Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/3a382a-3dda-4796-b320-3fdfb4140f24/1/bt0cbdy-FMXLJ_cePmokepJpPAI.roa
File: bt0cbdy-FMXLJ_cePmokepJpPAI.roa (raw, json)
Hash identifier: q8RBH2VDj70H7ggprFDb/E1fjA1HDW6ApGxGt8dGGt4=
Subject key identifier: 6E:DD:1C:6D:DC:BE:14:C5:CB:27:F7:1E:3E:6A:24:7A:92:69:3C:02
Certificate issuer: /CN=bf809a7e6ca14d0a1a976673e0319e34e956ed3d
Certificate serial: 01828D677116F28C710EF067BFD32505CCFC
Authority key identifier: BF:80:9A:7E:6C:A1:4D:0A:1A:97:66:73:E0:31:9E:34:E9:56:ED:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4CafmyhTQoal2Zz4DGeNOlW7T0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/3a382a-3dda-4796-b320-3fdfb4140f24/1/bt0cbdy-FMXLJ_cePmokepJpPAI.roa
Signing time: Thu 11 Aug 2022 14:55:42 +0000
ROA not before: Thu 11 Aug 2022 14:55:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35332
IP address blocks: 185.151.96.0/22 maxlen: 24
87.236.0.0/21 maxlen: 24
77.242.112.0/20 maxlen: 24
188.92.56.0/21 maxlen: 24
37.235.112.0/21 maxlen: 24
208.88.128.0/22 maxlen: 24
185.113.212.0/22 maxlen: 24
139.28.200.0/22 maxlen: 24
2a00:a000::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8d:67:71:16:f2:8c:71:0e:f0:67:bf:d3:25:05:cc:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf809a7e6ca14d0a1a976673e0319e34e956ed3d
Validity
Not Before: Aug 11 14:55:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6edd1c6ddcbe14c5cb27f71e3e6a247a92693c02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:4b:8b:4b:8d:c4:49:7c:ab:c3:be:b0:0a:9c:
70:be:e4:3b:55:97:22:8c:46:76:d9:26:20:7c:68:
07:99:a4:8c:ac:4d:e5:2a:0a:12:d0:13:07:e1:dd:
07:7f:bb:6b:b4:cb:b9:57:88:d5:c6:c3:bc:f7:32:
6b:34:af:ac:c3:04:bf:29:fe:c5:f3:34:4c:f2:34:
ce:2c:ba:e0:12:ae:52:b8:9b:63:78:9d:98:3c:57:
35:3a:cd:e3:ca:15:3c:ab:d1:5a:40:1b:50:a9:12:
cd:00:5a:9f:cf:de:92:08:fa:cc:d1:a0:4c:1c:47:
80:0f:6a:a5:8b:16:42:e8:f1:b2:84:58:a6:52:0e:
f7:2a:f2:dd:ee:52:83:6a:42:e8:2a:43:ce:25:0b:
d3:4d:05:f9:c7:02:79:01:f7:84:ff:37:c1:73:53:
77:1b:7f:19:19:dc:00:53:2f:bb:ba:f8:50:12:b0:
c2:80:cb:98:10:1d:e2:54:cb:8b:c2:3c:65:fe:6c:
53:f3:86:a6:c0:ed:15:46:a6:71:c0:d0:44:76:21:
8c:f2:08:e6:2b:4b:ad:da:d5:99:cd:f9:40:8a:d4:
88:2d:63:33:8b:1d:88:87:78:67:92:f7:39:13:fe:
82:c5:ab:e2:6f:c4:92:d3:ba:af:e2:d9:ca:63:91:
71:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:DD:1C:6D:DC:BE:14:C5:CB:27:F7:1E:3E:6A:24:7A:92:69:3C:02
X509v3 Authority Key Identifier:
keyid:BF:80:9A:7E:6C:A1:4D:0A:1A:97:66:73:E0:31:9E:34:E9:56:ED:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4CafmyhTQoal2Zz4DGeNOlW7T0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/3a382a-3dda-4796-b320-3fdfb4140f24/1/bt0cbdy-FMXLJ_cePmokepJpPAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/3a382a-3dda-4796-b320-3fdfb4140f24/1/v4CafmyhTQoal2Zz4DGeNOlW7T0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.112.0/21
