Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/BkqCXmGYAgGZWPK8QoE6VXG79Bk.roa
File: BkqCXmGYAgGZWPK8QoE6VXG79Bk.roa (raw, json)
Hash identifier: ERyPNNFujWGwRaVktmMMgWY0a+Xf5Mg4Vbsq2kxIcZY=
Subject key identifier: 06:4A:82:5E:61:98:02:01:99:58:F2:BC:42:81:3A:55:71:BB:F4:19
Certificate issuer: /CN=90444b079df008a7c7cbe28fcba5dbe0620e8e17
Certificate serial: 04AF9505
Authority key identifier: 90:44:4B:07:9D:F0:08:A7:C7:CB:E2:8F:CB:A5:DB:E0:62:0E:8E:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kERLB53wCKfHy-KPy6Xb4GIOjhc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/BkqCXmGYAgGZWPK8QoE6VXG79Bk.roa
Signing time: Sat 01 Jan 2022 10:56:39 +0000
ROA not before: Sat 01 Jan 2022 10:56:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47447
IP address blocks: 185.88.212.0/22 maxlen: 22
194.6.208.0/22 maxlen: 22
109.71.72.0/22 maxlen: 22
2a05:cc00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78615813 (0x4af9505)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90444b079df008a7c7cbe28fcba5dbe0620e8e17
Validity
Not Before: Jan 1 10:56:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=064a825e619802019958f2bc42813a5571bbf419
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:3a:1f:ab:eb:cc:ec:e8:af:17:b2:5a:11:9f:
5d:ef:b6:21:6a:e1:49:4d:c8:e6:b1:e4:fd:96:35:
b9:98:37:b7:e2:83:e4:a4:21:84:c6:04:5d:de:e3:
21:9f:95:56:e6:e6:06:3c:ce:e2:a5:4f:d7:e0:a5:
6b:3d:ff:a0:28:2e:59:3b:dd:46:61:7e:38:41:c4:
1b:18:8d:43:c6:ae:fa:4e:e6:6b:2e:8f:88:54:61:
87:9c:ce:3b:16:cc:72:18:c6:8a:77:46:ce:b7:40:
6d:a8:5c:5d:3d:a7:54:14:29:75:ff:d0:40:06:68:
ef:a6:15:11:61:a8:5a:6b:5f:11:58:7b:6e:a1:cc:
7c:76:b6:66:13:10:3e:b9:34:90:b1:97:2c:32:8b:
47:db:e9:af:49:c1:7e:50:92:90:fd:a7:40:22:7d:
a1:33:54:fb:b9:4f:3c:ff:b5:6d:6e:89:21:ab:25:
4f:c6:56:3a:48:78:ac:4a:4e:67:f2:d1:14:58:ea:
dd:0e:72:58:20:63:74:70:8d:cd:41:71:4d:03:1d:
46:ef:ec:84:47:2c:5e:6e:3f:fc:79:28:88:17:52:
37:a0:7e:c9:a1:98:2a:a7:b2:49:e5:c7:bc:8f:50:
61:38:ba:a6:db:55:ba:62:f3:5a:fc:78:f9:5c:6c:
4c:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:4A:82:5E:61:98:02:01:99:58:F2:BC:42:81:3A:55:71:BB:F4:19
X509v3 Authority Key Identifier:
keyid:90:44:4B:07:9D:F0:08:A7:C7:CB:E2:8F:CB:A5:DB:E0:62:0E:8E:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kERLB53wCKfHy-KPy6Xb4GIOjhc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/BkqCXmGYAgGZWPK8QoE6VXG79Bk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/kERLB53wCKfHy-KPy6Xb4GIOjhc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.71.72.0/22
185.88.212.0/22
194.6.208.0/22
IPv6:
2a05:cc00::/29
