Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/BxfeDQNvZjQBsqxysF0TjTQBvXw.roa
File: BxfeDQNvZjQBsqxysF0TjTQBvXw.roa (raw, json)
Hash identifier: r1m9VJW4W/CAcCSS2AWYmyUnJOiwsD5wSLbLIjIghxA=
Subject key identifier: 07:17:DE:0D:03:6F:66:34:01:B2:AC:72:B0:5D:13:8D:34:01:BD:7C
Certificate issuer: /CN=f919e1f3fe69b4ebdff02a9a857e7c6c2b25301a
Certificate serial: 01839F812BE57235E1ECCB2AEE746B42D298
Authority key identifier: F9:19:E1:F3:FE:69:B4:EB:DF:F0:2A:9A:85:7E:7C:6C:2B:25:30:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/BxfeDQNvZjQBsqxysF0TjTQBvXw.roa
Signing time: Mon 03 Oct 2022 20:19:45 +0000
ROA not before: Mon 03 Oct 2022 20:19:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208677
IP address blocks: 46.243.172.0/24 maxlen: 24
37.18.8.0/23 maxlen: 23
37.18.10.0/24 maxlen: 24
37.18.22.0/24 maxlen: 24
178.170.242.0/24 maxlen: 24
46.243.141.0/24 maxlen: 24
46.243.142.0/23 maxlen: 23
37.230.139.0/24 maxlen: 24
87.242.88.0/21 maxlen: 21
37.18.102.0/24 maxlen: 24
37.18.100.0/23 maxlen: 23
37.18.107.0/24 maxlen: 24
37.18.112.0/23 maxlen: 23
37.18.108.0/22 maxlen: 22
37.18.115.0/24 maxlen: 24
37.18.114.0/24 maxlen: 24
37.18.116.0/22 maxlen: 22
37.18.120.0/23 maxlen: 23
87.242.120.0/21 maxlen: 21
37.230.179.0/24 maxlen: 24
37.18.122.0/24 maxlen: 24
37.230.186.0/24 maxlen: 24
37.230.184.0/23 maxlen: 23
37.230.180.0/23 maxlen: 23
46.243.206.0/24 maxlen: 24
46.243.205.0/24 maxlen: 24
46.243.201.0/24 maxlen: 24
46.243.226.0/23 maxlen: 23
46.243.244.0/23 maxlen: 23
37.18.72.0/23 maxlen: 23
89.232.160.0/21 maxlen: 21
188.72.106.0/23 maxlen: 23
188.72.108.0/23 maxlen: 23
37.230.192.0/21 maxlen: 21
37.230.224.0/24 maxlen: 24
37.230.233.0/24 maxlen: 24
94.139.252.0/22 maxlen: 22
178.170.192.0/22 maxlen: 22
178.170.191.0/24 maxlen: 24
45.9.24.0/22 maxlen: 22
178.170.196.0/23 maxlen: 23
141.101.201.0/24 maxlen: 24
141.101.151.0/24 maxlen: 24
45.89.224.0/22 maxlen: 22
2a0c:2b80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:9f:81:2b:e5:72:35:e1:ec:cb:2a:ee:74:6b:42:d2:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f919e1f3fe69b4ebdff02a9a857e7c6c2b25301a
Validity
Not Before: Oct 3 20:19:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0717de0d036f663401b2ac72b05d138d3401bd7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:fe:3d:de:f1:38:f8:09:8d:2b:db:f0:a3:94:
b0:43:44:a5:55:f7:ad:3b:df:cd:1a:8b:ae:6c:93:
2d:8e:69:f9:31:dc:7e:23:93:c6:4b:59:15:16:20:
cf:c9:93:68:0b:7d:30:a3:3c:1d:2d:51:99:16:3a:
24:3f:73:23:cb:04:a4:4d:82:69:47:ab:28:50:7d:
85:5e:61:2d:28:25:03:2c:10:fa:a0:c6:4b:86:6c:
b4:58:59:89:e4:bc:10:20:d7:81:73:04:33:ad:7f:
63:5b:61:ca:3b:42:64:af:9c:4c:68:68:e1:22:cd:
9c:7b:2a:cd:cf:ae:b0:ed:2b:c8:7d:7f:86:11:4e:
1b:f1:6d:70:f1:30:9e:0d:3f:d3:48:e8:34:3a:a4:
1f:a7:33:ac:af:6a:59:23:88:61:3a:f8:e0:44:ac:
bc:61:11:11:66:e7:89:f0:04:10:67:6d:46:b4:87:
08:34:d7:a7:71:fd:51:a9:3f:9c:4a:db:55:fe:84:
79:73:aa:19:70:19:dc:c0:dd:f8:ba:97:e2:1d:9c:
90:a8:33:8b:fc:f1:d8:49:3b:ff:b0:6e:62:a4:62:
05:88:56:f7:31:43:34:01:f1:8a:4d:62:0c:59:98:
74:d4:ae:aa:13:c7:c3:bb:d4:a7:92:98:01:94:89:
90:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:17:DE:0D:03:6F:66:34:01:B2:AC:72:B0:5D:13:8D:34:01:BD:7C
X509v3 Authority Key Identifier:
keyid:F9:19:E1:F3:FE:69:B4:EB:DF:F0:2A:9A:85:7E:7C:6C:2B:25:30:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/BxfeDQNvZjQBsqxysF0TjTQBvXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/1-Rnh8_5ptOvf8CqahX58bCslMBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.8.0-37.18.10.255
37.18.22.0/24
37.18.72.0/23
37.18.100.0-37.18.102.255
37.18.107.0-37.18.122.255
37.230.139.0/24
37.230.179.0-37.230.181.255
37.230.184.0-37.230.186.255
37.230.192.0/21
37.230.224.0/24
37.230.233.0/24
45.9.24.0/22
45.89.224.0/22
46.243.141.0-46.243.143.255
46.243.172.0/24
46.243.201.0/24
46.243.205.0-46.243.206.255
46.243.226.0/23
46.243.244.0/23
87.242.88.0/21
87.242.120.0/21
89.232.160.0/21
94.139.252.0/22
141.101.151.0/24
141.101.201.0/24
178.170.191.0-178.170.197.255
178.170.242.0/24
188.72.106.0-188.72.109.255
IPv6:
2a0c:2b80::/29
Signature Algorithm: sha256WithRSAEncryption
38:88:b6:ab:2c:b9:1b:b8:26:23:9b:48:10:a8:2e:05:fb:9e:
32:95:90:e1:f6:b3:fc:59:57:ed:77:18:f4:e7:d6:08:17:14:
3b:4d:ff:a6:27:9e:a5:a4:72:30:ed:c5:66:bd:bb:30:4d:f0:
1b:4f:33:49:e2:eb:62:da:9b:40:07:3a:ef:80:a3:fc:04:4d:
20:1a:11:87:57:78:83:df:6b:90:9b:e6:e7:ed:3f:2c:5b:39:
66:1c:46:0d:dc:19:f8:40:6b:21:ea:5e:27:05:22:bd:ce:4f:
91:07:b0:88:97:4a:3b:66:11:16:8a:27:bc:9d:d2:98:da:05:
0f:dc:6b:27:67:c3:6c:fa:b9:48:ea:a5:65:3b:ca:92:4c:87:
9b:92:ae:76:64:d8:86:97:8b:3a:4d:4c:a3:ec:2a:29:a9:2f:
ee:27:cf:5b:22:d2:e7:cd:b9:be:be:c0:59:eb:88:7d:47:07:
