Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/4307d1-b608-4581-992c-753741a80e94/1/VWxRnG7cg-0tFndzjCGO94HxF1Y.roa
File: VWxRnG7cg-0tFndzjCGO94HxF1Y.roa (raw, json)
Hash identifier: Q3f41Pns3hSK9kT5Ta5AV9TCV4pm0WMND48SCdmRSx4=
Subject key identifier: 55:6C:51:9C:6E:DC:83:ED:2D:16:77:73:8C:21:8E:F7:81:F1:17:56
Certificate issuer: /CN=07fa540a25432e2aa4dca057845c359d214886f7
Certificate serial: 018499FB5399E496DF148D0399C3847AE1D0
Authority key identifier: 07:FA:54:0A:25:43:2E:2A:A4:DC:A0:57:84:5C:35:9D:21:48:86:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B_pUCiVDLiqk3KBXhFw1nSFIhvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/4307d1-b608-4581-992c-753741a80e94/1/VWxRnG7cg-0tFndzjCGO94HxF1Y.roa
Signing time: Mon 21 Nov 2022 11:38:15 +0000
ROA not before: Mon 21 Nov 2022 11:38:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 196922
IP address blocks: 46.232.186.0/24 maxlen: 24
46.232.184.0/21 maxlen: 21
46.232.185.0/24 maxlen: 24
46.232.190.0/24 maxlen: 24
46.232.187.0/24 maxlen: 24
46.232.191.0/24 maxlen: 24
178.248.240.0/24 maxlen: 24
178.248.245.0/24 maxlen: 24
178.248.246.0/24 maxlen: 24
178.248.243.0/24 maxlen: 24
178.248.244.0/24 maxlen: 24
178.248.241.0/24 maxlen: 24
178.248.240.0/21 maxlen: 21
178.248.242.0/24 maxlen: 24
185.115.24.0/22 maxlen: 24
185.115.24.0/23 maxlen: 23
178.248.247.0/24 maxlen: 24
185.115.26.0/23 maxlen: 23
185.115.26.128/27 maxlen: 27
2a02:1308::/29 maxlen: 32
2a02:1308::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:99:fb:53:99:e4:96:df:14:8d:03:99:c3:84:7a:e1:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07fa540a25432e2aa4dca057845c359d214886f7
Validity
Not Before: Nov 21 11:38:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=556c519c6edc83ed2d1677738c218ef781f11756
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:4f:eb:24:fa:c0:aa:8a:b0:90:e4:6f:8b:47:
94:1b:24:4e:e6:59:71:26:de:d3:ca:bb:b6:60:b0:
b7:2b:f0:e9:9f:e0:68:92:dc:28:86:42:3e:c8:e0:
f5:73:19:98:87:97:b1:1b:e3:41:bd:5e:e1:f1:36:
21:fe:cc:ba:9a:f8:da:dc:86:f4:cc:d6:58:67:d7:
19:59:17:85:78:2f:bb:27:99:2a:67:42:52:c4:ad:
98:8a:da:b7:19:ab:79:94:3a:0f:58:ed:b6:cc:ad:
d1:df:c6:f4:bd:40:25:99:75:7f:74:f0:3c:fb:4c:
47:fc:82:2d:19:d1:c7:f7:b3:9d:e4:c8:b6:41:3c:
8d:a0:61:94:32:33:c3:76:4c:5c:3c:92:9a:30:ce:
30:7a:16:21:87:4c:47:14:d8:aa:53:7c:24:67:1b:
93:26:b4:f0:37:52:63:02:6f:47:99:09:0c:a6:2a:
ad:b4:b9:1a:10:d3:2a:63:e4:3d:17:45:cf:01:82:
98:22:85:31:47:a0:c2:20:97:46:1c:14:68:10:ff:
50:3a:53:99:76:a6:bb:fb:06:cb:a3:55:12:9d:78:
34:e2:bb:43:b7:76:b0:e6:4a:d4:e6:55:ba:89:5a:
e5:f5:50:ec:b3:61:47:ad:77:38:fd:03:37:82:de:
8e:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:6C:51:9C:6E:DC:83:ED:2D:16:77:73:8C:21:8E:F7:81:F1:17:56
X509v3 Authority Key Identifier:
