Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/6efd1b-3e10-4446-92c7-b92cb6113035/1/BPRFC0HQaB2zKwTgi6eLQNBW9Bs.roa
File: BPRFC0HQaB2zKwTgi6eLQNBW9Bs.roa (raw, json)
Hash identifier: Q8q2DjxbjrkKR/meQuRN8jAlf5vbvzrQrMUnlf4QJrM=
Subject key identifier: 04:F4:45:0B:41:D0:68:1D:B3:2B:04:E0:8B:A7:8B:40:D0:56:F4:1B
Certificate issuer: /CN=aa88fae35b66b4de2e41ca5ee077b5ef0b4ab649
Certificate serial: 01826FF2DC8A0E68971E25BD286E4DD9B8A8
Authority key identifier: AA:88:FA:E3:5B:66:B4:DE:2E:41:CA:5E:E0:77:B5:EF:0B:4A:B6:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qoj641tmtN4uQcpe4He17wtKtkk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/6efd1b-3e10-4446-92c7-b92cb6113035/1/BPRFC0HQaB2zKwTgi6eLQNBW9Bs.roa
Signing time: Fri 05 Aug 2022 21:39:23 +0000
ROA not before: Fri 05 Aug 2022 21:39:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59545
IP address blocks: 185.159.250.0/23 maxlen: 24
185.159.248.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:6f:f2:dc:8a:0e:68:97:1e:25:bd:28:6e:4d:d9:b8:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa88fae35b66b4de2e41ca5ee077b5ef0b4ab649
Validity
Not Before: Aug 5 21:39:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=04f4450b41d0681db32b04e08ba78b40d056f41b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ef:8c:81:1a:0c:62:02:14:64:39:76:5b:e3:
dc:9e:e9:9f:a2:2c:92:68:9c:68:f9:bc:4e:96:e8:
e5:cd:29:e1:0d:ca:1b:a6:a8:4e:4c:98:5c:4a:36:
ce:9f:8d:c0:63:ed:41:2d:34:cc:00:a3:65:c3:b5:
c7:23:4e:98:73:11:eb:55:d6:da:a6:a9:8c:e5:5e:
83:47:55:04:69:2f:cc:4d:c5:bf:d9:26:51:93:9f:
e6:6f:ed:5c:1c:bd:a1:2e:85:33:d9:3c:35:fe:2d:
38:ff:5a:b8:06:09:90:45:b1:48:d3:90:00:80:46:
0e:ca:af:bf:19:6f:b7:87:bf:9e:86:a0:44:d0:25:
5f:43:07:6f:c6:66:62:6f:7d:22:f6:54:72:d1:2d:
4b:7d:c5:0b:46:f0:bf:0f:71:a8:b8:2b:63:96:3d:
30:7b:d7:75:cb:de:70:51:de:e7:2b:ca:7a:98:3e:
77:c5:ba:6a:fa:d7:10:c3:7e:f9:70:0a:55:99:0b:
e7:bb:e3:8b:a2:77:71:04:c5:c9:c7:6f:3e:e0:48:
dc:4d:df:07:ab:bb:62:10:3c:5a:61:1f:58:19:da:
b8:7e:1d:d9:76:4a:7b:cd:bc:cb:6b:29:0c:4a:39:
e2:35:6f:d4:d8:26:09:8c:28:06:91:d6:03:b3:97:
5d:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:F4:45:0B:41:D0:68:1D:B3:2B:04:E0:8B:A7:8B:40:D0:56:F4:1B
X509v3 Authority Key Identifier:
keyid:AA:88:FA:E3:5B:66:B4:DE:2E:41:CA:5E:E0:77:B5:EF:0B:4A:B6:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qoj641tmtN4uQcpe4He17wtKtkk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/6efd1b-3e10-4446-92c7-b92cb6113035/1/BPRFC0HQaB2zKwTgi6eLQNBW9Bs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/6efd1b-3e10-4446-92c7-b92cb6113035/1/qoj641tmtN4uQcpe4He17wtKtkk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.159.248.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:69:fc:29:bb:bb:ee:fe:b5:0e:69:69:c6:6f:f7:9e:e8:f8:
