Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/VgslJhaOWPCMcugEg3sNDWtmE-Q.roa
File: VgslJhaOWPCMcugEg3sNDWtmE-Q.roa (raw, json)
Hash identifier: OT+Z/gWJEwn8bwir0VbhisgsSDspAPVo+a+ZUwqrm7A=
Subject key identifier: 56:0B:25:26:16:8E:58:F0:8C:72:E8:04:83:7B:0D:0D:6B:66:13:E4
Certificate issuer: /CN=dc86e3e928c7f0c9db69515ff3aa1f678cee43c0
Certificate serial: 05362875
Authority key identifier: DC:86:E3:E9:28:C7:F0:C9:DB:69:51:5F:F3:AA:1F:67:8C:EE:43:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/VgslJhaOWPCMcugEg3sNDWtmE-Q.roa
Signing time: Wed 27 Apr 2022 13:14:24 +0000
ROA not before: Wed 27 Apr 2022 13:14:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200350
IP address blocks: 84.201.128.0/18 maxlen: 24
89.169.128.0/18 maxlen: 24
217.28.224.0/20 maxlen: 24
62.84.112.0/20 maxlen: 24
130.193.32.0/19 maxlen: 24
185.206.164.0/22 maxlen: 24
45.133.96.0/22 maxlen: 24
185.216.194.0/23 maxlen: 24
193.32.216.0/22 maxlen: 24
158.160.0.0/16 maxlen: 24
46.21.244.0/22 maxlen: 24
178.154.192.0/18 maxlen: 24
84.252.128.0/20 maxlen: 24
51.250.0.0/17 maxlen: 24
217.198.168.0/21 maxlen: 24
2a0d:d6c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87435381 (0x5362875)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc86e3e928c7f0c9db69515ff3aa1f678cee43c0
Validity
Not Before: Apr 27 13:14:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=560b2526168e58f08c72e804837b0d0d6b6613e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:6d:14:ec:9c:32:cb:e0:31:67:5a:40:a1:65:
ac:32:7e:7a:88:8f:4f:cc:29:c6:2b:d8:53:c8:cf:
d9:20:7a:be:2f:5b:20:fc:cf:4c:22:f8:5e:11:42:
c3:e7:47:01:e4:07:86:b3:4b:a8:bc:19:d6:f9:2c:
64:c5:78:55:df:1f:36:db:a2:e3:ac:76:18:3d:a8:
4c:2f:7c:7f:12:4f:70:7d:b4:f9:8d:a0:a8:0a:46:
94:0b:94:d0:39:34:ff:d1:8f:f2:d5:cd:c4:8a:76:
25:de:f2:c6:bd:eb:0f:c7:5b:2c:62:03:3a:30:d1:
21:ed:b3:88:bc:34:35:6b:a5:0a:be:61:8d:73:5b:
55:48:7c:84:55:3c:19:7c:b6:25:99:26:a9:0b:99:
9a:55:b4:db:0d:8b:2b:39:13:86:74:2c:dd:ea:ff:
76:23:44:cf:0a:01:ef:f2:d0:93:9c:07:f4:29:88:
88:f0:fd:db:55:f9:41:23:e8:5a:b0:ea:db:9b:4b:
56:0a:36:5a:cc:07:f2:a3:a6:2e:04:c9:c4:42:a2:
7a:f9:41:01:f9:a6:cc:26:63:42:ca:0d:ac:50:c4:
76:c0:8b:37:a4:24:ad:03:b0:28:6d:43:6d:3a:06:
e0:c5:59:d5:c3:c2:01:90:68:d3:ca:f3:fc:73:79:
0c:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:0B:25:26:16:8E:58:F0:8C:72:E8:04:83:7B:0D:0D:6B:66:13:E4
X509v3 Authority Key Identifier:
keyid:DC:86:E3:E9:28:C7:F0:C9:DB:69:51:5F:F3:AA:1F:67:8C:EE:43:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/VgslJhaOWPCMcugEg3sNDWtmE-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.96.0/22
46.21.244.0/22
51.250.0.0/17
62.84.112.0/20
84.201.128.0/18
84.252.128.0/20
89.169.128.0/18
130.193.32.0/19
158.160.0.0/16
178.154.192.0/18
185.206.164.0/22
185.216.194.0/23
