Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/8afdda-6c6b-4587-8a21-81eb61f5b71e/1/bCmTX0M5uErKE3xboDkO26Q2XFA.roa
File: bCmTX0M5uErKE3xboDkO26Q2XFA.roa (raw, json)
Hash identifier: D8CL+3OFFPbZ0H/IUCU8w3vFK4gVeSEcMFP08HUj5so=
Subject key identifier: 6C:29:93:5F:43:39:B8:4A:CA:13:7C:5B:A0:39:0E:DB:A4:36:5C:50
Certificate issuer: /CN=a26855980b273e5ae57dc1b9eb22e9f5f3a7cdf7
Certificate serial: 1BA4DDF8
Authority key identifier: A2:68:55:98:0B:27:3E:5A:E5:7D:C1:B9:EB:22:E9:F5:F3:A7:CD:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/omhVmAsnPlrlfcG56yLp9fOnzfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/8afdda-6c6b-4587-8a21-81eb61f5b71e/1/bCmTX0M5uErKE3xboDkO26Q2XFA.roa
Signing time: Sat 01 Jan 2022 07:58:32 +0000
ROA not before: Sat 01 Jan 2022 07:58:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 137
IP address blocks: 193.204.0.0/15 maxlen: 15
192.167.0.0/16 maxlen: 16
193.205.16.0/20 maxlen: 20
212.189.128.0/17 maxlen: 17
90.147.0.0/16 maxlen: 16
192.167.59.0/24 maxlen: 24
185.191.180.0/22 maxlen: 22
193.206.0.0/16 maxlen: 16
138.41.0.0/16 maxlen: 16
2001:760::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 463789560 (0x1ba4ddf8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a26855980b273e5ae57dc1b9eb22e9f5f3a7cdf7
Validity
Not Before: Jan 1 07:58:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6c29935f4339b84aca137c5ba0390edba4365c50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:fb:4e:01:02:27:17:ee:92:87:01:99:f3:fa:
36:6d:38:06:1d:ca:22:3d:74:da:69:03:54:43:a1:
b9:e7:76:45:3f:fb:ab:99:2a:79:16:64:3d:72:1d:
0f:7c:71:9d:42:56:ba:a4:3c:a3:5d:14:8d:c1:a2:
24:c6:e1:19:40:05:c6:48:65:4a:20:9f:c4:58:31:
39:bf:e1:84:ec:1f:be:a1:de:10:ef:11:2e:da:7a:
ab:5b:df:fd:5d:82:94:0f:ec:82:cf:c6:f4:22:d1:
65:73:cb:eb:53:f2:01:4e:99:17:37:be:d6:be:fe:
c0:1e:59:7f:3d:c4:6f:17:82:66:0f:0c:c9:41:48:
13:a2:14:12:a1:33:d2:13:d2:f7:ad:d4:6e:ce:c9:
59:a5:3e:70:7d:f7:22:f4:ed:38:1c:ac:c0:a1:67:
44:5b:74:c7:1c:fc:f5:40:a2:c9:1b:65:96:37:06:
b2:59:a0:b1:94:3f:f9:6b:91:1b:00:19:6f:2c:be:
a0:73:b4:88:68:e2:92:64:7e:10:58:66:76:b7:dd:
65:0d:d7:64:83:44:ec:36:f2:d7:41:bb:25:41:6f:
87:4f:d7:ca:84:b9:c6:33:17:c0:b6:a1:c3:37:35:
9b:46:d3:4a:35:be:34:38:5a:c4:5c:65:2d:10:72:
b5:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:29:93:5F:43:39:B8:4A:CA:13:7C:5B:A0:39:0E:DB:A4:36:5C:50
X509v3 Authority Key Identifier:
keyid:A2:68:55:98:0B:27:3E:5A:E5:7D:C1:B9:EB:22:E9:F5:F3:A7:CD:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/omhVmAsnPlrlfcG56yLp9fOnzfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/8afdda-6c6b-4587-8a21-81eb61f5b71e/1/bCmTX0M5uErKE3xboDkO26Q2XFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/8afdda-6c6b-4587-8a21-81eb61f5b71e/1/omhVmAsnPlrlfcG56yLp9fOnzfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.147.0.0/16
