Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/bbXqRgfgbXtrHYtveOArj1aOfcs.roa
File: bbXqRgfgbXtrHYtveOArj1aOfcs.roa (raw, json)
Hash identifier: 3wLP3oPQgJF5EydReDmg9/F5ZexZNKKtaSioXtg6ies=
Subject key identifier: 6D:B5:EA:46:07:E0:6D:7B:6B:1D:8B:6F:78:E0:2B:8F:56:8E:7D:CB
Certificate issuer: /CN=f8857ecf441e5ea1d7181fec7e97e6dbc1220fc2
Certificate serial: 0847AEB2
Authority key identifier: F8:85:7E:CF:44:1E:5E:A1:D7:18:1F:EC:7E:97:E6:DB:C1:22:0F:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-IV-z0QeXqHXGB_sfpfm28EiD8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/bbXqRgfgbXtrHYtveOArj1aOfcs.roa
Signing time: Sat 01 Jan 2022 08:02:30 +0000
ROA not before: Sat 01 Jan 2022 08:02:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51167
IP address blocks: 185.137.122.0/24 maxlen: 32
94.250.202.0/24 maxlen: 32
94.250.201.0/24 maxlen: 32
94.250.203.0/24 maxlen: 32
176.57.150.0/24 maxlen: 32
176.57.184.0/24 maxlen: 32
176.57.188.0/24 maxlen: 32
176.57.189.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 138915506 (0x847aeb2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8857ecf441e5ea1d7181fec7e97e6dbc1220fc2
Validity
Not Before: Jan 1 08:02:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6db5ea4607e06d7b6b1d8b6f78e02b8f568e7dcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:58:53:29:37:57:1b:8e:b9:ad:82:5a:23:01:
e1:a5:71:01:72:87:bc:cc:dd:24:3b:76:b7:5c:70:
36:0a:00:e8:55:cc:61:33:db:92:32:a4:53:73:fe:
b7:ce:74:19:7e:e5:c4:6c:87:f6:e6:ec:c7:66:58:
c3:2e:30:50:6f:2e:bb:13:ab:15:d1:2a:9d:8e:c3:
6a:48:b0:45:de:eb:24:6a:78:b1:8d:b4:e5:c6:a9:
58:14:82:69:50:b6:5b:94:5e:4e:c4:5f:ed:51:ce:
d6:a6:62:48:19:cc:29:f9:7a:89:53:7f:0c:d5:f9:
1b:b5:1a:6c:f6:65:bb:e8:fc:2a:50:4c:16:11:04:
ae:0a:2e:fb:89:33:85:0f:20:47:f3:ae:6e:1a:92:
a0:7e:58:93:40:e9:19:de:4f:10:e1:4e:1a:db:d8:
ca:80:83:93:b1:d1:cc:44:91:48:35:5e:da:bf:c3:
de:4e:6f:50:b7:8d:27:ce:e1:a1:4d:a2:7d:06:e1:
9c:2e:91:35:81:3a:12:08:b9:da:95:10:46:9b:7a:
e5:63:9a:bb:d3:c7:4b:5a:c6:b9:b5:e9:1a:3b:24:
1a:b6:ab:f0:4d:d7:2c:6d:12:4c:6c:ed:42:1e:e3:
f5:c8:26:9e:fb:21:a9:d0:2b:0f:82:aa:e5:9e:bc:
9e:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:B5:EA:46:07:E0:6D:7B:6B:1D:8B:6F:78:E0:2B:8F:56:8E:7D:CB
X509v3 Authority Key Identifier:
keyid:F8:85:7E:CF:44:1E:5E:A1:D7:18:1F:EC:7E:97:E6:DB:C1:22:0F:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-IV-z0QeXqHXGB_sfpfm28EiD8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/bbXqRgfgbXtrHYtveOArj1aOfcs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/1-IV-z0QeXqHXGB_sfpfm28EiD8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.250.201.0-94.250.203.255
