Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/69a209-fa57-43f0-bbc2-7507e819a795/1/BOyBL2sP3FWfMJBNFvPxI11Nqq8.roa
File: BOyBL2sP3FWfMJBNFvPxI11Nqq8.roa (raw, json)
Hash identifier: GDg/q6RnTiJjvYC33vkWTNT/lps017PDMjYCKu2+6ts=
Subject key identifier: 04:EC:81:2F:6B:0F:DC:55:9F:30:90:4D:16:F3:F1:23:5D:4D:AA:AF
Certificate issuer: /CN=e31da2ba057e9a54a6170f257ff97856dc97e068
Certificate serial: 074FA586
Authority key identifier: E3:1D:A2:BA:05:7E:9A:54:A6:17:0F:25:7F:F9:78:56:DC:97:E0:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4x2iugV-mlSmFw8lf_l4VtyX4Gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/69a209-fa57-43f0-bbc2-7507e819a795/1/BOyBL2sP3FWfMJBNFvPxI11Nqq8.roa
Signing time: Thu 13 Jan 2022 15:19:49 +0000
ROA not before: Thu 13 Jan 2022 15:19:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58029
IP address blocks: 192.166.157.0/24 maxlen: 24
192.166.154.0/24 maxlen: 24
192.166.156.0/24 maxlen: 24
192.166.155.0/24 maxlen: 24
91.223.125.0/24 maxlen: 24
91.241.57.0/24 maxlen: 24
2a0f:9c80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 122660230 (0x74fa586)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e31da2ba057e9a54a6170f257ff97856dc97e068
Validity
Not Before: Jan 13 15:19:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=04ec812f6b0fdc559f30904d16f3f1235d4daaaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:ee:8d:b7:9b:3f:bb:04:2f:5f:a2:e1:f2:bd:
ca:05:ed:68:f1:c0:4d:71:09:de:76:54:be:70:c1:
c3:67:84:1b:dd:7e:e4:3a:7b:e8:a5:f8:ae:14:f7:
3f:ec:03:72:4f:e9:79:0f:56:ce:36:b5:02:1e:25:
9c:4d:0f:83:56:dc:29:7b:73:bc:eb:f4:0a:7a:02:
84:aa:93:49:ea:41:3d:15:f0:c6:22:16:47:4f:b3:
60:c3:cf:4b:6c:9b:4b:a5:15:fb:ab:5e:69:26:b4:
47:ba:e9:64:46:f6:48:2c:e4:42:79:39:b9:d7:5f:
7f:65:4a:2c:e9:b8:4a:ee:04:27:d8:a2:6c:ad:e8:
fd:21:ae:40:98:9d:a2:0e:75:65:09:b4:42:4f:7f:
cf:cc:8a:3c:66:7b:03:3d:f2:27:be:21:8c:cb:28:
05:fc:ae:34:fc:19:81:54:8a:fe:64:a1:83:d1:ea:
31:8f:00:95:8f:a7:5d:cb:a9:c3:22:60:1c:2f:8f:
35:f3:6d:80:fd:52:3d:f1:2b:a6:df:2f:a5:aa:b4:
ce:91:98:28:52:7b:3c:b1:da:49:76:47:1b:6d:0a:
15:bb:9f:a6:07:79:cc:31:97:14:92:b0:a6:da:bb:
1b:27:be:f5:1e:13:1b:78:45:2f:9e:57:23:24:66:
e5:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:EC:81:2F:6B:0F:DC:55:9F:30:90:4D:16:F3:F1:23:5D:4D:AA:AF
X509v3 Authority Key Identifier:
keyid:E3:1D:A2:BA:05:7E:9A:54:A6:17:0F:25:7F:F9:78:56:DC:97:E0:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4x2iugV-mlSmFw8lf_l4VtyX4Gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/69a209-fa57-43f0-bbc2-7507e819a795/1/BOyBL2sP3FWfMJBNFvPxI11Nqq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/69a209-fa57-43f0-bbc2-7507e819a795/1/4x2iugV-mlSmFw8lf_l4VtyX4Gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.125.0/24
