Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/BHdU6T9sqItrqBASICJLR2Li8Lo.roa
File: BHdU6T9sqItrqBASICJLR2Li8Lo.roa (raw, json)
Hash identifier: 4FolTMgWbK9WgMqlRRobiwBCnfNOCz9E6yLI7UrsRNE=
Subject key identifier: 04:77:54:E9:3F:6C:A8:8B:6B:A8:10:12:20:22:4B:47:62:E2:F0:BA
Certificate issuer: /CN=f919e1f3fe69b4ebdff02a9a857e7c6c2b25301a
Certificate serial: 01833BF8F1B594739071CFC7A684F5082DBB
Authority key identifier: F9:19:E1:F3:FE:69:B4:EB:DF:F0:2A:9A:85:7E:7C:6C:2B:25:30:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/BHdU6T9sqItrqBASICJLR2Li8Lo.roa
Signing time: Wed 14 Sep 2022 12:28:33 +0000
ROA not before: Wed 14 Sep 2022 12:28:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208677
IP address blocks: 46.243.172.0/24 maxlen: 24
37.18.8.0/23 maxlen: 23
37.18.10.0/24 maxlen: 24
37.18.22.0/24 maxlen: 24
178.170.242.0/24 maxlen: 24
46.243.141.0/24 maxlen: 24
46.243.142.0/23 maxlen: 23
37.230.139.0/24 maxlen: 24
87.242.88.0/21 maxlen: 21
37.18.102.0/24 maxlen: 24
37.18.100.0/23 maxlen: 23
37.18.107.0/24 maxlen: 24
37.18.112.0/23 maxlen: 23
37.18.108.0/22 maxlen: 22
37.18.115.0/24 maxlen: 24
37.18.114.0/24 maxlen: 24
37.18.116.0/22 maxlen: 22
37.18.120.0/23 maxlen: 23
87.242.120.0/21 maxlen: 21
37.230.179.0/24 maxlen: 24
37.18.122.0/24 maxlen: 24
37.230.186.0/24 maxlen: 24
37.230.184.0/23 maxlen: 23
37.230.180.0/23 maxlen: 23
46.243.206.0/24 maxlen: 24
46.243.205.0/24 maxlen: 24
46.243.201.0/24 maxlen: 24
46.243.226.0/23 maxlen: 23
46.243.244.0/23 maxlen: 23
37.18.72.0/23 maxlen: 23
188.72.106.0/23 maxlen: 23
188.72.108.0/23 maxlen: 23
37.230.192.0/21 maxlen: 21
37.230.224.0/24 maxlen: 24
37.230.233.0/24 maxlen: 24
94.139.252.0/22 maxlen: 22
178.170.192.0/22 maxlen: 22
178.170.191.0/24 maxlen: 24
45.9.24.0/22 maxlen: 22
178.170.196.0/23 maxlen: 23
141.101.201.0/24 maxlen: 24
141.101.151.0/24 maxlen: 24
45.89.224.0/22 maxlen: 22
2a0c:2b80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:3b:f8:f1:b5:94:73:90:71:cf:c7:a6:84:f5:08:2d:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f919e1f3fe69b4ebdff02a9a857e7c6c2b25301a
Validity
Not Before: Sep 14 12:28:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=047754e93f6ca88b6ba8101220224b4762e2f0ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ea:b0:d3:7d:f5:2c:87:ee:3a:d8:2c:12:fb:
