Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/ed7c8a-3952-4401-9dd4-44692dbccb32/1/VbL3O97nHeQHfnVaGPMzaFCGZCk.roa
File: VbL3O97nHeQHfnVaGPMzaFCGZCk.roa (raw, json)
Hash identifier: DDxB+vnAO15X4/ceZZd8SXBmYsA6zx076ANYxwH8aeU=
Subject key identifier: 55:B2:F7:3B:DE:E7:1D:E4:07:7E:75:5A:18:F3:33:68:50:86:64:29
Certificate issuer: /CN=9a4d76dd2f46068b0871ad4500ac6e577afe469c
Certificate serial: 01851CC7331F2E6C0E0182E279C11C00AB05
Authority key identifier: 9A:4D:76:DD:2F:46:06:8B:08:71:AD:45:00:AC:6E:57:7A:FE:46:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mk123S9GBosIca1FAKxuV3r-Rpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/ed7c8a-3952-4401-9dd4-44692dbccb32/1/VbL3O97nHeQHfnVaGPMzaFCGZCk.roa
Signing time: Fri 16 Dec 2022 21:11:34 +0000
ROA not before: Fri 16 Dec 2022 21:11:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50309
IP address blocks: 185.221.184.0/22 maxlen: 32
46.182.192.0/21 maxlen: 32
185.160.128.0/22 maxlen: 32
94.142.132.0/23 maxlen: 32
2a0c:1000::/29 maxlen: 32
2a0b:5e00::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1c:c7:33:1f:2e:6c:0e:01:82:e2:79:c1:1c:00:ab:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a4d76dd2f46068b0871ad4500ac6e577afe469c
Validity
Not Before: Dec 16 21:11:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=55b2f73bdee71de4077e755a18f3336850866429
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:89:12:46:33:2d:89:ff:57:9c:dd:f4:3a:de:
4b:ed:2c:f8:36:60:f2:ef:52:77:c7:20:2c:a0:2c:
e0:03:c6:0b:be:c4:13:71:68:2b:38:5d:bc:db:5b:
fb:26:9b:fa:2a:ef:c1:a9:0a:cd:22:d1:8b:b7:fc:
b2:c6:c4:6c:26:5e:3f:78:7a:b9:b4:f8:1e:6a:0a:
94:72:06:c7:74:1f:35:d5:aa:63:7d:f9:b8:90:fc:
3d:2d:74:12:3d:6f:5c:9b:32:ea:c2:7e:12:7f:c1:
4b:01:fe:31:71:ef:a8:84:e2:1f:80:d7:fe:a8:58:
a8:6b:ab:26:20:07:16:98:aa:b0:ec:96:92:07:f1:
ca:34:65:33:86:df:a3:0e:35:65:d7:2c:1a:2c:ad:
1d:c3:f5:34:01:c4:90:8e:3e:82:a0:92:9a:46:21:
63:3c:7b:37:4f:59:45:28:cc:a8:bf:c3:fa:7e:a1:
da:94:50:5b:f7:4d:51:0c:99:a3:4e:48:4e:2f:36:
8a:03:1e:4c:0e:a0:f9:90:b2:c4:5e:4f:14:00:72:
96:5d:e8:c3:e0:a3:1f:0c:7e:b0:ef:f9:3e:4c:ec:
a8:17:04:c3:3b:3e:72:c3:f4:77:19:39:d5:ec:92:
f3:fb:90:89:98:17:57:3c:31:a1:84:50:ee:68:8c:
dc:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:B2:F7:3B:DE:E7:1D:E4:07:7E:75:5A:18:F3:33:68:50:86:64:29
X509v3 Authority Key Identifier:
keyid:9A:4D:76:DD:2F:46:06:8B:08:71:AD:45:00:AC:6E:57:7A:FE:46:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mk123S9GBosIca1FAKxuV3r-Rpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/ed7c8a-3952-4401-9dd4-44692dbccb32/1/VbL3O97nHeQHfnVaGPMzaFCGZCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/ed7c8a-3952-4401-9dd4-44692dbccb32/1/mk123S9GBosIca1FAKxuV3r-Rpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.182.192.0/21
