Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/vc2GU5tWKEWLMpE-n43t-Ascd2E.roa
File: vc2GU5tWKEWLMpE-n43t-Ascd2E.roa (raw, json)
Hash identifier: N5WtJADjZIZp3vS3CckwWXGkUZaX97tNx81m+uMXbss=
Subject key identifier: BD:CD:86:53:9B:56:28:45:8B:32:91:3E:9F:8D:ED:F8:0B:1C:77:61
Certificate issuer: /CN=ebef95f8c4c554826de8f38ad6bba9fb74802824
Certificate serial: 01872CA69C15C4222C051198AB5EC0BC57F7
Authority key identifier: EB:EF:95:F8:C4:C5:54:82:6D:E8:F3:8A:D6:BB:A9:FB:74:80:28:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6--V-MTFVIJt6POK1rup-3SAKCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/vc2GU5tWKEWLMpE-n43t-Ascd2E.roa
Signing time: Wed 29 Mar 2023 09:15:29 +0000
ROA not before: Wed 29 Mar 2023 09:15:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15763
IP address blocks: 185.151.100.0/22 maxlen: 24
156.67.58.0/24 maxlen: 24
85.22.48.0/24 maxlen: 24
85.22.53.0/24 maxlen: 24
85.22.54.0/24 maxlen: 24
85.22.55.0/24 maxlen: 24
85.22.52.0/24 maxlen: 24
85.22.60.0/24 maxlen: 24
85.22.64.0/24 maxlen: 24
85.22.74.0/24 maxlen: 24
85.22.75.0/24 maxlen: 24
85.22.0.0/20 maxlen: 20
85.22.0.0/16 maxlen: 16
85.22.16.0/20 maxlen: 20
85.22.148.0/23 maxlen: 23
85.22.156.0/24 maxlen: 24
85.22.158.0/24 maxlen: 24
85.22.172.0/24 maxlen: 24
85.22.173.0/24 maxlen: 24
85.22.174.0/24 maxlen: 24
85.22.175.0/24 maxlen: 24
85.22.84.0/22 maxlen: 22
85.22.96.0/20 maxlen: 20
212.29.32.0/24 maxlen: 24
212.29.33.0/24 maxlen: 24
212.29.34.0/24 maxlen: 24
212.29.32.0/19 maxlen: 19
212.29.42.0/24 maxlen: 24
212.29.39.0/24 maxlen: 24
85.22.112.0/20 maxlen: 20
85.22.128.0/22 maxlen: 22
2a03:f580::/32 maxlen: 32
2a03:f580:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2c:a6:9c:15:c4:22:2c:05:11:98:ab:5e:c0:bc:57:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebef95f8c4c554826de8f38ad6bba9fb74802824
Validity
Not Before: Mar 29 09:15:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bdcd86539b5628458b32913e9f8dedf80b1c7761
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:5d:73:ec:73:82:5f:6f:fb:4d:d7:ff:56:58:
0c:d8:5e:08:5a:1f:cd:5c:c1:94:32:27:9c:6b:55:
4f:5f:b6:a4:31:34:6d:c3:00:27:b5:72:4b:4f:ea:
de:b6:5a:5d:60:d8:46:f2:18:97:5e:cd:4c:21:e7:
f3:5f:2e:c7:fc:30:7a:ee:f2:aa:7e:73:71:7b:cf:
5f:d7:fa:1d:9f:81:00:6f:5a:0d:f3:e4:e1:87:fb:
5e:60:15:3c:25:d8:4d:b5:e7:70:ce:6b:5f:58:b0:
6d:44:9e:9e:79:0e:bc:f7:6d:87:af:88:a3:c4:09:
86:44:80:df:bc:50:11:22:00:f4:17:ec:54:cf:2e:
fc:fe:f7:fb:79:50:c4:87:8c:a1:ce:24:57:a2:36:
94:64:27:b0:3f:5b:26:aa:8e:e8:e5:9a:65:4d:de:
42:11:23:f3:75:5d:8b:ab:48:7a:41:a8:72:6a:48:
4e:8d:1a:22:14:4c:ee:ba:70:53:12:d8:e9:c0:0b:
f5:c8:3a:ae:a3:b2:e8:5d:1a:f1:84:57:0e:cc:07:
1d:23:0c:3c:eb:c7:44:64:fc:bf:9c:f9:c7:5a:59:
f7:47:45:a0:a8:63:af:4e:c4:45:10:de:0c:41:ab:
db:0e:ae:2d:6e:71:2f:36:1f:47:d3:c1:e2:73:75:
83:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:CD:86:53:9B:56:28:45:8B:32:91:3E:9F:8D:ED:F8:0B:1C:77:61
X509v3 Authority Key Identifier:
