Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/BIZBTnufCyVwrmRcylSm0LpbLIs.roa
File: BIZBTnufCyVwrmRcylSm0LpbLIs.roa (raw, json)
Hash identifier: l5M9Hv0HW1h2+fEIsp4RqBlbJFwvV6mbFQVBoItbjU0=
Subject key identifier: 04:86:41:4E:7B:9F:0B:25:70:AE:64:5C:CA:54:A6:D0:BA:5B:2C:8B
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 0182DE6FC9D32D95FDC6176B20C20A4639B7
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/BIZBTnufCyVwrmRcylSm0LpbLIs.roa
Signing time: Sat 27 Aug 2022 08:34:04 +0000
ROA not before: Sat 27 Aug 2022 08:34:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 188.255.206.0/24 maxlen: 24
188.255.134.0/24 maxlen: 24
212.69.10.0/23 maxlen: 23
212.69.14.0/24 maxlen: 24
109.233.184.0/23 maxlen: 24
178.253.237.0/24 maxlen: 24
178.253.243.0/24 maxlen: 24
109.121.0.0/19 maxlen: 19
185.47.91.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:de:6f:c9:d3:2d:95:fd:c6:17:6b:20:c2:0a:46:39:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Aug 27 08:34:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0486414e7b9f0b2570ae645cca54a6d0ba5b2c8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:eb:95:3f:8c:18:7b:08:e5:05:f2:df:01:36:
e6:3d:53:b9:d8:ff:dc:86:21:80:18:82:ff:49:0e:
47:ba:89:47:c1:f6:63:74:39:37:7f:e9:d6:99:21:
69:a3:e1:17:74:f0:eb:2c:79:00:1f:26:b0:b6:c9:
4b:27:50:c1:1d:e8:ca:99:05:5d:54:86:4e:ec:6c:
a1:8b:91:08:0b:9f:4a:ab:fb:b5:90:21:19:ab:e4:
1c:5c:9e:ca:e6:f3:51:5b:f0:bd:e0:85:89:3c:e3:
2a:57:e0:ad:ca:b0:6a:b8:d6:39:bb:7c:f5:15:fa:
5f:5a:06:7b:ca:e9:a4:19:a1:42:ba:c3:ee:e9:67:
3f:e9:58:97:d6:f5:dd:43:5f:c6:8c:92:d4:30:79:
9e:ea:08:fd:46:12:6b:55:b1:e2:93:10:c0:b3:b7:
51:fd:95:98:46:88:69:17:fb:7b:8c:e8:aa:60:c7:
a6:a0:37:ac:9f:3c:fe:44:c5:24:60:f2:51:e5:72:
1f:f1:2b:62:f4:a7:b6:31:6c:90:19:8b:29:2e:58:
cf:af:14:ee:a5:ac:16:38:dc:80:2c:23:b4:27:25:
68:fb:60:f9:83:1c:c3:57:90:23:c9:59:e3:e3:3c:
ea:e2:5c:3e:6f:1f:38:64:d9:d7:62:24:d3:4b:b1:
da:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:86:41:4E:7B:9F:0B:25:70:AE:64:5C:CA:54:A6:D0:BA:5B:2C:8B
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/BIZBTnufCyVwrmRcylSm0LpbLIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.0.0/19
109.233.184.0/23
178.253.237.0/24
178.253.243.0/24
185.47.91.0/24
188.255.134.0/24
188.255.206.0/24
212.69.10.0/23
212.69.14.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:6e:7d:48:6c:87:37:c1:79:46:74:93:c0:46:39:e2:dc:47:
f3:96:7a:73:a8:82:49:b4:86:ba:54:68:77:66:e1:25:30:98:
0a:46:99:2a:79:fa:a7:b0:15:e6:40:98:7d:f2:ac:3f:3b:52:
2e:8e:83:8a:fa:cc:b9:b3:5c:62:8a:9a:0c:b9:4b:62:44:7e:
88:2b:89:cd:52:c4:ef:ca:f2:88:31:25:1f:6f:fa:3d:76:10:
89:91:c2:28:da:7c:81:40:b1:3a:85:fd:f9:35:f7:bc:f1:44:
13:1e:d5:47:62:fb:ff:dd:eb:ec:39:dd:9c:96:f4:5c:1c:b4:
f6:79:21:c9:20:f2:40:ae:c2:53:2f:c6:bc:50:cb:6c:74:72:
24:d8:d7:08:63:57:c4:ae:3f:81:2d:da:e1:7c:16:03:79:be:
16:57:e9:1d:82:bb:4d:eb:3c:45:75:46:87:63:ea:13:3c:cc:
d5:39:0d:07:d6:74:dd:4b:e5:fc:b3:51:6f:8a:ac:a4:d0:20:
77:20:a1:50:18:ef:8e:b1:eb:a6:d4:2d:23:2e:3a:b7:f2:04:
36:8c:18:24:5f:65:c6:96:ad:43:4c:c9:da:44:8a:1a:51:f3:
d4:48:06:48:c8:3e:93:39:55:b3:9c:39:2c:4f:46:ef:74:6b:
85:fe:e4:1b
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYLeb8nTLZX9xhdrIMIKRjm3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjIwODI3MDgzNDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDg2NDE0ZTdiOWYwYjI1NzBhZTY0NWNjYTU0YTZkMGJhNWIyYzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmeuVP4wYewjlBfLfATbmPVO52P/c
hiGAGIL/SQ5HuolHwfZjdDk3f+nWmSFpo+EXdPDrLHkAHyawtslLJ1DBHejKmQVd
VIZO7Gyhi5EIC59Kq/u1kCEZq+QcXJ7K5vNRW/C94IWJPOMqV+CtyrBquNY5u3z1
FfpfWgZ7yumkGaFCusPu6Wc/6ViX1vXdQ1/GjJLUMHme6gj9RhJrVbHikxDAs7dR
/ZWYRohpF/t7jOiqYMemoDesnzz+RMUkYPJR5XIf8Sti9Ke2MWyQGYspLljPrxTu
pawWONyALCO0JyVo+2D5gxzDV5AjyVnj4zzq4lw+bx84ZNnXYiTTS7HadQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFASGQU57nwslcK5kXMpUptC6WyyLMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvQklaQlRudWZDeVZ3cm1SY3lsU20wTHBiTElzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQFbXkAAwQB
bem4AwQAsv3tAwQAsv3zAwQAuS9bAwQAvP+GAwQAvP/OAwQB1EUKAwQA1EUOMA0G
CSqGSIb3DQEBCwUAA4IBAQAfbn1IbIc3wXlGdJPARjni3EfzlnpzqIJJtIa6VGh3
ZuElMJgKRpkqefqnsBXmQJh98qw/O1IujoOK+sy5s1xiipoMuUtiRH6IK4nNUsTv
yvKIMSUfb/o9dhCJkcIo2nyBQLE6hf35Nfe88UQTHtVHYvv/3evsOd2clvRcHLT2
eSHJIPJArsJTL8a8UMtsdHIk2NcIY1fErj+BLdrhfBYDeb4WV+kdgrtN6zxFdUaH
Y+oTPMzVOQ0H1nTdS+X8s1Fviqyk0CB3IKFQGO+Oseum1C0jLjq38gQ2jBgkX2XG
lq1DTMnaRIoaUfPUSAZIyD6TOVWznDksT0bvdGuF/uQb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:03 2024 by rpki-client on console-ams.rpki-client.org