176.57.150.0/24
176.57.184.0/24
176.57.188.0/23
185.137.122.0/24
Signature Algorithm: sha256WithRSAEncryption
59:f1:32:94:b3:b2:e2:27:89:32:c5:68:69:46:3e:e0:cc:47:
ee:11:19:a5:80:90:ad:dc:ad:7d:ab:ff:b7:37:22:b5:fc:c6:
ed:d5:94:53:e8:3e:34:56:89:b5:97:f5:f6:da:53:6d:af:54:
6e:98:44:c9:d2:cd:89:4c:bc:89:36:20:65:6e:ac:b8:ab:6b:
b9:70:bb:c7:ee:d2:d3:34:86:24:5f:7f:96:f7:13:7e:98:17:
92:2f:3a:27:ff:48:97:c9:94:0e:6e:8b:e6:c2:7f:b1:b6:94:
e4:f8:27:50:53:77:0d:52:7a:30:91:8e:98:d5:21:c7:51:79:
13:66:61:b1:09:b5:ee:bf:1a:2b:eb:ca:60:7b:3e:44:99:d4:
6d:5b:65:97:60:66:5d:30:4a:da:19:4c:54:27:cd:f8:cb:11:
eb:68:d9:d6:f2:6a:3c:f4:4a:59:6f:5c:cb:9c:d9:ff:b6:d2:
fc:19:b1:15:f5:d0:c9:32:ee:94:61:0f:3c:77:ee:44:bb:29:
8f:15:fc:6e:80:b1:9e:9e:1e:5b:61:a8:1e:bb:1f:5f:f9:27:
3c:6d:1e:0b:78:85:43:ef:da:6a:7a:c1:90:31:d7:a6:34:b1:
39:05:59:36:af:f9:19:c5:d6:5c:a7:41:55:ee:73:ad:45:ae:
42:77:8d:9c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIECEeusjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ODg1N2VjZjQ0MWU1ZWExZDcxODFmZWM3ZTk3ZTZkYmMxMjIwZmMyMB4XDTIyMDEw
MTA4MDIzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmRiNWVhNDYwN2Uw
NmQ3YjZiMWQ4YjZmNzhlMDJiOGY1NjhlN2RjYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMtYUyk3VxuOua2CWiMB4aVxAXKHvMzdJDt2t1xwNgoA6FXM
YTPbkjKkU3P+t850GX7lxGyH9ubsx2ZYwy4wUG8uuxOrFdEqnY7DakiwRd7rJGp4
sY205capWBSCaVC2W5ReTsRf7VHO1qZiSBnMKfl6iVN/DNX5G7UabPZlu+j8KlBM
FhEErgou+4kzhQ8gR/OubhqSoH5Yk0DpGd5PEOFOGtvYyoCDk7HRzESRSDVe2r/D
3k5vULeNJ87hoU2ifQbhnC6RNYE6Egi52pUQRpt65WOau9PHS1rGubXpGjskGrar
8E3XLG0STGztQh7j9cgmnvshqdArD4Kq5Z68nn8CAwEAAaOCAiswggInMB0GA1Ud
DgQWBBRttepGB+Bte2sdi2944CuPVo59yzAfBgNVHSMEGDAWgBT4hX7PRB5eodcY
H+x+l+bbwSIPwjAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtSVYtejBRZVhxSFhHQl9zZnBmbTI4RWlEOEkuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzJhL2M4NDk3Ni1kNWVhLTRlN2YtOGVkMy1hODlmODE3NzY0MDYv
MS9iYlhxUmdmZ2JYdHJIWXR2ZU9BcmoxYU9mY3Mucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJh
L2M4NDk3Ni1kNWVhLTRlN2YtOGVkMy1hODlmODE3NzY0MDYvMS8xLUlWLXowUWVY
cUhYR0Jfc2ZwZm0yOEVpRDhJLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBABe+skDBAJe+sgDBACwOZYD
BACwObgDBAGwObwDBAC5iXowDQYJKoZIhvcNAQELBQADggEBAFnxMpSzsuIniTLF
aGlGPuDMR+4RGaWAkK3crX2r/7c3IrX8xu3VlFPoPjRWibWX9fbaU22vVG6YRMnS
zYlMvIk2IGVurLira7lwu8fu0tM0hiRff5b3E36YF5IvOif/SJfJlA5ui+bCf7G2
lOT4J1BTdw1SejCRjpjVIcdReRNmYbEJte6/GivrymB7PkSZ1G1bZZdgZl0wStoZ
TFQnzfjLEeto2dbyajz0SllvXMuc2f+20vwZsRX10Mky7pRhDzx37kS7KY8V/G6A
sZ6eHlthqB67H1/5JzxtHgt4hUPv2mp6wZAx16Y0sTkFWTav+RnF1lynQVXuc61F
rkJ3jZw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:45 2023 by rpki-client on console-fra.rpki-client.org