Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/bFR5YPtrFeLBQxcuNnMnc5D5wME.roa
File: bFR5YPtrFeLBQxcuNnMnc5D5wME.roa (raw, json)
Hash identifier: 9zDRU6q1+mQ33IYQy2gDcwsxy4OZW5EPnK0o0tjTW/Q=
Subject key identifier: 6C:54:79:60:FB:6B:15:E2:C1:43:17:2E:36:73:27:73:90:F9:C0:C1
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 137BF934
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/bFR5YPtrFeLBQxcuNnMnc5D5wME.roa
Signing time: Sat 01 Jan 2022 05:56:12 +0000
ROA not before: Sat 01 Jan 2022 05:56:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35346
IP address blocks: 91.242.108.0/22 maxlen: 22
91.242.112.0/20 maxlen: 24
91.242.112.0/21 maxlen: 21
194.114.144.0/24 maxlen: 25
91.242.64.0/18 maxlen: 24
2a07:5540::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 326891828 (0x137bf934)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 1 05:56:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6c547960fb6b15e2c143172e3673277390f9c0c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:11:4c:38:32:f9:69:80:fe:03:b3:6f:9b:a4:
19:2c:20:f9:57:53:e4:dc:ae:6c:61:ef:e6:31:58:
c6:0b:a5:95:0e:65:b8:c9:ae:b9:06:eb:47:aa:7d:
1b:9a:e8:bf:da:16:19:67:53:e4:98:35:58:6e:0d:
ea:20:d1:90:7a:d1:a1:a5:ac:a2:b9:0d:34:dc:1e:
ac:0f:28:b0:b9:d6:9e:cc:11:f9:49:49:e6:42:49:
87:1c:8c:7b:c6:32:1b:69:51:87:a3:af:26:4b:c5:
24:38:d9:fd:73:f1:da:63:94:d9:88:5c:01:24:10:
8e:62:bc:99:7c:e4:51:cb:3b:12:dc:d8:7c:ab:77:
13:1d:f4:78:7a:41:56:cc:9a:fe:3d:21:f2:06:e1:
ed:b3:34:8a:d1:61:15:11:a6:3c:28:d0:05:0d:ae:
8e:02:6c:50:cd:a7:29:1f:87:d0:eb:fd:d1:e8:af:
51:9c:ae:7e:af:33:1a:43:d0:9f:8f:70:49:93:d1:
2f:44:3a:3a:e7:98:23:c5:da:99:c9:f6:f6:09:92:
7f:15:08:46:d6:9e:65:a8:26:34:99:a8:90:15:c0:
51:a2:ee:77:7b:d1:86:8e:f3:e2:0e:37:95:e3:12:
04:de:31:47:ee:46:83:c2:18:d3:20:17:77:21:97:
50:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:54:79:60:FB:6B:15:E2:C1:43:17:2E:36:73:27:73:90:F9:C0:C1
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/bFR5YPtrFeLBQxcuNnMnc5D5wME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.64.0/18
194.114.144.0/24
IPv6:
2a07:5540::/29
Signature Algorithm: sha256WithRSAEncryption
8d:19:c3:e2:f1:af:5b:57:0b:94:f6:03:1a:9f:9c:d5:95:a8:
93:2e:bd:54:f0:b7:b5:5d:50:39:64:6b:80:2f:b5:db:70:b8:
a4:fd:25:83:6d:17:ba:bf:9f:73:7c:f7:1f:ce:60:62:b5:bd:
0c:d8:b1:2b:ed:0d:00:e3:0a:d3:55:37:e8:cf:74:10:86:d3:
24:5c:95:36:e9:98:cb:c5:0e:ca:6a:35:77:d1:73:2d:0c:28:
2b:2a:2f:0f:54:34:db:6d:8d:ac:38:2b:20:5f:23:34:9c:7f:
41:a4:12:56:b1:29:73:55:da:74:be:84:93:f3:a7:89:46:47:
54:29:81:78:58:c2:f6:91:91:b1:52:9d:85:38:2f:11:9f:9d:
80:98:12:f2:f9:de:b2:0a:17:0c:fc:32:10:3c:b6:6f:fc:78:
b9:6e:09:91:ca:a6:50:a4:9a:73:5e:87:23:75:46:17:65:35:
17:47:be:8c:26:f3:0e:d5:c7:5f:5b:67:c9:df:c2:16:e8:95:
5d:34:9b:42:cd:61:5e:8b:05:0b:7f:77:bf:35:43:b5:17:e9:
d5:86:9c:08:a7:ff:8c:b1:4b:af:90:a0:8b:ec:90:7e:be:02:
9e:68:4b:b2:54:9d:c6:15:c6:82:9c:7d:bc:d4:d1:a6:48:5d:
70:58:95:3a
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEE3v5NDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDEw
MTA1NTYxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmM1NDc5NjBmYjZi
MTVlMmMxNDMxNzJlMzY3MzI3NzM5MGY5YzBjMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIoRTDgy+WmA/gOzb5ukGSwg+VdT5NyubGHv5jFYxgullQ5l
uMmuuQbrR6p9G5rov9oWGWdT5Jg1WG4N6iDRkHrRoaWsorkNNNwerA8osLnWnswR
+UlJ5kJJhxyMe8YyG2lRh6OvJkvFJDjZ/XPx2mOU2YhcASQQjmK8mXzkUcs7EtzY
fKt3Ex30eHpBVsya/j0h8gbh7bM0itFhFRGmPCjQBQ2ujgJsUM2nKR+H0Ov90eiv
UZyufq8zGkPQn49wSZPRL0Q6OueYI8Xamcn29gmSfxUIRtaeZagmNJmokBXAUaLu
d3vRho7z4g43leMSBN4xR+5Gg8IY0yAXdyGXUKMCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBRsVHlg+2sV4sFDFy42cydzkPnAwTAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
L2JGUjVZUHRyRmVMQlF4Y3VObk1uYzVENXdNRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBlvyQAMEAMJykDANBAIAAjAHAwUD
KgdVQDANBgkqhkiG9w0BAQsFAAOCAQEAjRnD4vGvW1cLlPYDGp+c1ZWoky69VPC3
tV1QOWRrgC+123C4pP0lg20Xur+fc3z3H85gYrW9DNixK+0NAOMK01U36M90EIbT
JFyVNumYy8UOymo1d9FzLQwoKyovD1Q0222NrDgrIF8jNJx/QaQSVrEpc1XadL6E
k/OniUZHVCmBeFjC9pGRsVKdhTgvEZ+dgJgS8vnesgoXDPwyEDy2b/x4uW4Jkcqm
UKSac16HI3VGF2U1F0e+jCbzDtXHX1tnyd/CFuiVXTSbQs1hXosFC393vzVDtRfp
1YacCKf/jLFLr5Cgi+yQfr4CnmhLslSdxhXGgpx9vNTRpkhdcFiVOg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org