Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/91182a-f34b-4a15-b363-84f9ed87ac31/1/BFDwnzdS6_mja7FB_VKsFgYhPs8.roa
File: BFDwnzdS6_mja7FB_VKsFgYhPs8.roa (raw, json)
Hash identifier: EU6WxniFBmkx5lNumLeVEQKQbOXbHNXNY1tOWksLKuo=
Subject key identifier: 04:50:F0:9F:37:52:EB:F9:A3:6B:B1:41:FD:52:AC:16:06:21:3E:CF
Certificate issuer: /CN=3a34889251e7cb133e906c70891ba1a0495ed860
Certificate serial: 01192506
Authority key identifier: 3A:34:88:92:51:E7:CB:13:3E:90:6C:70:89:1B:A1:A0:49:5E:D8:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OjSIklHnyxM-kGxwiRuhoEle2GA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/91182a-f34b-4a15-b363-84f9ed87ac31/1/BFDwnzdS6_mja7FB_VKsFgYhPs8.roa
Signing time: Tue 28 Jun 2022 09:46:02 +0000
ROA not before: Tue 28 Jun 2022 09:46:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212238
IP address blocks: 185.240.78.0/24 maxlen: 24
185.240.77.0/24 maxlen: 24
185.240.76.0/24 maxlen: 24
185.185.209.0/24 maxlen: 24
185.185.211.0/24 maxlen: 24
185.185.208.0/24 maxlen: 24
185.185.210.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18425094 (0x1192506)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a34889251e7cb133e906c70891ba1a0495ed860
Validity
Not Before: Jun 28 09:46:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0450f09f3752ebf9a36bb141fd52ac1606213ecf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:fc:02:e6:4b:16:fe:d7:2a:e8:4e:49:c2:98:
08:51:4a:70:fb:90:00:74:0d:4a:a7:01:f5:86:be:
c2:a5:4a:7d:96:16:45:8a:89:d9:82:91:bc:ee:0c:
42:cb:50:15:30:e5:2c:20:b2:57:a9:03:ed:34:75:
a7:c5:79:92:e0:03:c2:c5:2a:4e:04:e7:c6:7d:b4:
2c:a2:7d:ba:31:a0:b7:6a:af:f2:5b:87:fa:4f:27:
86:7d:d4:71:a9:a6:b7:02:7a:8f:66:b4:34:40:6d:
84:c9:39:e0:3b:85:0d:ef:d0:34:b0:fa:25:1f:78:
8b:50:cc:81:e4:1a:d9:bc:6a:69:3d:fc:2c:3b:5a:
dd:8a:ed:46:6e:b0:eb:fa:3a:d0:d0:bf:7a:81:6c:
c1:fc:f1:73:3a:13:e0:97:5a:aa:e7:d5:ad:d0:82:
95:82:0a:64:64:44:f1:24:f8:0c:41:2d:5d:61:b0:
59:42:2b:59:f0:6e:21:a3:bb:60:da:08:58:9b:d4:
85:97:97:5f:47:38:7d:7b:4b:89:e9:1e:bb:ba:51:
8a:ac:07:67:cf:fb:80:3a:98:87:75:cf:77:ed:1c:
c6:c0:2f:5d:34:a8:a2:5d:c2:e4:3b:a4:af:48:38:
0a:1a:91:f9:2e:82:13:4a:81:74:1a:83:f2:85:fa:
81:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:50:F0:9F:37:52:EB:F9:A3:6B:B1:41:FD:52:AC:16:06:21:3E:CF
X509v3 Authority Key Identifier:
keyid:3A:34:88:92:51:E7:CB:13:3E:90:6C:70:89:1B:A1:A0:49:5E:D8:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OjSIklHnyxM-kGxwiRuhoEle2GA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/91182a-f34b-4a15-b363-84f9ed87ac31/1/BFDwnzdS6_mja7FB_VKsFgYhPs8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/91182a-f34b-4a15-b363-84f9ed87ac31/1/OjSIklHnyxM-kGxwiRuhoEle2GA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.185.208.0/22
