Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/09012f-b4f6-4df7-b562-010cf2dd40af/1/bdnrP9KgCPhN_gBceUGzZ7AxSwc.roa
File: bdnrP9KgCPhN_gBceUGzZ7AxSwc.roa (raw, json)
Hash identifier: YSthwkwqOYm4A8+t01EGIxTEJs+ug3eK4WgpWw0PsxU=
Subject key identifier: 6D:D9:EB:3F:D2:A0:08:F8:4D:FE:00:5C:79:41:B3:67:B0:31:4B:07
Certificate issuer: /CN=1778cfc09a363a73cc8dda362a2c9e8223d7dad6
Certificate serial: 01D91C01
Authority key identifier: 17:78:CF:C0:9A:36:3A:73:CC:8D:DA:36:2A:2C:9E:82:23:D7:DA:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3jPwJo2OnPMjdo2KiyegiPX2tY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/09012f-b4f6-4df7-b562-010cf2dd40af/1/bdnrP9KgCPhN_gBceUGzZ7AxSwc.roa
Signing time: Wed 08 Jun 2022 13:02:54 +0000
ROA not before: Wed 08 Jun 2022 13:02:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60664
IP address blocks: 145.14.130.0/24 maxlen: 24
153.92.124.0/24 maxlen: 24
157.97.78.0/23 maxlen: 23
153.92.64.0/24 maxlen: 24
153.92.66.0/24 maxlen: 24
153.92.65.0/24 maxlen: 24
153.92.68.0/24 maxlen: 24
153.92.67.0/24 maxlen: 24
153.92.70.0/24 maxlen: 24
153.92.69.0/24 maxlen: 24
153.92.71.0/24 maxlen: 24
153.92.162.0/24 maxlen: 24
153.92.161.0/24 maxlen: 24
153.92.164.0/24 maxlen: 24
153.92.163.0/24 maxlen: 24
153.92.165.0/24 maxlen: 24
153.92.166.0/24 maxlen: 24
153.92.160.0/24 maxlen: 24
153.92.167.0/24 maxlen: 24
153.92.169.0/24 maxlen: 24
153.92.168.0/24 maxlen: 24
153.92.170.0/24 maxlen: 24
153.92.172.0/24 maxlen: 24
153.92.171.0/24 maxlen: 24
153.92.174.0/24 maxlen: 24
153.92.173.0/24 maxlen: 24
157.180.192.0/24 maxlen: 24
157.180.193.0/24 maxlen: 24
157.180.195.0/24 maxlen: 24
157.180.194.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31005697 (0x1d91c01)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1778cfc09a363a73cc8dda362a2c9e8223d7dad6
Validity
Not Before: Jun 8 13:02:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6dd9eb3fd2a008f84dfe005c7941b367b0314b07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:38:20:48:2e:bd:35:f2:6d:41:4d:f1:fa:92:
e3:63:3d:29:a3:d8:a3:fe:05:9f:c9:ef:ad:d0:be:
11:98:d2:91:fe:f2:7f:1a:b3:06:23:1f:6e:2f:c1:
e9:e7:ed:74:b2:74:cf:25:f2:7d:da:5d:c0:bc:5d:
07:9d:06:28:af:22:98:29:02:1c:82:4c:b5:f6:53:
a4:9f:9e:cb:aa:1f:ec:82:e5:ff:cd:d2:f6:94:82:
bc:02:2d:dd:a0:2a:f9:3a:a4:92:08:bc:2a:38:0c:
3b:dd:e7:8c:0f:04:e4:94:27:2f:bb:15:27:db:5f:
70:88:93:13:bd:87:3f:e4:c3:2a:2f:42:68:e2:78:
bb:37:c2:22:8a:5d:02:ae:c1:1e:17:04:d0:32:dd:
4f:38:36:6e:e1:67:29:19:20:2e:5b:36:8a:7b:3b:
46:9f:1a:3b:13:f9:d0:53:f2:4e:cb:ff:8e:f6:82:
b4:7a:4b:32:6b:01:6a:f2:9e:45:10:e4:65:ed:ca:
15:cd:60:31:e4:93:fc:dc:8f:6f:e2:41:7b:25:a1:
9e:08:39:84:fc:bc:52:88:56:ce:a6:60:b8:1b:de:
bb:9e:4b:ba:08:e5:4c:8f:6c:cd:01:42:c4:ce:53:
3d:35:a2:3f:98:70:ef:17:21:2c:2f:07:6f:04:91:
70:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:D9:EB:3F:D2:A0:08:F8:4D:FE:00:5C:79:41:B3:67:B0:31:4B:07
X509v3 Authority Key Identifier:
