Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/699292-3da0-4772-af82-8334e362236d/1/BLMQKQ4aFwk6JuBmIXX58tFmEcU.roa
File: BLMQKQ4aFwk6JuBmIXX58tFmEcU.roa (raw, json)
Hash identifier: OJXuk1UD8K/yQMd84mY/chm09GLJtDspFTCgl0gxuK0=
Subject key identifier: 04:B3:10:29:0E:1A:17:09:3A:26:E0:66:21:75:F9:F2:D1:66:11:C5
Certificate issuer: /CN=8ceb23e2c5d9f2c734488904505835ef2809fb3b
Certificate serial: 1180B5A5
Authority key identifier: 8C:EB:23:E2:C5:D9:F2:C7:34:48:89:04:50:58:35:EF:28:09:FB:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jOsj4sXZ8sc0SIkEUFg17ygJ-zs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/699292-3da0-4772-af82-8334e362236d/1/BLMQKQ4aFwk6JuBmIXX58tFmEcU.roa
Signing time: Sat 01 Jan 2022 10:59:43 +0000
ROA not before: Sat 01 Jan 2022 10:59:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51497
IP address blocks: 109.105.138.0/24 maxlen: 24
109.105.152.0/22 maxlen: 22
109.105.156.0/23 maxlen: 23
109.105.153.0/24 maxlen: 24
185.47.156.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 293647781 (0x1180b5a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ceb23e2c5d9f2c734488904505835ef2809fb3b
Validity
Not Before: Jan 1 10:59:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=04b310290e1a17093a26e0662175f9f2d16611c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:5a:d0:cb:17:0e:0d:04:c4:0a:51:6d:48:a9:
5d:ee:ed:07:a1:fb:eb:3a:93:1d:fe:02:9b:c5:f5:
af:8e:8e:7a:57:d4:f6:6a:4e:84:8f:02:fe:e7:6e:
5f:9e:e5:7c:59:4c:53:52:b4:48:68:50:ad:6d:e8:
14:48:4c:54:d3:69:c9:bc:09:42:43:19:f8:56:3a:
42:5e:5f:16:0d:bc:bf:05:5c:64:29:3c:12:91:e9:
a3:47:99:2e:38:05:94:2e:88:cf:dd:ea:fa:1e:b7:
8d:88:8d:f9:27:59:1b:87:2f:fd:ac:44:8f:a5:aa:
c8:02:3e:d8:47:e6:11:0f:6f:15:56:40:34:0c:a0:
ea:7b:29:20:d7:c6:d1:82:4d:93:31:d2:d0:08:f7:
fc:46:d9:37:10:a2:d4:3d:8a:6a:73:a0:a0:27:ff:
61:5a:92:a4:2b:03:78:1b:6c:bc:77:2b:7f:7f:48:
68:06:ee:90:ab:27:6d:3a:6c:0c:14:bc:28:b1:05:
40:85:90:71:cc:67:67:f5:fd:06:4e:77:41:a3:e7:
76:76:ff:ba:a8:a0:67:14:15:ef:75:e1:1d:eb:a9:
a3:99:b8:4f:de:ec:bd:b3:81:76:af:bc:11:86:d3:
5d:c8:7c:b6:bc:2c:6f:4d:c1:83:ab:01:a1:81:5a:
7c:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:B3:10:29:0E:1A:17:09:3A:26:E0:66:21:75:F9:F2:D1:66:11:C5
X509v3 Authority Key Identifier:
keyid:8C:EB:23:E2:C5:D9:F2:C7:34:48:89:04:50:58:35:EF:28:09:FB:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jOsj4sXZ8sc0SIkEUFg17ygJ-zs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/699292-3da0-4772-af82-8334e362236d/1/BLMQKQ4aFwk6JuBmIXX58tFmEcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/699292-3da0-4772-af82-8334e362236d/1/jOsj4sXZ8sc0SIkEUFg17ygJ-zs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.105.138.0/24
