Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/bZK1Vci_P90zhAawTf5_fb687xc.roa
File: bZK1Vci_P90zhAawTf5_fb687xc.roa (raw, json)
Hash identifier: HdX6VurD4UF3QIcyNhYfKhOXAXe7NN3O9BnEMakBYKQ=
Subject key identifier: 6D:92:B5:55:C8:BF:3F:DD:33:84:06:B0:4D:FE:7F:7D:BE:BC:EF:17
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 01837DC5096BEC15C06212BD2261EA781DB1
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/bZK1Vci_P90zhAawTf5_fb687xc.roa
Signing time: Tue 27 Sep 2022 07:06:48 +0000
ROA not before: Tue 27 Sep 2022 07:06:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204868
IP address blocks: 2.59.204.0/22 maxlen: 24
5.253.228.0/22 maxlen: 22
185.145.80.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7d:c5:09:6b:ec:15:c0:62:12:bd:22:61:ea:78:1d:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Sep 27 07:06:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6d92b555c8bf3fdd338406b04dfe7f7dbebcef17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:aa:c1:bd:90:ed:c9:37:2c:ed:4e:9c:4a:65:
85:4f:b7:33:1a:03:03:3f:2f:80:1d:e7:ab:d7:2c:
3f:6e:18:40:63:79:65:b9:be:07:3c:b8:ef:55:0b:
c7:61:91:85:76:d4:21:b2:49:b2:f8:b3:c2:bd:bc:
ff:d8:78:8d:aa:ec:8e:8f:e6:72:4f:92:d1:a2:04:
59:ca:7b:34:57:bb:2f:2b:74:95:f3:96:18:38:75:
3e:11:c7:02:f0:93:08:7a:ee:4d:f9:e8:57:fe:74:
fc:65:91:44:97:d2:ce:74:6a:56:50:10:bd:cd:9f:
5d:b4:83:02:7f:50:46:89:7e:b2:fe:2f:42:b2:3f:
02:42:07:de:46:32:35:b2:f1:e8:85:40:9f:69:43:
98:cd:30:92:98:9b:01:aa:f3:c3:bb:8f:a7:a2:65:
66:50:01:2d:79:16:a2:5a:20:0e:8a:4b:b9:d1:3b:
9b:51:fd:73:b1:6b:b4:64:04:12:05:40:b0:1d:d7:
7a:3a:21:a3:e6:96:d7:af:ee:27:50:dc:fc:df:d3:
d4:c0:e2:db:e9:48:f6:3a:76:10:9c:f0:27:e8:d2:
96:d0:65:3e:ec:bd:12:43:b1:78:d5:e1:89:b9:95:
8c:92:4e:d5:af:62:25:27:97:4e:c3:d0:50:ec:e8:
40:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:92:B5:55:C8:BF:3F:DD:33:84:06:B0:4D:FE:7F:7D:BE:BC:EF:17
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/bZK1Vci_P90zhAawTf5_fb687xc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.204.0/22
5.253.228.0/22
185.145.80.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:e5:7f:f4:4b:14:05:f6:0a:1d:95:9c:78:c0:5e:da:1e:ee:
7b:23:18:d2:db:2a:13:95:dc:28:51:c0:02:5a:a5:68:de:c8:
1e:ed:27:1b:09:7d:5e:e1:e7:5b:85:8b:e4:7e:fc:34:c2:da:
68:4d:6c:0a:d1:f0:87:ca:29:5a:c8:bd:f6:bc:01:3c:83:2b:
ee:a3:01:03:09:2f:61:28:36:c2:1c:e3:a3:ea:b5:f9:33:0c:
5b:b8:a4:d3:d0:84:68:79:d1:b0:fe:e1:0a:1b:0e:65:ac:a5:
fd:4a:a6:39:6a:73:66:16:13:f9:43:50:e5:74:19:09:1f:e0:
16:c6:e0:9f:3e:ff:34:8d:3e:48:26:7f:9d:34:d1:77:e8:c3:
8a:d7:23:61:0b:00:29:1c:9c:c5:8f:14:b4:ea:60:5f:1a:f8:
4e:91:55:e4:41:1a:ad:1e:ae:47:d0:be:96:d7:87:c7:f6:36:
ad:81:29:d4:4b:4d:4e:a3:81:87:db:95:a0:94:20:11:8c:b0:
91:00:c9:58:20:4d:fc:b0:c7:9a:fa:29:67:e1:fd:20:da:ac:
00:04:63:01:61:00:31:ab:dc:bf:ef:13:1d:38:58:48:f3:ae:
15:3a:ee:f1:32:de:26:ea:7d:91:fc:6f:ea:4a:62:d7:02:ef:
ec:32:35:f8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYN9xQlr7BXAYhK9ImHqeB2xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIwOTI3MDcwNjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDkyYjU1NWM4YmYzZmRkMzM4NDA2YjA0ZGZlN2Y3ZGJlYmNlZjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqrBvZDtyTcs7U6cSmWFT7czGgMD
Py+AHeer1yw/bhhAY3llub4HPLjvVQvHYZGFdtQhskmy+LPCvbz/2HiNquyOj+Zy
T5LRogRZyns0V7svK3SV85YYOHU+EccC8JMIeu5N+ehX/nT8ZZFEl9LOdGpWUBC9
zZ9dtIMCf1BGiX6y/i9Csj8CQgfeRjI1svHohUCfaUOYzTCSmJsBqvPDu4+nomVm
UAEteRaiWiAOiku50TubUf1zsWu0ZAQSBUCwHdd6OiGj5pbXr+4nUNz839PUwOLb
6Uj2OnYQnPAn6NKW0GU+7L0SQ7F41eGJuZWMkk7Vr2IlJ5dOw9BQ7OhA/wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG2StVXIvz/dM4QGsE3+f32+vO8XMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvYlpLMVZjaV9QOTB6aEFhd1RmNV9mYjY4N3hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCAjvMAwQC
Bf3kAwQCuZFQMA0GCSqGSIb3DQEBCwUAA4IBAQAv5X/0SxQF9godlZx4wF7aHu57
IxjS2yoTldwoUcACWqVo3sge7ScbCX1e4edbhYvkfvw0wtpoTWwK0fCHyilayL32
vAE8gyvuowEDCS9hKDbCHOOj6rX5MwxbuKTT0IRoedGw/uEKGw5lrKX9SqY5anNm
FhP5Q1DldBkJH+AWxuCfPv80jT5IJn+dNNF36MOK1yNhCwApHJzFjxS06mBfGvhO
kVXkQRqtHq5H0L6W14fH9jatgSnUS01Oo4GH25WglCARjLCRAMlYIE38sMea+iln
4f0g2qwABGMBYQAxq9y/7xMdOFhI864VOu7xMt4m6n2R/G/qSmLXAu/sMjX4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org