1e:69:14:52:64:06:f0:b2:b1:84:48:69:25:28:a9:5a:72:3b:
e9:db:5e:67:6a:33:f8:04:c5:dc:b1:b0:bf:7b:7f:28:cc:7d:
d8:73:83:a1:1b:fa:92:ab:5e:11:28:27:85:9b:78:75:7c:29:
50:9a:a6:01:4b:73:65:8d:fa:79:8c:c7:c7:56:2c:34:19:c8:
26:56:e5:b7
-----BEGIN CERTIFICATE-----
MIIGADCCBOigAwIBAgISAYOfgSvlcjXh7Msq7nRrQtKYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5MTllMWYzZmU2OWI0ZWJkZmYwMmE5YTg1N2U3YzZjMmIy
NTMwMWEwHhcNMjIxMDAzMjAxOTQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzE3ZGUwZDAzNmY2NjM0MDFiMmFjNzJiMDVkMTM4ZDM0MDFiZDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArv493vE4+AmNK9vwo5SwQ0SlVfet
O9/NGouubJMtjmn5Mdx+I5PGS1kVFiDPyZNoC30wozwdLVGZFjokP3MjywSkTYJp
R6soUH2FXmEtKCUDLBD6oMZLhmy0WFmJ5LwQINeBcwQzrX9jW2HKO0Jkr5xMaGjh
Is2ceyrNz66w7SvIfX+GEU4b8W1w8TCeDT/TSOg0OqQfpzOsr2pZI4hhOvjgRKy8
YRERZueJ8AQQZ21GtIcINNencf1RqT+cSttV/oR5c6oZcBncwN34upfiHZyQqDOL
/PHYSTv/sG5ipGIFiFb3MUM0AfGKTWIMWZh01K6qE8fDu9SnkpgBlImQPwIDAQAB
o4IDDDCCAwgwHQYDVR0OBBYEFAcX3g0Db2Y0AbKscrBdE400Ab18MB8GA1UdIwQY
MBaAFPkZ4fP+abTr3/AqmoV+fGwrJTAaMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Sbmg4XzVwdE92ZjhDcWFoWDU4YkNzbE1Cby5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYvMWM5ODA5LTFmNjAtNDNjMi04MTAz
LWRhZDA0MjBiODVkMy8xL0J4ZmVEUU52WmpRQnNxeHlzRjBUalRRQnZYdy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjYvMWM5ODA5LTFmNjAtNDNjMi04MTAzLWRhZDA0MjBiODVk
My8xLzEtUm5oOF81cHRPdmY4Q3FhaFg1OGJDc2xNQm8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggEeBggrBgEFBQcBBwEB/wSCAQ0wggEJMIH3BAIAATCB
8DAMAwQDJRIIAwQAJRIKAwQAJRIWAwQBJRJIMAwDBAIlEmQDBAAlEmYwDAMEACUS
awMEACUSegMEACXmizAMAwQAJeazAwQBJea0MAwDBAMl5rgDBAAl5roDBAMl5sAD
BAAl5uADBAAl5ukDBAItCRgDBAItWeAwDAMEAC7zjQMEBC7zgAMEAC7zrAMEAC7z
yTAMAwQALvPNAwQALvPOAwQBLvPiAwQBLvP0AwQDV/JYAwQDV/J4AwQDWeigAwQC
Xov8AwQAjWWXAwQAjWXJMAwDBACyqr8DBAGyqsQDBACyqvIwDAMEAbxIagMEAbxI
bDANBAIAAjAHAwUDKgwrgDANBgkqhkiG9w0BAQsFAAOCAQEAOIi2qyy5G7gmI5tI
EKguBfueMpWQ4faz/FlX7XcY9OfWCBcUO03/pieepaRyMO3FZr27ME3wG08zSeLr
YtqbQAc674Cj/ARNIBoRh1d4g99rkJvm5+0/LFs5ZhxGDdwZ+EBrIepeJwUivc5P
kQewiJdKO2YRFoonvJ3SmNoFD9xrJ2fDbPq5SOqlZTvKkkyHm5KudmTYhpeLOk1M
o+wqKakv7ifPWyLS5825vr7AWeuIfUcHHmkUUmQG8LKxhEhpJSipWnI76dteZ2oz
+ATF3LGwv3t/KMx92HODoRv6kqteESgnhZt4dXwpUJqmAUtzZY36eYzHx1YsNBnI
Jlbltw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:52 2024 by rpki-client on console-fra.rpki-client.org