Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/faa95f-3b32-41fe-abe3-c27c4a610bd3/1/VugHED211GdGIZwWZMDjk2mB3YE.roa
File: VugHED211GdGIZwWZMDjk2mB3YE.roa (raw, json)
Hash identifier: n1DY3SawbR9Doohbg/H7CM/KHpC8Ly31mlUHDdOfcAE=
Subject key identifier: 56:E8:07:10:3D:B5:D4:67:46:21:9C:16:64:C0:E3:93:69:81:DD:81
Certificate issuer: /CN=f01c8997a354bc7d4e5a60a9f42438a182fa998a
Certificate serial: 0B0EE772
Authority key identifier: F0:1C:89:97:A3:54:BC:7D:4E:5A:60:A9:F4:24:38:A1:82:FA:99:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8ByJl6NUvH1OWmCp9CQ4oYL6mYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/faa95f-3b32-41fe-abe3-c27c4a610bd3/1/VugHED211GdGIZwWZMDjk2mB3YE.roa
Signing time: Sat 01 Jan 2022 11:56:59 +0000
ROA not before: Sat 01 Jan 2022 11:56:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43957
IP address blocks: 79.170.208.0/21 maxlen: 21
185.52.20.0/22 maxlen: 22
46.245.200.0/21 maxlen: 21
185.31.28.0/22 maxlen: 22
185.93.214.0/23 maxlen: 23
92.63.144.0/20 maxlen: 20
94.102.96.0/20 maxlen: 20
92.61.48.0/21 maxlen: 21
92.61.56.0/22 maxlen: 22
2a02:4140:4::/48 maxlen: 48
2a02:4140::/32 maxlen: 32
2a00:b220::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 185526130 (0xb0ee772)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f01c8997a354bc7d4e5a60a9f42438a182fa998a
Validity
Not Before: Jan 1 11:56:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=56e807103db5d46746219c1664c0e3936981dd81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d5:6a:a3:92:d2:98:a5:34:bb:00:f5:12:a6:
6c:3f:e3:cc:f6:0f:47:7c:c9:d0:02:75:08:64:e6:
24:63:c8:09:e9:6b:90:b7:e7:dd:50:0f:9a:30:c8:
af:e8:03:6f:5a:56:34:de:1d:03:d3:0f:2b:3b:ce:
b7:e0:8b:c2:b4:d2:86:27:64:47:b1:8a:cf:01:13:
aa:f1:cf:b9:bf:3f:fb:33:fd:af:ea:a1:75:c6:6e:
9b:d1:90:cb:73:16:38:ed:87:88:22:78:07:a5:5b:
46:4c:29:96:94:ea:45:04:39:be:20:26:40:9a:8b:
ff:4e:7e:63:df:22:94:0a:c7:1b:d2:79:de:aa:59:
4c:d1:12:70:e6:01:19:dd:29:bd:af:3f:06:c1:98:
27:8c:d6:91:88:fb:45:89:7c:3e:57:77:03:90:83:
54:93:62:94:96:09:bb:f7:63:18:9b:37:81:a6:88:
ea:2b:2a:28:02:7f:44:6c:81:63:2b:93:2f:9c:c7:
15:6c:1b:a4:17:55:cb:44:4c:d4:0c:f3:55:9b:58:
e2:e0:78:d8:5b:4d:fa:0e:7f:e0:af:6f:e8:ca:3f:
d3:fa:01:3b:cc:2e:8b:88:d6:35:39:5b:d8:c5:4d:
3f:4a:1d:64:d1:71:98:2e:20:2a:a0:ee:09:c4:5e:
46:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:E8:07:10:3D:B5:D4:67:46:21:9C:16:64:C0:E3:93:69:81:DD:81
X509v3 Authority Key Identifier:
keyid:F0:1C:89:97:A3:54:BC:7D:4E:5A:60:A9:F4:24:38:A1:82:FA:99:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8ByJl6NUvH1OWmCp9CQ4oYL6mYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/faa95f-3b32-41fe-abe3-c27c4a610bd3/1/VugHED211GdGIZwWZMDjk2mB3YE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/faa95f-3b32-41fe-abe3-c27c4a610bd3/1/8ByJl6NUvH1OWmCp9CQ4oYL6mYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.245.200.0/21
