Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/c6bcba-a996-4bb5-ba4a-a46153145cf8/1/vp0fGyz4-ZLZS959g1TTIIwd_k0.roa
File: vp0fGyz4-ZLZS959g1TTIIwd_k0.roa (raw, json)
Hash identifier: 3e59gSGIODLavMS82nrcLWTbjGR2wVqvu3Wo5XJjsCM=
Subject key identifier: BE:9D:1F:1B:2C:F8:F9:92:D9:4B:DE:7D:83:54:D3:20:8C:1D:FE:4D
Certificate issuer: /CN=f2beed4df207c3609adfded80dddd9316f0a9b45
Certificate serial: 01840DF2F613E6500E6A05257F2F1FCAA327
Authority key identifier: F2:BE:ED:4D:F2:07:C3:60:9A:DF:DE:D8:0D:DD:D9:31:6F:0A:9B:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8r7tTfIHw2Ca397YDd3ZMW8Km0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/c6bcba-a996-4bb5-ba4a-a46153145cf8/1/vp0fGyz4-ZLZS959g1TTIIwd_k0.roa
Signing time: Tue 25 Oct 2022 07:02:17 +0000
ROA not before: Tue 25 Oct 2022 07:02:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41709
IP address blocks: 176.109.176.0/21 maxlen: 21
176.109.184.0/21 maxlen: 21
94.158.32.0/21 maxlen: 21
94.158.40.0/21 maxlen: 21
185.33.142.0/23 maxlen: 23
185.33.140.0/23 maxlen: 23
176.109.224.0/20 maxlen: 20
194.246.94.0/23 maxlen: 23
194.246.92.0/23 maxlen: 23
176.109.240.0/20 maxlen: 20
193.192.37.0/24 maxlen: 24
193.192.36.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0d:f2:f6:13:e6:50:0e:6a:05:25:7f:2f:1f:ca:a3:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2beed4df207c3609adfded80dddd9316f0a9b45
Validity
Not Before: Oct 25 07:02:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=be9d1f1b2cf8f992d94bde7d8354d3208c1dfe4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a9:48:8b:ed:39:5a:f6:99:4b:14:b2:84:b3:
71:c1:46:69:b0:dd:13:e5:bc:8c:d9:69:46:61:e6:
3c:e9:c3:fb:b2:53:ae:05:e3:07:c8:61:f5:b2:4e:
9c:73:59:42:b4:37:86:f4:b7:88:dd:c6:85:92:64:
c5:e1:1a:87:b5:4f:c5:ac:33:fd:a2:ec:cb:12:7f:
a7:45:75:c1:f2:dc:a8:bf:7c:24:0a:8a:25:a6:b8:
d0:bf:0e:1e:0e:31:30:0c:73:98:95:5e:27:80:a7:
ac:a5:e7:37:7d:7d:05:c9:85:37:f4:50:02:f6:8a:
a0:76:00:39:dd:94:35:f3:41:57:ec:ec:6c:b7:64:
13:db:72:ce:cb:0b:57:a1:cc:f0:8e:a1:fb:b8:32:
db:43:ff:94:5d:5a:41:7a:2f:02:cd:35:0c:cb:a3:
d2:59:8a:a1:a8:e5:e8:ba:47:c4:10:81:c7:ea:29:
c6:40:01:c8:a5:ff:80:0b:d3:83:6e:a4:cd:b9:b7:
bc:57:40:cf:c4:65:b6:4e:79:59:1a:90:4c:92:81:
02:36:fd:24:d9:82:95:86:7c:47:75:c2:68:5d:fa:
93:ad:61:a6:78:f1:e7:d8:8c:4d:a8:e9:b5:cb:46:
2c:5c:35:af:12:bf:1a:4b:41:1a:47:09:f9:cf:c2:
aa:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:9D:1F:1B:2C:F8:F9:92:D9:4B:DE:7D:83:54:D3:20:8C:1D:FE:4D
X509v3 Authority Key Identifier:
keyid:F2:BE:ED:4D:F2:07:C3:60:9A:DF:DE:D8:0D:DD:D9:31:6F:0A:9B:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8r7tTfIHw2Ca397YDd3ZMW8Km0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/c6bcba-a996-4bb5-ba4a-a46153145cf8/1/vp0fGyz4-ZLZS959g1TTIIwd_k0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/c6bcba-a996-4bb5-ba4a-a46153145cf8/1/8r7tTfIHw2Ca397YDd3ZMW8Km0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.158.32.0/20
