Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/BLxZkNJxRAhkw1hoTvzvpeMd53g.roa
File: BLxZkNJxRAhkw1hoTvzvpeMd53g.roa (raw, json)
Hash identifier: vCsNsvo6bAM5QCvLTU+gM+rDvr/LdExjz4FiDqSqQLs=
Subject key identifier: 04:BC:59:90:D2:71:44:08:64:C3:58:68:4E:FC:EF:A5:E3:1D:E7:78
Certificate issuer: /CN=a3c963d1a11d00d384adedf9bb86e53849a9b18c
Certificate serial: 12CC44C0
Authority key identifier: A3:C9:63:D1:A1:1D:00:D3:84:AD:ED:F9:BB:86:E5:38:49:A9:B1:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o8lj0aEdANOEre35u4blOEmpsYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/BLxZkNJxRAhkw1hoTvzvpeMd53g.roa
Signing time: Sat 01 Jan 2022 11:03:48 +0000
ROA not before: Sat 01 Jan 2022 11:03:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39232
IP address blocks: 217.25.16.0/21 maxlen: 21
217.25.16.0/20 maxlen: 20
217.25.24.0/21 maxlen: 21
185.80.172.0/23 maxlen: 23
185.80.172.0/22 maxlen: 22
185.80.174.0/23 maxlen: 23
109.239.16.0/20 maxlen: 20
109.239.16.0/21 maxlen: 21
37.26.0.0/19 maxlen: 19
37.26.0.0/18 maxlen: 18
109.239.24.0/21 maxlen: 21
37.26.32.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 315376832 (0x12cc44c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3c963d1a11d00d384adedf9bb86e53849a9b18c
Validity
Not Before: Jan 1 11:03:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=04bc5990d271440864c358684efcefa5e31de778
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:ae:f2:20:ea:ff:a5:b5:05:b1:38:b4:0b:d5:
f5:81:e1:1a:43:53:38:7f:f8:0e:38:9e:6e:26:9f:
fb:68:21:37:b9:3d:96:51:a8:60:ed:7f:d3:40:c5:
5e:d0:85:5d:e3:28:05:8b:94:7c:09:36:b4:b5:b2:
52:8a:b5:f9:4a:87:dc:a9:5e:2a:95:77:28:91:bf:
d3:55:a1:49:b8:65:bb:98:78:05:ed:32:5b:d5:80:
71:22:0f:cf:08:26:cb:a3:0e:d6:e2:39:76:5a:f2:
1d:5f:ad:6f:67:47:10:b3:62:65:24:31:5a:9d:70:
0a:eb:97:cb:b0:b9:34:88:d9:83:cd:00:e7:3b:d9:
00:83:5b:da:e2:cf:72:26:5a:f5:dd:fe:dd:56:9f:
6a:c4:a8:6a:42:34:59:5e:6a:96:9d:72:e4:0e:9c:
9d:3d:02:a1:a5:be:45:5d:37:d5:3b:f6:46:5f:87:
1d:20:f7:32:4d:a4:29:84:bf:49:0c:f1:dc:09:b1:
ef:ca:3d:2f:27:23:9c:2d:ff:7e:8d:4f:03:4e:e6:
c0:32:af:de:48:8d:02:33:60:b3:f8:9b:44:60:cb:
c2:de:ac:71:f6:b8:08:e5:57:78:59:5f:be:87:e1:
91:e8:0b:93:e8:e9:21:f8:68:d2:19:a0:f9:d5:2a:
3d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:BC:59:90:D2:71:44:08:64:C3:58:68:4E:FC:EF:A5:E3:1D:E7:78
X509v3 Authority Key Identifier:
keyid:A3:C9:63:D1:A1:1D:00:D3:84:AD:ED:F9:BB:86:E5:38:49:A9:B1:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o8lj0aEdANOEre35u4blOEmpsYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/BLxZkNJxRAhkw1hoTvzvpeMd53g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fc52a0-e0f7-480b-ba7d-1042ea8e3bfb/1/o8lj0aEdANOEre35u4blOEmpsYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.26.0.0/18
