Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/d23870-74c7-4a84-90ec-c32036750e36/1/bq56rL1khxAWSJDXUffOujtt4mI.roa
File: bq56rL1khxAWSJDXUffOujtt4mI.roa (raw, json)
Hash identifier: O2Mt+J9mwuLYIvFyttvCifBFen8Z462R1OorpeXVqRc=
Subject key identifier: 6E:AE:7A:AC:BD:64:87:10:16:48:90:D7:51:F7:CE:BA:3B:6D:E2:62
Certificate issuer: /CN=1ad4cccefe55c5e223a9b3205b938a3d1c9e86d5
Certificate serial: 03921536
Authority key identifier: 1A:D4:CC:CE:FE:55:C5:E2:23:A9:B3:20:5B:93:8A:3D:1C:9E:86:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GtTMzv5VxeIjqbMgW5OKPRyehtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/d23870-74c7-4a84-90ec-c32036750e36/1/bq56rL1khxAWSJDXUffOujtt4mI.roa
Signing time: Sat 01 Jan 2022 08:56:49 +0000
ROA not before: Sat 01 Jan 2022 08:56:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34979
IP address blocks: 194.24.166.0/24 maxlen: 24
194.24.166.0/23 maxlen: 23
194.24.167.0/24 maxlen: 24
91.204.246.0/24 maxlen: 24
91.204.244.0/24 maxlen: 24
91.204.244.0/22 maxlen: 22
91.204.245.0/24 maxlen: 24
91.204.247.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59905334 (0x3921536)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ad4cccefe55c5e223a9b3205b938a3d1c9e86d5
Validity
Not Before: Jan 1 08:56:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6eae7aacbd648710164890d751f7ceba3b6de262
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:9f:37:fc:8f:5f:58:b5:3a:df:6d:57:3f:d5:
a0:8a:7a:7b:7e:21:31:fb:31:4e:dd:ad:f8:b4:78:
95:3f:54:83:16:8c:67:29:f2:40:7f:a7:6b:6a:52:
00:3b:ab:c8:46:52:ab:f4:20:b5:70:79:c2:04:3b:
55:3a:b9:00:bc:ef:c6:41:43:b4:3f:6d:94:8a:c1:
8d:93:1f:43:31:87:7b:0a:84:a2:44:7d:d0:c7:10:
b8:03:e4:a0:fa:e7:5e:33:6d:e4:5d:7d:94:a8:9a:
a0:be:bf:1f:03:74:f3:2a:96:ea:80:d3:2a:f0:e4:
28:2f:52:d4:a5:fe:16:a4:43:f3:88:6e:31:d9:df:
d1:30:3e:7c:10:ae:46:a9:de:5e:c0:57:b3:77:1b:
be:7f:47:f3:25:11:55:5f:2b:e7:39:87:df:5c:42:
50:d9:50:d9:4b:d2:ad:c4:42:3e:d8:af:07:3d:0c:
91:a8:5d:f8:6a:d3:c8:cf:b6:49:2e:bb:62:f2:45:
84:d6:da:2a:0b:c4:6a:11:72:42:32:ce:3a:03:28:
be:69:88:15:e1:87:7a:46:f8:f3:73:c2:78:6c:00:
a1:6e:2c:44:b4:e2:5a:c8:53:17:e7:15:40:99:5b:
7b:27:b2:a2:11:c8:f3:2a:1c:ea:51:e6:f1:59:1d:
5b:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:AE:7A:AC:BD:64:87:10:16:48:90:D7:51:F7:CE:BA:3B:6D:E2:62
X509v3 Authority Key Identifier:
keyid:1A:D4:CC:CE:FE:55:C5:E2:23:A9:B3:20:5B:93:8A:3D:1C:9E:86:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GtTMzv5VxeIjqbMgW5OKPRyehtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d23870-74c7-4a84-90ec-c32036750e36/1/bq56rL1khxAWSJDXUffOujtt4mI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d23870-74c7-4a84-90ec-c32036750e36/1/GtTMzv5VxeIjqbMgW5OKPRyehtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.204.244.0/22