79.170.208.0/21
92.61.48.0-92.61.59.255
92.63.144.0/20
94.102.96.0/20
185.31.28.0/22
185.52.20.0/22
185.93.214.0/23
IPv6:
2a00:b220::/32
2a02:4140::/32
Signature Algorithm: sha256WithRSAEncryption
71:bf:09:61:4f:bf:60:ea:26:a3:22:2d:bb:28:ed:b2:96:a9:
cd:62:53:89:b9:74:24:6d:67:f3:f4:af:ba:b2:39:20:57:5b:
3f:53:2b:43:fa:97:de:45:42:03:dc:85:0e:9d:03:4b:7e:34:
37:61:96:a9:81:46:55:96:51:47:c7:ec:ea:08:bc:02:3b:5c:
94:6f:85:69:6c:a1:17:b1:64:34:53:03:6c:70:a4:eb:d9:fd:
03:86:56:9b:40:c1:34:e1:4e:b5:ea:58:b6:02:bb:ad:5e:49:
5d:69:c9:c8:89:3d:63:75:58:48:a7:45:c8:e7:3d:4c:2d:a4:
d4:8a:70:76:7f:5d:c9:11:e3:d3:df:3f:c5:46:09:52:64:90:
15:6f:a6:0d:20:94:c4:49:cb:8c:90:26:a7:15:1b:18:0f:13:
11:f6:cd:1d:1f:03:69:f5:d0:9e:13:53:95:57:b8:1c:1a:e2:
3c:fe:68:1d:ae:a2:53:3b:5b:d1:af:2f:75:d3:21:e9:8d:da:
01:55:57:a6:1d:78:1a:a0:b3:e4:af:ac:8d:25:55:00:4d:72:
e5:5f:86:7a:7e:37:1b:93:37:c3:5e:b4:3e:3b:3d:63:ab:08:
a4:c4:1b:59:1f:eb:28:6a:2e:46:39:71:0a:60:ca:81:00:45:
2f:7d:17:c9
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIECw7ncjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MDFjODk5N2EzNTRiYzdkNGU1YTYwYTlmNDI0MzhhMTgyZmE5OThhMB4XDTIyMDEw
MTExNTY1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTZlODA3MTAzZGI1
ZDQ2NzQ2MjE5YzE2NjRjMGUzOTM2OTgxZGQ4MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANHVaqOS0pilNLsA9RKmbD/jzPYPR3zJ0AJ1CGTmJGPICelr
kLfn3VAPmjDIr+gDb1pWNN4dA9MPKzvOt+CLwrTShidkR7GKzwETqvHPub8/+zP9
r+qhdcZum9GQy3MWOO2HiCJ4B6VbRkwplpTqRQQ5viAmQJqL/05+Y98ilArHG9J5
3qpZTNEScOYBGd0pva8/BsGYJ4zWkYj7RYl8Pld3A5CDVJNilJYJu/djGJs3gaaI
6isqKAJ/RGyBYyuTL5zHFWwbpBdVy0RM1AzzVZtY4uB42FtN+g5/4K9v6Mo/0/oB
O8wui4jWNTlb2MVNP0odZNFxmC4gKqDuCcReRh0CAwEAAaOCAlEwggJNMB0GA1Ud
DgQWBBRW6AcQPbXUZ0YhnBZkwOOTaYHdgTAfBgNVHSMEGDAWgBTwHImXo1S8fU5a
YKn0JDihgvqZijAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhCeUpsNk5VdkgxT1dtQ3A5Q1E0b1lMNm1Zby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDYvZmFhOTVmLTNiMzItNDFmZS1hYmUzLWMyN2M0YTYxMGJkMy8x
L1Z1Z0hFRDIxMUdkR0lad1daTURqazJtQjNZRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDYv
ZmFhOTVmLTNiMzItNDFmZS1hYmUzLWMyN2M0YTYxMGJkMy8xLzhCeUpsNk5Vdkgx
T1dtQ3A5Q1E0b1lMNm1Zby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBn
BggrBgEFBQcBBwEB/wRYMFYwPgQCAAEwOAMEAy71yAMEA0+q0DAMAwQEXD0wAwQC
XD04AwQEXD+QAwQEXmZgAwQCuR8cAwQCuTQUAwQBuV3WMBQEAgACMA4DBQAqALIg
AwUAKgJBQDANBgkqhkiG9w0BAQsFAAOCAQEAcb8JYU+/YOomoyItuyjtspapzWJT
ibl0JG1n8/SvurI5IFdbP1MrQ/qX3kVCA9yFDp0DS340N2GWqYFGVZZRR8fs6gi8
AjtclG+FaWyhF7FkNFMDbHCk69n9A4ZWm0DBNOFOtepYtgK7rV5JXWnJyIk9Y3VY
SKdFyOc9TC2k1Ipwdn9dyRHj098/xUYJUmSQFW+mDSCUxEnLjJAmpxUbGA8TEfbN
HR8DafXQnhNTlVe4HBriPP5oHa6iUztb0a8vddMh6Y3aAVVXph14GqCz5K+sjSVV
AE1y5V+Gen43G5M3w160Pjs9Y6sIpMQbWR/rKGouRjlxCmDKgQBFL30XyQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:40 2023 by rpki-client on console-fra.rpki-client.org