16:a1:d6:b1:94:8e:10:8b:11:53:cc:d3:5d:d6:7c:c5:81:33:
35:a8:9c:51:eb:c5:cd:6e:1d:a1:e6:7d:b4:44:fc:44:fd:35:
82:f7:2a:c4:e9:72:bd:04:76:7b:e3:86:19:11:6b:5d:fc:d5:
54:53:58:14:a0:8f:66:b0:16:4a:2b:5e:7f:4d:eb:2f:7f:d8:
09:c1:57:f8:af:3a:64:b7:3e:e4:84:24:03:b2:83:83:4b:3e:
a2:0b:f0:af:6a:7b:7b:1f:77:91:cd:76:0f:80:76:f5:ce:7b:
f2:39:08:4d:f2:4a:eb:8e:ae:6c:1e:cc:bf:13:03:58:ef:ed:
42:fc:2c:77:84:b8:81:4c:b2:5d:06:01:20:12:a3:a3:ee:0c:
eb:74:28:3f:fc:d5:2d:2e:fd:04:12:ac:b9:ba:dd:03:11:d2:
43:5d:ed:cc:36:15:1f:54:cc:dc:f1:e4:bd:a4:54:1d:4d:ae:
fb:84:7c:2a:eb:eb:eb:5c:f2:51:4a:c0:b8:f5:c7:82:77:f0:
b7:28:1a:fd:8c:97:50:9f:23:21:da:4e:f9:22:62:ec:5d:5b:
14:bb:94:a1:83:97:89:41:d1:a9:65:b8:ed:2e:26:ea:35:98:
e2:fd:43:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJv8tyKDmiXHiW9KG5N2bioMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhODhmYWUzNWI2NmI0ZGUyZTQxY2E1ZWUwNzdiNWVmMGI0
YWI2NDkwHhcNMjIwODA1MjEzOTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGY0NDUwYjQxZDA2ODFkYjMyYjA0ZTA4YmE3OGI0MGQwNTZmNDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqu+MgRoMYgIUZDl2W+PcnumfoiyS
aJxo+bxOlujlzSnhDcobpqhOTJhcSjbOn43AY+1BLTTMAKNlw7XHI06YcxHrVdba
pqmM5V6DR1UEaS/MTcW/2SZRk5/mb+1cHL2hLoUz2Tw1/i04/1q4BgmQRbFI05AA
gEYOyq+/GW+3h7+ehqBE0CVfQwdvxmZib30i9lRy0S1LfcULRvC/D3GouCtjlj0w
e9d1y95wUd7nK8p6mD53xbpq+tcQw375cApVmQvnu+OLondxBMXJx28+4EjcTd8H
q7tiEDxaYR9YGdq4fh3Zdkp7zbzLaykMSjniNW/U2CYJjCgGkdYDs5ddcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAT0RQtB0GgdsysE4Iuni0DQVvQbMB8GA1UdIwQY
MBaAFKqI+uNbZrTeLkHKXuB3te8LSrZJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW9qNjQxdG10TjR1UWNwZTRIZTE3d3RLdGtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS82ZWZkMWItM2UxMC00NDQ2LTkyYzct
YjkyY2I2MTEzMDM1LzEvQlBSRkMwSFFhQjJ6S3dUZ2k2ZUxRTkJXOUJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS82ZWZkMWItM2UxMC00NDQ2LTkyYzctYjkyY2I2MTEzMDM1
LzEvcW9qNjQxdG10TjR1UWNwZTRIZTE3d3RLdGtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZ/4MA0G
CSqGSIb3DQEBCwUAA4IBAQAdafwpu7vu/rUOaWnGb/ee6PgWodaxlI4QixFTzNNd
1nzFgTM1qJxR68XNbh2h5n20RPxE/TWC9yrE6XK9BHZ744YZEWtd/NVUU1gUoI9m
sBZKK15/Tesvf9gJwVf4rzpktz7khCQDsoODSz6iC/Cvant7H3eRzXYPgHb1znvy
OQhN8krrjq5sHsy/EwNY7+1C/Cx3hLiBTLJdBgEgEqOj7gzrdCg//NUtLv0EEqy5
ut0DEdJDXe3MNhUfVMzc8eS9pFQdTa77hHwq6+vrXPJRSsC49ceCd/C3KBr9jJdQ
nyMh2k75ImLsXVsUu5Shg5eJQdGpZbjtLibqNZji/UMM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:52 2024 by rpki-client on console-ams.rpki-client.org