Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/VHBOVDbZ1esQRV4n_HeRRUS57GM.roa
File: VHBOVDbZ1esQRV4n_HeRRUS57GM.roa (raw, json)
Hash identifier: eSoeuGU78PxYO30FYLMjc6BHXZ3zwCtqYDax+NMFShg=
Subject key identifier: 54:70:4E:54:36:D9:D5:EB:10:45:5E:27:FC:77:91:45:44:B9:EC:63
Certificate issuer: /CN=8ad240603ec6ebcd62f72d46f1dc00cb7e1f0b2e
Certificate serial: 0F286F5B
Authority key identifier: 8A:D2:40:60:3E:C6:EB:CD:62:F7:2D:46:F1:DC:00:CB:7E:1F:0B:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/itJAYD7G681i9y1G8dwAy34fCy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/VHBOVDbZ1esQRV4n_HeRRUS57GM.roa
Signing time: Sat 01 Jan 2022 06:54:23 +0000
ROA not before: Sat 01 Jan 2022 06:54:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21013
IP address blocks: 85.31.0.0/19 maxlen: 19
80.243.160.0/20 maxlen: 20
185.91.80.0/22 maxlen: 22
212.52.192.0/19 maxlen: 19
2a02:940::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 254308187 (0xf286f5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ad240603ec6ebcd62f72d46f1dc00cb7e1f0b2e
Validity
Not Before: Jan 1 06:54:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=54704e5436d9d5eb10455e27fc77914544b9ec63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:11:e1:4f:a7:06:15:52:9d:6c:d0:72:f6:15:
e6:b6:0a:31:0b:3f:90:24:2d:ad:22:2e:9b:9d:df:
54:5d:dc:8d:95:ef:01:b8:7b:9f:68:31:32:96:a9:
b4:f6:18:b7:30:5f:f8:10:6c:b8:28:b4:8c:8b:bc:
da:5d:c3:2f:40:d2:ec:66:80:6c:83:d4:31:f9:ef:
c4:2a:02:0c:cd:e2:66:b8:04:b6:c6:ca:36:87:79:
1d:c3:fe:ad:14:a0:b8:ec:05:f0:18:ba:f0:b3:57:
a3:85:6c:ca:9a:5b:f5:f4:ec:10:31:7d:2a:57:d4:
96:56:ac:96:6b:83:14:19:9c:7d:eb:34:7c:90:e9:
fc:9e:78:59:61:56:b3:79:6f:43:c0:4c:06:bf:af:
f0:91:2d:dc:6b:ca:3a:52:c7:cd:f0:e6:5d:75:02:
ae:22:ae:43:b5:84:ca:f7:51:da:98:97:89:97:7e:
68:f9:3c:30:46:26:4d:6a:55:19:3d:27:72:63:ba:
29:c8:84:8d:2b:9c:a8:ce:26:0e:32:1a:2a:5f:09:
bd:bc:d6:31:82:3a:b8:32:9a:4c:b4:8e:eb:d3:53:
58:69:19:88:91:e5:f3:d6:4e:fd:36:83:e4:1d:42:
75:09:5e:b7:39:8d:bd:c7:ac:a7:0c:ee:ad:4c:4c:
65:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:70:4E:54:36:D9:D5:EB:10:45:5E:27:FC:77:91:45:44:B9:EC:63
X509v3 Authority Key Identifier:
keyid:8A:D2:40:60:3E:C6:EB:CD:62:F7:2D:46:F1:DC:00:CB:7E:1F:0B:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itJAYD7G681i9y1G8dwAy34fCy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/VHBOVDbZ1esQRV4n_HeRRUS57GM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/itJAYD7G681i9y1G8dwAy34fCy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.243.160.0/20
85.31.0.0/19
185.91.80.0/22
212.52.192.0/19
IPv6:
2a02:940::/32
