Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/a9916a-13bf-4770-8e44-58b6a5784ab7/1/Bo6AWX8ntnopWfazQ4ujcsCNlf4.roa
File: Bo6AWX8ntnopWfazQ4ujcsCNlf4.roa (raw, json)
Hash identifier: yg32YhWPUZSzDqSo5c+DlNXDtpWIcYK6kTcLN/U4yiM=
Subject key identifier: 06:8E:80:59:7F:27:B6:7A:29:59:F6:B3:43:8B:A3:72:C0:8D:95:FE
Certificate issuer: /CN=e8d062a969d2142bb8506a571180b45bd0fab934
Certificate serial: 077722CF
Authority key identifier: E8:D0:62:A9:69:D2:14:2B:B8:50:6A:57:11:80:B4:5B:D0:FA:B9:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6NBiqWnSFCu4UGpXEYC0W9D6uTQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/a9916a-13bf-4770-8e44-58b6a5784ab7/1/Bo6AWX8ntnopWfazQ4ujcsCNlf4.roa
Signing time: Sat 01 Jan 2022 15:04:33 +0000
ROA not before: Sat 01 Jan 2022 15:04:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24663
IP address blocks: 178.23.224.0/21 maxlen: 21
178.23.224.0/22 maxlen: 22
178.23.228.0/22 maxlen: 22
37.200.124.0/22 maxlen: 22
45.150.205.0/24 maxlen: 24
37.200.120.0/22 maxlen: 22
37.200.120.0/21 maxlen: 21
45.150.204.0/23 maxlen: 23
45.150.204.0/24 maxlen: 24
94.127.216.0/22 maxlen: 22
94.127.216.0/21 maxlen: 21
94.127.220.0/22 maxlen: 22
80.250.224.0/20 maxlen: 20
80.250.224.0/21 maxlen: 21
80.250.232.0/21 maxlen: 21
185.30.230.0/23 maxlen: 23
185.30.228.0/22 maxlen: 22
185.30.228.0/23 maxlen: 23
2a03:8080::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 125248207 (0x77722cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8d062a969d2142bb8506a571180b45bd0fab934
Validity
Not Before: Jan 1 15:04:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=068e80597f27b67a2959f6b3438ba372c08d95fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a3:20:f0:14:3e:7d:5e:b8:77:80:55:ca:c3:
30:43:dc:ec:33:21:9c:2d:e3:6c:ba:b0:e4:58:a9:
99:21:97:b1:cc:74:41:4b:62:b5:3d:43:fd:dd:1d:
69:6a:8e:3d:8e:cf:8b:0f:99:87:39:57:96:d3:f8:
f5:af:9b:25:b9:30:d1:07:66:ec:8a:b3:2c:62:30:
1e:b7:68:c7:9f:0a:28:10:4a:e1:a8:0f:64:b1:8d:
33:5d:3a:1c:54:c0:e6:6a:bb:a9:67:95:06:f9:66:
43:4e:48:0c:4a:a9:be:e9:a6:a1:af:4f:f9:55:a5:
5d:48:eb:0b:0c:34:5b:b1:9e:74:fd:38:fe:03:2f:
a8:57:2e:9d:14:d5:c8:4e:ef:55:2f:b6:25:dc:b4:
00:bb:5e:e7:3d:44:2d:33:e9:76:73:dc:95:0f:3f:
9d:59:a7:c3:61:de:38:8e:4e:9d:ca:2b:da:15:df:
c1:66:59:2d:a9:43:64:27:04:64:9b:ba:55:3f:7b:
82:23:f6:26:6c:e5:5c:6e:dc:db:0c:cb:b2:9d:0a:
76:b1:ba:5c:79:8b:bf:5d:67:74:42:2c:74:93:64:
b8:5d:24:ea:d8:f2:12:85:95:45:c3:d5:8f:81:8c:
92:d0:a5:2c:03:0b:20:ed:73:4e:85:2a:92:fb:71:
94:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:8E:80:59:7F:27:B6:7A:29:59:F6:B3:43:8B:A3:72:C0:8D:95:FE
X509v3 Authority Key Identifier:
keyid:E8:D0:62:A9:69:D2:14:2B:B8:50:6A:57:11:80:B4:5B:D0:FA:B9:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6NBiqWnSFCu4UGpXEYC0W9D6uTQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/a9916a-13bf-4770-8e44-58b6a5784ab7/1/Bo6AWX8ntnopWfazQ4ujcsCNlf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/a9916a-13bf-4770-8e44-58b6a5784ab7/1/6NBiqWnSFCu4UGpXEYC0W9D6uTQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.200.120.0/21
