Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/bfec08-8cbe-4c45-8db1-4d46c6a7010a/1/bb01XKsRFULynz5LYdc0hVLV1KM.roa
File: bb01XKsRFULynz5LYdc0hVLV1KM.roa (raw, json)
Hash identifier: QuT+CI3LmzcE062+jU0W8SImq8oUZQEwgaXXcGXA8d8=
Subject key identifier: 6D:BD:35:5C:AB:11:15:42:F2:9F:3E:4B:61:D7:34:85:52:D5:D4:A3
Certificate issuer: /CN=25475f5ad9eccff69c35a630dcff2c5a663fd7cf
Certificate serial: 0A50160F
Authority key identifier: 25:47:5F:5A:D9:EC:CF:F6:9C:35:A6:30:DC:FF:2C:5A:66:3F:D7:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JUdfWtnsz_acNaYw3P8sWmY_188.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/bfec08-8cbe-4c45-8db1-4d46c6a7010a/1/bb01XKsRFULynz5LYdc0hVLV1KM.roa
Signing time: Sat 01 Jan 2022 10:59:28 +0000
ROA not before: Sat 01 Jan 2022 10:59:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31042
IP address blocks: 185.20.37.0/24 maxlen: 24
185.20.36.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 173020687 (0xa50160f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25475f5ad9eccff69c35a630dcff2c5a663fd7cf
Validity
Not Before: Jan 1 10:59:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6dbd355cab111542f29f3e4b61d7348552d5d4a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ea:e7:06:90:1f:b1:64:74:ca:ce:d0:e1:2b:
74:7d:e5:3c:48:11:de:66:b3:a3:c5:5e:02:01:bc:
f5:6c:17:ff:6e:dc:01:93:c8:80:cd:6c:d6:8b:8e:
89:82:95:05:36:e0:c2:f8:d7:16:dd:35:bc:da:6f:
4d:20:f1:ae:0d:17:86:ba:e7:6b:b0:46:68:22:26:
c6:d8:a9:30:cb:e4:54:0e:e0:18:99:a9:95:8f:2b:
f9:9f:e1:aa:31:9b:44:5a:07:1d:fb:3e:37:82:e9:
a0:71:70:29:aa:7c:ce:38:1b:9f:8e:8f:b7:b0:03:
fb:2b:4d:5b:26:2d:fb:76:00:cb:e4:64:f3:8e:7e:
75:40:96:72:be:ca:d7:6a:ff:18:0f:7e:cb:8f:78:
d7:7b:b2:d7:3f:97:63:67:ea:e7:9f:ab:8f:6a:0a:
8f:a3:db:08:54:9b:f0:da:c0:87:bf:b9:db:3f:9a:
50:b9:f0:be:22:84:2a:dd:5b:2b:3f:72:72:2d:9f:
9d:45:cb:2e:fa:ec:de:fc:d1:99:d5:46:6d:96:27:
b8:e5:90:9e:4c:6f:c8:92:57:65:70:f0:25:2e:64:
c4:21:54:bd:19:88:a0:f1:8d:63:3c:24:7e:9e:85:
05:19:1d:5e:94:d7:9d:a5:8d:da:39:17:2d:87:4d:
4b:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:BD:35:5C:AB:11:15:42:F2:9F:3E:4B:61:D7:34:85:52:D5:D4:A3
X509v3 Authority Key Identifier:
keyid:25:47:5F:5A:D9:EC:CF:F6:9C:35:A6:30:DC:FF:2C:5A:66:3F:D7:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JUdfWtnsz_acNaYw3P8sWmY_188.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bfec08-8cbe-4c45-8db1-4d46c6a7010a/1/bb01XKsRFULynz5LYdc0hVLV1KM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bfec08-8cbe-4c45-8db1-4d46c6a7010a/1/JUdfWtnsz_acNaYw3P8sWmY_188.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.20.36.0/22
