Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/0a3fff-1a42-4044-ae8f-7354a73bda7e/1/Bgn9HaQ5d-NL4AHPPelaOsHWoF4.roa
File: Bgn9HaQ5d-NL4AHPPelaOsHWoF4.roa (raw, json)
Hash identifier: +fuabuHdoJI1qjEWXm9/IAALIH8LOyFGbFPglxE/4x0=
Subject key identifier: 06:09:FD:1D:A4:39:77:E3:4B:E0:01:CF:3D:E9:5A:3A:C1:D6:A0:5E
Certificate issuer: /CN=9f6fb7954179a9666b4cb6afe346d1e21ec30e45
Certificate serial: 18B6C532
Authority key identifier: 9F:6F:B7:95:41:79:A9:66:6B:4C:B6:AF:E3:46:D1:E2:1E:C3:0E:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n2-3lUF5qWZrTLav40bR4h7DDkU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/0a3fff-1a42-4044-ae8f-7354a73bda7e/1/Bgn9HaQ5d-NL4AHPPelaOsHWoF4.roa
Signing time: Thu 24 Mar 2022 07:15:26 +0000
ROA not before: Thu 24 Mar 2022 07:15:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1200
IP address blocks: 185.55.137.0/24 maxlen: 24
185.55.136.0/22 maxlen: 22
185.55.136.0/24 maxlen: 24
91.200.16.0/22 maxlen: 22
195.69.144.0/22 maxlen: 22
91.236.189.0/24 maxlen: 24
195.60.82.128/26 maxlen: 26
193.105.101.0/24 maxlen: 24
80.249.208.0/21 maxlen: 21
2a02:4b60::/32 maxlen: 32
2001:67c:1a8::/48 maxlen: 48
2001:7f8:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 414631218 (0x18b6c532)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f6fb7954179a9666b4cb6afe346d1e21ec30e45
Validity
Not Before: Mar 24 07:15:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0609fd1da43977e34be001cf3de95a3ac1d6a05e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a4:ee:0e:8a:3b:8b:0e:5e:39:29:1e:28:05:
85:37:12:18:06:9b:e0:36:e3:c0:83:c9:79:6a:e3:
8c:bf:52:7b:df:b9:4b:c2:30:77:4e:69:a5:75:14:
a9:a9:6b:74:f3:4d:71:2d:16:2c:10:1e:df:78:26:
ce:13:a6:2c:aa:4f:8c:65:fd:00:9e:93:eb:62:83:
45:35:c8:05:1f:07:96:15:03:57:c1:10:9b:d3:0e:
37:c1:89:9f:4c:2e:2d:47:42:63:6d:31:c5:d5:1a:
9e:c2:43:a9:84:74:f7:1a:5d:46:23:43:cf:b4:c4:
9f:52:2e:64:52:ac:ce:26:a2:4d:68:62:e0:b8:ed:
5d:40:b4:4b:a5:3d:c6:79:77:cb:01:76:6e:8f:fd:
46:d9:68:77:9f:f5:46:47:85:70:37:36:69:9f:e8:
83:c6:7c:8d:3c:80:4f:3f:d3:98:ad:80:cd:02:73:
ae:6e:fb:78:26:c2:79:e3:6f:e1:98:9b:14:00:c2:
02:17:bb:05:43:e1:4e:2f:4f:e9:9e:cb:07:c6:72:
25:6b:a3:69:77:03:86:a1:2b:91:11:49:f2:29:6f:
b0:14:ab:55:fc:ca:af:44:11:2e:20:72:42:af:66:
45:57:07:0d:be:1e:25:97:0d:05:d1:e3:4c:45:e9:
7a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:09:FD:1D:A4:39:77:E3:4B:E0:01:CF:3D:E9:5A:3A:C1:D6:A0:5E
X509v3 Authority Key Identifier:
keyid:9F:6F:B7:95:41:79:A9:66:6B:4C:B6:AF:E3:46:D1:E2:1E:C3:0E:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n2-3lUF5qWZrTLav40bR4h7DDkU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/0a3fff-1a42-4044-ae8f-7354a73bda7e/1/Bgn9HaQ5d-NL4AHPPelaOsHWoF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/0a3fff-1a42-4044-ae8f-7354a73bda7e/1/n2-3lUF5qWZrTLav40bR4h7DDkU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.249.208.0/21
