Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/BgBMhUrC787kESMHDAtfbdW-Jc0.roa
File: BgBMhUrC787kESMHDAtfbdW-Jc0.roa (raw, json)
Hash identifier: exiOja9hdncqEc5GsSdRTQKTKllDdGMlWwRHdthCquc=
Subject key identifier: 06:00:4C:85:4A:C2:EF:CE:E4:11:23:07:0C:0B:5F:6D:D5:BE:25:CD
Certificate issuer: /CN=5e8d07b45f7d83124c9f8c0fac03bec02468b37e
Certificate serial: 070E4489
Authority key identifier: 5E:8D:07:B4:5F:7D:83:12:4C:9F:8C:0F:AC:03:BE:C0:24:68:B3:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xo0HtF99gxJMn4wPrAO-wCRos34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/BgBMhUrC787kESMHDAtfbdW-Jc0.roa
Signing time: Sat 01 Jan 2022 06:54:14 +0000
ROA not before: Sat 01 Jan 2022 06:54:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8330
IP address blocks: 91.198.81.0/24 maxlen: 24
5.57.88.0/21 maxlen: 21
193.203.5.0/24 maxlen: 24
195.35.120.0/24 maxlen: 24
2001:7f8:17::/48 maxlen: 48
2a00:eb20::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118375561 (0x70e4489)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e8d07b45f7d83124c9f8c0fac03bec02468b37e
Validity
Not Before: Jan 1 06:54:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=06004c854ac2efcee41123070c0b5f6dd5be25cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a4:36:26:b2:8d:91:5b:42:73:41:67:5c:1c:
37:ef:01:06:04:01:34:ca:62:96:49:42:4a:ea:f3:
dd:06:51:14:66:ea:a4:41:b0:1c:94:3c:1d:59:c2:
82:03:e3:07:1c:bd:04:95:a3:0c:6a:42:a6:32:7b:
17:8f:0b:cb:5a:84:c0:e6:a3:49:53:34:83:f9:6c:
63:ea:79:39:42:47:70:c8:0e:a7:23:3c:31:20:82:
e1:70:de:d3:2c:67:0c:62:5d:9d:7f:c9:f9:c0:7c:
c2:a4:c1:df:b9:5a:2d:af:30:14:db:49:1b:1e:d9:
70:e8:48:77:5f:dd:54:68:37:a3:66:fa:e8:0e:8d:
44:d7:33:ec:fd:ee:d8:78:a6:20:44:92:5c:8e:80:
0d:48:a6:b9:51:f9:35:f4:57:25:26:3b:30:fd:eb:
14:b9:0f:47:97:87:bb:b4:6e:1b:a5:36:22:b1:52:
34:16:ca:a8:d6:c5:3d:97:73:20:6c:4f:f3:e1:64:
9d:ac:a7:eb:8f:9e:d4:05:11:ae:a5:83:0e:d5:c0:
68:bd:b1:b4:21:d5:3d:ce:34:85:96:e0:5a:f4:f7:
f4:64:69:2b:39:d1:62:2f:c5:5f:6b:28:94:cc:3b:
17:c0:56:96:5e:3e:63:99:fe:c9:46:74:bd:7d:1c:
54:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:00:4C:85:4A:C2:EF:CE:E4:11:23:07:0C:0B:5F:6D:D5:BE:25:CD
X509v3 Authority Key Identifier:
keyid:5E:8D:07:B4:5F:7D:83:12:4C:9F:8C:0F:AC:03:BE:C0:24:68:B3:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xo0HtF99gxJMn4wPrAO-wCRos34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/BgBMhUrC787kESMHDAtfbdW-Jc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/Xo0HtF99gxJMn4wPrAO-wCRos34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.88.0/21
91.198.81.0/24
193.203.5.0/24
195.35.120.0/24
IPv6:
2001:7f8:17::/48