Signature Algorithm: sha256WithRSAEncryption
57:7f:e4:1f:99:c3:26:34:51:08:1c:f0:ea:6b:d6:90:f5:c5:
e5:a2:cc:1f:11:e8:0a:52:26:3c:3e:5e:78:a5:fd:99:7b:02:
24:fc:f9:be:e0:09:0a:66:7f:3a:03:05:8f:be:1d:6a:4b:02:
7f:7a:93:55:26:2b:3a:72:5f:9c:77:80:ec:9d:8e:7c:e9:c1:
08:9b:eb:d1:5e:5f:95:f7:d8:a1:af:e6:9e:9d:61:3f:17:6f:
31:36:86:b6:0e:94:b9:a8:a6:d4:87:d4:b4:1a:aa:72:dc:c5:
2b:86:08:95:f8:64:d7:97:a9:8e:97:fc:5f:12:04:9e:dd:26:
bb:1f:48:c1:03:e4:f4:0d:ef:31:0d:ab:28:12:47:1d:1b:32:
a4:45:25:f6:f9:87:fa:5c:01:1b:76:b6:28:f6:60:23:79:77:
4f:98:21:f8:1d:81:86:eb:cf:1f:1e:3e:d2:42:a6:21:2a:c0:
61:c1:ed:f2:89:93:f3:9b:81:8c:34:e1:8b:13:7f:79:9b:f7:
ff:7f:b8:1f:1b:36:6d:46:e2:1d:15:7c:dd:30:f0:aa:3e:ef:
46:88:f3:26:78:b5:fe:18:b8:71:07:bc:ec:21:fd:5f:10:4f:
78:17:54:91:26:e5:18:ff:a2:3b:b0:24:ff:db:eb:70:06:29:
a0:b1:c1:c2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEClAWDzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NTQ3NWY1YWQ5ZWNjZmY2OWMzNWE2MzBkY2ZmMmM1YTY2M2ZkN2NmMB4XDTIyMDEw
MTEwNTkyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmRiZDM1NWNhYjEx
MTU0MmYyOWYzZTRiNjFkNzM0ODU1MmQ1ZDRhMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI7q5waQH7FkdMrO0OErdH3lPEgR3mazo8VeAgG89WwX/27c
AZPIgM1s1ouOiYKVBTbgwvjXFt01vNpvTSDxrg0Xhrrna7BGaCImxtipMMvkVA7g
GJmplY8r+Z/hqjGbRFoHHfs+N4LpoHFwKap8zjgbn46Pt7AD+ytNWyYt+3YAy+Rk
845+dUCWcr7K12r/GA9+y49413uy1z+XY2fq55+rj2oKj6PbCFSb8NrAh7+52z+a
ULnwviKEKt1bKz9yci2fnUXLLvrs3vzRmdVGbZYnuOWQnkxvyJJXZXDwJS5kxCFU
vRmIoPGNYzwkfp6FBRkdXpTXnaWN2jkXLYdNS/ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRtvTVcqxEVQvKfPkth1zSFUtXUozAfBgNVHSMEGDAWgBQlR19a2ezP9pw1
pjDc/yxaZj/XzzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pVZGZXdG5zel9hY05hWXczUDhzV21ZXzE4OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvYmZlYzA4LThjYmUtNGM0NS04ZGIxLTRkNDZjNmE3MDEwYS8x
L2JiMDFYS3NSRlVMeW56NUxZZGMwaFZMVjFLTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
YmZlYzA4LThjYmUtNGM0NS04ZGIxLTRkNDZjNmE3MDEwYS8xL0pVZGZXdG5zel9h
Y05hWXczUDhzV21ZXzE4OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArkUJDANBgkqhkiG9w0BAQsFAAOC
AQEAV3/kH5nDJjRRCBzw6mvWkPXF5aLMHxHoClImPD5eeKX9mXsCJPz5vuAJCmZ/
OgMFj74daksCf3qTVSYrOnJfnHeA7J2OfOnBCJvr0V5flffYoa/mnp1hPxdvMTaG
tg6Uuaim1IfUtBqqctzFK4YIlfhk15epjpf8XxIEnt0mux9IwQPk9A3vMQ2rKBJH
HRsypEUl9vmH+lwBG3a2KPZgI3l3T5gh+B2BhuvPHx4+0kKmISrAYcHt8omT85uB
jDThixN/eZv3/3+4Hxs2bUbiHRV83TDwqj7vRojzJni1/hi4cQe87CH9XxBPeBdU
kSblGP+iO7Ak/9vrcAYpoLHBwg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:52 2024 by rpki-client on console-fra.rpki-client.org