Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/1-bvGJ44ZfP1u-9MZ-sJabCzcL3M.roa
File: 1-bvGJ44ZfP1u-9MZ-sJabCzcL3M.roa (raw, json)
Hash identifier: pY/N7IlAf0ffcCxbnxOpIkZPK0GwfgSsJyi6vk3zkAw=
Subject key identifier: F9:BB:C6:27:8E:19:7C:FD:6E:FB:D3:19:FA:C2:5A:6C:2C:DC:2F:73
Certificate issuer: /CN=bc464ba9d26385f54df6254ac248926d370445b0
Certificate serial: 01830845E7CD22C1E373EFDE2AFF35653E81
Authority key identifier: BC:46:4B:A9:D2:63:85:F5:4D:F6:25:4A:C2:48:92:6D:37:04:45:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vEZLqdJjhfVN9iVKwkiSbTcERbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/1-bvGJ44ZfP1u-9MZ-sJabCzcL3M.roa
Signing time: Sun 04 Sep 2022 11:32:22 +0000
ROA not before: Sun 04 Sep 2022 11:32:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8540
IP address blocks: 185.151.20.0/22 maxlen: 24
45.155.184.0/22 maxlen: 24
185.236.166.0/24 maxlen: 24
185.236.164.0/23 maxlen: 24
2a07:7540::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:08:45:e7:cd:22:c1:e3:73:ef:de:2a:ff:35:65:3e:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc464ba9d26385f54df6254ac248926d370445b0
Validity
Not Before: Sep 4 11:32:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f9bbc6278e197cfd6efbd319fac25a6c2cdc2f73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4e:ed:ad:59:a5:50:40:55:55:9b:0f:4c:d9:
12:74:6f:85:87:5d:71:76:e5:cc:f2:f2:fc:66:2e:
60:e1:b4:c5:0d:28:c4:b5:d4:28:a5:b9:a3:c1:a6:
02:40:93:f3:0b:9b:f6:41:1d:be:55:17:28:cd:5a:
2b:18:4a:91:1c:93:e2:ed:ed:40:b9:69:a9:e7:89:
09:39:5e:59:d3:e2:a2:d6:76:87:fc:75:43:90:77:
67:54:c1:19:0b:53:82:1e:dd:24:41:06:8f:65:ed:
f4:16:f3:16:d3:ab:a7:ab:a0:1a:1f:ab:f0:b4:1e:
c0:f7:f9:9e:a6:d6:b6:8e:b4:58:85:61:a2:16:b8:
91:fb:cb:fc:58:62:b8:c2:d6:5b:5c:a5:e7:4b:ab:
0e:96:ea:29:d6:00:f7:9e:47:41:c9:7a:63:75:d1:
45:96:83:9e:b6:e3:18:2e:07:ba:02:44:d5:42:5b:
d0:23:a9:55:bd:aa:04:8c:9a:2d:66:f3:4e:d0:3e:
80:57:33:fa:c9:58:9d:a4:87:43:f4:5f:3a:96:4e:
32:ed:6c:41:2d:6a:20:ea:b3:ee:fc:41:95:0b:52:
b0:71:5a:de:e7:87:5e:fc:a3:1b:a5:97:76:f2:a8:
07:0b:5b:9f:22:c9:ce:0c:7f:08:62:e2:b5:1b:58:
a8:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:BB:C6:27:8E:19:7C:FD:6E:FB:D3:19:FA:C2:5A:6C:2C:DC:2F:73
X509v3 Authority Key Identifier:
keyid:BC:46:4B:A9:D2:63:85:F5:4D:F6:25:4A:C2:48:92:6D:37:04:45:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vEZLqdJjhfVN9iVKwkiSbTcERbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/1-bvGJ44ZfP1u-9MZ-sJabCzcL3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/vEZLqdJjhfVN9iVKwkiSbTcERbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.184.0/22
185.151.20.0/22
185.236.164.0-185.236.166.255
IPv6:
2a07:7540::/29
