Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/bQdwMx_cp5ylVaTTcC70J5NxtnQ.roa
File: bQdwMx_cp5ylVaTTcC70J5NxtnQ.roa (raw, json)
Hash identifier: bahQSFPMVmoOUFaw3ErgVQmZSazbM2OjQHsWZ/xu150=
Subject key identifier: 6D:07:70:33:1F:DC:A7:9C:A5:55:A4:D3:70:2E:F4:27:93:71:B6:74
Certificate issuer: /CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
Certificate serial: 01821AA87247AA50AEDAAFC90094AD016DD3
Authority key identifier: 4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/bQdwMx_cp5ylVaTTcC70J5NxtnQ.roa
Signing time: Wed 20 Jul 2022 08:10:23 +0000
ROA not before: Wed 20 Jul 2022 08:10:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12975
IP address blocks: 213.244.121.0/24 maxlen: 24
103.215.4.0/22 maxlen: 22
103.196.120.0/22 maxlen: 22
139.190.176.0/20 maxlen: 20
213.244.71.0/24 maxlen: 24
213.244.70.0/23 maxlen: 24
213.244.70.0/24 maxlen: 24
83.244.78.0/24 maxlen: 24
213.244.76.0/24 maxlen: 24
83.244.75.0/24 maxlen: 24
83.244.74.0/24 maxlen: 24
83.244.73.0/24 maxlen: 24
213.244.73.0/24 maxlen: 24
213.244.72.0/21 maxlen: 24
213.244.72.0/24 maxlen: 24
83.244.79.0/24 maxlen: 24
103.206.108.0/22 maxlen: 22
24.42.64.0/18 maxlen: 18
45.127.179.0/24 maxlen: 24
45.127.178.0/24 maxlen: 24
45.127.177.0/24 maxlen: 24
45.127.176.0/22 maxlen: 22
45.127.176.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:1a:a8:72:47:aa:50:ae:da:af:c9:00:94:ad:01:6d:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
Validity
Not Before: Jul 20 08:10:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6d0770331fdca79ca555a4d3702ef4279371b674
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c6:35:b5:dd:11:e1:dc:69:05:07:58:75:5c:
00:15:10:8b:bf:9d:9e:41:75:94:b4:a7:16:a2:b6:
88:d3:16:08:c2:f8:04:6e:4a:21:fc:03:62:5d:8a:
55:81:8e:76:e2:da:da:de:35:eb:b2:9f:94:21:64:
82:33:7d:e3:8c:0c:f3:f6:54:2e:ee:4e:15:42:27:
59:5d:69:b2:16:ae:dd:ad:91:20:ae:03:fb:ca:74:
1d:0d:9d:6f:13:b3:56:6d:71:29:cf:53:b9:8c:8f:
1e:88:1a:a0:a1:cc:65:a4:94:14:9e:8a:f6:2d:11:
19:b9:ee:1a:c9:b0:bd:9b:9e:46:bd:c1:98:6f:00:
84:64:8e:cd:4a:55:16:6d:c3:62:24:3d:22:b4:50:
de:7a:a1:2c:63:ae:22:07:d3:2d:c1:04:5c:eb:04:
e5:9b:ef:3e:68:b4:27:4a:e2:87:a7:96:72:bb:33:
fb:c4:8b:fc:c9:71:7a:5f:76:43:d3:6a:93:23:79:
ed:f4:2e:c2:fb:d6:42:76:51:c6:c9:e8:cd:cf:6f:
61:50:03:6d:a7:ff:12:61:57:d7:10:1e:d9:49:25:
5a:a2:d8:b7:8e:18:09:c4:0b:4c:aa:52:5a:6b:43:
39:05:89:d1:a6:ac:07:1f:ea:b3:5a:d0:28:42:76:
52:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:07:70:33:1F:DC:A7:9C:A5:55:A4:D3:70:2E:F4:27:93:71:B6:74
X509v3 Authority Key Identifier:
keyid:4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/bQdwMx_cp5ylVaTTcC70J5NxtnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/TDfyfrSZezvvnygmajlpQFD-dPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
24.42.64.0/18
45.127.176.0/22