94.142.132.0/23
185.160.128.0/22
185.221.184.0/22
IPv6:
2a0b:5e00::/29
2a0c:1000::/29
Signature Algorithm: sha256WithRSAEncryption
23:fb:98:c9:cf:70:b6:2e:be:2b:4d:b9:d4:5e:10:fa:4c:e8:
f2:64:f2:d4:23:70:22:f6:c8:b2:5f:4d:a2:7a:ad:d6:85:df:
9c:c5:66:f7:fc:23:81:a7:7a:d4:a3:7f:8e:08:73:11:7b:26:
9c:e2:08:9b:2f:c9:ed:a4:a6:0c:dc:5b:b5:df:ab:c5:2a:1b:
73:a0:11:51:b0:47:3e:b9:1e:0a:84:a0:83:0a:5c:9c:40:cb:
7f:67:68:7e:9a:ea:d8:5d:01:6e:02:47:dc:4e:df:a9:5e:bc:
b8:5f:c4:29:55:82:60:ce:ee:09:42:1f:9e:ed:de:22:13:df:
c9:39:03:fd:f8:71:7d:49:73:f7:e8:6c:f0:83:06:52:3b:57:
0b:7e:4f:d7:bc:7e:70:cf:5e:ef:65:eb:b1:54:35:2e:02:1f:
3a:ad:51:d7:1f:45:27:52:78:fb:c3:6e:5e:3a:c2:f7:92:5d:
4c:84:ef:80:17:fe:ef:9f:5b:55:68:b3:78:c6:e7:d6:91:df:
bf:0a:79:c4:45:25:d8:6b:ea:8f:65:a6:7b:81:03:52:68:36:
f6:55:19:1c:e8:b6:c6:3f:f7:9b:db:b6:be:e0:6c:28:e6:a3:
94:3f:6c:b2:48:a6:a0:69:2c:70:bf:57:80:5f:4d:da:d7:46:
8c:d0:b2:13
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYUcxzMfLmwOAYLiecEcAKsFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNGQ3NmRkMmY0NjA2OGIwODcxYWQ0NTAwYWM2ZTU3N2Fm
ZTQ2OWMwHhcNMjIxMjE2MjExMTM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWIyZjczYmRlZTcxZGU0MDc3ZTc1NWExOGYzMzM2ODUwODY2NDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4kSRjMtif9XnN30Ot5L7Sz4NmDy
71J3xyAsoCzgA8YLvsQTcWgrOF2821v7Jpv6Ku/BqQrNItGLt/yyxsRsJl4/eHq5
tPgeagqUcgbHdB811apjffm4kPw9LXQSPW9cmzLqwn4Sf8FLAf4xce+ohOIfgNf+
qFioa6smIAcWmKqw7JaSB/HKNGUzht+jDjVl1ywaLK0dw/U0AcSQjj6CoJKaRiFj
PHs3T1lFKMyov8P6fqHalFBb901RDJmjTkhOLzaKAx5MDqD5kLLEXk8UAHKWXejD
4KMfDH6w7/k+TOyoFwTDOz5yw/R3GTnV7JLz+5CJmBdXPDGhhFDuaIzc6wIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFFWy9zve5x3kB351WhjzM2hQhmQpMB8GA1UdIwQY
MBaAFJpNdt0vRgaLCHGtRQCsbld6/kacMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWsxMjNTOUdCb3NJY2ExRkFLeHVWM3ItUnB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9lZDdjOGEtMzk1Mi00NDAxLTlkZDQt
NDQ2OTJkYmNjYjMyLzEvVmJMM085N25IZVFIZm5WYUdQTXphRkNHWkNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9lZDdjOGEtMzk1Mi00NDAxLTlkZDQtNDQ2OTJkYmNjYjMy
LzEvbWsxMjNTOUdCb3NJY2ExRkFLeHVWM3ItUnB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQDLrbAAwQB
Xo6EAwQCuaCAAwQCud24MBQEAgACMA4DBQMqC14AAwUDKgwQADANBgkqhkiG9w0B
AQsFAAOCAQEAI/uYyc9wti6+K0251F4Q+kzo8mTy1CNwIvbIsl9Nonqt1oXfnMVm
9/wjgad61KN/jghzEXsmnOIImy/J7aSmDNxbtd+rxSobc6ARUbBHPrkeCoSggwpc
nEDLf2dofprq2F0BbgJH3E7fqV68uF/EKVWCYM7uCUIfnu3eIhPfyTkD/fhxfUlz
9+hs8IMGUjtXC35P17x+cM9e72XrsVQ1LgIfOq1R1x9FJ1J4+8NuXjrC95JdTITv
gBf+759bVWizeMbn1pHfvwp5xEUl2Gvqj2Wme4EDUmg29lUZHOi2xj/3m9u2vuBs
KOajlD9sskimoGkscL9XgF9N2tdGjNCyEw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:23 2024 by rpki-client on console-fra.rpki-client.org