91.241.57.0/24
192.166.154.0-192.166.157.255
IPv6:
2a0f:9c80::/29
Signature Algorithm: sha256WithRSAEncryption
0a:10:9d:1d:d9:71:38:ff:3f:ef:e8:a1:d7:47:2e:3a:6a:18:
d6:82:d1:33:01:32:6f:4f:d0:ca:66:8b:c5:db:fa:6b:56:aa:
64:81:26:2b:24:48:a6:64:b7:91:1a:38:a8:f8:54:12:84:3b:
f5:8f:ac:db:df:da:d9:aa:8e:74:f9:e0:6b:98:8c:88:24:d0:
2e:25:27:b7:31:85:0b:11:3e:09:3d:39:0f:24:8b:51:ad:c8:
e9:53:d1:eb:62:76:96:f0:3c:60:de:02:f0:77:df:d8:59:88:
82:50:42:97:b4:cf:11:40:c3:83:a7:03:8c:5a:e4:66:f5:d4:
d5:76:7d:28:c4:c8:7a:c2:d3:34:99:28:e0:cd:46:ff:0f:9e:
0f:d3:2c:0e:e8:93:4e:82:ba:ee:32:aa:0c:44:5d:29:3b:f9:
4b:3f:64:56:3a:97:1a:55:26:42:77:4b:1b:58:c9:04:2e:77:
45:57:09:22:1a:37:cc:06:59:04:33:76:36:ee:84:0b:ca:3e:
08:d2:94:67:39:66:15:fe:32:6b:83:ed:04:5b:5b:cf:70:4e:
2c:c0:6e:4c:69:0f:32:a3:a2:03:fa:e8:2d:9d:e9:03:63:50:
15:8c:54:91:8f:11:79:61:fd:0f:10:8e:66:67:67:be:1f:5d:
58:cb:e8:1f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEB0+lhjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MzFkYTJiYTA1N2U5YTU0YTYxNzBmMjU3ZmY5Nzg1NmRjOTdlMDY4MB4XDTIyMDEx
MzE1MTk0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDRlYzgxMmY2YjBm
ZGM1NTlmMzA5MDRkMTZmM2YxMjM1ZDRkYWFhZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANjujbebP7sEL1+i4fK9ygXtaPHATXEJ3nZUvnDBw2eEG91+
5Dp76KX4rhT3P+wDck/peQ9Wzja1Ah4lnE0Pg1bcKXtzvOv0CnoChKqTSepBPRXw
xiIWR0+zYMPPS2ybS6UV+6teaSa0R7rpZEb2SCzkQnk5uddff2VKLOm4Su4EJ9ii
bK3o/SGuQJidog51ZQm0Qk9/z8yKPGZ7Az3yJ74hjMsoBfyuNPwZgVSK/mShg9Hq
MY8AlY+nXcupwyJgHC+PNfNtgP1SPfErpt8vpaq0zpGYKFJ7PLHaSXZHG20KFbuf
pgd5zDGXFJKwptq7Gye+9R4TG3hFL55XIyRm5UMCAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBQE7IEvaw/cVZ8wkE0W8/EjXU2qrzAfBgNVHSMEGDAWgBTjHaK6BX6aVKYX
DyV/+XhW3JfgaDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzR4Mml1Z1YtbWxTbUZ3OGxmX2w0VnR5WDRHZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTMvNjlhMjA5LWZhNTctNDNmMC1iYmMyLTc1MDdlODE5YTc5NS8x
L0JPeUJMMnNQM0ZXZk1KQk5GdlB4STExTnFxOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTMv
NjlhMjA5LWZhNTctNDNmMC1iYmMyLTc1MDdlODE5YTc5NS8xLzR4Mml1Z1YtbWxT
bUZ3OGxmX2w0VnR5WDRHZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwIAQCAAEwGgMEAFvffQMEAFvxOTAMAwQBwKaaAwQB
wKacMA0EAgACMAcDBQMqD5yAMA0GCSqGSIb3DQEBCwUAA4IBAQAKEJ0d2XE4/z/v
6KHXRy46ahjWgtEzATJvT9DKZovF2/prVqpkgSYrJEimZLeRGjio+FQShDv1j6zb
39rZqo50+eBrmIyIJNAuJSe3MYULET4JPTkPJItRrcjpU9HrYnaW8Dxg3gLwd9/Y
WYiCUEKXtM8RQMODpwOMWuRm9dTVdn0oxMh6wtM0mSjgzUb/D54P0ywO6JNOgrru
MqoMRF0pO/lLP2RWOpcaVSZCd0sbWMkELndFVwkiGjfMBlkEM3Y27oQLyj4I0pRn
OWYV/jJrg+0EW1vPcE4swG5MaQ8yo6ID+ugtnekDY1AVjFSRjxF5Yf0PEI5mZ2e+
H11Yy+gf
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:07 2023 by rpki-client on console-ams.rpki-client.org