keyid:EB:EF:95:F8:C4:C5:54:82:6D:E8:F3:8A:D6:BB:A9:FB:74:80:28:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6--V-MTFVIJt6POK1rup-3SAKCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/vc2GU5tWKEWLMpE-n43t-Ascd2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/6--V-MTFVIJt6POK1rup-3SAKCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.22.0.0/16
156.67.58.0/24
185.151.100.0/22
212.29.32.0/19
IPv6:
2a03:f580::/32
Signature Algorithm: sha256WithRSAEncryption
22:19:99:ec:c2:bc:ef:41:50:21:58:ad:ba:72:9b:23:d9:7c:
39:11:9a:fe:6a:99:03:5c:d4:f2:4a:98:c6:d9:0a:f7:de:89:
72:99:fb:bf:f7:37:f9:ae:bb:42:d3:6a:bb:72:6e:31:a9:3e:
c7:9c:80:87:6e:88:14:dc:26:e8:ec:7c:8e:96:46:87:02:63:
8c:21:0d:7e:57:8b:8c:6c:2d:d9:b7:eb:56:5c:ea:b3:68:57:
df:f4:8c:e9:e4:a4:fa:ee:4f:2e:9d:e7:10:99:e7:84:ed:f8:
74:ca:40:9d:1e:e0:fc:66:b6:ce:14:22:ce:1a:51:dd:95:a3:
6c:d8:d2:5f:b9:4c:f1:86:c2:76:6e:5d:71:1c:87:cf:ef:5b:
ff:10:e5:c1:4d:b7:9c:97:cc:a4:68:3c:0a:b7:5e:ba:45:ea:
ad:47:77:c0:96:3f:a2:8d:4e:4f:af:76:34:98:f5:61:4d:89:
ca:92:d4:eb:07:38:db:44:99:53:67:e4:e0:bb:60:0a:fc:e1:
36:f6:25:75:35:53:54:68:53:c4:43:c0:d0:cf:7a:92:bc:9c:
ec:20:11:2c:cb:df:81:8e:b8:56:b0:b7:fb:35:02:57:55:bf:
22:4c:5b:a6:cc:a2:64:b6:e6:4b:c9:c8:33:d6:bc:12:7f:47:
64:79:4f:ed
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYcsppwVxCIsBRGYq17AvFf3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZWY5NWY4YzRjNTU0ODI2ZGU4ZjM4YWQ2YmJhOWZiNzQ4
MDI4MjQwHhcNMjMwMzI5MDkxNTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGNkODY1MzliNTYyODQ1OGIzMjkxM2U5ZjhkZWRmODBiMWM3NzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiV1z7HOCX2/7Tdf/VlgM2F4IWh/N
XMGUMieca1VPX7akMTRtwwAntXJLT+retlpdYNhG8hiXXs1MIefzXy7H/DB67vKq
fnNxe89f1/odn4EAb1oN8+Thh/teYBU8JdhNtedwzmtfWLBtRJ6eeQ68922Hr4ij
xAmGRIDfvFARIgD0F+xUzy78/vf7eVDEh4yhziRXojaUZCewP1smqo7o5ZplTd5C
ESPzdV2Lq0h6QahyakhOjRoiFEzuunBTEtjpwAv1yDquo7LoXRrxhFcOzAcdIww8
68dEZPy/nPnHWln3R0WgqGOvTsRFEN4MQavbDq4tbnEvNh9H08Hic3WDiQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFL3NhlObVihFizKRPp+N7fgLHHdhMB8GA1UdIwQY
MBaAFOvvlfjExVSCbejzita7qft0gCgkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNi0tVi1NVEZWSUp0NlBPSzFydXAtM1NBS0NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9mMTQ1N2YtNjIxZi00Nzk2LTg2MGUt
OWEzNTBmZDFhNGFkLzEvdmMyR1U1dFdLRVdMTXBFLW40M3QtQXNjZDJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9mMTQ1N2YtNjIxZi00Nzk2LTg2MGUtOWEzNTBmZDFhNGFk
LzEvNi0tVi1NVEZWSUp0NlBPSzFydXAtM1NBS0NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwMAVRYDBACc
QzoDBAK5l2QDBAXUHSAwDQQCAAIwBwMFACoD9YAwDQYJKoZIhvcNAQELBQADggEB
ACIZmezCvO9BUCFYrbpymyPZfDkRmv5qmQNc1PJKmMbZCvfeiXKZ+7/3N/muu0LT
artybjGpPsecgIduiBTcJujsfI6WRocCY4whDX5Xi4xsLdm361Zc6rNoV9/0jOnk
pPruTy6d5xCZ54Tt+HTKQJ0e4Pxmts4UIs4aUd2Vo2zY0l+5TPGGwnZuXXEch8/v
W/8Q5cFNt5yXzKRoPAq3XrpF6q1Hd8CWP6KNTk+vdjSY9WFNicqS1OsHONtEmVNn
5OC7YAr84Tb2JXU1U1RoU8RDwNDPepK8nOwgESzL34GOuFawt/s1AldVvyJMW6bM
omS25kvJyDPWvBJ/R2R5T+0=
-----END CERTIFICATE-----
Generated at Sun Apr 27 20:06:48 2025 by rpki-client