194.24.166.0/23
Signature Algorithm: sha256WithRSAEncryption
b0:21:f9:19:d5:d8:86:59:1c:9f:66:45:5d:df:eb:af:c6:ef:
7d:5d:a7:b1:6d:f1:0d:89:41:fa:37:5e:0d:c1:c4:ca:ed:13:
b6:34:92:fd:02:f6:15:bd:ab:b5:d3:5c:d3:0b:79:fc:01:40:
01:e8:fd:e8:f3:51:32:7a:4a:13:70:18:ae:b1:ec:4e:96:74:
38:bc:f7:3c:31:8b:d6:63:b1:e5:10:9c:75:f2:7a:88:5f:b9:
fb:20:12:16:d5:4b:17:a4:24:a8:10:2b:68:a8:27:d6:40:30:
15:cb:fc:b2:a7:fb:de:52:80:58:42:a5:73:5e:fa:a0:ff:e4:
31:99:ef:f1:bf:85:c4:24:7d:b6:14:22:bc:d8:3f:ab:4b:86:
b4:cb:f3:c7:ef:61:26:54:6d:47:a7:54:55:1c:d9:01:b7:1d:
06:63:aa:77:4b:23:99:9c:a8:8f:91:4f:f8:aa:57:3a:66:26:
a4:c8:6b:1e:da:99:d1:75:09:00:79:a4:c9:3d:d1:fc:3d:38:
ab:21:06:d8:97:03:4f:60:67:89:a2:e9:c3:63:2f:2e:52:b8:
33:4e:73:b7:2e:47:e0:1c:77:e8:f8:77:75:50:e5:2a:2e:55:
1a:a1:28:5f:78:66:06:8f:33:46:7d:79:d2:46:c5:58:9b:2f:
44:4d:29:78
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEA5IVNjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YWQ0Y2NjZWZlNTVjNWUyMjNhOWIzMjA1YjkzOGEzZDFjOWU4NmQ1MB4XDTIyMDEw
MTA4NTY0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmVhZTdhYWNiZDY0
ODcxMDE2NDg5MGQ3NTFmN2NlYmEzYjZkZTI2MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALGfN/yPX1i1Ot9tVz/VoIp6e34hMfsxTt2t+LR4lT9UgxaM
ZynyQH+na2pSADuryEZSq/QgtXB5wgQ7VTq5ALzvxkFDtD9tlIrBjZMfQzGHewqE
okR90McQuAPkoPrnXjNt5F19lKiaoL6/HwN08yqW6oDTKvDkKC9S1KX+FqRD84hu
Mdnf0TA+fBCuRqneXsBXs3cbvn9H8yURVV8r5zmH31xCUNlQ2UvSrcRCPtivBz0M
kahd+GrTyM+2SS67YvJFhNbaKgvEahFyQjLOOgMovmmIFeGHekb483PCeGwAoW4s
RLTiWshTF+cVQJlbeyeyohHI8yoc6lHm8VkdWxUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRurnqsvWSHEBZIkNdR9866O23iYjAfBgNVHSMEGDAWgBQa1MzO/lXF4iOp
syBbk4o9HJ6G1TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0d0VE16djVWeGVJanFiTWdXNU9LUFJ5ZWh0VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGYvZDIzODcwLTc0YzctNGE4NC05MGVjLWMzMjAzNjc1MGUzNi8x
L2JxNTZyTDFraHhBV1NKRFhVZmZPdWp0dDRtSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGYv
ZDIzODcwLTc0YzctNGE4NC05MGVjLWMzMjAzNjc1MGUzNi8xL0d0VE16djVWeGVJ
anFiTWdXNU9LUFJ5ZWh0VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAlvM9AMEAcIYpjANBgkqhkiG9w0B
AQsFAAOCAQEAsCH5GdXYhlkcn2ZFXd/rr8bvfV2nsW3xDYlB+jdeDcHEyu0TtjSS
/QL2Fb2rtdNc0wt5/AFAAej96PNRMnpKE3AYrrHsTpZ0OLz3PDGL1mOx5RCcdfJ6
iF+5+yASFtVLF6QkqBAraKgn1kAwFcv8sqf73lKAWEKlc176oP/kMZnv8b+FxCR9
thQivNg/q0uGtMvzx+9hJlRtR6dUVRzZAbcdBmOqd0sjmZyoj5FP+KpXOmYmpMhr
HtqZ0XUJAHmkyT3R/D04qyEG2JcDT2BniaLpw2MvLlK4M05zty5H4Bx36Ph3dVDl
Ki5VGqEoX3hmBo8zRn150kbFWJsvRE0peA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:06 2024 by rpki-client on console-fra.rpki-client.org