Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/buvGbFjQ0XDUxsYEAZ8DrVYBQ3k.roa
File: buvGbFjQ0XDUxsYEAZ8DrVYBQ3k.roa (raw, json)
Hash identifier: f8bt04eCxL3lap+obLKHZ+dxSXvIggRwlGf7b6MD0Zo=
Subject key identifier: 6E:EB:C6:6C:58:D0:D1:70:D4:C6:C6:04:01:9F:03:AD:56:01:43:79
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01852F4BFAA1BD056E32E01885CE5949AE71
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/buvGbFjQ0XDUxsYEAZ8DrVYBQ3k.roa
Signing time: Tue 20 Dec 2022 11:29:46 +0000
ROA not before: Tue 20 Dec 2022 11:29:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3214
IP address blocks: 212.87.223.0/24 maxlen: 24
212.87.221.0/24 maxlen: 24
212.87.222.0/24 maxlen: 24
212.87.220.0/24 maxlen: 24
92.119.124.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2f:4b:fa:a1:bd:05:6e:32:e0:18:85:ce:59:49:ae:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 20 11:29:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6eebc66c58d0d170d4c6c604019f03ad56014379
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:9d:8b:4e:87:39:c0:19:25:e5:ea:8b:d6:78:
3b:b1:bc:97:7a:5c:af:5f:fe:9f:90:45:be:d9:06:
50:a7:b4:1e:0f:dd:b9:e9:d1:0c:a3:77:f5:09:7b:
a5:0e:bd:ce:15:d3:63:90:d2:96:62:db:7c:bd:36:
6e:2e:69:74:94:09:c6:3e:3a:2e:a4:13:a5:e0:95:
6c:2e:fe:de:0b:57:08:b5:0b:ca:80:54:85:d4:cd:
15:50:26:88:c1:73:4c:9a:15:b1:ae:ba:49:bb:c7:
e6:53:a5:c5:3e:fc:80:d8:21:c3:47:9f:5b:85:a5:
9b:ab:2b:f1:af:dd:12:9c:05:07:48:75:ea:60:3e:
d6:8c:8d:4a:cc:8f:d4:0c:99:12:61:1b:15:ca:6f:
b0:49:a1:a5:60:24:8f:9d:fe:08:df:a3:db:6e:83:
cd:5a:93:47:bf:63:ad:9a:df:d6:5c:a0:5a:c2:9e:
f0:e0:c9:fc:e8:b6:19:f9:a6:6c:81:8c:1c:6b:51:
24:a1:a8:7c:16:82:4d:28:60:4a:26:8f:5d:74:a7:
33:46:fe:43:71:93:d7:de:3d:98:99:2c:1f:6b:80:
ed:f8:61:79:d2:fa:3b:08:60:57:b1:02:5c:09:9f:
7f:2d:53:24:76:21:f9:9d:2a:a9:e9:50:81:b5:7a:
14:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:EB:C6:6C:58:D0:D1:70:D4:C6:C6:04:01:9F:03:AD:56:01:43:79
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/buvGbFjQ0XDUxsYEAZ8DrVYBQ3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.119.124.0/22
212.87.220.0/22
Signature Algorithm: sha256WithRSAEncryption
74:53:f3:b3:d7:73:6d:9e:5d:37:10:68:2c:00:dc:73:f0:8d:
15:1b:3e:44:75:ab:ff:52:4d:58:ba:44:8c:89:f7:7f:cd:6e:
65:a6:f2:2d:4b:26:d5:c1:11:84:f5:c9:b8:68:13:de:07:1d:
ec:65:d8:75:5c:b4:e0:29:e4:6a:d6:b6:28:94:2c:df:1d:3d:
3f:16:e4:6a:b5:c5:5f:40:1f:2c:a2:28:07:35:b2:2c:8c:6f:
a5:16:41:29:ab:c4:fa:d0:45:3f:ec:7b:91:bf:91:eb:aa:7a:
bf:34:64:77:c7:42:07:57:0f:a0:35:ed:9a:53:02:b4:42:3a:
c3:36:c3:aa:41:8c:9b:59:a8:95:f5:df:83:e0:c7:0a:04:67:
e3:97:60:07:44:33:12:fc:6c:9b:de:a3:43:57:0b:be:f5:2d:
ba:bb:0c:a5:33:e9:4a:ae:a3:8b:cd:48:9a:e0:51:d9:03:40:
02:c3:cc:21:67:88:12:7b:04:ff:ab:d9:b8:e3:6c:29:46:23:
cf:55:d0:55:3a:33:39:40:42:ac:ab:19:8f:8b:74:e8:cc:6b:
12:d0:b5:23:71:da:39:9c:85:6a:61:63:43:d5:55:57:54:75:
22:b4:53:09:b7:4c:a0:36:a6:ff:2d:e3:30:41:d7:62:f4:99:
10:87:19:c1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYUvS/qhvQVuMuAYhc5ZSa5xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMjIwMTEyOTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWViYzY2YzU4ZDBkMTcwZDRjNmM2MDQwMTlmMDNhZDU2MDE0Mzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhp2LToc5wBkl5eqL1ng7sbyXelyv
X/6fkEW+2QZQp7QeD9256dEMo3f1CXulDr3OFdNjkNKWYtt8vTZuLml0lAnGPjou
pBOl4JVsLv7eC1cItQvKgFSF1M0VUCaIwXNMmhWxrrpJu8fmU6XFPvyA2CHDR59b
haWbqyvxr90SnAUHSHXqYD7WjI1KzI/UDJkSYRsVym+wSaGlYCSPnf4I36PbboPN
WpNHv2Otmt/WXKBawp7w4Mn86LYZ+aZsgYwca1Ekoah8FoJNKGBKJo9ddKczRv5D
cZPX3j2YmSwfa4Dt+GF50vo7CGBXsQJcCZ9/LVMkdiH5nSqp6VCBtXoUJQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG7rxmxY0NFw1MbGBAGfA61WAUN5MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvYnV2R2JGalEwWERVeHNZRUFaOERyVllCUTNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXHd8AwQC
1FfcMA0GCSqGSIb3DQEBCwUAA4IBAQB0U/Oz13Ntnl03EGgsANxz8I0VGz5Edav/
Uk1YukSMifd/zW5lpvItSybVwRGE9cm4aBPeBx3sZdh1XLTgKeRq1rYolCzfHT0/
FuRqtcVfQB8soigHNbIsjG+lFkEpq8T60EU/7HuRv5Hrqnq/NGR3x0IHVw+gNe2a
UwK0QjrDNsOqQYybWaiV9d+D4McKBGfjl2AHRDMS/Gyb3qNDVwu+9S26uwylM+lK
rqOLzUia4FHZA0ACw8whZ4gSewT/q9m442wpRiPPVdBVOjM5QEKsqxmPi3TozGsS
0LUjcdo5nIVqYWND1VVXVHUitFMJt0ygNqb/LeMwQddi9JkQhxnB
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:39 2023 by rpki-client on console-ams.rpki-client.org