Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/vyj3vzrX_XSqy0ejcsBlnnUWKeg.roa
File: vyj3vzrX_XSqy0ejcsBlnnUWKeg.roa (raw, json)
Hash identifier: 2SRRsbmZ5TBQjUFqG0GFdvTqXkCWEsammBN+H/eG0vQ=
Subject key identifier: BF:28:F7:BF:3A:D7:FD:74:AA:CB:47:A3:72:C0:65:9E:75:16:29:E8
Certificate issuer: /CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Certificate serial: 010DA8F2
Authority key identifier: 87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/vyj3vzrX_XSqy0ejcsBlnnUWKeg.roa
Signing time: Fri 07 Jan 2022 10:08:20 +0000
ROA not before: Fri 07 Jan 2022 10:08:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3214
IP address blocks: 85.237.72.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17672434 (0x10da8f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Validity
Not Before: Jan 7 10:08:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bf28f7bf3ad7fd74aacb47a372c0659e751629e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:6c:b3:c6:a7:a7:ff:ab:64:9c:95:4a:ee:78:
37:60:42:34:bd:b8:8a:a0:1d:c0:0e:f9:ad:94:27:
06:03:9e:ac:af:b5:b6:77:7d:ad:61:8f:e6:cf:8e:
a9:ac:16:1e:31:fe:f7:26:a6:e4:78:c6:85:0e:b1:
e6:b8:ee:3a:c6:ee:b8:d1:bd:fa:10:d8:58:17:00:
61:1c:72:29:79:19:f5:03:73:11:dc:19:31:4a:81:
d9:62:7a:86:6e:8c:19:63:59:e0:d0:7a:35:29:0c:
c9:ad:4d:58:57:5c:90:92:4a:fe:3b:95:99:4a:6d:
09:ed:5d:94:e4:65:fc:1b:bd:00:54:60:b0:9f:87:
4d:c3:84:62:7e:88:a9:48:88:d0:58:b8:75:0c:29:
0e:09:3a:4f:96:12:9a:c2:9c:d6:ec:01:70:b4:c4:
ed:38:0d:c6:d6:1c:8c:6e:0e:28:31:3c:b8:fb:8b:
f3:d3:d6:7c:dd:d5:1c:63:54:2f:bc:93:b0:ea:fd:
1a:4b:0d:80:05:3f:5d:89:45:82:59:e9:ff:09:1a:
3a:e9:ef:62:3a:d6:86:5e:48:56:e0:19:61:dd:86:
03:32:78:48:40:60:5d:57:d4:03:63:10:f7:71:68:
e6:6d:8b:c0:f2:e4:e1:38:b1:58:b5:47:70:c1:ac:
14:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:28:F7:BF:3A:D7:FD:74:AA:CB:47:A3:72:C0:65:9E:75:16:29:E8
X509v3 Authority Key Identifier:
keyid:87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/vyj3vzrX_XSqy0ejcsBlnnUWKeg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/h0v4BwzuQwXRo4npEPtRArvMGUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.72.0/21
Signature Algorithm: sha256WithRSAEncryption
52:c2:08:4f:68:fe:a3:0f:b4:8e:5e:a6:e7:ee:c9:0c:d6:f8:
76:51:cd:98:f4:96:36:08:78:2c:fb:7c:96:b0:c9:d0:94:ff:
19:9c:49:4b:1e:69:28:9d:1e:57:5a:29:9d:22:60:49:b6:d2:
11:2b:28:5a:51:42:d5:bb:28:9e:80:47:28:84:23:fe:ff:50:
2b:27:ed:fe:92:26:b6:d0:b3:97:2b:c7:cf:0a:57:a9:e6:ac:
26:28:a0:b4:4c:2f:64:9a:a5:71:17:d7:22:66:4f:ce:f4:33:
cb:5a:a6:9f:16:be:5d:3b:76:7d:1e:3d:db:3c:f4:ac:e0:1f:
7b:02:5d:23:e4:b1:b9:a2:1a:65:de:dd:9e:a6:eb:37:a9:8f:
74:97:d1:94:16:d0:b5:1c:ab:94:e7:ce:f2:b3:da:85:31:0d:
ce:44:de:6f:b9:8b:cf:92:d5:4d:82:79:ff:37:f3:4b:2b:7c:
1c:66:e9:06:b8:e7:e4:26:be:ed:29:bc:93:db:70:76:50:3c:
8c:c8:0b:d1:74:20:27:5e:71:5a:51:a0:84:ab:36:95:61:c1:
32:fc:f9:33:9f:5b:af:64:01:84:8e:f0:c8:8e:6a:e8:3d:17:
c5:ea:a1:4d:62:2b:87:1b:ba:0f:9f:19:83:5a:98:99:9c:90:
de:5f:ce:90
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAQ2o8jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NzRiZjgwNzBjZWU0MzA1ZDFhMzg5ZTkxMGZiNTEwMmJiY2MxOTQxMB4XDTIyMDEw
NzEwMDgyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmYyOGY3YmYzYWQ3
ZmQ3NGFhY2I0N2EzNzJjMDY1OWU3NTE2MjllODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMtss8anp/+rZJyVSu54N2BCNL24iqAdwA75rZQnBgOerK+1
tnd9rWGP5s+OqawWHjH+9yam5HjGhQ6x5rjuOsbuuNG9+hDYWBcAYRxyKXkZ9QNz
EdwZMUqB2WJ6hm6MGWNZ4NB6NSkMya1NWFdckJJK/juVmUptCe1dlORl/Bu9AFRg
sJ+HTcOEYn6IqUiI0Fi4dQwpDgk6T5YSmsKc1uwBcLTE7TgNxtYcjG4OKDE8uPuL
89PWfN3VHGNUL7yTsOr9GksNgAU/XYlFglnp/wkaOunvYjrWhl5IVuAZYd2GAzJ4
SEBgXVfUA2MQ93Fo5m2LwPLk4TixWLVHcMGsFJkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS/KPe/Otf9dKrLR6NywGWedRYp6DAfBgNVHSMEGDAWgBSHS/gHDO5DBdGj
iekQ+1ECu8wZQTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2gwdjRCd3p1UXdYUm80bnBFUHRSQXJ2TUdVRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWIvZWVlMTMxLWJiOGMtNDg4Ny04NjliLTZmZTRkOGZlZDE2MC8x
L3Z5ajN2enJYX1hTcXkwZWpjc0Jsbm5VV0tlZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIv
ZWVlMTMxLWJiOGMtNDg4Ny04NjliLTZmZTRkOGZlZDE2MC8xL2gwdjRCd3p1UXdY
Um80bnBFUHRSQXJ2TUdVRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA1XtSDANBgkqhkiG9w0BAQsFAAOC
AQEAUsIIT2j+ow+0jl6m5+7JDNb4dlHNmPSWNgh4LPt8lrDJ0JT/GZxJSx5pKJ0e
V1opnSJgSbbSESsoWlFC1bsonoBHKIQj/v9QKyft/pImttCzlyvHzwpXqeasJiig
tEwvZJqlcRfXImZPzvQzy1qmnxa+XTt2fR492zz0rOAfewJdI+SxuaIaZd7dnqbr
N6mPdJfRlBbQtRyrlOfO8rPahTENzkTeb7mLz5LVTYJ5/zfzSyt8HGbpBrjn5Ca+
7Sm8k9twdlA8jMgL0XQgJ15xWlGghKs2lWHBMvz5M59br2QBhI7wyI5q6D0Xxeqh
TWIrhxu6D58Zg1qYmZyQ3l/OkA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:59 2023 by rpki-client on console-fra.rpki-client.org