80:35:8a:f6:ad:6a:92:97:e4:c6:71:a3:b6:98:57:
ea:d9:57:54:9f:63:9c:7c:9a:c1:a8:b6:4f:bc:24:
a9:f1:17:01:89:38:b5:b4:8e:c8:09:2b:ad:63:fb:
69:cd:b4:ce:ed:9e:f0:39:6b:94:69:17:c4:ba:18:
1f:25:d8:e8:68:5e:5d:b9:30:04:f1:75:24:1d:40:
aa:5e:26:26:e8:72:68:8b:19:60:2c:44:10:43:d6:
35:c7:54:88:c0:b2:e5:39:a2:08:a3:e8:74:81:43:
fd:3d:8b:f5:1f:3c:ca:c2:41:59:24:da:46:12:e4:
f1:62:a6:5c:71:3b:f8:da:87:d0:a3:29:18:0d:ab:
a6:65:51:74:0e:19:f0:ac:29:b8:b2:53:60:61:8e:
49:4a:0c:9a:14:81:1a:5b:77:1f:f6:a4:f7:f9:73:
16:f8:75:f2:d1:e4:40:59:4f:03:d2:fa:1e:6d:f0:
8c:91:2a:af:d3:d2:cc:80:17:48:40:b7:bb:3b:9e:
a9:5e:01:c6:37:9e:01:11:8e:a6:f6:e1:d8:dd:be:
e4:19:7c:8d:54:f2:5f:ad:6a:22:eb:03:e5:9b:5d:
25:d3:e4:2c:69:0d:d2:5a:1b:b2:28:28:55:be:c7:
73:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:77:54:E9:3F:6C:A8:8B:6B:A8:10:12:20:22:4B:47:62:E2:F0:BA
X509v3 Authority Key Identifier:
keyid:F9:19:E1:F3:FE:69:B4:EB:DF:F0:2A:9A:85:7E:7C:6C:2B:25:30:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/BHdU6T9sqItrqBASICJLR2Li8Lo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/1-Rnh8_5ptOvf8CqahX58bCslMBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.8.0-37.18.10.255
37.18.22.0/24
37.18.72.0/23
37.18.100.0-37.18.102.255
37.18.107.0-37.18.122.255
37.230.139.0/24
37.230.179.0-37.230.181.255
37.230.184.0-37.230.186.255
37.230.192.0/21
37.230.224.0/24
37.230.233.0/24
45.9.24.0/22
45.89.224.0/22
46.243.141.0-46.243.143.255
46.243.172.0/24
46.243.201.0/24
46.243.205.0-46.243.206.255
46.243.226.0/23
46.243.244.0/23
87.242.88.0/21
87.242.120.0/21
94.139.252.0/22
141.101.151.0/24
141.101.201.0/24
178.170.191.0-178.170.197.255
178.170.242.0/24
188.72.106.0-188.72.109.255
IPv6:
2a0c:2b80::/29
Signature Algorithm: sha256WithRSAEncryption
1c:46:67:90:b9:53:3d:c9:a3:c9:c4:d7:ca:b1:37:f0:1e:00:
7b:cf:b1:24:6d:aa:69:a3:3e:45:ba:c8:87:02:e1:2f:f9:84:
a6:d7:a8:36:02:1c:0e:f3:c2:b5:c8:cb:0a:cd:fe:e9:8f:b2:
2a:c4:8d:e2:94:34:ac:6b:71:f8:f1:43:d2:8b:1f:34:48:5a:
59:ca:79:06:dd:44:2a:9c:fa:3c:06:36:40:f0:bc:d5:99:24:
4f:f3:87:7d:11:91:c7:67:30:07:4b:41:47:ff:0b:1b:4b:ed:
da:b0:6b:82:67:a0:fe:6d:b3:48:cb:97:bf:2e:de:bd:c8:b6:
ea:89:55:3c:11:0c:1a:bc:fd:75:ce:c7:76:a3:35:39:72:2a:
79:37:e6:63:6b:75:d1:f0:09:55:0e:18:8e:3a:bd:21:88:cd:
52:6e:e4:c8:28:23:83:d9:02:1e:f9:60:ec:e3:bf:02:bd:e5:
