Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/bBwj5N6-1Ywn9-2gvBpYxGac_bY.roa
File: bBwj5N6-1Ywn9-2gvBpYxGac_bY.roa (raw, json)
Hash identifier: JAhCFvMQmRl5cmIgNQ9mb/+epT/s6smZ+ciFQvsVe7A=
Subject key identifier: 6C:1C:23:E4:DE:BE:D5:8C:27:F7:ED:A0:BC:1A:58:C4:66:9C:FD:B6
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01827E4D2D8F415AF45A8FE9E686688DEB86
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/bBwj5N6-1Ywn9-2gvBpYxGac_bY.roa
Signing time: Mon 08 Aug 2022 16:32:43 +0000
ROA not before: Mon 08 Aug 2022 16:32:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207743
IP address blocks: 91.239.225.0/24 maxlen: 24
64.43.77.0/24 maxlen: 24
64.43.78.0/23 maxlen: 23
109.207.134.0/23 maxlen: 23
176.96.92.0/23 maxlen: 23
64.43.96.0/23 maxlen: 23
64.43.98.0/23 maxlen: 23
93.120.26.0/24 maxlen: 24
93.120.32.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:7e:4d:2d:8f:41:5a:f4:5a:8f:e9:e6:86:68:8d:eb:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Aug 8 16:32:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6c1c23e4debed58c27f7eda0bc1a58c4669cfdb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:32:99:29:1d:d5:37:20:e4:16:44:00:2e:70:
df:29:b6:00:6a:a3:5c:50:66:84:4f:25:6d:95:18:
85:e8:46:af:8c:0f:cf:4f:5e:e4:d7:42:51:9b:e1:
90:6e:de:cb:5e:bf:6b:29:37:7c:be:69:3f:aa:54:
d3:43:78:29:68:49:db:7f:db:94:c7:1c:b8:8a:53:
40:45:93:54:07:03:f0:d4:20:7b:db:29:ed:1b:b3:
bb:46:0b:5e:44:f7:2d:e2:4d:c6:5b:30:0a:0e:fb:
16:ab:9e:6a:11:93:34:8f:0d:29:8c:3f:5e:60:df:
2f:df:c0:65:3c:a0:f8:31:12:6f:ba:f5:84:bc:b9:
b2:fa:0b:34:7f:ff:a3:56:a2:0f:9d:5a:aa:ef:41:
ac:ef:57:2f:03:bd:a1:97:47:e5:22:74:3d:4f:31:
81:97:9f:20:a1:1a:7e:1f:19:6b:53:be:8c:4d:22:
f6:c8:8e:44:17:32:e9:ae:43:ef:d2:13:e8:43:ab:
24:ac:7a:e9:ac:08:bc:a9:d0:00:bb:25:dd:6f:00:
56:0c:68:94:ef:99:53:48:b0:78:8b:76:63:ed:55:
68:19:81:b3:fc:51:88:35:c0:18:fe:d9:4b:e0:db:
c0:78:0a:5b:04:c1:46:bc:4d:52:49:65:5f:3a:4c:
59:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:1C:23:E4:DE:BE:D5:8C:27:F7:ED:A0:BC:1A:58:C4:66:9C:FD:B6
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/bBwj5N6-1Ywn9-2gvBpYxGac_bY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.43.77.0-64.43.79.255
64.43.96.0/22
91.239.225.0/24
93.120.26.0/24
93.120.32.0/24
109.207.134.0/23
176.96.92.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:69:25:b2:13:fb:13:c2:0a:3c:5e:7f:ba:4f:4d:ac:99:36:
50:ab:bc:6c:a1:60:07:61:0b:c8:2c:f4:27:01:d6:4a:43:c4:
a8:01:93:96:37:ce:38:04:01:86:c0:5b:62:b3:d4:75:27:fb:
5b:83:dc:c0:e6:81:2a:c8:1b:24:b8:9e:f5:17:de:d5:99:e4:
6a:c6:c4:48:d8:64:5f:44:9e:4b:ac:9e:83:a4:80:75:1c:d5:
b7:cc:af:c2:84:c7:7e:0b:23:fb:9a:5d:08:9a:28:64:11:5f:
3b:33:50:47:d0:26:ae:12:13:bd:52:7d:23:32:87:ad:ce:6c:
45:f5:c3:1c:c4:e1:0f:0e:e6:25:79:6b:ec:48:09:61:f3:c5:
0b:92:9b:4e:d5:fc:c1:46:9b:d8:5f:04:3a:c8:5c:1a:70:42:
8f:35:70:31:1d:f5:89:f7:15:0e:68:93:32:8e:e1:a3:be:cd:
a4:b9:60:02:7d:fd:cc:77:ae:ba:ab:33:6a:40:11:17:46:c6:
2a:0c:b4:70:dc:96:c4:b1:5c:91:be:b0:31:a4:2f:44:56:c3:
76:82:b9:d6:48:a9:90:c0:80:81:00:4b:df:31:16:85:36:d4:
9c:a8:5a:b7:90:b6:df:41:e3:39:77:8b:0d:63:b2:f2:19:df:
30:f9:d1:ec
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYJ+TS2PQVr0Wo/p5oZojeuGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjIwODA4MTYzMjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzFjMjNlNGRlYmVkNThjMjdmN2VkYTBiYzFhNThjNDY2OWNmZGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTKZKR3VNyDkFkQALnDfKbYAaqNc
UGaETyVtlRiF6EavjA/PT17k10JRm+GQbt7LXr9rKTd8vmk/qlTTQ3gpaEnbf9uU
xxy4ilNARZNUBwPw1CB72yntG7O7RgteRPct4k3GWzAKDvsWq55qEZM0jw0pjD9e
YN8v38BlPKD4MRJvuvWEvLmy+gs0f/+jVqIPnVqq70Gs71cvA72hl0flInQ9TzGB
l58goRp+HxlrU76MTSL2yI5EFzLprkPv0hPoQ6skrHrprAi8qdAAuyXdbwBWDGiU
75lTSLB4i3Zj7VVoGYGz/FGINcAY/tlL4NvAeApbBMFGvE1SSWVfOkxZfQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFGwcI+TevtWMJ/ftoLwaWMRmnP22MB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvYkJ3ajVONi0xWXduOS0yZ3ZCcFl4R2FjX2JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyMAwDBABAK00D
BARAK0ADBAJAK2ADBABb7+EDBABdeBoDBABdeCADBAFtz4YDBAGwYFwwDQYJKoZI
hvcNAQELBQADggEBAI5pJbIT+xPCCjxef7pPTayZNlCrvGyhYAdhC8gs9CcB1kpD
xKgBk5Y3zjgEAYbAW2Kz1HUn+1uD3MDmgSrIGyS4nvUX3tWZ5GrGxEjYZF9Enkus
noOkgHUc1bfMr8KEx34LI/uaXQiaKGQRXzszUEfQJq4SE71SfSMyh63ObEX1wxzE
4Q8O5iV5a+xICWHzxQuSm07V/MFGm9hfBDrIXBpwQo81cDEd9Yn3FQ5okzKO4aO+
zaS5YAJ9/cx3rrqrM2pAERdGxioMtHDclsSxXJG+sDGkL0RWw3aCudZIqZDAgIEA
S98xFoU21JyoWreQtt9B4zl3iw1jsvIZ3zD50ew=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:48 2024 by rpki-client on console-ams.rpki-client.org