Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/bf-2PV5-9aTmkfKHLx_Ux9OX7Oc.roa
File: bf-2PV5-9aTmkfKHLx_Ux9OX7Oc.roa (raw, json)
Hash identifier: nVqI8bY634JnEdinOjL15hto8wgTBYg7eWDJOvjpgdA=
Subject key identifier: 6D:FF:B6:3D:5E:7E:F5:A4:E6:91:F2:87:2F:1F:D4:C7:D3:97:EC:E7
Certificate issuer: /CN=d1de124e0f8adb4e7d9576ceae325f668dd224b1
Certificate serial: 021ACE50
Authority key identifier: D1:DE:12:4E:0F:8A:DB:4E:7D:95:76:CE:AE:32:5F:66:8D:D2:24:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0d4STg-K2059lXbOrjJfZo3SJLE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/bf-2PV5-9aTmkfKHLx_Ux9OX7Oc.roa
Signing time: Sat 01 Jan 2022 05:58:34 +0000
ROA not before: Sat 01 Jan 2022 05:58:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 45.140.246.0/24 maxlen: 24
45.140.245.0/24 maxlen: 24
45.140.247.0/24 maxlen: 24
81.199.28.0/22 maxlen: 24
81.199.26.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35311184 (0x21ace50)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1de124e0f8adb4e7d9576ceae325f668dd224b1
Validity
Not Before: Jan 1 05:58:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6dffb63d5e7ef5a4e691f2872f1fd4c7d397ece7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d0:54:0f:e4:88:98:58:fa:66:01:e0:5e:3b:
20:3c:e1:83:ed:29:b9:c9:39:f6:3a:6b:c8:00:42:
6a:62:2f:10:1f:7b:47:85:f7:29:ab:ea:15:84:b1:
20:16:4d:e0:7a:e8:cc:08:dd:ad:c4:5e:e7:d7:28:
9c:d8:83:a3:f2:09:dc:bb:c5:3e:60:f9:e5:20:14:
91:92:d6:dc:bd:db:a3:e4:ba:44:74:f4:6b:99:31:
29:d7:33:e9:b7:ab:4b:1f:c7:78:fb:ea:fd:0f:ec:
d0:02:ac:e2:33:eb:af:44:a4:05:bc:ae:3a:b9:af:
03:da:d6:e1:41:c8:e4:2a:77:c9:81:a3:43:e1:e4:
94:35:93:c8:23:38:4c:42:ae:6f:3d:02:dc:cb:b3:
52:32:35:39:3e:da:91:8d:63:d0:38:9a:e1:ff:4e:
d0:a7:0e:ae:78:5a:ac:94:27:ac:f2:5a:4f:0f:da:
29:22:1c:71:ad:df:62:86:41:bb:dd:dd:47:55:bb:
17:63:e7:30:5f:d6:7b:a2:8c:c7:24:24:5c:62:7c:
14:97:48:4c:bc:72:9e:35:57:c7:e7:10:38:99:b1:
8b:1f:6c:1b:ae:71:10:5f:e6:b7:fb:e9:2c:08:5c:
77:fd:58:72:68:00:2a:11:6f:29:5a:80:1f:7d:43:
07:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:FF:B6:3D:5E:7E:F5:A4:E6:91:F2:87:2F:1F:D4:C7:D3:97:EC:E7
X509v3 Authority Key Identifier:
keyid:D1:DE:12:4E:0F:8A:DB:4E:7D:95:76:CE:AE:32:5F:66:8D:D2:24:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d4STg-K2059lXbOrjJfZo3SJLE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/bf-2PV5-9aTmkfKHLx_Ux9OX7Oc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/0d4STg-K2059lXbOrjJfZo3SJLE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.245.0-45.140.247.255
81.199.26.0-81.199.31.255
Signature Algorithm: sha256WithRSAEncryption
