Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/bsIW_QJmY6lKFUb8vzSWxjU8JYU.roa
File: bsIW_QJmY6lKFUb8vzSWxjU8JYU.roa (raw, json)
Hash identifier: 3qMYmKRp6mDmVbSqlIr0Q19/wmSyxRJHKFk9sKXt+yA=
Subject key identifier: 6E:C2:16:FD:02:66:63:A9:4A:15:46:FC:BF:34:96:C6:35:3C:25:85
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 018494F50458EC0CB9A990E658AEF8393729
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/bsIW_QJmY6lKFUb8vzSWxjU8JYU.roa
Signing time: Sun 20 Nov 2022 12:13:16 +0000
ROA not before: Sun 20 Nov 2022 12:13:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41944
IP address blocks: 185.14.92.0/24 maxlen: 24
185.14.93.0/24 maxlen: 24
43.251.161.0/24 maxlen: 24
43.251.160.0/24 maxlen: 24
176.100.37.0/24 maxlen: 24
176.100.36.0/24 maxlen: 24
176.100.38.0/24 maxlen: 24
37.114.33.0/24 maxlen: 24
37.114.43.0/24 maxlen: 24
37.114.48.0/24 maxlen: 24
37.114.50.0/24 maxlen: 24
37.114.49.0/24 maxlen: 24
37.114.51.0/24 maxlen: 24
37.114.55.0/24 maxlen: 24
37.114.63.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:94:f5:04:58:ec:0c:b9:a9:90:e6:58:ae:f8:39:37:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Nov 20 12:13:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6ec216fd026663a94a1546fcbf3496c6353c2585
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:49:a0:d9:1a:d5:b4:3c:a9:b6:08:96:51:b6:
ea:a8:ef:29:40:b5:bb:33:f1:e0:79:55:0e:14:cf:
3c:be:fd:2f:d4:5a:6e:1b:5d:8b:93:46:0a:cf:e0:
4f:5b:0f:df:ea:30:d2:cb:be:8d:13:5a:fc:6e:a3:
fb:d9:e4:95:2e:ce:21:0e:9b:c2:da:c8:18:f9:01:
b6:c0:7d:d6:b1:2b:33:c7:62:44:f6:98:25:d9:8b:
72:88:fc:21:14:bc:a2:ae:05:0d:51:09:49:bc:28:
e4:85:b9:1f:85:62:9f:10:b6:af:55:e1:8a:c4:30:
86:c8:b7:97:c6:2d:64:95:3d:05:8b:2e:65:24:ea:
94:1d:28:e7:f3:8d:89:b9:e8:aa:c3:b2:b5:6d:d0:
0c:99:b8:aa:0b:52:ce:64:d1:6d:fd:ba:61:de:e7:
90:2a:ff:68:0b:c3:4c:73:d2:49:d7:f1:71:e2:16:
5f:71:75:69:38:0e:b3:9c:64:ff:8b:b6:39:f5:ee:
59:82:c2:17:93:0c:eb:6b:36:fe:ff:94:95:1f:e2:
01:4f:e6:91:6c:cd:16:27:e5:5f:cc:ed:89:23:fb:
60:b9:90:8d:e9:aa:2b:3a:f1:2b:66:64:3d:df:0f:
89:46:4f:2b:a4:51:16:f2:27:f5:04:ba:14:93:43:
cf:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:C2:16:FD:02:66:63:A9:4A:15:46:FC:BF:34:96:C6:35:3C:25:85
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/bsIW_QJmY6lKFUb8vzSWxjU8JYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.33.0/24
37.114.43.0/24
