Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/VHws_Z7PBkwfs1B5NykupflcTBw.roa
File: VHws_Z7PBkwfs1B5NykupflcTBw.roa (raw, json)
Hash identifier: B9BLanfURzZt4OFvZrEdqdzKA0Xn2AwB/AaLbssHT7g=
Subject key identifier: 54:7C:2C:FD:9E:CF:06:4C:1F:B3:50:79:37:29:2E:A5:F9:5C:4C:1C
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 178F0F65
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/VHws_Z7PBkwfs1B5NykupflcTBw.roa
Signing time: Sat 01 Jan 2022 13:03:17 +0000
ROA not before: Sat 01 Jan 2022 13:03:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51058
IP address blocks: 94.247.43.0/24 maxlen: 32
2a01:360:99::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 395251557 (0x178f0f65)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 1 13:03:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=547c2cfd9ecf064c1fb3507937292ea5f95c4c1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:5d:d3:24:51:bf:df:3f:ff:7b:68:ce:c0:10:
99:16:c0:eb:f6:4d:47:8b:3b:cd:73:99:e0:b9:55:
f2:64:31:52:64:1c:b0:17:9b:71:3b:5e:f1:10:3d:
84:a1:a8:31:1e:7f:f9:f0:89:be:28:48:6b:3a:26:
ae:96:50:8a:cb:6b:44:9a:85:a0:91:f1:16:20:a4:
db:ef:78:23:4d:66:00:32:1c:81:d3:c1:df:b5:e0:
49:2c:fd:76:21:01:ae:8f:c3:ff:2a:f4:c1:e1:a8:
ae:93:f3:60:70:7c:41:8f:57:57:9f:e8:64:16:e5:
37:ba:3c:63:25:1c:f4:68:ea:27:cb:68:03:60:89:
72:d2:63:29:92:73:43:10:d4:da:6a:a6:69:8a:77:
48:c1:fe:cb:63:3e:17:69:d2:4c:2d:e7:53:f8:2f:
9e:eb:83:2e:11:77:3b:d0:01:72:99:9e:ac:79:6e:
d8:20:4d:16:37:89:c2:5e:0c:f1:27:57:c9:29:14:
ac:75:41:42:9d:04:8e:5d:0a:f2:1f:e8:f3:5e:b9:
da:af:a4:d1:1b:e1:8d:64:fa:f3:04:b4:fa:d1:da:
88:52:9d:0f:c5:9b:5f:b6:47:09:ee:8f:d9:5e:e2:
12:53:44:85:d7:59:a2:17:09:c2:c2:c0:e4:08:92:
e0:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:7C:2C:FD:9E:CF:06:4C:1F:B3:50:79:37:29:2E:A5:F9:5C:4C:1C
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/VHws_Z7PBkwfs1B5NykupflcTBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.247.43.0/24
IPv6:
2a01:360:99::/48
Signature Algorithm: sha256WithRSAEncryption
49:f0:98:30:a7:86:fe:41:85:f3:82:b4:38:53:df:04:47:83:
14:4d:ed:6c:92:98:63:6a:65:7b:0e:33:f6:70:e0:20:ad:47:
fa:47:a9:88:57:6d:c5:5a:24:96:e3:ca:83:68:d4:7c:2d:cb:
51:ea:81:8a:6e:c5:ee:fb:a3:70:dd:60:c9:92:37:ba:e1:94:
b2:24:a7:e7:d9:84:22:11:15:d8:03:a7:f1:97:63:55:5b:b9:
1b:49:1a:e9:78:93:ae:12:66:05:e3:9a:26:80:3f:6f:37:ea:
fc:96:52:7a:fe:c5:50:6a:22:f7:06:14:39:dc:bb:84:94:1e:
f5:fd:7e:ba:64:6e:49:15:c1:30:ff:05:16:52:48:e6:dc:2d:
0a:54:1e:13:c3:1f:48:8d:ea:a1:e0:7c:7d:6f:ed:ca:3d:9e:
40:a9:2d:56:bb:5b:40:0a:2a:f7:6d:68:92:90:b7:d7:76:e4:
5c:fc:b2:44:96:ec:b8:34:9c:e4:b8:23:46:3f:c8:7f:02:29:
54:48:de:5b:32:2b:5e:7f:cc:5e:f5:28:d6:ff:51:bd:45:e1:
63:07:0e:d5:5d:ee:1e:6d:96:cc:42:48:46:b2:07:8a:92:0e:
60:85:f6:6a:9f:1e:02:7f:ee:90:83:ea:57:cf:58:a3:71:78:
fc:c1:25:ce
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEF48PZTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NDI1M2M0ZjIzM2NlOTg0NzY5OWFlNjhlY2JmNWQ3NTE0YjBmYWRiMB4XDTIyMDEw
MTEzMDMxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTQ3YzJjZmQ5ZWNm
MDY0YzFmYjM1MDc5MzcyOTJlYTVmOTVjNGMxYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJpd0yRRv98//3tozsAQmRbA6/ZNR4s7zXOZ4LlV8mQxUmQc
sBebcTte8RA9hKGoMR5/+fCJvihIazomrpZQistrRJqFoJHxFiCk2+94I01mADIc
gdPB37XgSSz9diEBro/D/yr0weGorpPzYHB8QY9XV5/oZBblN7o8YyUc9GjqJ8to
A2CJctJjKZJzQxDU2mqmaYp3SMH+y2M+F2nSTC3nU/gvnuuDLhF3O9ABcpmerHlu
2CBNFjeJwl4M8SdXySkUrHVBQp0Ejl0K8h/o81652q+k0RvhjWT68wS0+tHaiFKd
D8WbX7ZHCe6P2V7iElNEhddZohcJwsLA5AiS4CsCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBRUfCz9ns8GTB+zUHk3KS6l+VxMHDAfBgNVHSMEGDAWgBS0JTxPIzzphHaZ
rmjsv111FLD62zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RDVThUeU04NllSMm1hNW83TDlkZFJTdy10cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDFkNmUxLTVjYWQtNDBkYi05NzczLTU4YjM4ZjVhYzgwYi8x
L1ZId3NfWjdQQmt3ZnMxQjVOeWt1cGZsY1RCdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDFkNmUxLTVjYWQtNDBkYi05NzczLTU4YjM4ZjVhYzgwYi8xL3RDVThUeU04NllS
Mm1hNW83TDlkZFJTdy10cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAF73KzAPBAIAAjAJAwcAKgEDYACZ
MA0GCSqGSIb3DQEBCwUAA4IBAQBJ8Jgwp4b+QYXzgrQ4U98ER4MUTe1skphjamV7
DjP2cOAgrUf6R6mIV23FWiSW48qDaNR8LctR6oGKbsXu+6Nw3WDJkje64ZSyJKfn
2YQiERXYA6fxl2NVW7kbSRrpeJOuEmYF45omgD9vN+r8llJ6/sVQaiL3BhQ53LuE
lB71/X66ZG5JFcEw/wUWUkjm3C0KVB4Twx9Ijeqh4Hx9b+3KPZ5AqS1Wu1tACir3
bWiSkLfXduRc/LJEluy4NJzkuCNGP8h/AilUSN5bMitef8xe9SjW/1G9ReFjBw7V
Xe4ebZbMQkhGsgeKkg5ghfZqnx4Cf+6Qg+pXz1ijcXj8wSXO
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:08 2023 by rpki-client on console-ams.rpki-client.org