keyid:17:78:CF:C0:9A:36:3A:73:CC:8D:DA:36:2A:2C:9E:82:23:D7:DA:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3jPwJo2OnPMjdo2KiyegiPX2tY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/09012f-b4f6-4df7-b562-010cf2dd40af/1/bdnrP9KgCPhN_gBceUGzZ7AxSwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/09012f-b4f6-4df7-b562-010cf2dd40af/1/F3jPwJo2OnPMjdo2KiyegiPX2tY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.14.130.0/24
153.92.64.0/21
153.92.124.0/24
153.92.160.0-153.92.174.255
157.97.78.0/23
157.180.192.0/22
Signature Algorithm: sha256WithRSAEncryption
16:5d:a7:1a:59:38:bb:f6:11:5f:0a:5c:73:f3:ff:bd:cd:88:
c4:b5:c9:ce:ca:47:71:5c:67:2b:48:f0:ac:d0:7c:49:a2:c4:
1f:14:42:9c:fd:a0:e8:51:c3:80:85:75:de:b7:da:8a:60:4f:
9c:64:48:c9:63:69:89:cf:0d:37:7d:30:21:da:45:01:03:47:
5a:4c:3d:52:28:f2:fb:2d:72:44:d0:25:f7:5b:47:d1:5e:43:
8c:91:3e:5b:5e:3e:0a:9e:42:95:f1:fd:cb:18:5d:fc:ed:f0:
88:af:c8:e0:6f:b2:c0:04:2e:cd:5e:d4:9a:c9:07:e2:8c:27:
61:e6:b9:72:e9:35:7a:dc:e1:7e:e7:e9:10:79:7c:7c:b1:62:
5d:18:d3:05:81:85:43:8c:ba:d9:e2:ab:f6:18:71:c1:1e:45:
ea:a2:a0:27:51:78:57:e0:87:6b:7b:23:f6:d4:1c:2b:6b:b4:
8b:e7:f4:fe:86:67:83:69:9b:15:02:1f:f8:46:1e:00:db:26:
d9:37:b1:ff:79:c1:cf:a5:5b:4d:99:22:7a:4a:b2:56:77:93:
fa:7e:d0:6a:7f:37:ea:b8:99:6b:79:d8:2a:93:7f:a5:65:42:
b7:05:4f:c0:8a:60:67:bb:9c:2a:5f:dd:f5:6d:86:72:ea:b9:
7e:23:ca:83
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIEAdkcATANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
Nzc4Y2ZjMDlhMzYzYTczY2M4ZGRhMzYyYTJjOWU4MjIzZDdkYWQ2MB4XDTIyMDYw
ODEzMDI1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmRkOWViM2ZkMmEw
MDhmODRkZmUwMDVjNzk0MWIzNjdiMDMxNGIwNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALs4IEguvTXybUFN8fqS42M9KaPYo/4Fn8nvrdC+EZjSkf7y
fxqzBiMfbi/B6eftdLJ0zyXyfdpdwLxdB50GKK8imCkCHIJMtfZTpJ+ey6of7ILl
/83S9pSCvAIt3aAq+Tqkkgi8KjgMO93njA8E5JQnL7sVJ9tfcIiTE72HP+TDKi9C
aOJ4uzfCIopdAq7BHhcE0DLdTzg2buFnKRkgLls2ins7Rp8aOxP50FPyTsv/jvaC
tHpLMmsBavKeRRDkZe3KFc1gMeST/NyPb+JBeyWhngg5hPy8UohWzqZguBveu55L
ugjlTI9szQFCxM5TPTWiP5hw7xchLC8HbwSRcF8CAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBRt2es/0qAI+E3+AFx5QbNnsDFLBzAfBgNVHSMEGDAWgBQXeM/AmjY6c8yN
2jYqLJ6CI9fa1jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0YzalB3Sm8yT25QTWpkbzJLaXllZ2lQWDJ0WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvMDkwMTJmLWI0ZjYtNGRmNy1iNTYyLTAxMGNmMmRkNDBhZi8x
L2JkbnJQOUtnQ1BoTl9nQmNlVUd6WjdBeFN3Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
MDkwMTJmLWI0ZjYtNGRmNy1iNTYyLTAxMGNmMmRkNDBhZi8xL0YzalB3Sm8yT25Q
TWpkbzJLaXllZ2lQWDJ0WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwMgQCAAEwLAMEAJEOggMEA5lcQAMEAJlcfDAMAwQF
mVygAwQAmVyuAwQBnWFOAwQCnbTAMA0GCSqGSIb3DQEBCwUAA4IBAQAWXacaWTi7
9hFfClxz8/+9zYjEtcnOykdxXGcrSPCs0HxJosQfFEKc/aDoUcOAhXXet9qKYE+c
ZEjJY2mJzw03fTAh2kUBA0daTD1SKPL7LXJE0CX3W0fRXkOMkT5bXj4KnkKV8f3L
GF387fCIr8jgb7LABC7NXtSayQfijCdh5rly6TV63OF+5+kQeXx8sWJdGNMFgYVD
jLrZ4qv2GHHBHkXqoqAnUXhX4IdreyP21Bwra7SL5/T+hmeDaZsVAh/4Rh4A2ybZ
N7H/ecHPpVtNmSJ6SrJWd5P6ftBqfzfquJlredgqk3+lZUK3BU/AimBnu5wqX931
bYZy6rl+I8qD
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:34 2023 by rpki-client on console-fra.rpki-client.org