Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/873549-4e88-4c51-8717-1a5d8f50518f/1/bLpSRYvGDAg9737-_Q7oaS59U9U.roa
File: bLpSRYvGDAg9737-_Q7oaS59U9U.roa (raw, json)
Hash identifier: 3tLNE+lbR8l9Wn1w2YL3ERWIe4CRioqk16OgRXXcDp4=
Subject key identifier: 6C:BA:52:45:8B:C6:0C:08:3D:EF:7E:FE:FD:0E:E8:69:2E:7D:53:D5
Certificate issuer: /CN=113eaf2521dcbf764242431a781f68d0dd551402
Certificate serial: 06547645
Authority key identifier: 11:3E:AF:25:21:DC:BF:76:42:42:43:1A:78:1F:68:D0:DD:55:14:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ET6vJSHcv3ZCQkMaeB9o0N1VFAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/873549-4e88-4c51-8717-1a5d8f50518f/1/bLpSRYvGDAg9737-_Q7oaS59U9U.roa
Signing time: Sat 01 Jan 2022 06:53:41 +0000
ROA not before: Sat 01 Jan 2022 06:53:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207187
IP address blocks: 213.194.212.0/22 maxlen: 22
213.194.216.0/21 maxlen: 21
213.194.224.0/19 maxlen: 19
185.163.180.0/22 maxlen: 24
45.130.248.0/22 maxlen: 22
2a0e:59c0::/29 maxlen: 29
2a0a:1c00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106198597 (0x6547645)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=113eaf2521dcbf764242431a781f68d0dd551402
Validity
Not Before: Jan 1 06:53:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6cba52458bc60c083def7efefd0ee8692e7d53d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:53:90:1f:9e:f3:b9:e6:18:c3:46:2e:de:45:
e8:81:42:d5:de:21:ce:b5:52:9b:61:2c:91:4e:5b:
6b:2a:0b:70:29:1c:b3:60:f2:26:b7:ee:2c:17:7f:
c1:9c:ec:1e:b9:f4:72:9c:98:df:42:30:00:38:11:
ac:86:d1:dd:7c:83:29:7d:d3:85:67:3f:6d:c5:18:
4e:05:1f:72:74:36:98:b6:d2:0d:3f:91:a4:f2:ed:
0f:4f:9c:b5:30:ef:02:ec:5f:fd:f6:ba:36:45:eb:
f6:b1:5e:78:4d:74:ea:82:54:d1:49:42:83:be:b4:
cc:67:8b:01:4c:00:2c:80:bc:7c:a1:90:9e:75:14:
63:25:c6:0d:15:7b:f6:3f:ad:a3:97:54:6e:8b:02:
36:3a:4b:42:25:ca:02:eb:99:34:76:32:65:71:a7:
b4:c3:28:e3:a3:69:4d:3d:14:6d:eb:8a:d4:72:87:
c0:30:f7:dc:98:64:21:10:08:15:89:a5:e2:78:ba:
aa:e3:f9:3e:10:a7:d3:0c:14:1e:9d:a3:8e:0e:84:
92:c2:ef:07:19:a7:de:46:5d:e1:05:36:4c:d6:77:
cf:d0:b3:33:f0:34:b9:60:cb:9f:d0:33:13:c5:85:
32:03:c6:7c:ee:a1:eb:1a:f3:d0:6e:79:ef:9d:ba:
28:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:BA:52:45:8B:C6:0C:08:3D:EF:7E:FE:FD:0E:E8:69:2E:7D:53:D5
X509v3 Authority Key Identifier:
keyid:11:3E:AF:25:21:DC:BF:76:42:42:43:1A:78:1F:68:D0:DD:55:14:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ET6vJSHcv3ZCQkMaeB9o0N1VFAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/873549-4e88-4c51-8717-1a5d8f50518f/1/bLpSRYvGDAg9737-_Q7oaS59U9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/873549-4e88-4c51-8717-1a5d8f50518f/1/ET6vJSHcv3ZCQkMaeB9o0N1VFAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.248.0/22