83.244.73.0-83.244.75.255
83.244.78.0/23
103.196.120.0/22
103.206.108.0/22
103.215.4.0/22
139.190.176.0/20
213.244.70.0-213.244.79.255
213.244.121.0/24
Signature Algorithm: sha256WithRSAEncryption
81:85:50:3a:69:5f:cf:d5:b4:9a:60:10:99:32:4e:89:33:9b:
a6:cc:4b:a6:1d:5a:60:5f:af:d7:71:af:af:4b:81:f1:5c:70:
0a:e2:1c:f6:fc:7a:1d:d1:33:43:22:b3:ab:45:c4:1d:cc:a8:
7b:70:cc:dd:f7:58:41:63:0f:13:52:a7:e2:b7:40:02:0b:aa:
28:9f:c2:7f:50:1e:82:53:ad:0c:ef:eb:a0:26:04:c7:db:dc:
a7:d7:5b:38:26:0f:bd:4a:68:44:d2:d0:57:a9:40:ba:af:4f:
a7:d7:4b:07:34:17:90:4a:36:9e:35:66:2c:61:73:72:3c:3a:
41:4f:56:37:47:37:8f:5f:1e:f7:88:11:6b:06:b7:95:30:06:
8b:28:9b:9c:bb:80:6f:a0:9e:d0:b1:b9:ec:74:cc:17:5f:21:
c6:7b:3f:28:8d:01:f1:01:0a:5c:57:7e:fc:5d:3f:fa:8b:18:
92:42:7a:78:5d:59:cb:c4:ef:49:be:12:7d:70:dd:b2:6c:da:
71:66:4e:39:60:02:f9:df:5b:c8:53:41:18:4f:08:5d:55:f6:
1c:ea:02:ba:4d:5f:a6:46:61:80:1d:59:37:63:4e:8e:24:85:
39:1c:3f:3d:48:60:01:10:66:0a:56:9a:3c:9a:ae:e5:e0:19:
f7:d0:0b:c9
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYIaqHJHqlCu2q/JAJStAW3TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzdmMjdlYjQ5OTdiM2JlZjlmMjgyNjZhMzk2OTQwNTBm
ZTc0ZjkwHhcNMjIwNzIwMDgxMDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDA3NzAzMzFmZGNhNzljYTU1NWE0ZDM3MDJlZjQyNzkzNzFiNjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosY1td0R4dxpBQdYdVwAFRCLv52e
QXWUtKcWoraI0xYIwvgEbkoh/ANiXYpVgY524tra3jXrsp+UIWSCM33jjAzz9lQu
7k4VQidZXWmyFq7drZEgrgP7ynQdDZ1vE7NWbXEpz1O5jI8eiBqgocxlpJQUnor2
LREZue4aybC9m55GvcGYbwCEZI7NSlUWbcNiJD0itFDeeqEsY64iB9MtwQRc6wTl
m+8+aLQnSuKHp5ZyuzP7xIv8yXF6X3ZD02qTI3nt9C7C+9ZCdlHGyejNz29hUANt
p/8SYVfXEB7ZSSVaoti3jhgJxAtMqlJaa0M5BYnRpqwHH+qzWtAoQnZSaQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFG0HcDMf3KecpVWk03Au9CeTcbZ0MB8GA1UdIwQY
MBaAFEw38n60mXs7758oJmo5aUBQ/nT5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERmeWZyU1plenZ2bnlnbWFqbHBRRkQtZFBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8wOWNlYTAtZWYyYi00ZjIwLWExOWEt
ZWI1YTYyN2U3NmEzLzEvYlFkd014X2NwNXlsVmFUVGNDNzBKNU54dG5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8wOWNlYTAtZWYyYi00ZjIwLWExOWEtZWI1YTYyN2U3NmEz
LzEvVERmeWZyU1plenZ2bnlnbWFqbHBRRkQtZFBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQGGCpAAwQC
LX+wMAwDBABT9EkDBAJT9EgDBAFT9E4DBAJnxHgDBAJnzmwDBAJn1wQDBASLvrAw
DAMEAdX0RgMEBNX0QAMEANX0eTANBgkqhkiG9w0BAQsFAAOCAQEAgYVQOmlfz9W0
mmAQmTJOiTObpsxLph1aYF+v13Gvr0uB8VxwCuIc9vx6HdEzQyKzq0XEHcyoe3DM
3fdYQWMPE1Kn4rdAAguqKJ/Cf1AeglOtDO/roCYEx9vcp9dbOCYPvUpoRNLQV6lA
uq9Pp9dLBzQXkEo2njVmLGFzcjw6QU9WN0c3j18e94gRawa3lTAGiyibnLuAb6Ce
0LG57HTMF18hxns/KI0B8QEKXFd+/F0/+osYkkJ6eF1Zy8TvSb4SfXDdsmzacWZO
OWAC+d9byFNBGE8IXVX2HOoCuk1fpkZhgB1ZN2NOjiSFORw/PUhgARBmClaaPJqu
5eAZ99ALyQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:10 2024 by rpki-client on console-ams.rpki-client.org