Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/BMMK-t9h8u4RDWrovT-BndE_PHM.roa
File: BMMK-t9h8u4RDWrovT-BndE_PHM.roa (raw, json)
Hash identifier: k8dvW5TncUM7sg8icKc9GOmurZnPFz8ks5Jwt+dowBc=
Subject key identifier: 04:C3:0A:FA:DF:61:F2:EE:11:0D:6A:E8:BD:3F:81:9D:D1:3F:3C:73
Certificate issuer: /CN=a62f2d3c269d935227690b28b7fbdd953e1e9edc
Certificate serial: 01856D789C104249DECF5DD17498B312D138
Authority key identifier: A6:2F:2D:3C:26:9D:93:52:27:69:0B:28:B7:FB:DD:95:3E:1E:9E:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pi8tPCadk1InaQsot_vdlT4entw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/BMMK-t9h8u4RDWrovT-BndE_PHM.roa
Signing time: Sun 01 Jan 2023 13:14:58 +0000
ROA not before: Sun 01 Jan 2023 13:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212012
IP address blocks: 91.240.72.0/24 maxlen: 24
185.42.232.0/24 maxlen: 24
185.42.233.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:9c:10:42:49:de:cf:5d:d1:74:98:b3:12:d1:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a62f2d3c269d935227690b28b7fbdd953e1e9edc
Validity
Not Before: Jan 1 13:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=04c30afadf61f2ee110d6ae8bd3f819dd13f3c73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:34:8d:44:71:7e:14:c0:8b:8e:b5:8f:ed:77:
bc:86:59:27:62:8b:ee:0c:35:f7:b7:89:7e:67:40:
75:4f:74:22:0b:87:09:e9:34:c8:80:2e:15:d4:71:
0d:27:22:a5:4a:d1:9e:9b:f9:8f:fe:59:88:d0:9d:
26:f9:71:0f:f2:41:d5:8e:51:41:81:a7:fc:72:22:
5c:e5:4e:f9:3e:40:95:ca:eb:ec:db:24:7d:76:2d:
31:e0:42:ae:bd:77:28:e9:ca:b9:9a:79:61:6a:ba:
37:7c:b4:47:59:ca:34:d4:a7:8d:1d:a2:d6:d2:1d:
b7:d1:dd:70:79:ad:58:79:5a:c8:ae:c9:9b:2e:68:
bd:1e:97:12:5a:2a:42:dd:13:0b:3d:12:8f:61:ac:
ac:45:4c:11:2c:7b:9f:d1:b5:dc:ba:0f:19:b1:8e:
0c:a9:6b:6d:7e:3c:11:4f:83:61:6c:30:7d:51:c5:
ce:0c:d3:dc:1f:8e:6c:7d:93:94:28:48:88:76:16:
88:e9:54:72:37:6d:82:23:95:db:34:64:ae:7e:f7:
57:0f:c7:5e:41:0a:09:96:3e:b8:31:21:96:fa:7e:
94:0e:8c:5b:2b:54:b6:b2:23:88:ab:ff:34:df:5c:
73:2e:f6:ed:26:3b:fd:4e:90:37:20:4f:22:97:d5:
d3:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:C3:0A:FA:DF:61:F2:EE:11:0D:6A:E8:BD:3F:81:9D:D1:3F:3C:73
X509v3 Authority Key Identifier:
keyid:A6:2F:2D:3C:26:9D:93:52:27:69:0B:28:B7:FB:DD:95:3E:1E:9E:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pi8tPCadk1InaQsot_vdlT4entw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/BMMK-t9h8u4RDWrovT-BndE_PHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/325b84-2ed4-4092-906c-100eed812c40/1/pi8tPCadk1InaQsot_vdlT4entw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.72.0/24