185.163.180.0/22
213.194.212.0-213.194.255.255
IPv6:
2a0a:1c00::/29
2a0e:59c0::/29
Signature Algorithm: sha256WithRSAEncryption
9f:ce:7f:5a:e6:25:d7:e6:9a:4e:86:54:8f:04:cf:a2:7b:64:
48:0e:79:ac:1e:c7:24:d2:df:6b:34:bf:16:6a:e6:da:23:6b:
98:26:0f:22:7d:7b:81:50:de:e4:05:2b:34:1a:36:a7:45:86:
64:1f:87:8d:1c:76:78:00:af:4c:58:3b:a7:22:3e:3a:c6:30:
69:f4:66:b3:d0:c7:3a:e3:46:e5:25:a0:bf:3c:6d:b4:43:5d:
4c:47:0e:0f:af:ab:3d:cb:e8:b7:eb:fd:1c:53:ec:55:5d:09:
06:c4:7b:f0:af:20:66:75:82:a5:07:17:74:7c:3b:ed:d4:a5:
bf:da:a0:ac:f4:c7:68:f3:0c:32:15:1d:31:9b:03:b6:19:16:
3e:82:a7:09:8e:cc:22:e0:e2:5a:c5:72:0d:69:11:7a:18:5d:
1c:f9:1a:fe:d0:7b:ad:bc:24:f8:ad:6f:49:72:e7:a3:1d:3d:
05:63:ff:9c:a5:99:0c:23:29:ca:e8:73:af:c6:7d:8e:37:6e:
cb:6b:d4:b7:20:b1:0b:b7:0b:39:7a:72:80:11:5a:0a:36:6e:
2c:af:1f:9d:90:4e:79:f4:55:cf:d3:96:1b:99:42:83:5f:7d:
a2:89:a0:cc:1c:67:e8:35:d7:88:6b:ef:ea:d1:ac:b4:08:fb:
9a:56:ad:d6
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIEBlR2RTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MTNlYWYyNTIxZGNiZjc2NDI0MjQzMWE3ODFmNjhkMGRkNTUxNDAyMB4XDTIyMDEw
MTA2NTM0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmNiYTUyNDU4YmM2
MGMwODNkZWY3ZWZlZmQwZWU4NjkyZTdkNTNkNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALlTkB+e87nmGMNGLt5F6IFC1d4hzrVSm2EskU5bayoLcCkc
s2DyJrfuLBd/wZzsHrn0cpyY30IwADgRrIbR3XyDKX3ThWc/bcUYTgUfcnQ2mLbS
DT+RpPLtD0+ctTDvAuxf/fa6NkXr9rFeeE106oJU0UlCg760zGeLAUwALIC8fKGQ
nnUUYyXGDRV79j+to5dUbosCNjpLQiXKAuuZNHYyZXGntMMo46NpTT0UbeuK1HKH
wDD33JhkIRAIFYml4ni6quP5PhCn0wwUHp2jjg6EksLvBxmn3kZd4QU2TNZ3z9Cz
M/A0uWDLn9AzE8WFMgPGfO6h6xrz0G557526KAUCAwEAAaOCAjIwggIuMB0GA1Ud
DgQWBBRsulJFi8YMCD3vfv79DuhpLn1T1TAfBgNVHSMEGDAWgBQRPq8lIdy/dkJC
Qxp4H2jQ3VUUAjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VUNnZKU0hjdjNaQ1FrTWFlQjlvME4xVkZBSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjMvODczNTQ5LTRlODgtNGM1MS04NzE3LTFhNWQ4ZjUwNTE4Zi8x
L2JMcFNSWXZHREFnOTczNy1fUTdvYVM1OVU5VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjMv
ODczNTQ5LTRlODgtNGM1MS04NzE3LTFhNWQ4ZjUwNTE4Zi8xL0VUNnZKU0hjdjNa
Q1FrTWFlQjlvME4xVkZBSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBI
BggrBgEFBQcBBwEB/wQ5MDcwHwQCAAEwGQMEAi2C+AMEArmjtDALAwQC1cLUAwMA
1cIwFAQCAAIwDgMFAyoKHAADBQMqDlnAMA0GCSqGSIb3DQEBCwUAA4IBAQCfzn9a
5iXX5ppOhlSPBM+ie2RIDnmsHsck0t9rNL8WaubaI2uYJg8ifXuBUN7kBSs0Gjan
RYZkH4eNHHZ4AK9MWDunIj46xjBp9Gaz0Mc640blJaC/PG20Q11MRw4Pr6s9y+i3
6/0cU+xVXQkGxHvwryBmdYKlBxd0fDvt1KW/2qCs9Mdo8wwyFR0xmwO2GRY+gqcJ
jswi4OJaxXINaRF6GF0c+Rr+0HutvCT4rW9JcuejHT0FY/+cpZkMIynK6HOvxn2O
N27La9S3ILELtws5enKAEVoKNm4srx+dkE559FXP05YbmUKDX32iiaDMHGfoNdeI
a+/q0ay0CPuaVq3W
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:04 2023 by rpki-client on console-ams.rpki-client.org