91.200.16.0/22
91.236.189.0/24
185.55.136.0/22
193.105.101.0/24
195.60.82.128/26
195.69.144.0/22
IPv6:
2001:67c:1a8::/48
2001:7f8:1::/48
2a02:4b60::/32
Signature Algorithm: sha256WithRSAEncryption
4c:4e:6b:99:d3:a6:41:18:11:47:68:74:c5:27:e4:8c:c8:dd:
1f:ec:e1:ee:42:50:37:1a:c1:39:7e:4d:25:83:6d:c0:5a:0a:
0d:e5:36:a4:bf:fe:ef:46:f4:f3:95:8f:2c:d9:76:19:99:ca:
39:d3:ba:ef:b8:2a:ac:06:40:57:dd:0a:e1:0c:f8:b1:b8:e1:
2b:04:33:f9:20:4c:0b:69:fb:28:c5:10:fb:28:05:52:4f:c8:
15:79:1d:d2:1f:3e:72:41:9d:11:ce:be:23:67:cb:3b:86:f3:
02:c9:48:55:54:df:64:f5:18:98:b4:3a:50:69:90:2f:d4:1f:
cd:05:bf:4d:da:3b:6c:be:5b:e8:95:ca:fb:74:09:cc:df:13:
b1:c3:ea:fd:cf:a3:08:bc:dc:9c:07:b5:94:0c:dd:48:3a:31:
c6:43:fa:1a:49:bd:b2:1c:9f:88:9d:4e:63:25:f6:2a:fd:ac:
62:f7:df:d0:9a:f8:bc:0b:67:f0:25:27:7c:08:2e:d1:fa:fc:
2d:38:be:2e:27:a2:82:24:e7:9a:0b:e8:a8:a2:9f:34:98:c2:
a2:e0:a2:a6:83:4c:84:bc:9d:c1:17:02:be:d1:1e:11:4b:3d:
c8:70:43:41:96:28:01:d8:c3:dc:ff:2b:b6:41:a9:86:8d:e0:
33:ab:78:0d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIEGLbFMjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZjZmYjc5NTQxNzlhOTY2NmI0Y2I2YWZlMzQ2ZDFlMjFlYzMwZTQ1MB4XDTIyMDMy
NDA3MTUyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDYwOWZkMWRhNDM5
NzdlMzRiZTAwMWNmM2RlOTVhM2FjMWQ2YTA1ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMuk7g6KO4sOXjkpHigFhTcSGAab4DbjwIPJeWrjjL9Se9+5
S8Iwd05ppXUUqalrdPNNcS0WLBAe33gmzhOmLKpPjGX9AJ6T62KDRTXIBR8HlhUD
V8EQm9MON8GJn0wuLUdCY20xxdUansJDqYR09xpdRiNDz7TEn1IuZFKsziaiTWhi
4LjtXUC0S6U9xnl3ywF2bo/9Rtlod5/1RkeFcDc2aZ/og8Z8jTyATz/TmK2AzQJz
rm77eCbCeeNv4ZibFADCAhe7BUPhTi9P6Z7LB8ZyJWujaXcDhqErkRFJ8ilvsBSr
VfzKr0QRLiByQq9mRVcHDb4eJZcNBdHjTEXpelkCAwEAAaOCAk8wggJLMB0GA1Ud
DgQWBBQGCf0dpDl340vgAc896Vo6wdagXjAfBgNVHSMEGDAWgBSfb7eVQXmpZmtM
tq/jRtHiHsMORTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L24yLTNsVUY1cVdaclRMYXY0MGJSNGg3RERrVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjIvMGEzZmZmLTFhNDItNDA0NC1hZThmLTczNTRhNzNiZGE3ZS8x
L0JnbjlIYVE1ZC1OTDRBSFBQZWxhT3NIV29GNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjIv
MGEzZmZmLTFhNDItNDA0NC1hZThmLTczNTRhNzNiZGE3ZS8xL24yLTNsVUY1cVda
clRMYXY0MGJSNGg3RERrVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBl
BggrBgEFBQcBBwEB/wRWMFQwMQQCAAEwKwMEA1D50AMEAlvIEAMEAFvsvQMEArk3
iAMEAMFpZQMFBsM8UoADBALDRZAwHwQCAAIwGQMHACABBnwBqAMHACABB/gAAQMF
ACoCS2AwDQYJKoZIhvcNAQELBQADggEBAExOa5nTpkEYEUdodMUn5IzI3R/s4e5C
UDcawTl+TSWDbcBaCg3lNqS//u9G9POVjyzZdhmZyjnTuu+4KqwGQFfdCuEM+LG4
4SsEM/kgTAtp+yjFEPsoBVJPyBV5HdIfPnJBnRHOviNnyzuG8wLJSFVU32T1GJi0
OlBpkC/UH80Fv03aO2y+W+iVyvt0CczfE7HD6v3Powi83JwHtZQM3Ug6McZD+hpJ
vbIcn4idTmMl9ir9rGL339Ca+LwLZ/AlJ3wILtH6/C04vi4nooIk55oL6KiinzSY
wqLgoqaDTIS8ncEXAr7RHhFLPchwQ0GWKAHYw9z/K7ZBqYaN4DOreA0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:56 2024 by rpki-client on console-ams.rpki-client.org