77.242.112.0/20
87.236.0.0/21
139.28.200.0/22
185.113.212.0/22
185.151.96.0/22
188.92.56.0/21
208.88.128.0/22
IPv6:
2a00:a000::/32
Signature Algorithm: sha256WithRSAEncryption
6b:52:ab:78:a0:b8:66:fe:a1:e1:48:53:2a:4d:22:aa:b6:78:
8e:cd:24:ee:6c:62:a3:6e:a2:05:fa:99:57:2f:68:ae:8c:d2:
23:35:79:c1:e3:b7:18:57:e3:74:bb:b8:8c:ba:31:29:58:88:
8f:65:63:c9:ff:33:db:be:38:6d:2c:d1:81:29:62:f8:58:ca:
81:97:aa:bd:96:a4:4e:e6:74:e9:0f:c4:4a:59:1f:b1:0a:85:
8f:13:35:df:96:3f:f6:84:f3:f3:ed:33:d6:72:2e:7b:38:7e:
16:ac:b2:df:de:3d:82:32:5d:21:f8:7f:cc:90:f7:b8:0b:d6:
4a:29:49:b7:22:af:87:13:7e:bb:9d:6d:bd:49:90:83:56:e1:
22:cf:b0:83:06:ce:88:5c:7b:e3:31:63:02:c6:04:80:b5:77:
c5:90:5a:4b:71:55:da:5c:f7:f9:b6:e7:47:38:c1:c9:75:d6:
95:b3:51:95:b7:2a:97:dc:29:73:45:ed:21:ff:7c:b7:7f:8c:
b5:43:b9:98:19:e4:bd:ba:c1:ac:7b:48:46:c2:bf:48:f7:08:
2a:69:3f:63:89:58:b4:d5:2d:24:dc:70:62:75:44:8e:5c:10:
b5:b3:2b:dc:aa:89:f0:f8:72:1e:1e:47:8c:41:c2:e1:2c:ac:
61:73:99:e6
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYKNZ3EW8oxxDvBnv9MlBcz8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODA5YTdlNmNhMTRkMGExYTk3NjY3M2UwMzE5ZTM0ZTk1
NmVkM2QwHhcNMjIwODExMTQ1NTQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWRkMWM2ZGRjYmUxNGM1Y2IyN2Y3MWUzZTZhMjQ3YTkyNjkzYzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0uLS43ESXyrw76wCpxwvuQ7VZci
jEZ22SYgfGgHmaSMrE3lKgoS0BMH4d0Hf7trtMu5V4jVxsO89zJrNK+swwS/Kf7F
8zRM8jTOLLrgEq5SuJtjeJ2YPFc1Os3jyhU8q9FaQBtQqRLNAFqfz96SCPrM0aBM
HEeAD2qlixZC6PGyhFimUg73KvLd7lKDakLoKkPOJQvTTQX5xwJ5AfeE/zfBc1N3
G38ZGdwAUy+7uvhQErDCgMuYEB3iVMuLwjxl/mxT84amwO0VRqZxwNBEdiGM8gjm
K0ut2tWZzflAitSILWMzix2Ih3hnkvc5E/6Cxavib8SS07qv4tnKY5FxXwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFG7dHG3cvhTFyyf3Hj5qJHqSaTwCMB8GA1UdIwQY
MBaAFL+Amn5soU0KGpdmc+AxnjTpVu09MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRDYWZteWhUUW9hbDJaejRER2VOT2xXN1QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS8zYTM4MmEtM2RkYS00Nzk2LWIzMjAt
M2ZkZmI0MTQwZjI0LzEvYnQwY2JkeS1GTVhMSl9jZVBtb2tlcEpwUEFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS8zYTM4MmEtM2RkYS00Nzk2LWIzMjAtM2ZkZmI0MTQwZjI0
LzEvdjRDYWZteWhUUW9hbDJaejRER2VOT2xXN1QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDJetwAwQE
TfJwAwQDV+wAAwQCixzIAwQCuXHUAwQCuZdgAwQDvFw4AwQC0FiAMA0EAgACMAcD
BQAqAKAAMA0GCSqGSIb3DQEBCwUAA4IBAQBrUqt4oLhm/qHhSFMqTSKqtniOzSTu
bGKjbqIF+plXL2iujNIjNXnB47cYV+N0u7iMujEpWIiPZWPJ/zPbvjhtLNGBKWL4
WMqBl6q9lqRO5nTpD8RKWR+xCoWPEzXflj/2hPPz7TPWci57OH4WrLLf3j2CMl0h
+H/MkPe4C9ZKKUm3Iq+HE367nW29SZCDVuEiz7CDBs6IXHvjMWMCxgSAtXfFkFpL
cVXaXPf5tudHOMHJddaVs1GVtyqX3ClzRe0h/3y3f4y1Q7mYGeS9usGse0hGwr9I
9wgqaT9jiVi01S0k3HBidUSOXBC1syvcqonw+HIeHkeMQcLhLKxhc5nm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:00 2024 by rpki-client on console-fra.rpki-client.org