Signature Algorithm: sha256WithRSAEncryption
39:ba:75:fe:94:29:24:d4:b7:9e:97:a6:69:cc:11:24:e7:d9:
39:ef:05:1b:2f:6c:19:c4:3a:cf:ae:d5:79:ff:b4:94:9f:32:
52:e5:16:c5:e9:82:1b:9d:1c:20:ec:f9:41:14:33:ae:15:6c:
80:b4:45:63:2c:27:c1:7b:f3:e1:40:d7:38:01:5a:eb:91:b6:
ba:1b:1f:81:b9:1a:7b:d4:94:23:6d:6f:dd:cc:93:24:26:61:
59:2f:73:1f:23:69:27:4a:24:40:48:a5:4c:db:5d:6f:25:6f:
ec:b4:5a:c8:d0:b0:0f:1d:4b:88:2e:48:82:20:f1:0f:7b:59:
0f:76:86:c7:8d:ab:db:6d:80:2d:b4:b9:55:5a:bf:c4:ef:94:
28:45:17:9e:b9:5c:c0:7e:29:85:5e:b7:c6:45:05:4d:52:46:
2a:8f:bf:e4:4f:e5:e8:1b:8f:58:07:ac:f0:fb:8d:38:ff:2e:
47:2e:30:a5:d2:41:8c:4f:d4:ac:4b:07:57:70:84:6a:09:21:
08:45:41:cb:c8:b0:86:f9:de:44:61:15:90:26:8e:f4:38:87:
c2:1a:75:fd:ef:bb:10:e4:db:34:00:67:c0:e6:5a:37:50:26:
64:84:f8:0a:ee:51:9f:1a:fd:53:14:b8:56:00:ad:47:86:b6:
b2:a8:b5:28
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEDyhvWzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YWQyNDA2MDNlYzZlYmNkNjJmNzJkNDZmMWRjMDBjYjdlMWYwYjJlMB4XDTIyMDEw
MTA2NTQyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTQ3MDRlNTQzNmQ5
ZDVlYjEwNDU1ZTI3ZmM3NzkxNDU0NGI5ZWM2MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOkR4U+nBhVSnWzQcvYV5rYKMQs/kCQtrSIum53fVF3cjZXv
Abh7n2gxMpaptPYYtzBf+BBsuCi0jIu82l3DL0DS7GaAbIPUMfnvxCoCDM3iZrgE
tsbKNod5HcP+rRSguOwF8Bi68LNXo4Vsyppb9fTsEDF9KlfUllaslmuDFBmcfes0
fJDp/J54WWFWs3lvQ8BMBr+v8JEt3GvKOlLHzfDmXXUCriKuQ7WEyvdR2piXiZd+
aPk8MEYmTWpVGT0ncmO6KciEjSucqM4mDjIaKl8JvbzWMYI6uDKaTLSO69NTWGkZ
iJHl89ZO/TaD5B1CdQletzmNvcespwzurUxMZUMCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBRUcE5UNtnV6xBFXif8d5FFRLnsYzAfBgNVHSMEGDAWgBSK0kBgPsbrzWL3
LUbx3ADLfh8LLjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2l0SkFZRDdHNjgxaTl5MUc4ZHdBeTM0ZkN5NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjcvNDI1MTQ5LTljNjgtNDFmYi04MDM1LWQ3NmM4YzczOTg2MS8x
L1ZIQk9WRGJaMWVzUVJWNG5fSGVSUlVTNTdHTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjcv
NDI1MTQ5LTljNjgtNDFmYi04MDM1LWQ3NmM4YzczOTg2MS8xL2l0SkFZRDdHNjgx
aTl5MUc4ZHdBeTM0ZkN5NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBFDzoAMEBVUfAAMEArlbUAMEBdQ0
wDANBAIAAjAHAwUAKgIJQDANBgkqhkiG9w0BAQsFAAOCAQEAObp1/pQpJNS3npem
acwRJOfZOe8FGy9sGcQ6z67Vef+0lJ8yUuUWxemCG50cIOz5QRQzrhVsgLRFYywn
wXvz4UDXOAFa65G2uhsfgbkae9SUI21v3cyTJCZhWS9zHyNpJ0okQEilTNtdbyVv
7LRayNCwDx1LiC5IgiDxD3tZD3aGx42r222ALbS5VVq/xO+UKEUXnrlcwH4phV63
xkUFTVJGKo+/5E/l6BuPWAes8PuNOP8uRy4wpdJBjE/UrEsHV3CEagkhCEVBy8iw
hvneRGEVkCaO9DiHwhp1/e+7EOTbNABnwOZaN1AmZIT4Cu5Rnxr9UxS4VgCtR4a2
sqi1KA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:04 2024 by rpki-client on console-fra.rpki-client.org