Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/bxf9tpcXLRrR0is4puD1h-9I0cQ.roa
File: bxf9tpcXLRrR0is4puD1h-9I0cQ.roa (raw, json)
Hash identifier: njibo7QQirrk+5r4GO5ScrbfvnzpGnw+Tarr+LgNMCQ=
Subject key identifier: 6F:17:FD:B6:97:17:2D:1A:D1:D2:2B:38:A6:E0:F5:87:EF:48:D1:C4
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0184005D6B98E57220A610A85F9841ED093A
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/bxf9tpcXLRrR0is4puD1h-9I0cQ.roa
Signing time: Sat 22 Oct 2022 15:43:53 +0000
ROA not before: Sat 22 Oct 2022 15:43:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 193.30.241.0/24 maxlen: 24
85.209.120.0/23 maxlen: 23
45.151.0.0/23 maxlen: 23
45.151.2.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
2.56.108.0/22 maxlen: 22
45.88.139.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
45.138.180.0/22 maxlen: 24
77.83.37.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:00:5d:6b:98:e5:72:20:a6:10:a8:5f:98:41:ed:09:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Oct 22 15:43:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6f17fdb697172d1ad1d22b38a6e0f587ef48d1c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:34:08:be:b4:81:67:46:d0:22:db:60:00:5d:
c1:69:1d:c0:e4:dd:a6:60:1d:d1:7a:74:17:90:28:
18:f4:f4:b6:e2:10:81:06:fe:2a:b5:9e:5b:42:8e:
3f:33:c9:8f:ef:be:c3:57:5c:ab:b3:30:df:9c:9e:
fe:07:70:22:91:d3:bf:1f:02:63:82:5f:1a:6e:a2:
7e:59:e6:bc:bf:de:99:00:f7:3f:0f:12:a1:e9:06:
4f:35:12:7e:04:5f:7c:2c:e3:df:cc:4c:7d:4a:79:
47:55:13:c5:e7:cc:c4:32:a6:e6:71:05:db:8f:84:
e3:c8:45:fc:59:a4:55:87:c4:2e:0f:81:53:3b:5a:
8f:0b:87:e3:d9:4a:73:54:6a:d0:fd:97:e2:6d:48:
a9:f4:b3:1e:ed:26:90:0e:e0:b0:77:2f:1c:22:90:
41:11:b8:a6:67:77:95:bc:ee:87:06:ae:d7:d7:ee:
27:e2:fd:f1:9f:6e:71:da:59:89:51:2e:5f:1c:1a:
73:d8:27:3a:54:c6:0e:39:5c:16:b6:a8:c2:44:12:
5e:b7:fd:a1:b7:41:1a:e1:96:42:ba:2f:9d:3a:50:
39:93:05:24:0b:27:46:23:90:68:f3:75:1a:f3:c1:
3a:9d:e6:98:bb:ef:62:97:b4:2a:75:1f:79:85:36:
e9:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:17:FD:B6:97:17:2D:1A:D1:D2:2B:38:A6:E0:F5:87:EF:48:D1:C4
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/bxf9tpcXLRrR0is4puD1h-9I0cQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/22
45.88.139.0/24
45.138.180.0/22
45.151.0.0-45.151.2.255
77.83.37.0/24
85.209.120.0/23
193.30.241.0/24
195.177.94.0/24
195.211.188.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:cb:f5:aa:6a:36:fe:c8:71:86:d9:84:fe:e5:eb:36:50:95:
a5:ec:be:f5:17:eb:4c:6f:73:5c:46:e5:89:b2:5d:2d:75:21:
24:03:37:a0:b4:bf:b6:a3:98:6c:22:d3:53:4d:e9:fe:48:f4:
8d:83:b6:2e:42:d5:00:33:86:3e:30:3b:6c:3b:f1:df:64:83:
c6:22:cb:0d:7f:85:90:e4:00:40:2b:19:85:98:4e:73:b8:bf:
6c:2e:b3:95:07:c9:1d:0d:b9:fa:2e:e5:66:a6:c0:a3:30:cd:
17:eb:52:17:ba:36:4e:fd:04:d8:83:e2:31:f2:b3:11:90:b6:
9f:a1:26:ab:77:7d:90:9e:0e:8a:55:c3:86:1e:d5:0a:63:ed:
76:9d:70:7f:3d:60:eb:b5:6c:e6:0c:5a:7d:e3:41:37:30:4f:
d4:a4:3d:7f:cd:f8:52:6b:97:95:d5:63:f3:5b:c8:fb:86:ab:
fa:de:0b:87:3c:f8:45:7c:18:37:7f:44:dc:8e:04:cb:9c:7b:
da:e9:42:b7:1a:09:a1:18:fa:81:2e:bd:e7:3a:50:26:3d:47:
00:79:15:9c:c8:d0:ee:07:bd:db:ba:f5:67:67:ae:eb:2d:2b:
6d:c9:da:9d:83:36:6d:47:d6:60:09:e3:7c:eb:57:5f:9b:18:
72:ac:74:b7
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAYQAXWuY5XIgphCoX5hB7Qk6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMDIyMTU0MzUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjE3ZmRiNjk3MTcyZDFhZDFkMjJiMzhhNmUwZjU4N2VmNDhkMWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjQIvrSBZ0bQIttgAF3BaR3A5N2m
YB3RenQXkCgY9PS24hCBBv4qtZ5bQo4/M8mP777DV1yrszDfnJ7+B3AikdO/HwJj
gl8abqJ+Wea8v96ZAPc/DxKh6QZPNRJ+BF98LOPfzEx9SnlHVRPF58zEMqbmcQXb
j4TjyEX8WaRVh8QuD4FTO1qPC4fj2UpzVGrQ/ZfibUip9LMe7SaQDuCwdy8cIpBB
EbimZ3eVvO6HBq7X1+4n4v3xn25x2lmJUS5fHBpz2Cc6VMYOOVwWtqjCRBJet/2h
t0Ea4ZZCui+dOlA5kwUkCydGI5Bo83Ua88E6neaYu+9il7QqdR95hTbpYwIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFG8X/baXFy0a0dIrOKbg9YfvSNHEMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvYnhmOXRwY1hMUnJSMGlzNHB1RDFoLTlJMGNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTBDBAIAATA9AwQCAjhsAwQA
LViLAwQCLYq0MAsDAwAtlwMEAC2XAgMEAE1TJQMEAVXReAMEAMEe8QMEAMOxXgME
AsPTvDANBgkqhkiG9w0BAQsFAAOCAQEAa8v1qmo2/shxhtmE/uXrNlCVpey+9Rfr
TG9zXEblibJdLXUhJAM3oLS/tqOYbCLTU03p/kj0jYO2LkLVADOGPjA7bDvx32SD
xiLLDX+FkOQAQCsZhZhOc7i/bC6zlQfJHQ25+i7lZqbAozDNF+tSF7o2Tv0E2IPi
MfKzEZC2n6Emq3d9kJ4OilXDhh7VCmPtdp1wfz1g67Vs5gxafeNBNzBP1KQ9f834
UmuXldVj81vI+4ar+t4Lhzz4RXwYN39E3I4Ey5x72ulCtxoJoRj6gS695zpQJj1H
AHkVnMjQ7ge927r1Z2eu6y0rbcnanYM2bUfWYAnjfOtXX5sYcqx0tw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:20 2023 by rpki-client on console-ams.rpki-client.org