20:72:4f:14:da:14:f1:c9:18:33:82:28:5f:8f:f5:be:eb:b9:
77:d2:b7:98:b9:e4:43:69:e5:35:0e:7d:3b:6a:28:ac:33:32:
43:92:05:56:a4:53:ff:b1:92:06:d0:c5:74:0e:46:f1:82:3f:
3b:bb:20:0c:1a:ba:7b:9c:81:74:75:33:2a:d2:5a:72:fb:58:
35:9b:09:0f
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgISAYM7+PG1lHOQcc/HpoT1CC27MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5MTllMWYzZmU2OWI0ZWJkZmYwMmE5YTg1N2U3YzZjMmIy
NTMwMWEwHhcNMjIwOTE0MTIyODMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDc3NTRlOTNmNmNhODhiNmJhODEwMTIyMDIyNGI0NzYyZTJmMGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOqw0331LIfuOtgsEvuANYr2rWqS
l+TGcaO2mFfq2VdUn2OcfJrBqLZPvCSp8RcBiTi1tI7ICSutY/tpzbTO7Z7wOWuU
aRfEuhgfJdjoaF5duTAE8XUkHUCqXiYm6HJoixlgLEQQQ9Y1x1SIwLLlOaIIo+h0
gUP9PYv1HzzKwkFZJNpGEuTxYqZccTv42ofQoykYDaumZVF0DhnwrCm4slNgYY5J
SgyaFIEaW3cf9qT3+XMW+HXy0eRAWU8D0voebfCMkSqv09LMgBdIQLe7O56pXgHG
N54BEY6m9uHY3b7kGXyNVPJfrWoi6wPlm10l0+QsaQ3SWhuyKChVvsdz9wIDAQAB
o4IDBjCCAwIwHQYDVR0OBBYEFAR3VOk/bKiLa6gQEiAiS0di4vC6MB8GA1UdIwQY
MBaAFPkZ4fP+abTr3/AqmoV+fGwrJTAaMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Sbmg4XzVwdE92ZjhDcWFoWDU4YkNzbE1Cby5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYvMWM5ODA5LTFmNjAtNDNjMi04MTAz
LWRhZDA0MjBiODVkMy8xL0JIZFU2VDlzcUl0cnFCQVNJQ0pMUjJMaThMby5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjYvMWM5ODA5LTFmNjAtNDNjMi04MTAzLWRhZDA0MjBiODVk
My8xLzEtUm5oOF81cHRPdmY4Q3FhaFg1OGJDc2xNQm8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggEYBggrBgEFBQcBBwEB/wSCAQcwggEDMIHxBAIAATCB
6jAMAwQDJRIIAwQAJRIKAwQAJRIWAwQBJRJIMAwDBAIlEmQDBAAlEmYwDAMEACUS
awMEACUSegMEACXmizAMAwQAJeazAwQBJea0MAwDBAMl5rgDBAAl5roDBAMl5sAD
BAAl5uADBAAl5ukDBAItCRgDBAItWeAwDAMEAC7zjQMEBC7zgAMEAC7zrAMEAC7z
yTAMAwQALvPNAwQALvPOAwQBLvPiAwQBLvP0AwQDV/JYAwQDV/J4AwQCXov8AwQA
jWWXAwQAjWXJMAwDBACyqr8DBAGyqsQDBACyqvIwDAMEAbxIagMEAbxIbDANBAIA
AjAHAwUDKgwrgDANBgkqhkiG9w0BAQsFAAOCAQEAHEZnkLlTPcmjycTXyrE38B4A
e8+xJG2qaaM+RbrIhwLhL/mEpteoNgIcDvPCtcjLCs3+6Y+yKsSN4pQ0rGtx+PFD
0osfNEhaWcp5Bt1EKpz6PAY2QPC81ZkkT/OHfRGRx2cwB0tBR/8LG0vt2rBrgmeg
/m2zSMuXvy7evci26olVPBEMGrz9dc7HdqM1OXIqeTfmY2t10fAJVQ4Yjjq9IYjN
Um7kyCgjg9kCHvlg7OO/Ar3lIHJPFNoU8ckYM4IoX4/1vuu5d9K3mLnkQ2nlNQ59
O2oorDMyQ5IFVqRT/7GSBtDFdA5G8YI/O7sgDBq6e5yBdHUzKtJacvtYNZsJDw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:52 2024 by rpki-client on console-fra.rpki-client.org