:8c:fe:ef:db:93:3d:b3:d5:c9:
6f:66:32:75:e7:76:96:ec:5c:df:7b:8e:a8:0f:be:
b5:8a:28:7c:bd:22:c8:d8:2f:9d:45:30:65:ad:89:
11:68:1e:fc:a2:db:cd:15:af:cd:98:ee:b7:7f:2b:
95:a0:e9:ef:ad:84:4a:1a:b3:9e:de:55:34:03:b3:
88:ab:7b:20:41:8d:6d:b8:de:d5:fe:31:77:34:64:
65:21:5f:b0:33:da:a6:8c:1a:22:01:ac:61:53:14:
b4:57:b4:31:10:f6:2c:ff:f9:04:aa:ab:91:16:3d:
0e:6e:41:9b:63:3a:ff:c8:e3:55:af:f1:d9:c2:3c:
fa:cd:37:c9:16:e3:bf:73:fb:df:a5:e6:c0:aa:7b:
58:d5:7d:1c:f7:4c:6b:36:42:15:11:8d:42:2d:79:
3c:be:2f:15:c3:1e:25:2c:0c:18:57:b5:16:03:8b:
70:16:76:86:69:11:16:a4:f2:82:23:46:39:7d:f7:
d8:23:d6:13:62:a9:a4:ad:68:80:e9:a9:c0:6b:b9:
29:29:1e:d5:24:99:a1:a1:fc:47:7b:62:29:09:0c:
ab:0b:51:03:f3:a5:83:52:19:c2:97:b2:86:37:0a:
15:a5:b5:6d:3e:b6:a1:da:70:20:e5:8c:66:a3:50:
ce:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:5E:E7:A1:FB:54:5F:0A:5A:8B:D7:1D:9F:DD:94:27:14:FF:81:EB
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/VV7noftUXwpai9cdn92UJxT_ges.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.84.0/22
185.209.36.0/22
185.221.16.0/23
185.221.22.0/23
185.227.206.0/23
185.247.4.0/22
185.249.204.0/22
185.250.182.0/23
194.113.28.0/22
194.146.220.0/22
Signature Algorithm: sha256WithRSAEncryption
89:29:19:22:f2:6b:c5:6d:bd:5e:a4:a0:92:53:e5:e2:21:e6:
72:0f:a2:1e:37:52:cb:f6:f0:8c:86:4b:96:d3:f7:24:17:31:
ea:ea:87:5b:ac:85:16:d7:b0:e8:44:bc:c6:f5:dd:2f:b9:ba:
ef:1c:fc:e6:f4:3e:4e:de:c7:a5:ad:4e:4d:bc:dd:7a:c0:c6:
46:47:56:b6:51:92:ff:8b:d2:1b:d6:69:ac:8f:6e:5a:1f:99:
ba:d0:1d:d0:4a:92:38:b7:b7:86:71:27:aa:ba:c0:21:ee:b2:
da:51:76:97:c6:d0:8f:2f:65:0a:99:e5:d1:e7:06:7e:9b:d1:
9d:97:98:b1:ae:86:3d:d2:fb:5a:29:68:ea:fe:4a:68:43:07:
ff:06:dc:14:ed:83:15:f9:31:f5:11:cb:c9:24:2e:00:15:17:
6b:b2:07:39:96:b5:0c:db:9e:10:6f:a9:cd:b6:3f:dd:0b:c5:
61:70:1d:93:ff:65:87:88:ba:6c:7d:07:29:4b:91:69:d6:80:
e9:4b:ba:43:16:62:6a:7c:e6:7e:dc:4d:f6:bb:06:73:ea:0b:
81:1f:2d:4d:5d:45:6b:d9:91:ed:5a:8c:a2:21:16:9b:7d:db:
21:49:fa:5c:52:ea:e9:93:e9:86:d8:3a:44:f1:c2:aa:52:a9:
dd:45:1c:c9
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgIEBkkRTjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MDY3ODRjMTA1MDg1YjlkNmFkNWY3M2EwM2IyMGQ5YTVjMTE0Y2FmMB4XDTIyMDEw
MTA2NTI0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTU1ZWU3YTFmYjU0
NWYwYTVhOGJkNzFkOWZkZDk0MjcxNGZmODFlYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALbKUQgVjP7v25M9s9XJb2Yyded2luxc33uOqA++tYoofL0i
yNgvnUUwZa2JEWge/KLbzRWvzZjut38rlaDp762EShqznt5VNAOziKt7IEGNbbje
1f4xdzRkZSFfsDPapowaIgGsYVMUtFe0MRD2LP/5BKqrkRY9Dm5Bm2M6/8jjVa/x
2cI8+s03yRbjv3P736XmwKp7WNV9HPdMazZCFRGNQi15PL4vFcMeJSwMGFe1FgOL
cBZ2hmkRFqTygiNGOX332CPWE2KppK1ogOmpwGu5KSke1SSZoaH8R3tiKQkMqwtR
A/Olg1IZwpeyhjcKFaW1bT62odpwIOWMZqNQzskCAwEAAaOCAj8wggI7MB0GA1Ud
DgQWBBRVXueh+1RfClqL1x2f3ZQnFP+B6zAfBgNVHSMEGDAWgBRgZ4TBBQhbnWrV
9zoDsg2aXBFMrzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lHZUV3UVVJVzUxcTFmYzZBN0lObWx3UlRLOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvMmI4MzRlLWJhZDItNDlmZi1iYTM4LWI0MzQyYmE5MWFiYy8x
L1ZWN25vZnRVWHdwYWk5Y2RuOTJVSnhUX2dlcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
MmI4MzRlLWJhZDItNDlmZi1iYTM4LWI0MzQyYmE5MWFiYy8xL1lHZUV3UVVJVzUx
cTFmYzZBN0lObWx3UlRLOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBV
BggrBgEFBQcBBwEB/wRGMEQwQgQCAAEwPAMEAi2GVAMEArnRJAMEAbndEAMEAbnd
FgMEAbnjzgMEArn3BAMEArn5zAMEAbn6tgMEAsJxHAMEAsKS3DANBgkqhkiG9w0B
AQsFAAOCAQEAiSkZIvJrxW29XqSgklPl4iHmcg+iHjdSy/bwjIZLltP3JBcx6uqH
W6yFFtew6ES8xvXdL7m67xz85vQ+Tt7Hpa1OTbzdesDGRkdWtlGS/4vSG9ZprI9u
Wh+ZutAd0EqSOLe3hnEnqrrAIe6y2lF2l8bQjy9lCpnl0ecGfpvRnZeYsa6GPdL7
Wilo6v5KaEMH/wbcFO2DFfkx9RHLySQuABUXa7IHOZa1DNueEG+pzbY/3QvFYXAd
k/9lh4i6bH0HKUuRadaA6Uu6QxZianzmftxN9rsGc+oLgR8tTV1Fa9mR7VqMoiEW
m33bIUn6XFLq6ZPphtg6RPHCqlKp3UUcyQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:26 2024 by rpki-client on console-ams.rpki-client.org