Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/6670f9-418e-4275-8000-a29eb139e79d/1/BXSYm1J4tv7vFlwU4Rr-YZ7JTi0.roa
File: BXSYm1J4tv7vFlwU4Rr-YZ7JTi0.roa (raw, json)
Hash identifier: 311M5V+Y/LcNHnF+t1Ml0RzkvA72FbraHVtH4MyEzro=
Subject key identifier: 05:74:98:9B:52:78:B6:FE:EF:16:5C:14:E1:1A:FE:61:9E:C9:4E:2D
Certificate issuer: /CN=24cacceee35ff87cd678ef6a92262cefce8492df
Certificate serial: 03DE2202
Authority key identifier: 24:CA:CC:EE:E3:5F:F8:7C:D6:78:EF:6A:92:26:2C:EF:CE:84:92:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JMrM7uNf-HzWeO9qkiYs786Ekt8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/6670f9-418e-4275-8000-a29eb139e79d/1/BXSYm1J4tv7vFlwU4Rr-YZ7JTi0.roa
Signing time: Sat 01 Jan 2022 11:57:15 +0000
ROA not before: Sat 01 Jan 2022 11:57:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51554
IP address blocks: 185.11.178.0/24 maxlen: 24
185.11.179.0/24 maxlen: 24
185.11.176.0/24 maxlen: 24
185.11.177.0/24 maxlen: 24
109.72.200.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64889346 (0x3de2202)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24cacceee35ff87cd678ef6a92262cefce8492df
Validity
Not Before: Jan 1 11:57:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0574989b5278b6feef165c14e11afe619ec94e2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a7:45:e4:3c:81:87:36:df:23:69:18:f0:e4:
e5:6e:65:32:23:ea:bb:bd:b5:82:cc:a3:93:3e:5c:
b0:5a:cf:45:41:ad:93:f1:b8:fb:cd:1e:ca:b4:77:
27:69:68:f4:98:43:c2:a9:68:06:48:99:c8:33:0e:
1c:b4:dc:12:5b:dc:2c:6a:35:b8:5a:61:f8:a8:54:
92:79:80:83:96:ae:e4:d8:d4:8f:dc:b6:b8:b4:db:
e7:e2:3a:32:31:4e:03:11:c2:53:7f:dc:33:88:2f:
b8:63:35:89:b2:8d:eb:ec:4f:7b:39:d4:8b:cf:e1:
31:ac:c5:94:dc:78:2a:5a:57:ab:f5:6a:60:4b:6b:
c6:8b:2c:10:ba:e3:ef:29:20:5f:dc:91:24:48:ad:
bb:30:07:d6:a2:76:22:f1:97:72:a9:46:78:9c:26:
cc:84:fa:45:cd:28:42:60:58:00:2d:32:77:16:b3:
b9:e3:4a:80:c6:e2:a6:84:87:92:74:0a:4f:5b:d4:
45:3a:ef:27:2c:2b:28:f4:4a:64:52:d2:81:13:9e:
d9:d5:08:8b:66:32:ea:96:f4:82:98:0b:23:aa:a9:
c4:9c:85:65:3f:7b:6e:d6:47:d2:03:1e:e5:cd:3b:
ce:27:e8:b6:64:5a:85:1e:81:9f:9c:d8:e8:a8:c3:
b8:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:74:98:9B:52:78:B6:FE:EF:16:5C:14:E1:1A:FE:61:9E:C9:4E:2D
X509v3 Authority Key Identifier:
keyid:24:CA:CC:EE:E3:5F:F8:7C:D6:78:EF:6A:92:26:2C:EF:CE:84:92:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JMrM7uNf-HzWeO9qkiYs786Ekt8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/6670f9-418e-4275-8000-a29eb139e79d/1/BXSYm1J4tv7vFlwU4Rr-YZ7JTi0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/6670f9-418e-4275-8000-a29eb139e79d/1/JMrM7uNf-HzWeO9qkiYs786Ekt8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.72.200.0/24
