Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/bkzleA31ldmkpOPlVTxPvnGvIfU.roa
File: bkzleA31ldmkpOPlVTxPvnGvIfU.roa (raw, json)
Hash identifier: klLSnpcC0XtWMTq6IyPuu11iNbjzuldgvzecsVUpchE=
Subject key identifier: 6E:4C:E5:78:0D:F5:95:D9:A4:A4:E3:E5:55:3C:4F:BE:71:AF:21:F5
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 0182561B422A1283B8C51F3A45B4AE38BF59
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/bkzleA31ldmkpOPlVTxPvnGvIfU.roa
Signing time: Sun 31 Jul 2022 21:13:23 +0000
ROA not before: Sun 31 Jul 2022 21:13:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58212
IP address blocks: 185.236.8.0/24 maxlen: 24
185.236.11.0/24 maxlen: 24
2a09:ff00:100::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:56:1b:42:2a:12:83:b8:c5:1f:3a:45:b4:ae:38:bf:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Jul 31 21:13:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6e4ce5780df595d9a4a4e3e5553c4fbe71af21f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b7:47:05:20:63:ae:8b:51:37:2d:f1:a0:10:
53:d7:af:86:7d:a5:18:84:5a:4b:7a:ca:7b:26:aa:
e2:f2:ce:b7:40:f4:e8:db:7b:7e:56:76:94:11:08:
cd:d4:04:da:a9:62:37:2a:83:77:d6:c9:98:e1:ce:
0d:32:ad:02:71:a0:37:73:13:90:ab:1a:14:2b:10:
7c:d5:61:a0:61:9e:da:94:06:36:c3:78:4b:00:3d:
cf:9a:66:55:d9:72:fb:75:83:4f:4c:c4:ff:01:6c:
60:01:eb:6d:d4:77:00:1b:d7:b7:57:3a:1e:c5:f9:
d1:6c:9e:5e:15:c2:7f:9d:28:f5:e1:58:08:e0:c3:
06:b8:08:42:51:04:15:91:8d:b8:ee:ca:0c:a3:02:
ce:38:a8:5e:ec:d7:f9:a0:4f:6a:5e:bb:33:ef:31:
01:b8:13:b1:6a:61:03:1f:68:e4:1f:fb:6d:a7:f0:
0d:49:18:80:23:d1:6a:94:a5:bd:a5:97:39:ab:54:
10:d1:bd:f2:95:f5:b9:a4:d4:36:b2:ae:22:ac:85:
68:21:f8:92:04:48:3b:54:74:16:c7:12:94:05:83:
86:c5:22:53:b5:b3:66:8b:c7:16:4a:f2:18:c8:ec:
e0:d0:83:e6:89:63:58:fe:56:0d:09:ba:64:50:4a:
99:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:4C:E5:78:0D:F5:95:D9:A4:A4:E3:E5:55:3C:4F:BE:71:AF:21:F5
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/bkzleA31ldmkpOPlVTxPvnGvIfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.236.8.0/24
185.236.11.0/24
IPv6:
2a09:ff00:100::/48
Signature Algorithm: sha256WithRSAEncryption
3c:ab:03:d2:3a:fb:39:73:24:2b:80:28:48:00:34:89:73:a8:
d2:6a:3e:99:dc:d9:12:5c:d6:4d:b4:fa:1e:38:b7:5d:4c:23:
05:93:9e:e2:c4:d6:46:56:96:e0:3f:43:1b:d7:fd:52:49:7f:
eb:ab:25:c2:c9:3f:fb:f7:e1:6d:5e:2a:20:ea:f9:ee:5c:96:
99:32:bb:4b:aa:20:7d:60:e9:b8:f6:12:b5:c0:09:70:44:8d:
9d:1e:04:91:78:c3:97:8f:6b:71:5e:e4:97:28:66:e0:74:09:
8d:f1:18:0b:66:0d:85:2f:15:85:70:43:f7:df:e5:42:e6:73:
74:5c:d8:76:7e:1b:6c:4b:66:30:38:23:c4:34:ba:a6:b2:47:
61:8c:fd:21:7e:d7:d2:20:98:a1:43:5b:51:62:da:02:2b:2f:
c9:b6:d0:9f:0a:60:8e:4b:8e:0b:f9:3d:af:58:b7:47:ca:54:
a6:82:00:fa:7c:9d:62:bd:5d:76:38:95:61:91:03:6b:b6:1e:
7a:75:58:78:15:42:12:6a:c6:8c:27:be:46:e2:7c:f8:d6:6c:
17:a2:14:73:92:d3:30:0f:64:c4:3a:35:6c:cd:c9:30:c7:6a:
5a:97:81:14:46:69:41:b2:9c:a8:c6:ed:ea:a0:97:e4:4d:7d:
7c:ee:a7:b5
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYJWG0IqEoO4xR86RbSuOL9ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjIwNzMxMjExMzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTRjZTU3ODBkZjU5NWQ5YTRhNGUzZTU1NTNjNGZiZTcxYWYyMWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLdHBSBjrotRNy3xoBBT16+GfaUY
hFpLesp7Jqri8s63QPTo23t+VnaUEQjN1ATaqWI3KoN31smY4c4NMq0CcaA3cxOQ
qxoUKxB81WGgYZ7alAY2w3hLAD3PmmZV2XL7dYNPTMT/AWxgAett1HcAG9e3Vzoe
xfnRbJ5eFcJ/nSj14VgI4MMGuAhCUQQVkY247soMowLOOKhe7Nf5oE9qXrsz7zEB
uBOxamEDH2jkH/ttp/ANSRiAI9FqlKW9pZc5q1QQ0b3ylfW5pNQ2sq4irIVoIfiS
BEg7VHQWxxKUBYOGxSJTtbNmi8cWSvIYyOzg0IPmiWNY/lYNCbpkUEqZ6wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFG5M5XgN9ZXZpKTj5VU8T75xryH1MB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvYmt6bGVBMzFsZG1rcE9QbFZUeFB2bkd2SWZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuewIAwQA
uewLMA8EAgACMAkDBwAqCf8AAQAwDQYJKoZIhvcNAQELBQADggEBADyrA9I6+zlz
JCuAKEgANIlzqNJqPpnc2RJc1k20+h44t11MIwWTnuLE1kZWluA/QxvX/VJJf+ur
JcLJP/v34W1eKiDq+e5clpkyu0uqIH1g6bj2ErXACXBEjZ0eBJF4w5ePa3Fe5Jco
ZuB0CY3xGAtmDYUvFYVwQ/ff5ULmc3Rc2HZ+G2xLZjA4I8Q0uqayR2GM/SF+19Ig
mKFDW1Fi2gIrL8m20J8KYI5Ljgv5Pa9Yt0fKVKaCAPp8nWK9XXY4lWGRA2u2Hnp1
WHgVQhJqxownvkbifPjWbBeiFHOS0zAPZMQ6NWzNyTDHalqXgRRGaUGynKjG7eqg
l+RNfXzup7U=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:27 2023 by rpki-client on console-ams.rpki-client.org