Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/cc40a9-8b3f-43d6-a078-a901e034afe5/1/vavVK2M9V3uxK8hrgpqGx5DoJ3E.roa
File: vavVK2M9V3uxK8hrgpqGx5DoJ3E.roa (raw, json)
Hash identifier: t6AWa0XeassEHtSgfpZKJ9poNLoryZYIu9OpaHlZv4Q=
Subject key identifier: BD:AB:D5:2B:63:3D:57:7B:B1:2B:C8:6B:82:9A:86:C7:90:E8:27:71
Certificate issuer: /CN=db2d75c6d547750642241b0749cfa052c8c17f34
Certificate serial: 0184090E223E3E5F3A12FECACB66730F5BCC
Authority key identifier: DB:2D:75:C6:D5:47:75:06:42:24:1B:07:49:CF:A0:52:C8:C1:7F:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2y11xtVHdQZCJBsHSc-gUsjBfzQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/cc40a9-8b3f-43d6-a078-a901e034afe5/1/vavVK2M9V3uxK8hrgpqGx5DoJ3E.roa
Signing time: Mon 24 Oct 2022 08:13:52 +0000
ROA not before: Mon 24 Oct 2022 08:13:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206366
IP address blocks: 185.188.148.0/22 maxlen: 24
45.142.68.0/22 maxlen: 24
193.37.60.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:09:0e:22:3e:3e:5f:3a:12:fe:ca:cb:66:73:0f:5b:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db2d75c6d547750642241b0749cfa052c8c17f34
Validity
Not Before: Oct 24 08:13:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bdabd52b633d577bb12bc86b829a86c790e82771
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:f0:3a:75:e6:02:67:a2:b5:76:32:32:66:0d:
fa:36:73:18:52:d7:25:a9:ee:41:ed:4d:9c:f2:22:
8e:3e:1b:e1:b4:86:26:84:7e:ab:97:e5:d2:ad:92:
47:fe:e2:ac:11:df:bc:23:bf:6a:98:73:df:6f:74:
19:d8:5e:bc:de:6e:24:9c:f5:70:95:56:f2:9a:0b:
91:5e:22:76:9f:7a:d1:fa:4d:67:fe:bd:89:ca:dc:
7b:0c:3a:24:e3:b5:fa:35:fa:22:8a:85:8e:f6:90:
84:91:f7:48:88:7f:34:10:90:53:b1:50:19:d5:4c:
73:3f:27:03:2d:ee:3d:44:2b:16:19:93:17:db:8c:
be:77:6a:ac:d5:50:1d:0e:ab:24:40:d6:be:00:af:
ee:ab:df:ff:5c:d6:77:b2:72:ec:d0:99:3c:1a:ee:
b9:d4:71:99:ca:37:55:9f:f5:31:b2:16:77:93:60:
b1:0f:33:05:a6:06:6f:9c:ef:f9:77:43:d9:34:eb:
fd:b6:1b:d0:c6:9a:55:a5:dc:ad:b3:5b:d1:70:ef:
d5:d6:45:00:f1:ba:2b:18:a8:30:8c:77:98:38:56:
cb:50:da:11:c1:82:b8:bd:15:32:84:79:54:4a:ce:
70:1e:e5:df:4a:e7:1c:d6:87:50:76:45:26:39:2a:
e5:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:AB:D5:2B:63:3D:57:7B:B1:2B:C8:6B:82:9A:86:C7:90:E8:27:71
X509v3 Authority Key Identifier:
keyid:DB:2D:75:C6:D5:47:75:06:42:24:1B:07:49:CF:A0:52:C8:C1:7F:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2y11xtVHdQZCJBsHSc-gUsjBfzQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/cc40a9-8b3f-43d6-a078-a901e034afe5/1/vavVK2M9V3uxK8hrgpqGx5DoJ3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/cc40a9-8b3f-43d6-a078-a901e034afe5/1/2y11xtVHdQZCJBsHSc-gUsjBfzQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.68.0/22