185.11.176.0/22
Signature Algorithm: sha256WithRSAEncryption
24:59:34:7c:9d:c3:04:83:ab:8a:da:16:4b:55:ab:e6:41:48:
20:e6:03:3c:33:3b:f1:62:62:da:24:05:7b:e0:b2:00:bf:17:
6f:a9:ba:98:52:b9:97:f8:a8:32:80:42:8e:1f:12:ae:49:69:
6f:e3:05:5c:38:d1:44:90:71:c7:17:45:3e:6f:c0:f2:75:11:
da:ab:ab:b4:c7:7d:e4:11:6f:86:69:c0:94:a1:e2:e6:50:a5:
80:0c:ae:2b:28:aa:2b:05:f6:e6:a6:5c:9d:e5:c2:0f:81:a3:
d9:0c:5a:cd:73:3f:10:0c:44:e2:79:3b:6b:b7:80:8e:f5:22:
02:b9:b2:87:4a:09:f9:df:8b:36:f4:e6:a4:d8:19:1a:ed:6b:
85:3e:76:c5:97:a4:8e:ae:3e:d5:4b:9b:64:60:b6:39:1d:a6:
3a:58:af:db:1b:b1:66:e2:01:7a:70:96:91:ef:6e:43:93:c0:
74:2e:20:61:a9:a3:e6:64:a4:c4:3f:db:32:31:3e:fa:7e:81:
46:dd:4f:0c:eb:84:25:87:5c:ea:30:b6:4c:db:c0:dc:2c:29:
e5:d6:8e:f5:9e:52:08:49:d5:d3:58:04:81:fc:bb:b8:e3:fc:
21:3a:05:82:2b:bb:45:28:5a:b6:9d:47:70:17:90:e7:31:59:
eb:91:83:f0
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEA94iAjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NGNhY2NlZWUzNWZmODdjZDY3OGVmNmE5MjI2MmNlZmNlODQ5MmRmMB4XDTIyMDEw
MTExNTcxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDU3NDk4OWI1Mjc4
YjZmZWVmMTY1YzE0ZTExYWZlNjE5ZWM5NGUyZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALanReQ8gYc23yNpGPDk5W5lMiPqu721gsyjkz5csFrPRUGt
k/G4+80eyrR3J2lo9JhDwqloBkiZyDMOHLTcElvcLGo1uFph+KhUknmAg5au5NjU
j9y2uLTb5+I6MjFOAxHCU3/cM4gvuGM1ibKN6+xPeznUi8/hMazFlNx4KlpXq/Vq
YEtrxossELrj7ykgX9yRJEituzAH1qJ2IvGXcqlGeJwmzIT6Rc0oQmBYAC0ydxaz
ueNKgMbipoSHknQKT1vURTrvJywrKPRKZFLSgROe2dUIi2Yy6pb0gpgLI6qpxJyF
ZT97btZH0gMe5c07zifotmRahR6Bn5zY6KjDuFUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQFdJibUni2/u8WXBThGv5hnslOLTAfBgNVHSMEGDAWgBQkyszu41/4fNZ4
72qSJizvzoSS3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pNck03dU5mLUh6V2VPOXFraVlzNzg2RWt0OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvNjY3MGY5LTQxOGUtNDI3NS04MDAwLWEyOWViMTM5ZTc5ZC8x
L0JYU1ltMUo0dHY3dkZsd1U0UnItWVo3SlRpMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
NjY3MGY5LTQxOGUtNDI3NS04MDAwLWEyOWViMTM5ZTc5ZC8xL0pNck03dU5mLUh6
V2VPOXFraVlzNzg2RWt0OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAG1IyAMEArkLsDANBgkqhkiG9w0B
AQsFAAOCAQEAJFk0fJ3DBIOritoWS1Wr5kFIIOYDPDM78WJi2iQFe+CyAL8Xb6m6
mFK5l/ioMoBCjh8Srklpb+MFXDjRRJBxxxdFPm/A8nUR2qurtMd95BFvhmnAlKHi
5lClgAyuKyiqKwX25qZcneXCD4Gj2QxazXM/EAxE4nk7a7eAjvUiArmyh0oJ+d+L
NvTmpNgZGu1rhT52xZekjq4+1UubZGC2OR2mOliv2xuxZuIBenCWke9uQ5PAdC4g
Yamj5mSkxD/bMjE++n6BRt1PDOuEJYdc6jC2TNvA3Cwp5daO9Z5SCEnV01gEgfy7
uOP8IToFgiu7RShatp1HcBeQ5zFZ65GD8A==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:26 2025 by rpki-client