15:91:d8:37:bb:61:44:23:3c:bf:a8:bd:65:45:84:f0:d4:07:
e7:be:ee:26:2c:34:8d:d3:0e:80:0b:8e:a6:f5:69:0d:27:4e:
a4:08:29:a9:72:c3:a5:6f:da:0d:eb:0d:b7:a3:63:0c:d0:f2:
e7:b6:b7:5c:95:a2:55:b0:0e:57:db:bb:7b:4e:e4:d7:d0:65:
3f:76:e3:dd:e2:ab:f8:51:49:4e:3d:d5:ff:7b:3a:45:13:75:
b0:4b:8f:16:04:27:68:ac:29:81:39:99:d0:06:64:3e:83:d0:
f6:4f:5f:d2:f6:f9:46:c1:90:7d:8b:be:2a:70:cd:9a:0f:b3:
87:7b:f3:22:ae:27:eb:59:06:3f:74:bc:2e:9f:62:58:3d:7f:
b8:53:f3:15:26:1d:ec:f1:f0:93:72:0b:97:56:89:22:ea:7e:
8d:89:b3:1e:93:c8:20:c9:08:fc:f8:55:ea:ef:0a:d5:5f:15:
0e:fd:0a:a0:07:02:18:c4:62:84:8f:16:b3:c3:e9:73:58:e5:
ef:63:15:73:57:dc:5f:fd:10:2d:54:ac:d7:3f:24:18:2f:87:
1c:2e:3f:f0:7e:04:ac:4b:22:79:8a:79:d5:2e:e5:42:10:3e:
22:1b:58:72:6c:5b:33:e4:6b:a4:66:6c:36:da:2c:a6:86:c2:
47:e3:d2:fd
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIEAhrOUDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MWRlMTI0ZTBmOGFkYjRlN2Q5NTc2Y2VhZTMyNWY2NjhkZDIyNGIxMB4XDTIyMDEw
MTA1NTgzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmRmZmI2M2Q1ZTdl
ZjVhNGU2OTFmMjg3MmYxZmQ0YzdkMzk3ZWNlNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALHQVA/kiJhY+mYB4F47IDzhg+0puck59jpryABCamIvEB97
R4X3KavqFYSxIBZN4HrozAjdrcRe59conNiDo/IJ3LvFPmD55SAUkZLW3L3bo+S6
RHT0a5kxKdcz6berSx/HePvq/Q/s0AKs4jPrr0SkBbyuOrmvA9rW4UHI5Cp3yYGj
Q+HklDWTyCM4TEKubz0C3MuzUjI1OT7akY1j0Dia4f9O0KcOrnharJQnrPJaTw/a
KSIcca3fYoZBu93dR1W7F2PnMF/We6KMxyQkXGJ8FJdITLxynjVXx+cQOJmxix9s
G65xEF/mt/vpLAhcd/1YcmgAKhFvKVqAH31DB8sCAwEAAaOCAh8wggIbMB0GA1Ud
DgQWBBRt/7Y9Xn71pOaR8ocvH9TH05fs5zAfBgNVHSMEGDAWgBTR3hJOD4rbTn2V
ds6uMl9mjdIksTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBkNFNUZy1LMjA1OWxYYk9yakpmWm8zU0pMRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2EvYWJlMTM0LTAwOTMtNDY1Mi05MDU3LTRmNGM5YjM0M2U5MC8x
L2JmLTJQVjUtOWFUbWtmS0hMeF9VeDlPWDdPYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Ev
YWJlMTM0LTAwOTMtNDY1Mi05MDU3LTRmNGM5YjM0M2U5MC8xLzBkNFNUZy1LMjA1
OWxYYk9yakpmWm8zU0pMRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1
BggrBgEFBQcBBwEB/wQmMCQwIgQCAAEwHDAMAwQALYz1AwQDLYzwMAwDBAFRxxoD
BAVRxwAwDQYJKoZIhvcNAQELBQADggEBABWR2De7YUQjPL+ovWVFhPDUB+e+7iYs
NI3TDoALjqb1aQ0nTqQIKalyw6Vv2g3rDbejYwzQ8ue2t1yVolWwDlfbu3tO5NfQ
ZT92493iq/hRSU491f97OkUTdbBLjxYEJ2isKYE5mdAGZD6D0PZPX9L2+UbBkH2L
vipwzZoPs4d78yKuJ+tZBj90vC6fYlg9f7hT8xUmHezx8JNyC5dWiSLqfo2Jsx6T
yCDJCPz4VervCtVfFQ79CqAHAhjEYoSPFrPD6XNY5e9jFXNX3F/9EC1UrNc/JBgv
hxwuP/B+BKxLInmKedUu5UIQPiIbWHJsWzPka6RmbDbaLKaGwkfj0v0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:48 2023 by rpki-client on console-fra.rpki-client.org