185.188.148.0/22
193.37.60.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:7f:5f:b0:c3:d1:a4:89:c1:f3:d0:6c:67:51:a6:12:3c:09:
9c:79:29:0e:35:75:09:a4:e9:e7:c5:e3:1a:16:a9:59:cf:c9:
c0:9b:88:72:58:bd:16:06:b7:b9:70:fe:cd:c3:9a:b7:80:0e:
f5:fb:92:3e:ad:15:a5:b5:8d:92:4a:f9:ea:aa:00:9b:95:3a:
3a:70:ad:08:1b:b6:68:e0:bf:ca:78:35:0e:42:ca:60:b2:f6:
07:c9:4e:0e:d4:0f:ac:f1:92:d0:a9:e4:27:9c:b7:e5:6f:7d:
98:c2:75:73:52:80:90:65:17:b2:9c:a9:ae:47:51:9c:09:79:
b2:d6:a0:69:1b:49:a4:b9:0d:17:d5:c7:58:54:27:69:d2:ac:
60:7c:86:45:80:fd:44:51:0a:86:d0:84:07:d0:24:81:a0:f0:
82:b6:6b:25:d1:f7:ce:d7:ee:68:9f:dd:9d:f0:81:f4:7c:8c:
59:6f:ab:f1:27:c6:43:39:08:3d:3a:50:a0:6f:cf:ed:7a:37:
6b:b2:84:7f:2c:bd:4b:c9:5f:d4:dd:e9:d6:c8:4b:ac:84:c5:
dd:88:21:51:bd:63:3a:d0:9d:48:b6:10:fc:73:45:2e:95:13:
5f:de:0d:17:1b:1f:97:1a:05:4b:6f:5d:f9:7f:7f:93:8d:b2:
5b:4a:ae:b8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYQJDiI+Pl86Ev7Ky2ZzD1vMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMmQ3NWM2ZDU0Nzc1MDY0MjI0MWIwNzQ5Y2ZhMDUyYzhj
MTdmMzQwHhcNMjIxMDI0MDgxMzUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGFiZDUyYjYzM2Q1NzdiYjEyYmM4NmI4MjlhODZjNzkwZTgyNzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifA6deYCZ6K1djIyZg36NnMYUtcl
qe5B7U2c8iKOPhvhtIYmhH6rl+XSrZJH/uKsEd+8I79qmHPfb3QZ2F683m4knPVw
lVbymguRXiJ2n3rR+k1n/r2Jytx7DDok47X6NfoiioWO9pCEkfdIiH80EJBTsVAZ
1UxzPycDLe49RCsWGZMX24y+d2qs1VAdDqskQNa+AK/uq9//XNZ3snLs0Jk8Gu65
1HGZyjdVn/UxshZ3k2CxDzMFpgZvnO/5d0PZNOv9thvQxppVpdyts1vRcO/V1kUA
8borGKgwjHeYOFbLUNoRwYK4vRUyhHlUSs5wHuXfSucc1odQdkUmOSrl7QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFL2r1StjPVd7sSvIa4KahseQ6CdxMB8GA1UdIwQY
MBaAFNstdcbVR3UGQiQbB0nPoFLIwX80MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnkxMXh0VkhkUVpDSkJzSFNjLWdVc2pCZnpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9jYzQwYTktOGIzZi00M2Q2LWEwNzgt
YTkwMWUwMzRhZmU1LzEvdmF2VksyTTlWM3V4SzhocmdwcUd4NURvSjNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9jYzQwYTktOGIzZi00M2Q2LWEwNzgtYTkwMWUwMzRhZmU1
LzEvMnkxMXh0VkhkUVpDSkJzSFNjLWdVc2pCZnpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLY5EAwQC
ubyUAwQCwSU8MA0GCSqGSIb3DQEBCwUAA4IBAQBvf1+ww9GkicHz0GxnUaYSPAmc
eSkONXUJpOnnxeMaFqlZz8nAm4hyWL0WBre5cP7Nw5q3gA71+5I+rRWltY2SSvnq
qgCblTo6cK0IG7Zo4L/KeDUOQspgsvYHyU4O1A+s8ZLQqeQnnLflb32YwnVzUoCQ
ZReynKmuR1GcCXmy1qBpG0mkuQ0X1cdYVCdp0qxgfIZFgP1EUQqG0IQH0CSBoPCC
tmsl0ffO1+5on92d8IH0fIxZb6vxJ8ZDOQg9OlCgb8/tejdrsoR/LL1LyV/U3enW
yEushMXdiCFRvWM60J1IthD8c0UulRNf3g0XGx+XGgVLb135f3+TjbJbSq64
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:44 2023 by rpki-client on console-fra.rpki-client.org