Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/ad3696-f36f-4df0-b2de-c1e9362b1a51/1/BLbd3DDGKGZicXtzCEf__bgKl0U.roa
File: BLbd3DDGKGZicXtzCEf__bgKl0U.roa (raw, json)
Hash identifier: aseQrzK0QIB04bAT7VV2Vu47ilXKvsFthLqwjOtjfac=
Subject key identifier: 04:B6:DD:DC:30:C6:28:66:62:71:7B:73:08:47:FF:FD:B8:0A:97:45
Certificate issuer: /CN=5af4de6e73c8e053cb640b74d2b912abd90b0580
Certificate serial: 06423653
Authority key identifier: 5A:F4:DE:6E:73:C8:E0:53:CB:64:0B:74:D2:B9:12:AB:D9:0B:05:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WvTebnPI4FPLZAt00rkSq9kLBYA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/ad3696-f36f-4df0-b2de-c1e9362b1a51/1/BLbd3DDGKGZicXtzCEf__bgKl0U.roa
Signing time: Sat 01 Jan 2022 07:03:25 +0000
ROA not before: Sat 01 Jan 2022 07:03:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12440
IP address blocks: 82.214.240.0/21 maxlen: 24
128.65.64.0/19 maxlen: 24
82.214.192.0/18 maxlen: 24
82.214.210.0/24 maxlen: 24
82.214.220.0/24 maxlen: 24
82.214.223.0/24 maxlen: 24
82.214.232.0/24 maxlen: 24
185.117.52.0/22 maxlen: 24
82.214.234.0/24 maxlen: 24
82.214.239.0/24 maxlen: 24
62.128.160.0/19 maxlen: 24
62.128.168.0/21 maxlen: 24
195.238.32.0/19 maxlen: 24
195.238.44.0/24 maxlen: 24
195.238.45.0/24 maxlen: 24
62.128.186.0/24 maxlen: 24
62.128.188.0/24 maxlen: 24
62.128.191.0/24 maxlen: 24
2a0a:1240::/32 maxlen: 40
2a0a:1241::/32 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105002579 (0x6423653)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5af4de6e73c8e053cb640b74d2b912abd90b0580
Validity
Not Before: Jan 1 07:03:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=04b6dddc30c6286662717b730847fffdb80a9745
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:a6:e4:7b:d8:17:e9:b9:2e:52:7b:00:99:58:
43:04:67:bb:51:23:ad:f7:43:ff:52:32:e9:49:2c:
c8:b1:e2:37:ac:a4:29:c2:59:2a:d0:2b:fd:93:91:
89:4b:ac:29:dc:ba:c3:8b:60:38:b6:2c:36:2a:26:
ac:8c:ae:21:55:17:03:62:41:8d:00:8d:0f:9a:8d:
c2:0d:07:21:8b:85:2c:e4:32:4c:8a:62:64:b2:a7:
94:9e:2c:dc:3f:90:2a:6b:d6:bc:d8:c7:53:60:f2:
63:7e:2f:fc:8e:bf:f8:b4:ae:88:dd:57:d1:08:52:
f0:4e:ce:58:31:23:d1:fb:17:16:e7:78:da:da:e6:
c6:3f:51:d6:ab:6e:d4:6e:76:03:47:78:0c:4f:4c:
eb:d3:01:67:a1:cf:f3:04:20:ba:32:2c:ff:52:1e:
47:72:1f:cd:90:c8:41:e5:a0:e6:bb:41:74:ac:f6:
f4:39:85:17:cd:75:e5:84:ab:ca:78:ba:4f:f7:02:
33:5c:74:d0:c0:a3:aa:d4:13:c0:29:57:a9:65:6a:
c9:b9:04:39:65:f3:d4:4b:12:4e:6d:44:92:66:c1:
2e:f8:fa:4a:e6:f9:cb:5b:38:96:38:6e:3f:a1:ab:
89:4f:c7:df:0c:3e:1d:27:2b:a6:c7:16:f6:58:32:
7b:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:B6:DD:DC:30:C6:28:66:62:71:7B:73:08:47:FF:FD:B8:0A:97:45
X509v3 Authority Key Identifier:
keyid:5A:F4:DE:6E:73:C8:E0:53:CB:64:0B:74:D2:B9:12:AB:D9:0B:05:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WvTebnPI4FPLZAt00rkSq9kLBYA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/ad3696-f36f-4df0-b2de-c1e9362b1a51/1/BLbd3DDGKGZicXtzCEf__bgKl0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/ad3696-f36f-4df0-b2de-c1e9362b1a51/1/WvTebnPI4FPLZAt00rkSq9kLBYA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.128.160.0/19