Signature Algorithm: sha256WithRSAEncryption
b0:de:b1:6f:96:b7:0b:49:ef:b2:89:56:0e:88:8d:2c:03:ba:
f1:42:83:ec:3f:fe:01:37:3d:b1:fc:08:eb:42:bd:de:3e:cf:
31:9f:fd:e4:5c:00:2f:5a:df:e7:90:09:10:d9:29:e4:9e:ff:
af:19:be:c2:78:13:e2:44:d2:5b:e2:44:fd:60:9e:ee:ad:ee:
40:2f:06:5e:af:31:51:cd:71:56:6f:1c:56:57:8c:ae:e7:6d:
d5:2a:5b:ef:02:3d:e9:91:19:41:d6:48:48:32:14:8a:ac:61:
f6:2d:3f:e5:f7:46:32:6e:84:5a:6c:b6:c4:f7:34:da:d7:4a:
5a:65:a9:a8:11:56:33:b5:87:15:47:0f:a8:95:8b:0c:f2:30:
44:87:13:8e:7c:86:83:33:f0:0f:df:61:80:02:dc:66:04:6b:
9d:9d:85:22:77:5f:f6:bc:51:a1:9f:27:45:e9:8f:5a:8a:13:
4e:d5:38:c8:42:5d:a6:14:cd:d1:87:bc:c2:97:75:0d:69:3a:
77:55:fd:af:dd:d0:8c:eb:5f:37:5e:e4:94:8e:45:d7:41:5e:
36:2a:37:ff:2c:d1:d3:02:b1:b9:cc:51:bf:9d:20:b0:d6:7d:
08:9f:a0:1f:20:72:2a:ae:4f:4b:c3:ff:94:b5:72:bb:39:28:
c5:26:2a:49
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEBK+VBTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MDQ0NGIwNzlkZjAwOGE3YzdjYmUyOGZjYmE1ZGJlMDYyMGU4ZTE3MB4XDTIyMDEw
MTEwNTYzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDY0YTgyNWU2MTk4
MDIwMTk5NThmMmJjNDI4MTNhNTU3MWJiZjQxOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK86H6vrzOzorxeyWhGfXe+2IWrhSU3I5rHk/ZY1uZg3t+KD
5KQhhMYEXd7jIZ+VVubmBjzO4qVP1+Claz3/oCguWTvdRmF+OEHEGxiNQ8au+k7m
ay6PiFRhh5zOOxbMchjGindGzrdAbahcXT2nVBQpdf/QQAZo76YVEWGoWmtfEVh7
bqHMfHa2ZhMQPrk0kLGXLDKLR9vpr0nBflCSkP2nQCJ9oTNU+7lPPP+1bW6JIasl
T8ZWOkh4rEpOZ/LRFFjq3Q5yWCBjdHCNzUFxTQMdRu/shEcsXm4//HkoiBdSN6B+
yaGYKqeySeXHvI9QYTi6pttVumLzWvx4+VxsTHECAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBQGSoJeYZgCAZlY8rxCgTpVcbv0GTAfBgNVHSMEGDAWgBSQREsHnfAIp8fL
4o/LpdvgYg6OFzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tFUkxCNTN3Q0tmSHktS1B5NlhiNEdJT2poYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGUvMjRlYzhlLTFjYzYtNDVlMy05MDYzLTk5MTQ5ODY3ZGJmNy8x
L0JrcUNYbUdZQWdHWldQSzhRb0U2VlhHNzlCay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUv
MjRlYzhlLTFjYzYtNDVlMy05MDYzLTk5MTQ5ODY3ZGJmNy8xL2tFUkxCNTN3Q0tm
SHktS1B5NlhiNEdJT2poYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAm1HSAMEArlY1AMEAsIG0DANBAIA
AjAHAwUDKgXMADANBgkqhkiG9w0BAQsFAAOCAQEAsN6xb5a3C0nvsolWDoiNLAO6
8UKD7D/+ATc9sfwI60K93j7PMZ/95FwAL1rf55AJENkp5J7/rxm+wngT4kTSW+JE
/WCe7q3uQC8GXq8xUc1xVm8cVleMrudt1Spb7wI96ZEZQdZISDIUiqxh9i0/5fdG
Mm6EWmy2xPc02tdKWmWpqBFWM7WHFUcPqJWLDPIwRIcTjnyGgzPwD99hgALcZgRr
nZ2FIndf9rxRoZ8nRemPWooTTtU4yEJdphTN0Ye8wpd1DWk6d1X9r93QjOtfN17k
lI5F10FeNio3/yzR0wKxucxRv50gsNZ9CJ+gHyByKq5PS8P/lLVyuzkoxSYqSQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:20:16 2025 by rpki-client