109.239.16.0/20
185.80.172.0/22
217.25.16.0/20
Signature Algorithm: sha256WithRSAEncryption
71:9e:51:b5:25:85:a4:78:09:7d:cf:29:bf:f2:a3:7f:76:c2:
20:d2:1e:20:03:66:0c:a7:f7:f3:99:1a:78:ac:48:44:6f:e5:
80:c5:37:90:35:bb:4c:c2:41:90:5b:a7:53:3b:88:f9:5b:4b:
bd:18:5d:6c:91:c7:98:06:62:59:43:fa:68:27:53:2d:08:f1:
3c:c0:70:cc:97:c7:5c:67:5c:00:d4:1a:9c:e7:be:76:90:99:
03:bf:56:7b:7f:b4:7f:3d:9a:1a:f6:9e:f0:4f:bb:7f:e8:be:
d6:d6:a2:c5:ee:00:a1:80:6a:64:b8:35:44:98:63:a9:7b:95:
69:af:25:fa:63:91:3f:1a:67:72:b6:50:2d:1d:41:08:c8:2b:
cf:19:5d:3d:ba:93:7e:70:a9:67:4d:f8:4e:e4:95:f1:8c:6a:
bc:c2:98:a4:76:35:dd:df:00:ef:07:01:8f:ef:ac:8b:de:0d:
8a:a7:e4:99:9c:a3:09:03:16:0f:48:02:07:4a:ec:3e:25:6a:
b5:97:15:ee:88:0c:1b:31:63:b9:27:30:91:ba:3a:50:9d:12:
ec:2b:5e:74:95:95:f5:0b:3e:2f:69:02:b5:1c:53:a6:9e:22:
69:98:09:8e:2e:41:09:ff:17:62:3c:cf:19:e1:96:3f:56:3d:
ec:24:5a:24
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEEsxEwDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
M2M5NjNkMWExMWQwMGQzODRhZGVkZjliYjg2ZTUzODQ5YTliMThjMB4XDTIyMDEw
MTExMDM0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDRiYzU5OTBkMjcx
NDQwODY0YzM1ODY4NGVmY2VmYTVlMzFkZTc3ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOSu8iDq/6W1BbE4tAvV9YHhGkNTOH/4Djiebiaf+2ghN7k9
llGoYO1/00DFXtCFXeMoBYuUfAk2tLWyUoq1+UqH3KleKpV3KJG/01WhSbhlu5h4
Be0yW9WAcSIPzwgmy6MO1uI5dlryHV+tb2dHELNiZSQxWp1wCuuXy7C5NIjZg80A
5zvZAINb2uLPciZa9d3+3VafasSoakI0WV5qlp1y5A6cnT0CoaW+RV031Tv2Rl+H
HSD3Mk2kKYS/SQzx3Amx78o9LycjnC3/fo1PA07mwDKv3kiNAjNgs/ibRGDLwt6s
cfa4COVXeFlfvofhkegLk+jpIfho0hmg+dUqPaUCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQEvFmQ0nFECGTDWGhO/O+l4x3neDAfBgNVHSMEGDAWgBSjyWPRoR0A04St
7fm7huU4SamxjDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L284bGowYUVkQU5PRXJlMzV1NGJsT0VtcHNZdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvZmM1MmEwLWUwZjctNDgwYi1iYTdkLTEwNDJlYThlM2JmYi8x
L0JMeFprTkp4UkFoa3cxaG9Udnp2cGVNZDUzZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
ZmM1MmEwLWUwZjctNDgwYi1iYTdkLTEwNDJlYThlM2JmYi8xL284bGowYUVkQU5P
RXJlMzV1NGJsT0VtcHNZdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEBiUaAAMEBG3vEAMEArlQrAMEBNkZ
EDANBgkqhkiG9w0BAQsFAAOCAQEAcZ5RtSWFpHgJfc8pv/Kjf3bCINIeIANmDKf3
85kaeKxIRG/lgMU3kDW7TMJBkFunUzuI+VtLvRhdbJHHmAZiWUP6aCdTLQjxPMBw
zJfHXGdcANQanOe+dpCZA79We3+0fz2aGvae8E+7f+i+1taixe4AoYBqZLg1RJhj
qXuVaa8l+mORPxpncrZQLR1BCMgrzxldPbqTfnCpZ034TuSV8YxqvMKYpHY13d8A
7wcBj++si94NiqfkmZyjCQMWD0gCB0rsPiVqtZcV7ogMGzFjuScwkbo6UJ0S7Cte
dJWV9Qs+L2kCtRxTpp4iaZgJji5BCf8XYjzPGeGWP1Y97CRaJA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:30 2023 by rpki-client on console-ams.rpki-client.org