Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/vmbkO3XpeNHJNpM9YWN6Ue3bVjQ.roa
File: vmbkO3XpeNHJNpM9YWN6Ue3bVjQ.roa (raw, json)
Hash identifier: GYBDexxfHGJNz9MtRr58eLtVObFKMard7OqawvbHk58=
Subject key identifier: BE:66:E4:3B:75:E9:78:D1:C9:36:93:3D:61:63:7A:51:ED:DB:56:34
Certificate issuer: /CN=aca77c708af0ba1f81549c9f87089559390167a5
Certificate serial: 36AA4EA7
Authority key identifier: AC:A7:7C:70:8A:F0:BA:1F:81:54:9C:9F:87:08:95:59:39:01:67:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKd8cIrwuh-BVJyfhwiVWTkBZ6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/vmbkO3XpeNHJNpM9YWN6Ue3bVjQ.roa
Signing time: Sat 01 Jan 2022 04:03:42 +0000
ROA not before: Sat 01 Jan 2022 04:03:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24989
IP address blocks: 217.79.208.0/20 maxlen: 24
89.202.0.0/17 maxlen: 24
88.84.136.0/21 maxlen: 24
217.68.144.0/20 maxlen: 24
193.110.116.0/22 maxlen: 24
2a02:20a8::/32 maxlen: 48
2001:4c68::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 917130919 (0x36aa4ea7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca77c708af0ba1f81549c9f87089559390167a5
Validity
Not Before: Jan 1 04:03:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=be66e43b75e978d1c936933d61637a51eddb5634
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:04:91:69:f3:ff:89:d8:d7:c5:53:19:82:7c:
7b:cf:fc:53:36:5f:1d:8b:37:16:13:e2:87:e9:3c:
93:0a:33:5d:e8:66:26:08:07:1f:58:fe:ea:45:a1:
86:d6:eb:74:e1:5a:2f:fb:63:64:92:18:66:bf:a2:
f4:bc:09:86:c4:b4:8b:6c:1d:e6:b0:45:f0:58:9a:
f9:5c:65:de:77:80:a9:95:9b:5d:18:f2:8f:6f:87:
56:3f:d8:24:2d:ee:1b:f3:23:16:7e:4c:ef:4f:5f:
14:a5:d9:a0:34:f6:1c:fa:2a:57:8a:17:2f:20:37:
42:0c:80:57:9d:6a:12:b6:3f:1e:23:83:e7:d4:06:
03:9d:27:c7:09:bd:24:0f:37:5a:83:2a:eb:2b:3f:
e3:75:92:f1:37:30:d2:09:8e:83:91:ec:9e:76:b8:
51:e3:79:49:bd:bc:55:c5:63:43:39:bc:c5:d4:e6:
34:60:b5:5f:26:7e:01:15:cc:e0:de:bc:d9:90:9b:
c9:36:44:64:28:a9:a0:df:7f:b6:34:05:5f:68:85:
05:68:5d:a3:ff:53:e5:99:54:f8:ad:77:fd:bf:30:
86:6f:ea:f8:98:f5:38:77:de:90:d8:e3:1a:9c:43:
ad:17:5f:94:99:d1:db:24:28:59:73:98:c5:b0:3c:
e3:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:66:E4:3B:75:E9:78:D1:C9:36:93:3D:61:63:7A:51:ED:DB:56:34
X509v3 Authority Key Identifier:
keyid:AC:A7:7C:70:8A:F0:BA:1F:81:54:9C:9F:87:08:95:59:39:01:67:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKd8cIrwuh-BVJyfhwiVWTkBZ6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/vmbkO3XpeNHJNpM9YWN6Ue3bVjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/rKd8cIrwuh-BVJyfhwiVWTkBZ6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.84.136.0/21
89.202.0.0/17
193.110.116.0/22
217.68.144.0/20
217.79.208.0/20
IPv6:
2001:4c68::/32
2a02:20a8::/32
Signature Algorithm: sha256WithRSAEncryption
12:88:bc:13:27:33:48:d5:d4:8a:4f:82:2a:78:29:22:3c:86:
ea:2a:ad:93:76:54:5c:9e:a5:49:cc:15:c6:67:29:7d:88:de:
bf:4e:16:ea:40:94:52:b6:ad:5a:d7:35:2e:4b:2b:3e:ef:f9:
c3:e3:d9:1b:c3:ca:62:7f:94:47:ea:e3:33:2e:41:79:1a:6f:
65:7e:32:01:e4:07:69:03:86:66:ac:1d:a2:21:85:2f:17:cd:
4f:36:61:c8:d3:e9:65:1d:c9:5a:b6:ce:ee:a9:91:f4:d0:28:
1e:f9:79:b7:92:68:82:20:b0:0f:25:db:3a:9b:04:b6:67:36:
3a:46:87:d3:b2:ee:3c:b6:db:26:3e:a9:6c:64:c6:3f:80:d3:
8d:eb:b0:05:40:93:a5:55:9c:9b:8b:55:eb:1c:00:0c:9b:51:
24:f7:a5:e7:e1:c8:a0:fc:92:68:37:e6:73:c4:12:b6:76:02:
47:de:9d:28:bc:ac:5d:7b:97:2f:87:ef:e5:86:2a:3b:0a:61:
36:68:76:9f:af:61:ae:c2:51:10:2c:bf:50:ed:3f:63:2b:14:
4f:9b:0e:a5:24:80:d1:f6:c7:25:95:d0:75:ff:be:22:b7:89:
4f:5c:9b:97:2e:c0:4d:15:63:18:c3:ca:9a:61:7e:0f:5e:bd:
21:c2:11:e5
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIENqpOpzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
Y2E3N2M3MDhhZjBiYTFmODE1NDljOWY4NzA4OTU1OTM5MDE2N2E1MB4XDTIyMDEw
MTA0MDM0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmU2NmU0M2I3NWU5
NzhkMWM5MzY5MzNkNjE2MzdhNTFlZGRiNTYzNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ4EkWnz/4nY18VTGYJ8e8/8UzZfHYs3FhPih+k8kwozXehm
JggHH1j+6kWhhtbrdOFaL/tjZJIYZr+i9LwJhsS0i2wd5rBF8Fia+Vxl3neAqZWb
XRjyj2+HVj/YJC3uG/MjFn5M709fFKXZoDT2HPoqV4oXLyA3QgyAV51qErY/HiOD
59QGA50nxwm9JA83WoMq6ys/43WS8Tcw0gmOg5Hsnna4UeN5Sb28VcVjQzm8xdTm
NGC1XyZ+ARXM4N682ZCbyTZEZCipoN9/tjQFX2iFBWhdo/9T5ZlU+K13/b8whm/q
+Jj1OHfekNjjGpxDrRdflJnR2yQoWXOYxbA848UCAwEAAaOCAjcwggIzMB0GA1Ud
DgQWBBS+ZuQ7del40ck2kz1hY3pR7dtWNDAfBgNVHSMEGDAWgBSsp3xwivC6H4FU
nJ+HCJVZOQFnpTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JLZDhjSXJ3dWgtQlZKeWZod2lWV1RrQlo2VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDUvOGZlN2Q4LTAxN2ItNDFhYS1hOTFmLTI4YjE5ZTNmZDRhNi8x
L3ZtYmtPM1hwZU5ISk5wTTlZV042VWUzYlZqUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDUv
OGZlN2Q4LTAxN2ItNDFhYS1hOTFmLTI4YjE5ZTNmZDRhNi8xL3JLZDhjSXJ3dWgt
QlZKeWZod2lWV1RrQlo2VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBN
BggrBgEFBQcBBwEB/wQ+MDwwJAQCAAEwHgMEA1hUiAMEB1nKAAMEAsFudAMEBNlE
kAMEBNlP0DAUBAIAAjAOAwUAIAFMaAMFACoCIKgwDQYJKoZIhvcNAQELBQADggEB
ABKIvBMnM0jV1IpPgip4KSI8huoqrZN2VFyepUnMFcZnKX2I3r9OFupAlFK2rVrX
NS5LKz7v+cPj2RvDymJ/lEfq4zMuQXkab2V+MgHkB2kDhmasHaIhhS8XzU82YcjT
6WUdyVq2zu6pkfTQKB75ebeSaIIgsA8l2zqbBLZnNjpGh9Oy7jy22yY+qWxkxj+A
043rsAVAk6VVnJuLVescAAybUST3pefhyKD8kmg35nPEErZ2AkfenSi8rF17ly+H
7+WGKjsKYTZodp+vYa7CURAsv1DtP2MrFE+bDqUkgNH2xyWV0HX/viK3iU9cm5cu
wE0VYxjDypphfg9evSHCEeU=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:28 2023 by rpki-client on console-ams.rpki-client.org