Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/VOW1pSpOlKr_c8isLB9rWjTWd_E.roa
File: VOW1pSpOlKr_c8isLB9rWjTWd_E.roa (raw, json)
Hash identifier: aEh1AsYMR4ONnSOOBw5meGaNR18AKQGozt7FA3Ti2V4=
Subject key identifier: 54:E5:B5:A5:2A:4E:94:AA:FF:73:C8:AC:2C:1F:6B:5A:34:D6:77:F1
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 17C8C1DC
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/VOW1pSpOlKr_c8isLB9rWjTWd_E.roa
Signing time: Sat 01 Jan 2022 04:54:26 +0000
ROA not before: Sat 01 Jan 2022 04:54:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 64021
IP address blocks: 45.158.35.0/24 maxlen: 24
194.145.143.0/24 maxlen: 24
45.148.128.0/22 maxlen: 22
194.145.142.0/24 maxlen: 24
128.0.117.0/24 maxlen: 24
128.0.119.0/24 maxlen: 24
194.145.196.0/24 maxlen: 24
194.145.197.0/24 maxlen: 24
45.134.1.0/24 maxlen: 32
45.131.25.0/24 maxlen: 32
194.49.109.0/24 maxlen: 24
194.49.112.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 399032796 (0x17c8c1dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 04:54:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=54e5b5a52a4e94aaff73c8ac2c1f6b5a34d677f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:da:c2:5d:0b:91:81:41:2a:86:a7:4a:50:5b:
e5:78:f6:19:1b:0c:0f:44:1c:26:48:6b:70:57:f2:
db:b4:9d:b0:89:c2:36:d3:5d:4f:9e:ea:3d:07:ad:
57:98:90:b2:b3:d4:ee:27:2b:d6:ff:44:d0:f4:35:
89:4e:20:89:c0:a4:7d:d0:67:b0:eb:06:bd:83:57:
cf:68:4f:37:4e:7e:59:15:31:05:f4:e6:0b:54:3f:
0d:af:87:46:c0:7f:e3:ee:b0:96:a9:ea:fb:a5:3d:
fa:68:34:cb:61:18:20:bf:6a:c9:66:98:90:d7:81:
cc:f9:88:95:c4:b0:d2:06:64:7a:17:38:c2:ff:89:
c2:71:23:b8:82:aa:ca:71:5e:0f:de:8b:09:8d:b9:
f0:a3:52:1d:2d:63:50:ec:1c:e6:2f:5e:36:6b:7c:
b9:48:af:10:bf:08:56:b6:a6:9e:5a:33:da:27:df:
b0:bb:b6:e2:bf:da:57:08:a1:01:6d:90:35:4d:ac:
17:80:8f:94:70:e3:f9:e6:1e:ad:72:c4:fa:70:eb:
f1:ae:f9:23:40:85:61:70:24:b1:4e:be:8d:d5:0b:
49:23:5a:0e:17:00:0b:6f:5d:bf:da:fb:dc:0a:c7:
3b:85:70:64:f1:d8:4e:f0:57:40:fd:10:13:36:48:
4d:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:E5:B5:A5:2A:4E:94:AA:FF:73:C8:AC:2C:1F:6B:5A:34:D6:77:F1
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/VOW1pSpOlKr_c8isLB9rWjTWd_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.25.0/24
45.134.1.0/24
45.148.128.0/22
45.158.35.0/24
128.0.117.0/24
128.0.119.0/24
194.49.109.0/24