138.41.0.0/16
185.191.180.0/22
192.167.0.0/16
193.204.0.0-193.206.255.255
212.189.128.0/17
IPv6:
2001:760::/32
Signature Algorithm: sha256WithRSAEncryption
5a:f2:35:4b:f5:f6:af:06:82:86:cc:ac:14:99:41:c4:13:3c:
9e:e4:eb:a3:c8:5b:cf:e3:5b:b8:3f:26:43:58:cb:04:35:64:
be:00:a1:54:2f:e6:cd:05:e0:94:86:10:8c:c1:3b:69:c1:dd:
51:eb:f1:6d:7d:06:6d:bd:fa:f6:6e:21:b1:34:c3:80:c0:00:
41:62:e9:d8:10:e0:b4:46:37:e6:21:13:bb:93:a0:05:fc:db:
c7:31:0b:c3:d8:2d:9b:ae:21:41:91:89:28:3f:d5:ee:71:98:
8d:b0:8c:b8:87:d4:2c:32:b4:7c:80:ed:13:fb:15:be:dc:e8:
87:03:30:c3:c0:ef:13:02:dc:27:8f:e0:f3:fa:f5:b7:a7:3c:
81:08:1a:4b:52:4f:17:63:97:df:f8:81:15:52:be:4f:a5:6c:
ec:bc:b9:8f:64:5d:4d:95:f3:64:3c:7e:79:30:3f:51:37:e8:
43:60:07:4c:b3:34:67:17:c4:a5:b7:12:88:32:77:3f:10:83:
e7:81:65:e3:bc:09:ff:63:9e:08:33:7b:11:95:f2:ea:ed:c9:
24:ca:cd:3c:86:f3:f7:73:de:fc:b3:37:ce:f5:4c:21:a9:bd:
06:b8:ab:19:0e:a6:ff:ba:e0:b2:22:b6:27:ea:b9:d4:e8:ee:
a2:6f:0c:00
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEG6Td+DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MjY4NTU5ODBiMjczZTVhZTU3ZGMxYjllYjIyZTlmNWYzYTdjZGY3MB4XDTIyMDEw
MTA3NTgzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmMyOTkzNWY0MzM5
Yjg0YWNhMTM3YzViYTAzOTBlZGJhNDM2NWM1MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANX7TgECJxfukocBmfP6Nm04Bh3KIj102mkDVEOhued2RT/7
q5kqeRZkPXIdD3xxnUJWuqQ8o10UjcGiJMbhGUAFxkhlSiCfxFgxOb/hhOwfvqHe
EO8RLtp6q1vf/V2ClA/sgs/G9CLRZXPL61PyAU6ZFze+1r7+wB5Zfz3EbxeCZg8M
yUFIE6IUEqEz0hPS963Ubs7JWaU+cH33IvTtOByswKFnRFt0xxz89UCiyRtlljcG
slmgsZQ/+WuRGwAZbyy+oHO0iGjikmR+EFhmdrfdZQ3XZINE7Dby10G7JUFvh0/X
yoS5xjMXwLahwzc1m0bTSjW+NDhaxFxlLRBytYMCAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBRsKZNfQzm4SsoTfFugOQ7bpDZcUDAfBgNVHSMEGDAWgBSiaFWYCyc+WuV9
wbnrIun186fN9zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29taFZtQXNuUGxybGZjRzU2eUxwOWZPbnpmYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvOGFmZGRhLTZjNmItNDU4Ny04YTIxLTgxZWI2MWY1YjcxZS8x
L2JDbVRYME01dUVyS0UzeGJvRGtPMjZRMlhGQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
OGFmZGRhLTZjNmItNDU4Ny04YTIxLTgxZWI2MWY1YjcxZS8xL29taFZtQXNuUGxy
bGZjRzU2eUxwOWZPbnpmYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wLQQCAAEwJwMDAFqTAwMAiikDBAK5v7QDAwDApzAK
AwMCwcwDAwDBzgMEB9S9gDANBAIAAjAHAwUAIAEHYDANBgkqhkiG9w0BAQsFAAOC
AQEAWvI1S/X2rwaChsysFJlBxBM8nuTro8hbz+NbuD8mQ1jLBDVkvgChVC/mzQXg
lIYQjME7acHdUevxbX0Gbb369m4hsTTDgMAAQWLp2BDgtEY35iETu5OgBfzbxzEL
w9gtm64hQZGJKD/V7nGYjbCMuIfULDK0fIDtE/sVvtzohwMww8DvEwLcJ4/g8/r1
t6c8gQgaS1JPF2OX3/iBFVK+T6Vs7Ly5j2RdTZXzZDx+eTA/UTfoQ2AHTLM0ZxfE
pbcSiDJ3PxCD54Fl47wJ/2OeCDN7EZXy6u3JJMrNPIbz93Pe/LM3zvVMIam9Brir
GQ6m/7rgsiK2J+q51Ojuom8MAA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:43 2023 by rpki-client on console-ams.rpki-client.org