Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/bnm72DfCaRa9qUJUBjMQnjsLisg.roa
File: bnm72DfCaRa9qUJUBjMQnjsLisg.roa (raw, json)
Hash identifier: /CmmjZwVETgOJcNbof2hAvW/M9CGspaUVsK20DYmR68=
Subject key identifier: 6E:79:BB:D8:37:C2:69:16:BD:A9:42:54:06:33:10:9E:3B:0B:8A:C8
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 0183D81DD327D189FD94D44CAF4387BC9EF0
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/bnm72DfCaRa9qUJUBjMQnjsLisg.roa
Signing time: Fri 14 Oct 2022 20:09:36 +0000
ROA not before: Fri 14 Oct 2022 20:09:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8100
IP address blocks: 85.122.82.0/24 maxlen: 24
85.122.112.0/23 maxlen: 24
194.102.168.0/22 maxlen: 24
85.120.12.0/23 maxlen: 24
217.156.84.0/24 maxlen: 24
194.102.218.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d8:1d:d3:27:d1:89:fd:94:d4:4c:af:43:87:bc:9e:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Oct 14 20:09:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6e79bbd837c26916bda942540633109e3b0b8ac8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:bb:f2:94:56:f8:dd:07:f8:59:e4:8a:7e:56:
57:a7:dc:54:f4:5c:92:a2:ea:bd:71:61:ae:b2:97:
6d:d9:77:8a:b9:e7:05:e3:8b:8c:ef:3c:1f:58:81:
b2:5e:4d:8e:31:2d:23:f2:90:8b:4a:1b:ee:b4:e2:
a0:5b:37:ec:a2:30:4f:d9:45:de:f1:90:32:06:63:
bb:cd:cb:23:8e:10:38:5f:c0:f6:ae:65:a8:7e:2b:
74:62:80:05:bc:7c:2e:2d:55:35:8b:bb:ae:6e:ff:
39:e2:90:46:ba:b6:96:36:35:3a:5f:80:a3:c7:62:
0a:54:cd:17:25:77:54:61:e1:5d:a1:bd:56:69:94:
ba:7e:cb:d4:26:d8:b5:12:cd:17:c6:51:5a:10:a4:
7b:41:eb:06:6a:c0:a5:4a:8e:d4:13:df:ec:01:34:
d2:e5:88:cf:9b:87:88:9d:7e:36:a0:b1:0f:ea:b0:
b8:5f:0b:1b:0d:81:53:9c:56:5f:1f:3f:c3:1d:25:
ee:a2:61:6f:97:ab:da:c0:b8:d2:93:46:1e:75:5f:
b5:19:a5:6c:3a:ee:b5:9c:6f:53:5f:ec:9c:f6:3b:
e3:b7:76:b9:c8:e1:0e:fe:cf:d0:e3:43:b5:ce:2e:
af:68:2a:38:60:09:e4:b9:a0:8a:96:ed:e7:9e:87:
f1:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:79:BB:D8:37:C2:69:16:BD:A9:42:54:06:33:10:9E:3B:0B:8A:C8
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/bnm72DfCaRa9qUJUBjMQnjsLisg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.120.12.0/23
85.122.82.0/24
85.122.112.0/23
194.102.168.0/22
194.102.218.0/24
217.156.84.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:7c:ba:84:ec:72:29:59:6d:c2:ae:68:b6:c4:8c:eb:b6:3e:
7e:98:a7:61:ce:7e:43:20:8e:f3:6d:39:f8:15:18:e5:2d:00:
91:0a:bd:3f:79:33:96:d0:41:1b:fd:94:be:6b:67:2a:10:0e:
cc:a1:e7:f4:c5:c6:5f:0b:5d:d2:1f:90:aa:ca:3f:21:51:92:
a2:b0:b9:60:45:11:ac:63:92:e0:2f:94:55:6e:6e:78:28:08:
a1:e6:87:6a:8a:52:fb:7b:8f:cf:b7:16:3c:91:61:50:79:1c:
ce:e0:93:e9:a2:ae:56:ee:ff:58:4e:a9:1b:13:d8:5e:5c:94:
9e:e6:b4:20:42:e3:f1:ae:dd:10:67:ef:5c:94:9d:80:13:cc:
07:be:c4:ab:3d:14:77:54:3e:4a:6d:cf:cc:9b:ae:f5:30:8a:
c0:8a:e3:2b:29:ff:af:e4:cf:51:40:2a:e4:b8:20:15:64:31:
ea:0d:f8:2f:8d:5f:be:f2:c9:84:6d:36:9e:26:5e:d6:e8:98:
4b:1c:c2:81:3e:ca:ec:71:ff:41:7c:2d:92:a2:77:84:e9:7d:
54:34:68:0a:e9:b0:62:18:ef:f6:01:eb:9f:9b:3b:f8:66:14:
5e:73:bc:72:ef:3c:7b:02:f9:b9:f6:c0:28:6d:65:bb:e4:95:
5a:39:3f:a4
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYPYHdMn0Yn9lNRMr0OHvJ7wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjIxMDE0MjAwOTM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTc5YmJkODM3YzI2OTE2YmRhOTQyNTQwNjMzMTA5ZTNiMGI4YWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbvylFb43Qf4WeSKflZXp9xU9FyS
ouq9cWGuspdt2XeKuecF44uM7zwfWIGyXk2OMS0j8pCLShvutOKgWzfsojBP2UXe
8ZAyBmO7zcsjjhA4X8D2rmWofit0YoAFvHwuLVU1i7uubv854pBGuraWNjU6X4Cj
x2IKVM0XJXdUYeFdob1WaZS6fsvUJti1Es0XxlFaEKR7QesGasClSo7UE9/sATTS
5YjPm4eInX42oLEP6rC4XwsbDYFTnFZfHz/DHSXuomFvl6vawLjSk0YedV+1GaVs
Ou61nG9TX+yc9jvjt3a5yOEO/s/Q40O1zi6vaCo4YAnkuaCKlu3nnofxxQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFG55u9g3wmkWvalCVAYzEJ47C4rIMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvYm5tNzJEZkNhUmE5cVVKVUJqTVFuanNMaXNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBVXgMAwQA
VXpSAwQBVXpwAwQCwmaoAwQAwmbaAwQA2ZxUMA0GCSqGSIb3DQEBCwUAA4IBAQCu
fLqE7HIpWW3Crmi2xIzrtj5+mKdhzn5DII7zbTn4FRjlLQCRCr0/eTOW0EEb/ZS+
a2cqEA7Moef0xcZfC13SH5Cqyj8hUZKisLlgRRGsY5LgL5RVbm54KAih5odqilL7
e4/PtxY8kWFQeRzO4JPpoq5W7v9YTqkbE9heXJSe5rQgQuPxrt0QZ+9clJ2AE8wH
vsSrPRR3VD5Kbc/Mm671MIrAiuMrKf+v5M9RQCrkuCAVZDHqDfgvjV++8smEbTae
Jl7W6JhLHMKBPsrscf9BfC2SoneE6X1UNGgK6bBiGO/2Aeufmzv4ZhRec7xy7zx7
Avm59sAobWW75JVaOT+k
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:28 2023 by rpki-client on console-fra.rpki-client.org