185.42.232.0/23
Signature Algorithm: sha256WithRSAEncryption
99:43:7c:c2:40:59:bc:b4:1f:e6:e4:d0:cb:85:62:49:6d:e0:
e3:ac:62:f2:7c:cb:c7:74:2c:f6:ea:ff:69:63:8e:b2:0e:85:
42:34:f5:4f:a1:f9:a7:e6:6f:7f:ab:eb:68:d7:6e:a2:72:61:
37:4f:eb:5e:18:74:6f:9e:96:63:3f:a4:46:f0:76:29:78:68:
1d:50:30:f6:9e:b5:dd:c6:21:de:5b:4e:7b:7b:72:86:aa:8f:
72:1d:35:56:37:4a:72:4c:3c:c5:d8:70:f5:dc:53:7a:02:f7:
a6:4a:3f:a9:f0:b6:13:d8:f1:20:7a:1a:27:73:02:aa:73:8f:
0e:50:13:58:ab:d0:c8:74:7e:68:52:8b:43:9c:f3:a2:16:19:
be:64:13:87:ba:ee:d4:03:5b:16:22:61:2c:06:0e:7f:b6:2c:
c1:8f:fd:f2:0b:7a:34:83:f4:34:8f:cc:9d:13:bd:6f:c4:f6:
48:87:1a:c1:a8:b2:b8:13:c6:3f:6b:f8:2c:7f:55:69:0b:83:
86:21:2b:83:92:02:44:58:74:3e:47:1e:52:0c:e3:43:ec:b7:
46:e5:e7:6c:92:7f:d1:12:89:73:57:2e:14:3d:f7:30:8b:79:
85:f2:4f:85:4c:cf:50:21:d0:f0:5b:7e:e2:22:43:4c:8a:75:
76:e7:6c:28
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVteJwQQknez13RdJizEtE4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MmYyZDNjMjY5ZDkzNTIyNzY5MGIyOGI3ZmJkZDk1M2Ux
ZTllZGMwHhcNMjMwMTAxMTMxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGMzMGFmYWRmNjFmMmVlMTEwZDZhZThiZDNmODE5ZGQxM2YzYzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwzSNRHF+FMCLjrWP7Xe8hlknYovu
DDX3t4l+Z0B1T3QiC4cJ6TTIgC4V1HENJyKlStGem/mP/lmI0J0m+XEP8kHVjlFB
gaf8ciJc5U75PkCVyuvs2yR9di0x4EKuvXco6cq5mnlharo3fLRHWco01KeNHaLW
0h230d1wea1YeVrIrsmbLmi9HpcSWipC3RMLPRKPYaysRUwRLHuf0bXcug8ZsY4M
qWttfjwRT4NhbDB9UcXODNPcH45sfZOUKEiIdhaI6VRyN22CI5XbNGSufvdXD8de
QQoJlj64MSGW+n6UDoxbK1S2siOIq/8031xzLvbtJjv9TpA3IE8il9XT5wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFATDCvrfYfLuEQ1q6L0/gZ3RPzxzMB8GA1UdIwQY
MBaAFKYvLTwmnZNSJ2kLKLf73ZU+Hp7cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGk4dFBDYWRrMUluYVFzb3RfdmRsVDRlbnR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8zMjViODQtMmVkNC00MDkyLTkwNmMt
MTAwZWVkODEyYzQwLzEvQk1NSy10OWg4dTRSRFdyb3ZULUJuZEVfUEhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8zMjViODQtMmVkNC00MDkyLTkwNmMtMTAwZWVkODEyYzQw
LzEvcGk4dFBDYWRrMUluYVFzb3RfdmRsVDRlbnR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW/BIAwQB
uSroMA0GCSqGSIb3DQEBCwUAA4IBAQCZQ3zCQFm8tB/m5NDLhWJJbeDjrGLyfMvH
dCz26v9pY46yDoVCNPVPofmn5m9/q+to126icmE3T+teGHRvnpZjP6RG8HYpeGgd
UDD2nrXdxiHeW057e3KGqo9yHTVWN0pyTDzF2HD13FN6AvemSj+p8LYT2PEgehon
cwKqc48OUBNYq9DIdH5oUotDnPOiFhm+ZBOHuu7UA1sWImEsBg5/tizBj/3yC3o0
g/Q0j8ydE71vxPZIhxrBqLK4E8Y/a/gsf1VpC4OGISuDkgJEWHQ+Rx5SDOND7LdG
5edskn/REolzVy4UPfcwi3mF8k+FTM9QIdDwW37iIkNMinV252wo
-----END CERTIFICATE-----
Generated at Thu Apr 10 00:06:19 2025 by rpki-client