keyid:07:FA:54:0A:25:43:2E:2A:A4:DC:A0:57:84:5C:35:9D:21:48:86:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B_pUCiVDLiqk3KBXhFw1nSFIhvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/4307d1-b608-4581-992c-753741a80e94/1/VWxRnG7cg-0tFndzjCGO94HxF1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/4307d1-b608-4581-992c-753741a80e94/1/B_pUCiVDLiqk3KBXhFw1nSFIhvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.232.184.0/21
178.248.240.0/21
185.115.24.0/22
IPv6:
2a02:1308::/29
Signature Algorithm: sha256WithRSAEncryption
5c:da:66:78:ae:b2:9d:3e:4a:ac:94:89:f3:1b:0b:17:3c:1f:
2b:e5:b6:52:33:8b:70:d6:dd:a3:1a:70:ee:b5:bd:91:dc:52:
1b:29:c9:3f:1c:2a:16:9a:57:c6:48:0e:98:ec:21:69:63:e1:
6f:75:25:de:20:20:c9:37:5c:95:f0:70:8a:a6:2b:40:2f:b8:
49:6f:58:65:01:22:02:ad:37:25:eb:71:10:9a:68:be:9b:43:
ff:99:5b:1c:22:58:47:a8:55:66:eb:b9:ff:34:a1:32:cb:58:
d4:00:6a:27:18:e6:da:e2:95:90:a8:8d:25:97:7d:d4:80:3d:
c6:21:29:e1:d1:2f:6d:45:18:93:a1:f7:d3:9e:a2:e8:73:22:
a9:ca:52:02:9d:96:92:b8:77:13:ca:c4:46:35:21:dd:44:7a:
8f:20:ea:06:09:d4:3f:61:15:11:fb:2e:24:ae:68:b4:c7:1d:
01:97:99:d3:eb:37:c5:7c:38:41:42:7f:df:06:48:27:cd:09:
19:6b:15:76:77:8c:15:94:55:ab:33:1f:5e:c2:78:b7:f7:98:
65:96:65:99:db:82:5f:bf:50:ff:15:da:38:c7:46:de:c4:00:
f7:5d:61:35:a3:00:a7:3e:df:a6:73:5a:35:89:dd:5e:5f:db:
ab:a7:d6:ae
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYSZ+1OZ5JbfFI0DmcOEeuHQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZmE1NDBhMjU0MzJlMmFhNGRjYTA1Nzg0NWMzNTlkMjE0
ODg2ZjcwHhcNMjIxMTIxMTEzODE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTZjNTE5YzZlZGM4M2VkMmQxNjc3NzM4YzIxOGVmNzgxZjExNzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0/rJPrAqoqwkORvi0eUGyRO5llx
Jt7Tyru2YLC3K/Dpn+BoktwohkI+yOD1cxmYh5exG+NBvV7h8TYh/sy6mvja3Ib0
zNZYZ9cZWReFeC+7J5kqZ0JSxK2Yitq3Gat5lDoPWO22zK3R38b0vUAlmXV/dPA8
+0xH/IItGdHH97Od5Mi2QTyNoGGUMjPDdkxcPJKaMM4wehYhh0xHFNiqU3wkZxuT
JrTwN1JjAm9HmQkMpiqttLkaENMqY+Q9F0XPAYKYIoUxR6DCIJdGHBRoEP9QOlOZ
dqa7+wbLo1USnXg04rtDt3aw5krU5lW6iVrl9VDss2FHrXc4/QM3gt6ObQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFVsUZxu3IPtLRZ3c4whjveB8RdWMB8GA1UdIwQY
MBaAFAf6VAolQy4qpNygV4RcNZ0hSIb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQl9wVUNpVkRMaXFrM0tCWGhGdzFuU0ZJaHZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC80MzA3ZDEtYjYwOC00NTgxLTk5MmMt
NzUzNzQxYTgwZTk0LzEvVld4Um5HN2NnLTB0Rm5kempDR085NEh4RjFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC80MzA3ZDEtYjYwOC00NTgxLTk5MmMtNzUzNzQxYTgwZTk0
LzEvQl9wVUNpVkRMaXFrM0tCWGhGdzFuU0ZJaHZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDLui4AwQD
svjwAwQCuXMYMA0EAgACMAcDBQMqAhMIMA0GCSqGSIb3DQEBCwUAA4IBAQBc2mZ4
rrKdPkqslInzGwsXPB8r5bZSM4tw1t2jGnDutb2R3FIbKck/HCoWmlfGSA6Y7CFp
Y+FvdSXeICDJN1yV8HCKpitAL7hJb1hlASICrTcl63EQmmi+m0P/mVscIlhHqFVm
67n/NKEyy1jUAGonGOba4pWQqI0ll33UgD3GISnh0S9tRRiToffTnqLocyKpylIC
nZaSuHcTysRGNSHdRHqPIOoGCdQ/YRUR+y4krmi0xx0Bl5nT6zfFfDhBQn/fBkgn
zQkZaxV2d4wVlFWrMx9ewni395hllmWZ24Jfv1D/Fdo4x0bexAD3XWE1owCnPt+m
c1o1id1eX9urp9au
-----END CERTIFICATE-----
Generated at Tue Apr 22 21:28:07 2025 by rpki-client