82.214.192.0/18
128.65.64.0/19
185.117.52.0/22
195.238.32.0/19
IPv6:
2a0a:1240::/31
Signature Algorithm: sha256WithRSAEncryption
04:bc:33:af:c5:30:b9:e1:97:a4:ab:3d:64:a1:59:23:68:ff:
e6:3a:20:0b:0a:7f:55:ab:6b:5a:5c:19:df:6e:bc:0b:84:79:
84:95:e8:7d:94:ab:3b:2f:16:8c:ab:41:2a:fb:c1:d7:f5:14:
8b:5c:ae:89:e3:aa:c8:88:22:ac:a6:cc:a0:e0:7e:a5:07:12:
61:bd:d1:22:a2:5f:17:7f:01:c3:9d:21:4a:0b:a0:54:9d:aa:
99:98:b0:71:b1:81:bb:a0:e3:e4:44:87:c2:e3:fd:f5:e7:4e:
df:dd:e2:80:22:b5:e9:a9:ba:95:b2:47:d6:cc:ba:50:b3:dd:
81:a1:22:b2:1e:15:f6:1d:20:d2:cf:9d:10:0d:78:ef:ae:0e:
0e:6a:c8:58:21:d1:b3:29:77:ea:a4:d6:1e:c2:21:f8:17:10:
01:09:8c:93:5e:b6:ce:7b:75:d7:71:5e:51:c9:0d:51:0c:7a:
48:da:6b:7f:49:13:13:3e:82:07:0c:25:17:7c:82:e4:b3:14:
2e:8b:e8:bd:b7:e3:63:7c:1a:9b:1c:40:d1:cc:2b:16:23:47:
f4:ba:4c:ab:80:e6:8c:01:7b:5d:ad:b6:a4:c2:53:cf:70:1e:
b1:d0:ae:1b:64:b5:33:68:2b:e8:bf:0f:a8:59:7d:86:df:f7:
dc:a9:a8:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEBkI2UzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YWY0ZGU2ZTczYzhlMDUzY2I2NDBiNzRkMmI5MTJhYmQ5MGIwNTgwMB4XDTIyMDEw
MTA3MDMyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDRiNmRkZGMzMGM2
Mjg2NjYyNzE3YjczMDg0N2ZmZmRiODBhOTc0NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOOm5HvYF+m5LlJ7AJlYQwRnu1EjrfdD/1Iy6UksyLHiN6yk
KcJZKtAr/ZORiUusKdy6w4tgOLYsNiomrIyuIVUXA2JBjQCND5qNwg0HIYuFLOQy
TIpiZLKnlJ4s3D+QKmvWvNjHU2DyY34v/I6/+LSuiN1X0QhS8E7OWDEj0fsXFud4
2trmxj9R1qtu1G52A0d4DE9M69MBZ6HP8wQgujIs/1IeR3IfzZDIQeWg5rtBdKz2
9DmFF8115YSryni6T/cCM1x00MCjqtQTwClXqWVqybkEOWXz1EsSTm1EkmbBLvj6
Sub5y1s4ljhuP6GriU/H3ww+HScrpscW9lgye60CAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBQEtt3cMMYoZmJxe3MIR//9uAqXRTAfBgNVHSMEGDAWgBRa9N5uc8jgU8tk
C3TSuRKr2QsFgDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1d2VGViblBJNEZQTFpBdDAwcmtTcTlrTEJZQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjYvYWQzNjk2LWYzNmYtNGRmMC1iMmRlLWMxZTkzNjJiMWE1MS8x
L0JMYmQzRERHS0daaWNYdHpDRWZfX2JnS2wwVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjYv
YWQzNjk2LWYzNmYtNGRmMC1iMmRlLWMxZTkzNjJiMWE1MS8xL1d2VGViblBJNEZQ
TFpBdDAwcmtTcTlrTEJZQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEBT6AoAMEBlLWwAMEBYBBQAMEArl1
NAMEBcPuIDANBAIAAjAHAwUBKgoSQDANBgkqhkiG9w0BAQsFAAOCAQEABLwzr8Uw
ueGXpKs9ZKFZI2j/5jogCwp/VatrWlwZ3268C4R5hJXofZSrOy8WjKtBKvvB1/UU
i1yuieOqyIgirKbMoOB+pQcSYb3RIqJfF38Bw50hSgugVJ2qmZiwcbGBu6Dj5ESH
wuP99edO393igCK16am6lbJH1sy6ULPdgaEish4V9h0g0s+dEA14764ODmrIWCHR
syl36qTWHsIh+BcQAQmMk162znt113FeUckNUQx6SNprf0kTEz6CBwwlF3yC5LMU
LovovbfjY3wamxxA0cwrFiNH9LpMq4DmjAF7Xa22pMJTz3AesdCuG2S1M2gr6L8P
qFl9ht/33KmojA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:52 2024 by rpki-client on console-fra.rpki-client.org