193.32.216.0/22
217.28.224.0/20
217.198.168.0/21
IPv6:
2a0d:d6c0::/29
Signature Algorithm: sha256WithRSAEncryption
a1:f1:44:08:80:03:0f:21:6c:a6:5f:d1:ae:ff:7d:05:16:4f:
02:05:54:62:c0:6c:a9:0d:59:8c:ed:b8:25:36:3b:b5:1c:22:
17:c7:da:eb:a7:60:94:fc:38:b8:a4:3d:20:73:26:76:cf:6d:
d1:34:10:6b:a8:3a:40:94:42:c4:4f:5d:a2:3d:45:99:f5:32:
e0:11:3b:d6:f8:2f:73:1f:86:22:fe:00:26:71:e6:5d:25:95:
95:43:90:18:29:fd:fc:cc:ec:dd:8c:86:aa:c8:c3:4a:ff:46:
d0:79:b5:05:b5:be:55:d3:37:e6:04:4f:cc:2b:cb:e0:a2:7b:
96:bf:fa:95:1d:e7:2d:7f:3c:7d:3b:1e:c7:bb:06:ae:98:74:
9b:90:9d:5a:7c:09:0b:f2:bf:e8:73:4a:27:9d:2f:7d:ce:ab:
3b:7a:d9:11:7f:d3:76:45:62:b0:3e:a2:37:7b:a5:cf:f2:64:
e9:02:d6:4a:c4:ba:64:01:a9:dc:e1:a3:54:fe:9a:33:28:60:
74:73:af:50:c2:6d:5a:f2:b3:9f:29:28:fc:80:d7:be:7e:5a:
b3:75:a6:6b:e5:8b:6e:93:8e:cb:0f:d6:5a:a7:37:ff:6c:77:
43:af:9e:14:9e:dd:2b:5c:1c:e0:17:62:1f:ad:6e:26:9f:2c:
77:23:1a:b0
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgIEBTYodTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
Yzg2ZTNlOTI4YzdmMGM5ZGI2OTUxNWZmM2FhMWY2NzhjZWU0M2MwMB4XDTIyMDQy
NzEzMTQyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTYwYjI1MjYxNjhl
NThmMDhjNzJlODA0ODM3YjBkMGQ2YjY2MTNlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMFtFOycMsvgMWdaQKFlrDJ+eoiPT8wpxivYU8jP2SB6vi9b
IPzPTCL4XhFCw+dHAeQHhrNLqLwZ1vksZMV4Vd8fNtui46x2GD2oTC98fxJPcH20
+Y2gqApGlAuU0Dk0/9GP8tXNxIp2Jd7yxr3rD8dbLGIDOjDRIe2ziLw0NWulCr5h
jXNbVUh8hFU8GXy2JZkmqQuZmlW02w2LKzkThnQs3er/diNEzwoB7/LQk5wH9CmI
iPD921X5QSPoWrDq25tLVgo2WswH8qOmLgTJxEKievlBAfmmzCZjQsoNrFDEdsCL
N6QkrQOwKG1DbToG4MVZ1cPCAZBo08rz/HN5DMUCAwEAAaOCAmwwggJoMB0GA1Ud
DgQWBBRWCyUmFo5Y8Ixy6ASDew0Na2YT5DAfBgNVHSMEGDAWgBTchuPpKMfwydtp
UV/zqh9njO5DwDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNJYmo2U2pIOE1uYmFWRmY4Nm9mWjR6dVE4QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTgvNDcxYWE1LWMzZjctNGFmZC1iMTIyLTljOGU1OWMyNzcxYy8x
L1Znc2xKaGFPV1BDTWN1Z0VnM3NORFd0bUUtUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTgv
NDcxYWE1LWMzZjctNGFmZC1iMTIyLTljOGU1OWMyNzcxYy8xLzNJYmo2U2pIOE1u
YmFWRmY4Nm9mWjR6dVE4QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
gQYIKwYBBQUHAQcBAf8EcjBwMF8EAgABMFkDBAIthWADBAIuFfQDBAcz+gADBAQ+
VHADBAZUyYADBARU/IADBAZZqYADBAWCwSADAwCeoAMEBrKawAMEArnOpAMEAbnY
wgMEAsEg2AMEBNkc4AMEA9nGqDANBAIAAjAHAwUDKg3WwDANBgkqhkiG9w0BAQsF
AAOCAQEAofFECIADDyFspl/Rrv99BRZPAgVUYsBsqQ1ZjO24JTY7tRwiF8fa66dg
lPw4uKQ9IHMmds9t0TQQa6g6QJRCxE9doj1FmfUy4BE71vgvcx+GIv4AJnHmXSWV
lUOQGCn9/Mzs3YyGqsjDSv9G0Hm1BbW+VdM35gRPzCvL4KJ7lr/6lR3nLX88fTse
x7sGrph0m5CdWnwJC/K/6HNKJ50vfc6rO3rZEX/TdkVisD6iN3ulz/Jk6QLWSsS6
ZAGp3OGjVP6aMyhgdHOvUMJtWvKznyko/IDXvn5as3Wma+WLbpOOyw/WWqc3/2x3
Q6+eFJ7dK1wc4BdiH61uJp8sdyMasA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:36 2023 by rpki-client on console-ams.rpki-client.org