Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/vc_c-04u2VdvjJNbekAIwvUqX9g.roa
File: vc_c-04u2VdvjJNbekAIwvUqX9g.roa (raw, json)
Hash identifier: rOj6bjSiDskmHr56wPjgVP2pv9zBWWZhcgkqoebBMPA=
Subject key identifier: BD:CF:DC:FB:4E:2E:D9:57:6F:8C:93:5B:7A:40:08:C2:F5:2A:5F:D8
Certificate issuer: /CN=d31dd1a514d3a7e3dfdb8bfb75d7d24ed98d479f
Certificate serial: 0184756AC867F7650479761B6EAD8D1CBF25
Authority key identifier: D3:1D:D1:A5:14:D3:A7:E3:DF:DB:8B:FB:75:D7:D2:4E:D9:8D:47:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/vc_c-04u2VdvjJNbekAIwvUqX9g.roa
Signing time: Mon 14 Nov 2022 09:14:03 +0000
ROA not before: Mon 14 Nov 2022 09:14:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15580
IP address blocks: 194.127.64.0/24 maxlen: 24
194.127.67.0/24 maxlen: 24
194.127.65.0/24 maxlen: 24
194.127.66.0/24 maxlen: 24
194.127.74.0/24 maxlen: 24
194.127.75.0/24 maxlen: 24
194.127.72.0/24 maxlen: 24
194.127.73.0/24 maxlen: 24
194.127.76.0/24 maxlen: 24
194.127.80.0/20 maxlen: 20
194.127.81.0/24 maxlen: 24
194.127.88.0/24 maxlen: 24
194.127.89.0/24 maxlen: 24
194.127.9.224/27 maxlen: 27
193.194.10.0/23 maxlen: 23
193.194.10.0/24 maxlen: 24
193.194.11.0/24 maxlen: 24
193.194.6.0/23 maxlen: 23
193.194.12.0/22 maxlen: 22
194.127.4.0/24 maxlen: 24
194.127.3.0/24 maxlen: 24
194.127.1.0/24 maxlen: 24
194.127.2.0/24 maxlen: 24
194.127.0.0/18 maxlen: 18
194.127.0.0/24 maxlen: 24
194.127.5.0/24 maxlen: 24
194.127.9.0/24 maxlen: 24
194.127.11.0/24 maxlen: 24
194.127.10.0/24 maxlen: 24
194.127.17.0/24 maxlen: 24
194.127.12.0/24 maxlen: 24
194.127.15.0/24 maxlen: 24
194.127.13.0/24 maxlen: 24
194.127.14.0/24 maxlen: 24
194.127.24.0/23 maxlen: 23
194.127.19.0/24 maxlen: 24
194.127.22.0/24 maxlen: 24
194.127.23.0/24 maxlen: 24
194.127.20.0/24 maxlen: 24
194.127.21.0/24 maxlen: 24
194.127.31.0/24 maxlen: 24
194.127.26.0/24 maxlen: 24
194.127.26.0/23 maxlen: 23
194.127.29.0/24 maxlen: 24
194.127.27.0/24 maxlen: 24
194.127.28.0/24 maxlen: 24
194.127.9.64/27 maxlen: 27
193.58.222.0/24 maxlen: 24
193.58.223.0/24 maxlen: 24
2a01:6f8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:75:6a:c8:67:f7:65:04:79:76:1b:6e:ad:8d:1c:bf:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d31dd1a514d3a7e3dfdb8bfb75d7d24ed98d479f
Validity
Not Before: Nov 14 09:14:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bdcfdcfb4e2ed9576f8c935b7a4008c2f52a5fd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:8a:ad:f6:a3:0d:df:34:59:bb:76:42:c1:3e:
2e:93:eb:fd:f9:b5:fc:e0:9b:05:ef:48:da:96:5e:
4c:4c:49:19:b3:ec:36:6c:3d:83:32:4d:1c:f2:c8:
ef:62:14:e6:29:1d:24:23:3f:18:37:48:55:0d:06:
81:d9:c1:30:85:a4:c6:8a:cf:66:45:d0:bd:08:5a:
84:7a:83:03:7b:31:18:55:20:f9:b3:96:22:5a:9b:
0b:64:c7:04:f5:01:cf:59:13:0b:9e:e7:54:55:f8:
1a:5c:7d:a7:50:59:29:c6:7f:1c:21:bd:41:cf:41:
92:ca:e9:76:98:b2:19:dc:ce:b6:eb:e4:ce:b6:6e:
0b:9a:a5:3c:53:fc:f4:57:82:2a:c5:30:f7:6f:c2:
00:7c:4d:d0:fd:6c:a2:af:04:21:6a:5b:05:b7:b9:
bb:58:74:4c:48:87:d9:ec:55:dc:e0:54:b3:1b:16:
45:6c:65:4e:52:67:0c:a4:ca:bc:98:ab:2c:18:e8:
db:bf:ee:12:8d:af:24:7e:a7:39:b7:e4:8d:97:23:
bd:61:a6:ae:e7:23:e5:f6:d5:31:41:25:8e:6c:97:
07:61:70:eb:20:b2:af:c6:41:d5:fc:70:a7:70:34:
fb:49:49:b6:66:b7:c1:aa:fe:77:9f:96:38:c0:b0:
8c:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:CF:DC:FB:4E:2E:D9:57:6F:8C:93:5B:7A:40:08:C2:F5:2A:5F:D8
X509v3 Authority Key Identifier:
keyid:D3:1D:D1:A5:14:D3:A7:E3:DF:DB:8B:FB:75:D7:D2:4E:D9:8D:47:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/vc_c-04u2VdvjJNbekAIwvUqX9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/0x3RpRTTp-Pf24v7ddfSTtmNR58.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.58.222.0/23
193.194.6.0/23
193.194.10.0-193.194.15.255
194.127.0.0-194.127.67.255
194.127.72.0-194.127.76.255
194.127.80.0/20
IPv6:
2a01:6f8::/32
Signature Algorithm: sha256WithRSAEncryption
66:06:82:bf:c4:d4:1b:e0:22:6a:e8:28:33:c8:6c:2b:bf:80:
04:6a:cc:17:45:51:99:99:53:09:cc:48:50:c8:37:03:69:b4:
f4:27:82:af:42:6b:5f:b9:38:91:c1:a1:1c:13:54:00:e6:55:
0e:cd:79:32:f4:45:0d:8e:16:84:a4:c9:f0:27:69:f7:d1:21:
54:e6:5b:cf:e5:f7:7f:05:ca:d2:49:ab:b3:c0:62:d0:5d:42:
8e:db:45:9c:fb:43:0a:69:21:c0:62:f9:da:ba:8c:ae:5c:97:
f1:f2:29:e0:40:06:8e:12:70:4f:4f:59:bc:ca:6c:54:41:04:
2e:d9:06:2f:79:e1:16:cb:01:95:20:0f:5f:8d:0b:cb:c0:b1:
d7:bc:48:2a:28:fe:ae:28:e1:6c:ec:05:9b:38:78:d8:58:86:
e6:f3:a4:6e:54:7d:53:10:3a:cd:fd:f1:08:13:a3:23:ab:44:
e6:04:c8:ed:90:56:64:7f:c9:1b:a5:f7:84:5b:ef:a1:5a:92:
a8:fb:90:6d:1d:6d:fa:61:12:af:45:19:f2:10:43:71:32:d1:
fd:43:5e:9c:8d:fb:62:f2:de:49:86:ad:11:e5:e0:17:e7:55:
d1:71:cf:7f:1e:1f:e9:ad:1e:13:89:b9:59:13:97:f1:3b:93:
b9:75:14:98
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYR1ashn92UEeXYbbq2NHL8lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMWRkMWE1MTRkM2E3ZTNkZmRiOGJmYjc1ZDdkMjRlZDk4
ZDQ3OWYwHhcNMjIxMTE0MDkxNDAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGNmZGNmYjRlMmVkOTU3NmY4YzkzNWI3YTQwMDhjMmY1MmE1ZmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwoqt9qMN3zRZu3ZCwT4uk+v9+bX8
4JsF70jall5MTEkZs+w2bD2DMk0c8sjvYhTmKR0kIz8YN0hVDQaB2cEwhaTGis9m
RdC9CFqEeoMDezEYVSD5s5YiWpsLZMcE9QHPWRMLnudUVfgaXH2nUFkpxn8cIb1B
z0GSyul2mLIZ3M626+TOtm4LmqU8U/z0V4IqxTD3b8IAfE3Q/WyirwQhalsFt7m7
WHRMSIfZ7FXc4FSzGxZFbGVOUmcMpMq8mKssGOjbv+4Sja8kfqc5t+SNlyO9Yaau
5yPl9tUxQSWObJcHYXDrILKvxkHV/HCncDT7SUm2ZrfBqv53n5Y4wLCMHwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFL3P3PtOLtlXb4yTW3pACML1Kl/YMB8GA1UdIwQY
MBaAFNMd0aUU06fj39uL+3XX0k7ZjUefMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHgzUnBSVFRwLVBmMjR2N2RkZlNUdG1OUjU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9mMjQ3OGYtYzUwMy00MmMyLTk0YjIt
YjE2NmFlMmVmMjg3LzEvdmNfYy0wNHUyVmR2akpOYmVrQUl3dlVxWDlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9mMjQ3OGYtYzUwMy00MmMyLTk0YjItYjE2NmFlMmVmMjg3
LzEvMHgzUnBSVFRwLVBmMjR2N2RkZlNUdG1OUjU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBBBAIAATA7AwQBwTreAwQB
wcIGMAwDBAHBwgoDBATBwgAwCwMDAMJ/AwQCwn9AMAwDBAPCf0gDBADCf0wDBATC
f1AwDQQCAAIwBwMFACoBBvgwDQYJKoZIhvcNAQELBQADggEBAGYGgr/E1BvgImro
KDPIbCu/gARqzBdFUZmZUwnMSFDINwNptPQngq9Ca1+5OJHBoRwTVADmVQ7NeTL0
RQ2OFoSkyfAnaffRIVTmW8/l938FytJJq7PAYtBdQo7bRZz7QwppIcBi+dq6jK5c
l/HyKeBABo4ScE9PWbzKbFRBBC7ZBi954RbLAZUgD1+NC8vAsde8SCoo/q4o4Wzs
BZs4eNhYhubzpG5UfVMQOs398QgToyOrROYEyO2QVmR/yRul94Rb76Fakqj7kG0d
bfphEq9FGfIQQ3Ey0f1DXpyN+2Ly3kmGrRHl4BfnVdFxz38eH+mtHhOJuVkTl/E7
k7l1FJg=
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:09:36 2025 by rpki-client