37.114.48.0/22
37.114.55.0/24
37.114.63.0/24
43.251.160.0/23
176.100.36.0-176.100.38.255
185.14.92.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:7e:23:7a:2c:28:a4:9a:35:a2:65:09:df:5f:00:19:3f:00:
ac:18:f2:5b:16:a5:9c:04:50:18:7c:8c:cd:21:13:f6:94:84:
dd:ce:b5:38:b5:28:37:01:dd:83:4a:74:57:6e:4d:d9:90:81:
59:dc:ea:0b:0d:de:84:70:0a:e4:66:28:65:e6:b6:0f:6f:d1:
55:6e:bc:64:69:a7:13:3f:4c:12:d2:63:c2:cc:1d:bd:4e:f9:
93:3b:77:0c:24:3c:1a:a6:f0:6a:c8:32:cd:62:97:45:f1:5a:
cd:f1:91:c2:25:67:ae:5d:a9:9c:25:21:0c:ed:15:9a:9a:e0:
3a:27:cc:1d:c3:1c:7e:99:5c:c2:b5:c9:0c:5d:3e:f2:f1:e0:
2e:66:74:1e:64:5f:e7:c0:4a:97:ef:6a:7e:f8:79:82:03:a2:
00:8e:81:19:85:8a:04:85:89:e2:aa:da:ee:f5:68:29:b8:5f:
dd:7c:20:84:99:7a:1f:09:39:cc:5e:e4:5f:46:7c:95:6a:82:
b5:ae:e8:3c:c8:bd:21:a5:b7:9c:ba:21:31:85:25:81:b1:75:
f2:cf:42:7b:ed:0a:c2:32:52:23:e1:dd:e6:59:de:5c:b6:79:
8f:29:c8:6b:d2:80:62:39:9e:fb:40:2f:14:8b:1e:e8:09:f5:
bb:c7:8d:14
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYSU9QRY7Ay5qZDmWK74OTcpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjIxMTIwMTIxMzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWMyMTZmZDAyNjY2M2E5NGExNTQ2ZmNiZjM0OTZjNjM1M2MyNTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgEmg2RrVtDyptgiWUbbqqO8pQLW7
M/HgeVUOFM88vv0v1FpuG12Lk0YKz+BPWw/f6jDSy76NE1r8bqP72eSVLs4hDpvC
2sgY+QG2wH3WsSszx2JE9pgl2YtyiPwhFLyirgUNUQlJvCjkhbkfhWKfELavVeGK
xDCGyLeXxi1klT0Fiy5lJOqUHSjn842Jueiqw7K1bdAMmbiqC1LOZNFt/bph3ueQ
Kv9oC8NMc9JJ1/Fx4hZfcXVpOA6znGT/i7Y59e5ZgsIXkwzrazb+/5SVH+IBT+aR
bM0WJ+VfzO2JI/tguZCN6aorOvErZmQ93w+JRk8rpFEW8if1BLoUk0PPGwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFG7CFv0CZmOpShVG/L80lsY1PCWFMB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvYnNJV19RSm1ZNmxLRlViOHZ6U1d4alU4SllVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAJXIhAwQA
JXIrAwQCJXIwAwQAJXI3AwQAJXI/AwQBK/ugMAwDBAKwZCQDBACwZCYDBAG5Dlww
DQYJKoZIhvcNAQELBQADggEBAD5+I3osKKSaNaJlCd9fABk/AKwY8lsWpZwEUBh8
jM0hE/aUhN3OtTi1KDcB3YNKdFduTdmQgVnc6gsN3oRwCuRmKGXmtg9v0VVuvGRp
pxM/TBLSY8LMHb1O+ZM7dwwkPBqm8GrIMs1il0XxWs3xkcIlZ65dqZwlIQztFZqa
4DonzB3DHH6ZXMK1yQxdPvLx4C5mdB5kX+fASpfvan74eYIDogCOgRmFigSFieKq
2u71aCm4X918IISZeh8JOcxe5F9GfJVqgrWu6DzIvSGlt5y6ITGFJYGxdfLPQnvt
CsIyUiPh3eZZ3ly2eY8pyGvSgGI5nvtALxSLHugJ9bvHjRQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:57 2024 by rpki-client on console-fra.rpki-client.org