185.240.76.0-185.240.78.255
Signature Algorithm: sha256WithRSAEncryption
46:71:ad:22:75:19:2c:2c:b1:25:6a:e3:1e:ff:1f:22:cc:53:
70:da:d9:24:97:f2:f8:4a:de:2a:08:6a:f2:5f:11:f7:42:3e:
06:78:5e:22:43:fa:3b:8f:da:92:16:04:40:df:f6:cd:6c:9c:
b4:84:b0:30:be:3b:a6:b9:a4:af:e0:49:55:2b:2c:9c:1a:5c:
b0:04:ab:31:fd:16:a9:4c:6c:4f:13:a6:bf:8f:a1:ad:24:e9:
6c:d0:d4:55:92:71:44:28:01:e0:8b:f9:e1:4e:cc:40:33:c7:
3d:c8:de:2f:4d:a8:3c:e6:26:40:36:a3:15:33:5f:1f:2c:75:
04:09:11:7c:d3:25:bb:b7:da:bd:e8:cf:5f:3e:7f:3a:cb:6f:
20:ed:f5:eb:4a:fd:6e:28:e2:e9:c9:d3:d8:e0:18:9b:a6:a8:
c9:5d:17:09:ff:79:83:0b:95:74:43:57:a7:79:8a:b4:46:7d:
69:a9:15:ff:f6:0b:d6:03:6a:66:50:11:e5:9a:21:f1:d9:4d:
93:60:1e:20:45:3a:c3:fe:da:41:8f:f7:d3:08:fb:bd:4b:81:
c5:14:a6:e1:e0:92:53:b8:16:13:90:47:08:e0:f5:04:36:73:
46:bc:e4:b9:cd:af:e7:a3:a7:44:bc:0e:a6:aa:17:f1:18:53:
4e:ba:8e:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEARklBjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YTM0ODg5MjUxZTdjYjEzM2U5MDZjNzA4OTFiYTFhMDQ5NWVkODYwMB4XDTIyMDYy
ODA5NDYwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDQ1MGYwOWYzNzUy
ZWJmOWEzNmJiMTQxZmQ1MmFjMTYwNjIxM2VjZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKz8AuZLFv7XKuhOScKYCFFKcPuQAHQNSqcB9Ya+wqVKfZYW
RYqJ2YKRvO4MQstQFTDlLCCyV6kD7TR1p8V5kuADwsUqTgTnxn20LKJ9ujGgt2qv
8luH+k8nhn3UcammtwJ6j2a0NEBthMk54DuFDe/QNLD6JR94i1DMgeQa2bxqaT38
LDta3YrtRm6w6/o60NC/eoFswfzxczoT4JdaqufVrdCClYIKZGRE8ST4DEEtXWGw
WUIrWfBuIaO7YNoIWJvUhZeXX0c4fXtLiekeu7pRiqwHZ8/7gDqYh3XPd+0cxsAv
XTSool3C5Dukr0g4ChqR+S6CE0qBdBqD8oX6gRcCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBQEUPCfN1Lr+aNrsUH9UqwWBiE+zzAfBgNVHSMEGDAWgBQ6NIiSUefLEz6Q
bHCJG6GgSV7YYDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09qU0lrbEhueXhNLWtHeHdpUnVob0VsZTJHQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvOTExODJhLWYzNGItNGExNS1iMzYzLTg0ZjllZDg3YWMzMS8x
L0JGRHduemRTNl9tamE3RkJfVktzRmdZaFBzOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
OTExODJhLWYzNGItNGExNS1iMzYzLTg0ZjllZDg3YWMzMS8xL09qU0lrbEhueXhN
LWtHeHdpUnVob0VsZTJHQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFAMEArm50DAMAwQCufBMAwQAufBOMA0G
CSqGSIb3DQEBCwUAA4IBAQBGca0idRksLLElauMe/x8izFNw2tkkl/L4St4qCGry
XxH3Qj4GeF4iQ/o7j9qSFgRA3/bNbJy0hLAwvjumuaSv4ElVKyycGlywBKsx/Rap
TGxPE6a/j6GtJOls0NRVknFEKAHgi/nhTsxAM8c9yN4vTag85iZANqMVM18fLHUE
CRF80yW7t9q96M9fPn86y28g7fXrSv1uKOLpydPY4BibpqjJXRcJ/3mDC5V0Q1en
eYq0Rn1pqRX/9gvWA2pmUBHlmiHx2U2TYB4gRTrD/tpBj/fTCPu9S4HFFKbh4JJT
uBYTkEcI4PUENnNGvOS5za/no6dEvA6mqhfxGFNOuo6u
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:13 2023 by rpki-client on console-ams.rpki-client.org