2a00:eb20::/32
Signature Algorithm: sha256WithRSAEncryption
ac:59:b6:c8:62:48:7e:1a:ef:8e:32:32:1b:09:2a:64:72:fa:
ea:8e:f8:0a:c4:01:e2:db:e0:56:da:11:7c:61:58:0c:96:ca:
b7:4f:61:a0:61:b3:83:ef:3c:90:79:6e:42:8e:91:54:04:15:
ee:07:56:f3:73:61:3f:6f:5e:ee:4e:06:e1:e2:33:1b:c9:a9:
33:21:3a:ea:44:a4:2f:99:b4:cf:72:7f:9a:99:1c:a1:5a:f1:
b7:2c:ab:71:db:bc:24:da:90:be:ed:71:b8:3c:65:b7:e3:33:
ce:3c:a2:3c:5f:69:fb:a4:5e:96:07:7d:26:06:44:c7:f6:43:
97:b5:63:49:83:4a:3c:31:01:b8:35:5f:75:bc:56:74:de:57:
a2:61:d0:54:68:3a:77:e7:43:a2:57:9d:44:e2:1a:6e:5d:ba:
19:06:08:c4:43:b7:a3:95:aa:3b:9c:f8:ef:72:93:79:c0:69:
73:58:c7:0d:26:c9:b3:31:64:9c:fb:f3:57:40:eb:48:dd:99:
f6:d5:75:e0:91:de:aa:a0:15:4d:42:f6:d9:69:8a:3b:7a:8a:
14:05:6d:a4:02:7c:6e:12:c0:41:67:db:10:5e:20:1b:8f:5f:
d6:c5:b4:e8:ab:9d:57:a8:bd:7c:7f:51:d2:c0:3d:ca:50:4d:
ac:54:d4:09
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEBw5EiTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZThkMDdiNDVmN2Q4MzEyNGM5ZjhjMGZhYzAzYmVjMDI0NjhiMzdlMB4XDTIyMDEw
MTA2NTQxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDYwMDRjODU0YWMy
ZWZjZWU0MTEyMzA3MGMwYjVmNmRkNWJlMjVjZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL2kNiayjZFbQnNBZ1wcN+8BBgQBNMpilklCSurz3QZRFGbq
pEGwHJQ8HVnCggPjBxy9BJWjDGpCpjJ7F48Ly1qEwOajSVM0g/lsY+p5OUJHcMgO
pyM8MSCC4XDe0yxnDGJdnX/J+cB8wqTB37laLa8wFNtJGx7ZcOhId1/dVGg3o2b6
6A6NRNcz7P3u2HimIESSXI6ADUimuVH5NfRXJSY7MP3rFLkPR5eHu7RuG6U2IrFS
NBbKqNbFPZdzIGxP8+Fknayn64+e1AURrqWDDtXAaL2xtCHVPc40hZbgWvT39GRp
KznRYi/FX2solMw7F8BWll4+Y5n+yUZ0vX0cVLcCAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBQGAEyFSsLvzuQRIwcMC19t1b4lzTAfBgNVHSMEGDAWgBRejQe0X32DEkyf
jA+sA77AJGizfjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hvMEh0Rjk5Z3hKTW40d1ByQU8td0NSb3MzNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTIvYTE2OGU5LWQwNzAtNDRlMC05NGE0LTZjOGZkODRiYjVmNS8x
L0JnQk1oVXJDNzg3a0VTTUhEQXRmYmRXLUpjMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIv
YTE2OGU5LWQwNzAtNDRlMC05NGE0LTZjOGZkODRiYjVmNS8xL1hvMEh0Rjk5Z3hK
TW40d1ByQU8td0NSb3MzNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwHgQCAAEwGAMEAwU5WAMEAFvGUQMEAMHLBQMEAMMj
eDAWBAIAAjAQAwcAIAEH+AAXAwUAKgDrIDANBgkqhkiG9w0BAQsFAAOCAQEArFm2
yGJIfhrvjjIyGwkqZHL66o74CsQB4tvgVtoRfGFYDJbKt09hoGGzg+88kHluQo6R
VAQV7gdW83NhP29e7k4G4eIzG8mpMyE66kSkL5m0z3J/mpkcoVrxtyyrcdu8JNqQ
vu1xuDxlt+MzzjyiPF9p+6Relgd9JgZEx/ZDl7VjSYNKPDEBuDVfdbxWdN5XomHQ
VGg6d+dDoledROIabl26GQYIxEO3o5WqO5z473KTecBpc1jHDSbJszFknPvzV0Dr
SN2Z9tV14JHeqqAVTUL22WmKO3qKFAVtpAJ8bhLAQWfbEF4gG49f1sW06KudV6i9
fH9R0sA9ylBNrFTUCQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:52 2024 by rpki-client on console-fra.rpki-client.org