45.150.204.0/23
80.250.224.0/20
94.127.216.0/21
178.23.224.0/21
185.30.228.0/22
IPv6:
2a03:8080::/32
Signature Algorithm: sha256WithRSAEncryption
63:19:97:d0:8a:34:c8:da:c2:5e:9e:ee:3c:92:13:28:a8:64:
98:8a:d0:ac:37:e2:e5:7c:e6:97:3e:83:a0:c5:8e:9b:a0:f0:
d8:8c:31:34:ef:16:06:37:dd:67:96:9f:21:1d:37:1f:84:54:
72:95:ba:10:4f:11:5c:cd:ce:23:c0:21:56:e3:ec:e4:70:8e:
6b:f8:14:5a:8e:bf:de:59:1a:8e:d3:a0:1c:ed:f8:6c:92:09:
cf:b2:99:02:66:c1:c2:28:04:58:7c:45:d8:34:16:9a:e8:7e:
ab:3f:2e:c5:af:dc:64:06:1e:b9:5d:a5:09:26:f2:36:66:cc:
71:c2:5e:6d:b8:f2:3c:2f:78:68:ac:55:ca:89:0e:fa:b5:74:
2d:cd:89:78:7f:20:d0:d8:c8:f8:c6:8f:c2:f6:6b:16:fb:90:
7c:10:44:0a:cc:16:12:ba:85:16:18:dc:4d:26:e7:0f:cb:6a:
96:d0:d8:13:cd:9c:0f:12:8f:26:26:25:46:6c:a6:5e:d9:0b:
67:b4:18:1b:f4:25:49:75:b4:12:17:b5:9f:74:6b:bc:bd:3e:
a8:12:5a:0e:04:e5:03:92:9a:b2:06:1a:c9:ba:2e:f2:52:6a:
4d:2f:4f:1b:d0:37:7f:64:4d:31:7d:b3:5d:0c:12:79:5b:46:
4b:81:52:2d
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEB3cizzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
OGQwNjJhOTY5ZDIxNDJiYjg1MDZhNTcxMTgwYjQ1YmQwZmFiOTM0MB4XDTIyMDEw
MTE1MDQzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDY4ZTgwNTk3ZjI3
YjY3YTI5NTlmNmIzNDM4YmEzNzJjMDhkOTVmZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKujIPAUPn1euHeAVcrDMEPc7DMhnC3jbLqw5FipmSGXscx0
QUtitT1D/d0daWqOPY7Piw+ZhzlXltP49a+bJbkw0Qdm7IqzLGIwHrdox58KKBBK
4agPZLGNM106HFTA5mq7qWeVBvlmQ05IDEqpvummoa9P+VWlXUjrCww0W7GedP04
/gMvqFcunRTVyE7vVS+2Jdy0ALte5z1ELTPpdnPclQ8/nVmnw2HeOI5Oncor2hXf
wWZZLalDZCcEZJu6VT97giP2JmzlXG7c2wzLsp0KdrG6XHmLv11ndEIsdJNkuF0k
6tjyEoWVRcPVj4GMktClLAMLIO1zToUqkvtxlKkCAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBQGjoBZfye2eilZ9rNDi6NywI2V/jAfBgNVHSMEGDAWgBTo0GKpadIUK7hQ
alcRgLRb0Pq5NDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZOQmlxV25TRkN1NFVHcFhFWUMwVzlENnVUUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTQvYTk5MTZhLTEzYmYtNDc3MC04ZTQ0LTU4YjZhNTc4NGFiNy8x
L0JvNkFXWDhudG5vcFdmYXpRNHVqY3NDTmxmNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQv
YTk5MTZhLTEzYmYtNDc3MC04ZTQ0LTU4YjZhNTc4NGFiNy8xLzZOQmlxV25TRkN1
NFVHcFhFWUMwVzlENnVUUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAyXIeAMEAS2WzAMEBFD64AMEA15/
2AMEA7IX4AMEArke5DANBAIAAjAHAwUAKgOAgDANBgkqhkiG9w0BAQsFAAOCAQEA
YxmX0Io0yNrCXp7uPJITKKhkmIrQrDfi5Xzmlz6DoMWOm6Dw2IwxNO8WBjfdZ5af
IR03H4RUcpW6EE8RXM3OI8AhVuPs5HCOa/gUWo6/3lkajtOgHO34bJIJz7KZAmbB
wigEWHxF2DQWmuh+qz8uxa/cZAYeuV2lCSbyNmbMccJebbjyPC94aKxVyokO+rV0
Lc2JeH8g0NjI+MaPwvZrFvuQfBBECswWErqFFhjcTSbnD8tqltDYE82cDxKPJiYl
RmymXtkLZ7QYG/QlSXW0Ehe1n3RrvL0+qBJaDgTlA5KasgYaybou8lJqTS9PG9A3
f2RNMX2zXQwSeVtGS4FSLQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:08 2024 by rpki-client on console-ams.rpki-client.org