176.109.176.0/20
176.109.224.0/19
185.33.140.0/22
193.192.36.0/23
194.246.92.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:c6:b2:40:70:b4:04:42:00:15:92:2d:68:ea:e2:b7:18:a8:
cc:7d:63:fa:fd:1f:9e:25:1a:fa:79:10:34:71:55:e9:cc:48:
03:27:32:0b:02:4a:87:79:59:8c:29:95:d3:92:ae:33:7a:13:
80:ab:98:b0:bc:72:ae:a3:cf:ef:6e:3c:ad:25:bf:9e:aa:25:
a7:df:c1:db:30:15:8c:79:0d:28:b7:2e:05:61:51:34:5f:2a:
e7:18:cc:0f:57:8f:34:b0:2b:ce:0d:4f:d4:4c:f0:30:d9:40:
22:5a:da:eb:f1:29:4b:87:9f:ce:de:74:f5:6f:07:e0:d4:cc:
85:9a:6b:7b:8a:ce:f0:65:96:c2:ca:92:35:aa:d4:e8:90:65:
51:ca:19:7f:e6:c9:1b:54:48:51:62:14:e3:c3:42:a8:80:50:
42:ba:15:32:c8:1d:21:4b:73:dc:f3:50:67:98:71:1f:73:84:
0e:f1:92:6f:ce:52:ad:ec:ca:08:29:90:de:a9:86:d5:88:e6:
b4:7b:41:4a:20:e7:54:e5:6c:6b:44:29:22:70:ee:0c:0f:5c:
3f:07:7f:de:18:cb:5c:e9:e1:08:86:ed:7f:49:16:77:98:dc:
45:48:77:b4:fa:9d:f8:29:30:5f:de:ef:86:73:66:5a:e4:f3:
48:79:8d:27
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYQN8vYT5lAOagUlfy8fyqMnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyYmVlZDRkZjIwN2MzNjA5YWRmZGVkODBkZGRkOTMxNmYw
YTliNDUwHhcNMjIxMDI1MDcwMjE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTlkMWYxYjJjZjhmOTkyZDk0YmRlN2Q4MzU0ZDMyMDhjMWRmZTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6lIi+05WvaZSxSyhLNxwUZpsN0T
5byM2WlGYeY86cP7slOuBeMHyGH1sk6cc1lCtDeG9LeI3caFkmTF4RqHtU/FrDP9
ouzLEn+nRXXB8tyov3wkCoolprjQvw4eDjEwDHOYlV4ngKespec3fX0FyYU39FAC
9oqgdgA53ZQ180FX7Oxst2QT23LOywtXoczwjqH7uDLbQ/+UXVpBei8CzTUMy6PS
WYqhqOXoukfEEIHH6inGQAHIpf+AC9ODbqTNube8V0DPxGW2TnlZGpBMkoECNv0k
2YKVhnxHdcJoXfqTrWGmePHn2IxNqOm1y0YsXDWvEr8aS0EaRwn5z8KqAQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFL6dHxss+PmS2UvefYNU0yCMHf5NMB8GA1UdIwQY
MBaAFPK+7U3yB8Ngmt/e2A3d2TFvCptFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHI3dFRmSUh3MkNhMzk3WURkM1pNVzhLbTBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jNmJjYmEtYTk5Ni00YmI1LWJhNGEt
YTQ2MTUzMTQ1Y2Y4LzEvdnAwZkd5ejQtWkxaUzk1OWcxVFRJSXdkX2swLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jNmJjYmEtYTk5Ni00YmI1LWJhNGEtYTQ2MTUzMTQ1Y2Y4
LzEvOHI3dFRmSUh3MkNhMzk3WURkM1pNVzhLbTBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQEXp4gAwQE
sG2wAwQFsG3gAwQCuSGMAwQBwcAkAwQCwvZcMA0GCSqGSIb3DQEBCwUAA4IBAQBs
xrJAcLQEQgAVki1o6uK3GKjMfWP6/R+eJRr6eRA0cVXpzEgDJzILAkqHeVmMKZXT
kq4zehOAq5iwvHKuo8/vbjytJb+eqiWn38HbMBWMeQ0oty4FYVE0XyrnGMwPV480
sCvODU/UTPAw2UAiWtrr8SlLh5/O3nT1bwfg1MyFmmt7is7wZZbCypI1qtTokGVR
yhl/5skbVEhRYhTjw0KogFBCuhUyyB0hS3Pc81BnmHEfc4QO8ZJvzlKt7MoIKZDe
qYbViOa0e0FKIOdU5WxrRCkicO4MD1w/B3/eGMtc6eEIhu1/SRZ3mNxFSHe0+p34
KTBf3u+Gc2Za5PNIeY0n
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:05 2024 by rpki-client on console-ams.rpki-client.org