Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/VLkasOxLsdFF94ogDs1HsdGiaPI.roa
File: VLkasOxLsdFF94ogDs1HsdGiaPI.roa (raw, json)
Hash identifier: S3l00FEZp9bTWx8ZmH05wOfoYdCFKn5Sg8WJmlYXGsA=
Subject key identifier: 54:B9:1A:B0:EC:4B:B1:D1:45:F7:8A:20:0E:CD:47:B1:D1:A2:68:F2
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 19B566E8
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/VLkasOxLsdFF94ogDs1HsdGiaPI.roa
Signing time: Wed 13 Apr 2022 22:43:57 +0000
ROA not before: Wed 13 Apr 2022 22:43:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 64021
IP address blocks: 45.158.35.0/24 maxlen: 24
194.145.143.0/24 maxlen: 24
45.148.128.0/22 maxlen: 22
194.145.142.0/24 maxlen: 24
128.0.117.0/24 maxlen: 24
128.0.119.0/24 maxlen: 24
194.145.196.0/24 maxlen: 24
194.145.197.0/24 maxlen: 24
45.134.1.0/24 maxlen: 32
194.49.109.0/24 maxlen: 24
194.49.112.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 431318760 (0x19b566e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Apr 13 22:43:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=54b91ab0ec4bb1d145f78a200ecd47b1d1a268f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:53:12:c0:73:a7:de:14:dd:5c:4b:53:95:5d:
7f:26:b9:09:a6:14:a1:7c:b7:b9:2d:b2:ac:19:5d:
b2:10:49:9c:d2:8d:3d:ea:eb:89:89:40:fc:59:0c:
0e:05:6a:ed:0b:ac:55:42:af:8c:d3:6f:c7:79:d5:
8e:ce:89:bc:9d:08:6b:0f:cd:36:0b:97:fa:9d:d9:
b0:39:ea:91:47:fe:85:2b:05:a2:24:64:47:d1:02:
e8:83:7f:bb:32:50:20:3e:94:4b:a9:fb:7d:82:3a:
eb:ab:a3:5f:b6:a8:b4:0d:e6:1d:60:3a:0a:8a:2f:
ad:73:c1:41:46:d9:4e:b9:aa:73:be:56:c1:8b:ed:
03:88:37:60:5e:64:60:97:15:7e:86:a7:f0:9b:b3:
fa:4c:34:5e:c8:4a:c7:69:89:21:6e:c4:66:f0:d8:
87:72:3f:c3:74:a4:aa:a7:09:95:21:d1:e8:c5:99:
b0:d6:9a:07:f1:12:82:bb:48:b2:0c:8f:af:6f:77:
9f:4d:ab:c2:05:d6:61:c7:b3:52:4f:e6:5d:39:b8:
83:1b:8f:97:e5:62:7f:95:33:c2:fa:6f:a9:99:9a:
85:bc:fe:3c:40:bb:a0:fa:43:05:b7:16:66:9b:a1:
29:1d:b3:64:d9:4e:b7:39:5d:07:72:d3:6c:a1:70:
a8:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:B9:1A:B0:EC:4B:B1:D1:45:F7:8A:20:0E:CD:47:B1:D1:A2:68:F2
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/VLkasOxLsdFF94ogDs1HsdGiaPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.1.0/24
45.148.128.0/22
45.158.35.0/24
128.0.117.0/24
128.0.119.0/24
194.49.109.0/24
194.49.112.0/24
194.145.142.0/23
194.145.196.0/23
Signature Algorithm: sha256WithRSAEncryption
60:dc:62:1c:e6:59:b5:89:c0:ca:e9:ac:24:1c:09:cd:b2:67:
6b:5f:9d:c3:2f:d2:72:b7:eb:06:b4:13:27:0c:c5:62:51:47:
c4:80:58:1f:96:9e:b8:2c:f7:6e:54:96:55:97:7a:bf:64:02:
18:e6:b4:08:79:c0:db:16:11:c9:b7:37:96:71:25:4e:4f:88:
0e:6a:8c:fc:bc:0c:90:de:33:d9:db:9d:a7:2a:e2:df:3b:4f:
96:18:68:a9:51:49:a6:60:38:7f:ef:fb:a0:53:41:2d:02:85:
94:d8:49:94:b6:ea:fb:48:fd:1b:ab:9e:0b:13:d1:e6:c2:10:
03:65:2a:4b:66:e3:e8:9e:9f:e5:89:ba:00:98:af:66:78:66:
8e:d1:70:e5:cf:a8:5b:ba:85:00:ce:94:e0:0e:87:5a:c7:55:
ce:22:c3:52:2c:1f:a1:21:1a:4f:40:d8:83:cd:33:00:62:ff:
01:87:bc:06:8d:b5:2f:3c:f0:15:ed:0d:a6:ce:5a:47:35:f4:
43:db:d2:9e:5e:3b:06:74:eb:d7:6c:50:85:d2:b8:a1:0c:f7:
00:98:02:dc:9e:85:c7:9f:b0:31:33:be:7b:06:ea:a1:0e:68:
63:e5:f7:c8:23:e1:dc:46:15:72:93:08:9e:12:9c:e2:06:3b:
ed:1f:f3:e1
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEGbVm6DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDQx
MzIyNDM1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTRiOTFhYjBlYzRi
YjFkMTQ1Zjc4YTIwMGVjZDQ3YjFkMWEyNjhmMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK5TEsBzp94U3VxLU5Vdfya5CaYUoXy3uS2yrBldshBJnNKN
PerriYlA/FkMDgVq7QusVUKvjNNvx3nVjs6JvJ0Iaw/NNguX+p3ZsDnqkUf+hSsF
oiRkR9EC6IN/uzJQID6US6n7fYI666ujX7aotA3mHWA6CoovrXPBQUbZTrmqc75W
wYvtA4g3YF5kYJcVfoan8Juz+kw0XshKx2mJIW7EZvDYh3I/w3SkqqcJlSHR6MWZ
sNaaB/ESgrtIsgyPr293n02rwgXWYcezUk/mXTm4gxuPl+Vif5UzwvpvqZmahbz+
PEC7oPpDBbcWZpuhKR2zZNlOtzldB3LTbKFwqEECAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBRUuRqw7Eux0UX3iiAOzUex0aJo8jAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L1ZMa2FzT3hMc2RGRjk0b2dEczFIc2RHaWFQSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAC2GAQMEAi2UgAMEAC2eIwMEAIAA
dQMEAIAAdwMEAMIxbQMEAMIxcAMEAcKRjgMEAcKRxDANBgkqhkiG9w0BAQsFAAOC
AQEAYNxiHOZZtYnAyumsJBwJzbJna1+dwy/ScrfrBrQTJwzFYlFHxIBYH5aeuCz3
blSWVZd6v2QCGOa0CHnA2xYRybc3lnElTk+IDmqM/LwMkN4z2dudpyri3ztPlhho
qVFJpmA4f+/7oFNBLQKFlNhJlLbq+0j9G6ueCxPR5sIQA2UqS2bj6J6f5Ym6AJiv
ZnhmjtFw5c+oW7qFAM6U4A6HWsdVziLDUiwfoSEaT0DYg80zAGL/AYe8Bo21Lzzw
Fe0Nps5aRzX0Q9vSnl47BnTr12xQhdK4oQz3AJgC3J6Fx5+wMTO+ewbqoQ5oY+X3
yCPh3EYVcpMInhKc4gY77R/z4Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:18 2023 by rpki-client on console-fra.rpki-client.org