Signature Algorithm: sha256WithRSAEncryption
4a:e0:fb:46:3a:a5:fb:f8:4b:92:51:b6:c4:90:00:7a:31:fa:
25:74:c6:23:a9:16:14:30:76:52:b1:9a:25:e9:10:48:9c:f6:
6a:db:91:eb:7d:f0:f7:23:e1:99:19:c0:1b:80:69:b7:00:18:
84:a5:45:c7:7f:d6:b9:e0:87:17:17:87:b5:db:1b:74:18:75:
19:7f:07:03:ec:5e:3f:8f:0f:e6:60:9f:19:9a:8f:07:0c:a1:
39:d0:1b:55:fa:52:98:0b:89:b9:f4:9c:1e:00:de:14:be:1f:
0e:14:d7:93:9b:c9:65:fc:fb:55:c5:38:1a:a9:7b:75:d2:08:
a6:2b:8f:34:9c:d1:d5:6c:f1:65:a6:4d:9a:7e:d4:74:aa:6f:
15:20:de:ac:60:95:09:f8:6c:a8:67:ff:30:15:22:68:52:f3:
ef:a5:df:79:bf:d8:91:c9:73:f2:43:79:4d:4c:03:d9:13:b6:
c3:fe:6d:79:f8:31:d7:a7:75:58:5a:a1:d0:55:84:0b:71:95:
2c:64:55:d5:af:e3:9c:81:eb:a9:e5:60:75:ff:e9:3a:37:e3:
ca:12:cb:5d:c0:a0:d0:65:bb:68:c0:2a:c5:45:d2:7c:98:e1:
ab:43:3e:af:cd:1d:50:3d:56:6c:0f:8c:d7:33:54:b0:6d:bb:
63:52:f7:d4
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYMIRefNIsHjc+/eKv81ZT6BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNDY0YmE5ZDI2Mzg1ZjU0ZGY2MjU0YWMyNDg5MjZkMzcw
NDQ1YjAwHhcNMjIwOTA0MTEzMjIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWJiYzYyNzhlMTk3Y2ZkNmVmYmQzMTlmYWMyNWE2YzJjZGMyZjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsk7trVmlUEBVVZsPTNkSdG+Fh11x
duXM8vL8Zi5g4bTFDSjEtdQopbmjwaYCQJPzC5v2QR2+VRcozVorGEqRHJPi7e1A
uWmp54kJOV5Z0+Ki1naH/HVDkHdnVMEZC1OCHt0kQQaPZe30FvMW06unq6AaH6vw
tB7A9/mepta2jrRYhWGiFriR+8v8WGK4wtZbXKXnS6sOluop1gD3nkdByXpjddFF
loOetuMYLge6AkTVQlvQI6lVvaoEjJotZvNO0D6AVzP6yVidpIdD9F86lk4y7WxB
LWog6rPu/EGVC1KwcVre54de/KMbpZd28qgHC1ufIsnODH8IYuK1G1ioUQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPm7xieOGXz9bvvTGfrCWmws3C9zMB8GA1UdIwQY
MBaAFLxGS6nSY4X1TfYlSsJIkm03BEWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkVaTHFkSmpoZlZOOWlWS3draVNiVGNFUmJBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS81MDFmMmItZmQxZi00NWVhLWI0OTQt
ZDczZGM0YjQxY2UxLzEvMS1idkdKNDRaZlAxdS05TVotc0phYkN6Y0wzTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2EvNTAxZjJiLWZkMWYtNDVlYS1iNDk0LWQ3M2RjNGI0MWNl
MS8xL3ZFWkxxZEpqaGZWTjlpVkt3a2lTYlRjRVJiQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBCBggrBgEFBQcBBwEB/wQzMDEwIAQCAAEwGgMEAi2buAME
ArmXFDAMAwQCueykAwQAueymMA0EAgACMAcDBQMqB3VAMA0GCSqGSIb3DQEBCwUA
A4IBAQBK4PtGOqX7+EuSUbbEkAB6MfoldMYjqRYUMHZSsZol6RBInPZq25HrffD3
I+GZGcAbgGm3ABiEpUXHf9a54IcXF4e12xt0GHUZfwcD7F4/jw/mYJ8Zmo8HDKE5
0BtV+lKYC4m59JweAN4Uvh8OFNeTm8ll/PtVxTgaqXt10gimK480nNHVbPFlpk2a
ftR0qm8VIN6sYJUJ+GyoZ/8wFSJoUvPvpd95v9iRyXPyQ3lNTAPZE7bD/m15+DHX
p3VYWqHQVYQLcZUsZFXVr+Ocgeup5WB1/+k6N+PKEstdwKDQZbtowCrFRdJ8mOGr
Qz6vzR1QPVZsD4zXM1SwbbtjUvfU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:58 2024 by rpki-client on console-fra.rpki-client.org