194.49.112.0/24
194.145.142.0/23
194.145.196.0/23
Signature Algorithm: sha256WithRSAEncryption
bc:1b:67:47:81:19:29:82:ef:78:07:07:e9:6c:a1:bc:97:de:
4e:56:0e:b5:e6:1a:65:ed:72:df:51:1b:74:df:87:13:ea:db:
a3:51:85:90:ba:bb:ef:32:81:dd:7b:8c:cc:04:6e:4e:26:5a:
8c:ef:40:49:11:1b:22:dc:f5:3a:23:87:ea:19:f0:be:c6:bc:
b2:50:3c:3c:94:cf:e1:a5:b3:50:44:9c:c4:1a:82:8c:9d:25:
1b:9c:93:ad:3b:87:f1:bb:98:2b:31:55:da:bd:cb:64:78:38:
4a:bc:2e:bd:e0:9c:f4:08:35:d8:d8:c0:19:d5:31:a4:43:bb:
81:23:a8:ac:68:79:7f:1c:de:73:f0:b1:e9:4c:d0:5d:5c:39:
29:18:d1:9c:aa:40:92:49:b1:2b:cb:84:cc:1c:12:4e:8d:bc:
cd:09:8e:ab:91:22:41:ae:2f:80:1d:70:54:ba:bb:5b:55:db:
0f:3a:07:ce:3b:4c:82:28:d6:4f:55:3e:40:7c:10:bd:56:17:
f9:d8:c8:5b:a8:f1:d4:01:ee:36:32:2e:26:90:c1:33:af:94:
4b:08:bd:45:22:8c:2f:df:42:30:d8:12:1b:0e:20:52:ed:69:
7c:57:84:4b:f2:e6:06:90:18:fb:57:d4:6f:8d:44:93:5d:6e:
32:0c:ad:f7
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgIEF8jB3DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDEw
MTA0NTQyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTRlNWI1YTUyYTRl
OTRhYWZmNzNjOGFjMmMxZjZiNWEzNGQ2NzdmMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN7awl0LkYFBKoanSlBb5Xj2GRsMD0QcJkhrcFfy27SdsInC
NtNdT57qPQetV5iQsrPU7icr1v9E0PQ1iU4gicCkfdBnsOsGvYNXz2hPN05+WRUx
BfTmC1Q/Da+HRsB/4+6wlqnq+6U9+mg0y2EYIL9qyWaYkNeBzPmIlcSw0gZkehc4
wv+JwnEjuIKqynFeD96LCY258KNSHS1jUOwc5i9eNmt8uUivEL8IVramnloz2iff
sLu24r/aVwihAW2QNU2sF4CPlHDj+eYerXLE+nDr8a75I0CFYXAksU6+jdULSSNa
DhcAC29dv9r73ArHO4VwZPHYTvBXQP0QEzZITS8CAwEAAaOCAj8wggI7MB0GA1Ud
DgQWBBRU5bWlKk6Uqv9zyKwsH2taNNZ38TAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L1ZPVzFwU3BPbEtyX2M4aXNMQjlyV2pUV2RfRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBV
BggrBgEFBQcBBwEB/wRGMEQwQgQCAAEwPAMEAC2DGQMEAC2GAQMEAi2UgAMEAC2e
IwMEAIAAdQMEAIAAdwMEAMIxbQMEAMIxcAMEAcKRjgMEAcKRxDANBgkqhkiG9w0B
AQsFAAOCAQEAvBtnR4EZKYLveAcH6WyhvJfeTlYOteYaZe1y31EbdN+HE+rbo1GF
kLq77zKB3XuMzARuTiZajO9ASREbItz1OiOH6hnwvsa8slA8PJTP4aWzUEScxBqC
jJ0lG5yTrTuH8buYKzFV2r3LZHg4SrwuveCc9Ag12NjAGdUxpEO7gSOorGh5fxze
c/Cx6UzQXVw5KRjRnKpAkkmxK8uEzBwSTo28zQmOq5EiQa4vgB1wVLq7W1XbDzoH
zjtMgijWT1U+QHwQvVYX+djIW6jx1AHuNjIuJpDBM6+USwi9RSKML99CMNgSGw4g
Uu1pfFeES/LmBpAY+1fUb41Ek11uMgyt9w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:09 2023 by rpki-client on console-ams.rpki-client.org