Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/bEbfcRGCe9fC367Xc2QYDDXFc3g.roa
File: bEbfcRGCe9fC367Xc2QYDDXFc3g.roa (raw, json)
Hash identifier: 5jJB7vKwpDtIHO4flP8In2nRLxS0uS54mQ6MNyn4B1w=
Subject key identifier: 6C:46:DF:71:11:82:7B:D7:C2:DF:AE:D7:73:64:18:0C:35:C5:73:78
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018322871B87389A2E132D28912493A41CB4
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/bEbfcRGCe9fC367Xc2QYDDXFc3g.roa
Signing time: Fri 09 Sep 2022 13:53:43 +0000
ROA not before: Fri 09 Sep 2022 13:53:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35346
IP address blocks: 91.242.108.0/22 maxlen: 22
91.242.112.0/20 maxlen: 24
91.242.112.0/21 maxlen: 24
194.114.144.0/24 maxlen: 25
194.114.144.128/27 maxlen: 27
45.67.116.0/24 maxlen: 24
91.242.64.0/18 maxlen: 24
2a07:5540::/29 maxlen: 29
2a09:4440::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:22:87:1b:87:38:9a:2e:13:2d:28:91:24:93:a4:1c:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Sep 9 13:53:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6c46df7111827bd7c2dfaed77364180c35c57378
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:45:23:5d:74:20:9d:ee:17:3e:d4:25:1d:cd:
cd:6b:d4:30:6f:59:ba:a2:33:7e:89:6e:be:bc:c4:
bd:c8:0f:76:fd:8b:70:ea:e6:a9:33:51:fb:41:26:
03:45:95:3d:e6:81:11:93:67:4c:b1:99:43:a6:86:
b5:83:20:a2:61:82:a5:29:ec:1a:a9:32:1d:64:dc:
1d:7c:f6:88:9f:a6:de:69:10:f7:4a:cc:00:5a:0f:
29:77:08:86:59:1c:b0:20:ab:42:fc:43:b0:b1:1d:
fd:c7:a5:dc:2d:f7:12:25:69:d4:36:a6:e0:e4:c7:
03:ec:a3:41:6f:37:b0:e0:73:90:5b:20:24:8f:a4:
ed:dd:28:13:ad:e7:39:4c:5a:52:89:70:c2:e5:60:
61:bf:d5:48:3b:da:99:a9:3f:18:59:99:55:2e:2a:
3f:b9:2a:36:18:43:2b:99:93:33:0e:13:b7:60:50:
d6:42:0d:af:95:79:51:d2:4b:36:e9:e8:e2:de:25:
91:16:ee:7e:28:27:b7:c6:68:b9:3f:1e:29:22:3b:
05:3f:08:50:1a:a7:c1:e6:87:50:33:9e:bd:10:ee:
d5:f9:c3:23:c3:e3:6a:b6:cc:d1:a5:04:b0:8c:89:
17:11:ba:f8:1e:8a:36:36:f6:8b:c9:b4:31:b3:90:
a0:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:46:DF:71:11:82:7B:D7:C2:DF:AE:D7:73:64:18:0C:35:C5:73:78
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/bEbfcRGCe9fC367Xc2QYDDXFc3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.116.0/24
91.242.64.0/18
194.114.144.0/24
IPv6:
2a07:5540::/29
2a09:4440::/29
Signature Algorithm: sha256WithRSAEncryption
a6:b4:01:27:55:7d:f4:75:ef:fc:2e:48:c4:19:a4:78:4b:83:
84:fe:5e:b0:b1:32:7e:9a:c2:e8:e3:0a:69:9c:87:bc:95:b7:
81:f7:f2:a1:bd:bd:cb:1b:1d:ff:b0:81:eb:c0:ac:f1:7b:2a:
f2:a5:21:56:13:39:6d:43:5e:7f:b7:5a:f8:94:10:5c:a2:0a:
7e:a1:de:ef:5f:50:a9:24:16:ad:24:2e:f4:0b:b0:8f:c4:16:
0d:56:b5:ea:48:2a:dc:90:12:ea:a6:6d:65:3a:e2:9a:1f:e3:
86:3b:cc:94:bf:7c:73:f1:85:51:59:63:86:8f:32:5d:60:26:
29:6f:73:6f:d3:3e:86:93:4d:70:8a:2e:f5:ad:e5:b7:88:67:
fe:4d:10:39:20:c6:57:45:5f:e2:64:ad:d2:d4:0d:3f:07:30:
c3:01:bb:91:1b:87:29:92:30:25:b0:f4:9f:11:d4:5a:31:66:
d0:1a:b7:e2:20:df:2d:0a:1d:0f:67:8f:12:17:58:b1:b8:f1:
f9:b0:48:9e:f7:3d:10:51:0a:b6:33:19:83:4e:53:8d:10:85:
f3:db:e9:75:38:e3:b9:39:19:5f:21:10:f1:7d:95:cc:3f:94:
f9:76:bb:23:55:a7:33:a6:d9:db:8d:c1:2f:4d:e6:b0:33:9e:
4e:78:f0:f8
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYMihxuHOJouEy0okSSTpBy0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIwOTA5MTM1MzQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzQ2ZGY3MTExODI3YmQ3YzJkZmFlZDc3MzY0MTgwYzM1YzU3Mzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUUjXXQgne4XPtQlHc3Na9Qwb1m6
ojN+iW6+vMS9yA92/Ytw6uapM1H7QSYDRZU95oERk2dMsZlDpoa1gyCiYYKlKewa
qTIdZNwdfPaIn6beaRD3SswAWg8pdwiGWRywIKtC/EOwsR39x6XcLfcSJWnUNqbg
5McD7KNBbzew4HOQWyAkj6Tt3SgTrec5TFpSiXDC5WBhv9VIO9qZqT8YWZlVLio/
uSo2GEMrmZMzDhO3YFDWQg2vlXlR0ks26eji3iWRFu5+KCe3xmi5Px4pIjsFPwhQ
GqfB5odQM569EO7V+cMjw+NqtszRpQSwjIkXEbr4Hoo2NvaLybQxs5CgsQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFGxG33ERgnvXwt+u13NkGAw1xXN4MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvYkViZmNSR0NlOWZDMzY3WGMyUVlERFhGYzNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQALUN0AwQG
W/JAAwQAwnKQMBQEAgACMA4DBQMqB1VAAwUDKglEQDANBgkqhkiG9w0BAQsFAAOC
AQEAprQBJ1V99HXv/C5IxBmkeEuDhP5esLEyfprC6OMKaZyHvJW3gffyob29yxsd
/7CB68Cs8Xsq8qUhVhM5bUNef7da+JQQXKIKfqHe719QqSQWrSQu9Auwj8QWDVa1
6kgq3JAS6qZtZTrimh/jhjvMlL98c/GFUVljho8yXWAmKW9zb9M+hpNNcIou9a3l
t4hn/k0QOSDGV0Vf4mSt0tQNPwcwwwG7kRuHKZIwJbD0nxHUWjFm0Bq34iDfLQod
D2ePEhdYsbjx+bBInvc9EFEKtjMZg05TjRCF89vpdTjjuTkZXyEQ8X2VzD+U+Xa7
I1WnM6bZ243BL03msDOeTnjw+A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:50 2023 by rpki-client on console-fra.rpki-client.org