109.105.152.0-109.105.157.255
185.47.156.0/22
Signature Algorithm: sha256WithRSAEncryption
33:ac:39:f9:98:78:b6:ba:2a:1e:e9:f6:76:85:04:37:77:f9:
74:cc:63:85:cb:ec:b5:f1:c2:0b:64:0a:7e:da:dd:4a:15:72:
80:79:70:ba:f8:6d:2c:03:76:3d:37:8f:e7:fa:3f:9a:24:63:
75:64:b7:a3:60:b8:33:1b:fc:16:fe:68:bd:e4:35:ad:eb:51:
44:0b:5b:b8:c9:05:f0:94:58:29:39:54:40:6b:9e:2e:94:59:
43:10:25:89:ee:a1:a6:38:ce:3b:2b:df:b5:1e:bb:1b:ae:e1:
ef:86:b9:75:ee:a2:53:25:3b:79:cc:b9:e4:d7:c9:51:06:e3:
a9:0c:16:49:a8:50:04:e0:0e:98:54:02:89:5a:7a:7b:0d:56:
c2:80:42:73:ea:26:b7:fc:93:2d:17:0c:79:bd:d6:84:8a:15:
c5:e1:35:cb:84:d9:59:4a:75:9f:f2:c7:ee:d1:f3:f4:1c:f8:
32:b4:6e:2f:60:0f:1d:c0:92:78:b3:ae:2b:e8:e2:33:97:4c:
70:b5:50:08:e6:bf:82:d2:74:a4:ee:96:02:84:63:c9:ba:c9:
07:30:98:be:e6:b6:3c:60:f1:6f:b0:a4:e0:ed:af:35:37:c2:
dd:38:75:ba:7e:f6:d4:18:39:d8:82:d9:78:e9:08:29:7c:85:
fe:6f:14:d8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEEYC1pTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
Y2ViMjNlMmM1ZDlmMmM3MzQ0ODg5MDQ1MDU4MzVlZjI4MDlmYjNiMB4XDTIyMDEw
MTEwNTk0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDRiMzEwMjkwZTFh
MTcwOTNhMjZlMDY2MjE3NWY5ZjJkMTY2MTFjNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKha0MsXDg0ExApRbUipXe7tB6H76zqTHf4Cm8X1r46OelfU
9mpOhI8C/uduX57lfFlMU1K0SGhQrW3oFEhMVNNpybwJQkMZ+FY6Ql5fFg28vwVc
ZCk8EpHpo0eZLjgFlC6Iz93q+h63jYiN+SdZG4cv/axEj6WqyAI+2EfmEQ9vFVZA
NAyg6nspINfG0YJNkzHS0Aj3/EbZNxCi1D2KanOgoCf/YVqSpCsDeBtsvHcrf39I
aAbukKsnbTpsDBS8KLEFQIWQccxnZ/X9Bk53QaPndnb/uqigZxQV73XhHeupo5m4
T97svbOBdq+8EYbTXch8trwsb03Bg6sBoYFafBsCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBQEsxApDhoXCTom4GYhdfny0WYRxTAfBgNVHSMEGDAWgBSM6yPixdnyxzRI
iQRQWDXvKAn7OzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pPc2o0c1haOHNjMFNJa0VVRmcxN3lnSi16cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvNjk5MjkyLTNkYTAtNDc3Mi1hZjgyLTgzMzRlMzYyMjM2ZC8x
L0JMTVFLUTRhRndrNkp1Qm1JWFg1OHRGbUVjVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
Njk5MjkyLTNkYTAtNDc3Mi1hZjgyLTgzMzRlMzYyMjM2ZC8xL2pPc2o0c1haOHNj
MFNJa0VVRmcxN3lnSi16cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEAG1pijAMAwQDbWmYAwQBbWmcAwQC
uS+cMA0GCSqGSIb3DQEBCwUAA4IBAQAzrDn5mHi2uioe6fZ2hQQ3d/l0zGOFy+y1
8cILZAp+2t1KFXKAeXC6+G0sA3Y9N4/n+j+aJGN1ZLejYLgzG/wW/mi95DWt61FE
C1u4yQXwlFgpOVRAa54ulFlDECWJ7qGmOM47K9+1HrsbruHvhrl17qJTJTt5zLnk
18lRBuOpDBZJqFAE4A6YVAKJWnp7DVbCgEJz6ia3/JMtFwx5vdaEihXF4TXLhNlZ
SnWf8sfu0fP0HPgytG4vYA8dwJJ4s64r6OIzl0xwtVAI5r+C0nSk7pYChGPJuskH
MJi+5rY8YPFvsKTg7a81N8LdOHW6fvbUGDnYgtl46QgpfIX+bxTY
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:21 2023 by rpki-client on console-ams.rpki-client.org