Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/BhGdVX8xDBgUFIJC9UCCfDMKfVU.roa
File: BhGdVX8xDBgUFIJC9UCCfDMKfVU.roa (raw, json)
Hash identifier: ipWRxKJUTHwoP2ocib8m0j8iE365UNquWzovwm3SO58=
Subject key identifier: 06:11:9D:55:7F:31:0C:18:14:14:82:42:F5:40:82:7C:33:0A:7D:55
Certificate issuer: /CN=cdb83cfe5489835f294d0af4dd4db6e3dc25f1f3
Certificate serial: 06418AAA
Authority key identifier: CD:B8:3C:FE:54:89:83:5F:29:4D:0A:F4:DD:4D:B6:E3:DC:25:F1:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/BhGdVX8xDBgUFIJC9UCCfDMKfVU.roa
Signing time: Sat 01 Jan 2022 11:01:05 +0000
ROA not before: Sat 01 Jan 2022 11:01:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2647
IP address blocks: 57.100.0.0/16 maxlen: 16
57.68.10.0/24 maxlen: 24
57.68.0.0/15 maxlen: 32
57.77.0.0/16 maxlen: 32
57.70.0.0/16 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104958634 (0x6418aaa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdb83cfe5489835f294d0af4dd4db6e3dc25f1f3
Validity
Not Before: Jan 1 11:01:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=06119d557f310c1814148242f540827c330a7d55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:74:2d:f7:f4:48:cf:fd:93:8f:d5:33:f8:ba:
45:41:85:dc:09:f3:a3:ec:44:c1:bb:0e:5e:8b:23:
c6:1d:c9:cb:6d:21:da:bc:d4:96:c5:3f:44:fa:08:
b9:7e:ed:17:4c:2f:51:85:ef:61:2d:50:78:a3:57:
8a:b0:c2:15:f0:fd:0d:67:2e:ef:0b:73:e9:c9:1d:
9b:74:21:27:f7:36:cf:9b:68:73:d3:3d:df:76:78:
75:19:ac:67:2f:11:cc:58:fe:3b:08:0b:92:2f:23:
c4:c0:d6:e7:f9:8b:b7:75:ef:50:09:99:d9:11:e6:
ac:20:41:52:02:d0:e0:00:d2:6d:8d:fa:27:0c:36:
61:d2:19:9c:10:b2:a6:5c:65:d0:64:30:39:2b:26:
9c:43:d9:20:dc:64:c5:87:0e:4b:47:8d:81:a0:47:
a5:9c:6c:bc:d4:0d:c9:2d:46:43:69:41:53:77:84:
df:b9:4c:32:ce:ed:cb:1b:48:b4:97:a6:0e:b2:77:
0c:37:27:60:7a:a9:7e:51:ba:92:39:7b:7f:3d:10:
92:2e:1d:ac:c1:ac:6d:2f:a9:a7:5b:1c:e4:df:42:
0b:90:83:c0:0b:eb:29:6a:e0:57:26:6e:48:b7:5b:
7f:39:20:f3:bc:d0:4e:7d:34:3f:34:4a:14:fa:f6:
15:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:11:9D:55:7F:31:0C:18:14:14:82:42:F5:40:82:7C:33:0A:7D:55
X509v3 Authority Key Identifier:
keyid:CD:B8:3C:FE:54:89:83:5F:29:4D:0A:F4:DD:4D:B6:E3:DC:25:F1:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/BhGdVX8xDBgUFIJC9UCCfDMKfVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/zbg8_lSJg18pTQr03U2249wl8fM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.68.0.0-57.70.255.255
57.77.0.0/16
57.100.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2b:5c:59:54:55:ff:1d:c3:21:c8:aa:2d:b2:eb:dc:9a:af:07:
c4:dd:75:ca:76:c6:4c:ad:ca:5b:fb:93:39:2d:ed:ca:c1:aa:
c8:9b:82:e9:b7:34:44:34:ca:7a:f6:d7:d6:26:3d:b0:87:b4:
0f:f3:a4:f2:81:d7:ca:e8:a2:41:07:35:fd:3b:e9:48:07:76:
42:ec:c3:94:19:de:f5:9e:09:da:dc:af:2f:11:ca:1d:d3:af:
72:86:d0:3e:d5:a2:e3:50:23:08:fa:ab:38:d5:d0:22:08:41:
2c:26:c7:df:f5:94:67:56:19:1f:f2:58:5e:63:50:30:2d:0b:
7c:13:55:11:df:90:5e:b3:03:75:f6:d9:63:c5:f3:62:6f:d5:
dd:7e:b9:9f:2d:41:88:a1:4f:ec:51:c5:66:83:66:fd:c6:33:
ad:dd:a8:43:1b:ee:53:3f:31:db:87:e5:f3:47:1f:87:02:00:
e5:ac:f1:cf:18:f8:5a:68:0c:c4:57:3a:54:e1:64:d4:9e:f2:
3d:44:04:12:b8:7e:97:60:cd:0d:ed:ae:cf:dd:a2:db:a6:5f:
ad:8f:84:e9:6e:44:59:ec:77:65:16:a3:bf:54:37:11:5b:c1:
84:2b:ca:0c:b2:56:23:ce:df:4d:92:3d:f0:ba:3f:b6:54:f4:
ff:2b:6f:2b
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIEBkGKqjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZGI4M2NmZTU0ODk4MzVmMjk0ZDBhZjRkZDRkYjZlM2RjMjVmMWYzMB4XDTIyMDEw
MTExMDEwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDYxMTlkNTU3ZjMx
MGMxODE0MTQ4MjQyZjU0MDgyN2MzMzBhN2Q1NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALJ0Lff0SM/9k4/VM/i6RUGF3Anzo+xEwbsOXosjxh3Jy20h
2rzUlsU/RPoIuX7tF0wvUYXvYS1QeKNXirDCFfD9DWcu7wtz6ckdm3QhJ/c2z5to
c9M933Z4dRmsZy8RzFj+OwgLki8jxMDW5/mLt3XvUAmZ2RHmrCBBUgLQ4ADSbY36
Jww2YdIZnBCyplxl0GQwOSsmnEPZINxkxYcOS0eNgaBHpZxsvNQNyS1GQ2lBU3eE
37lMMs7tyxtItJemDrJ3DDcnYHqpflG6kjl7fz0Qki4drMGsbS+pp1sc5N9CC5CD
wAvrKWrgVyZuSLdbfzkg87zQTn00PzRKFPr2Fb8CAwEAAaOCAhkwggIVMB0GA1Ud
DgQWBBQGEZ1VfzEMGBQUgkL1QIJ8Mwp9VTAfBgNVHSMEGDAWgBTNuDz+VImDXylN
CvTdTbbj3CXx8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3piZzhfbFNKZzE4cFRRcjAzVTIyNDl3bDhmTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzEvNzM5NzE2LTlhZjItNDdmNS1hNmYxLWEzYjc0Zjk2NDFhYy8x
L0JoR2RWWDh4REJnVUZJSkM5VUNDZkRNS2ZWVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzEv
NzM5NzE2LTlhZjItNDdmNS1hNmYxLWEzYjc0Zjk2NDFhYy8xL3piZzhfbFNKZzE4
cFRRcjAzVTIyNDl3bDhmTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAv
BggrBgEFBQcBBwEB/wQgMB4wHAQCAAEwFjAKAwMCOUQDAwA5RgMDADlNAwMAOWQw
DQYJKoZIhvcNAQELBQADggEBACtcWVRV/x3DIciqLbLr3JqvB8Tddcp2xkytylv7
kzkt7crBqsibgum3NEQ0ynr219YmPbCHtA/zpPKB18rookEHNf076UgHdkLsw5QZ
3vWeCdrcry8Ryh3Tr3KG0D7VouNQIwj6qzjV0CIIQSwmx9/1lGdWGR/yWF5jUDAt
C3wTVRHfkF6zA3X22WPF82Jv1d1+uZ8tQYihT+xRxWaDZv3GM63dqEMb7lM/MduH
5fNHH4cCAOWs8c8Y+FpoDMRXOlThZNSe8j1EBBK4fpdgzQ3trs/dotumX62PhOlu
RFnsd2UWo79UNxFbwYQrygyyViPO302SPfC6P7ZU9P8rbys=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:44 2024 by rpki-client on console-fra.rpki-client.org