Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/f6f339-8455-4db4-a650-7f78a3baa7c1/1/Bf9QW3eQQATu4r9q-hPKkPeqv14.roa
File: Bf9QW3eQQATu4r9q-hPKkPeqv14.roa (raw, json)
Hash identifier: uAltMmBX3A5aZB3ftTOg9gAPdRKXMjJW0uWknC+fLdw=
Subject key identifier: 05:FF:50:5B:77:90:40:04:EE:E2:BF:6A:FA:13:CA:90:F7:AA:BF:5E
Certificate issuer: /CN=2688ef373f8f00e01c25cf924b4f2e8ec6a219d1
Certificate serial: 4155B4C8
Authority key identifier: 26:88:EF:37:3F:8F:00:E0:1C:25:CF:92:4B:4F:2E:8E:C6:A2:19:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JojvNz-PAOAcJc-SS08ujsaiGdE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/f6f339-8455-4db4-a650-7f78a3baa7c1/1/Bf9QW3eQQATu4r9q-hPKkPeqv14.roa
Signing time: Sat 01 Jan 2022 11:57:58 +0000
ROA not before: Sat 01 Jan 2022 11:57:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51906
IP address blocks: 31.204.112.0/20 maxlen: 24
79.171.56.0/21 maxlen: 24
91.106.0.0/20 maxlen: 24
146.66.224.0/21 maxlen: 24
185.2.120.0/22 maxlen: 24
176.241.160.0/20 maxlen: 24
37.130.128.0/20 maxlen: 24
2a00:7380::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1096135880 (0x4155b4c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2688ef373f8f00e01c25cf924b4f2e8ec6a219d1
Validity
Not Before: Jan 1 11:57:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=05ff505b77904004eee2bf6afa13ca90f7aabf5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:4b:01:9b:d9:fc:89:59:fc:31:d0:a4:c1:e1:
3f:28:3f:18:73:cf:83:fa:44:f5:97:34:8b:60:29:
57:d0:56:91:97:62:36:ec:38:c8:c9:12:44:86:eb:
9d:41:96:9e:74:08:f9:f1:15:f2:1f:36:4b:af:07:
cf:d7:75:8c:2b:56:c9:bb:8f:9c:fa:0c:69:52:f5:
37:e9:7c:5e:80:c1:0c:9e:6e:a0:a4:c4:0c:c7:2f:
ee:e2:39:e7:29:9b:f6:c5:40:c2:c1:cb:b5:c7:80:
ac:7c:9c:8c:1a:fc:5b:08:b4:10:73:f5:b8:2a:a2:
2b:63:35:28:11:e4:fb:a7:aa:15:4c:50:6c:70:ea:
18:4c:0c:a8:fc:ff:c5:86:a7:e7:82:96:53:47:3e:
c7:95:25:66:24:fd:5a:12:4c:aa:19:84:1b:6c:08:
05:8a:b7:db:e8:77:18:34:01:4b:3b:f9:4b:ea:72:
7e:d9:1e:4c:06:60:f1:34:94:44:4c:95:ce:4b:9a:
ff:be:9f:f5:38:a3:ca:ed:d4:7a:3e:4d:ec:34:45:
da:8f:bf:ac:51:7f:fe:c2:4b:bd:03:fc:eb:ee:1f:
19:42:51:59:88:a7:f0:cc:db:33:02:cd:0f:4d:49:
d2:e5:ad:93:8f:6d:38:f2:ab:b7:75:67:0c:bf:b5:
84:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:FF:50:5B:77:90:40:04:EE:E2:BF:6A:FA:13:CA:90:F7:AA:BF:5E
X509v3 Authority Key Identifier:
keyid:26:88:EF:37:3F:8F:00:E0:1C:25:CF:92:4B:4F:2E:8E:C6:A2:19:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JojvNz-PAOAcJc-SS08ujsaiGdE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/f6f339-8455-4db4-a650-7f78a3baa7c1/1/Bf9QW3eQQATu4r9q-hPKkPeqv14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/f6f339-8455-4db4-a650-7f78a3baa7c1/1/JojvNz-PAOAcJc-SS08ujsaiGdE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.204.112.0/20
37.130.128.0/20
79.171.56.0/21
91.106.0.0/20
146.66.224.0/21
176.241.160.0/20
185.2.120.0/22
IPv6:
2a00:7380::/32
Signature Algorithm: sha256WithRSAEncryption
21:2c:b1:9c:a6:0e:f5:5a:ba:0d:b3:13:80:74:06:05:8b:46:
52:ab:de:7b:72:61:d5:49:c8:be:52:81:08:eb:dc:ef:10:4d:
35:a3:90:8a:1f:8d:e9:2a:c7:08:40:a0:db:30:d7:d3:13:4c:
ef:58:55:d6:06:fa:c5:2a:52:4a:be:7d:d6:c1:13:60:f5:7a:
80:f9:70:3a:04:b3:3b:21:10:ab:90:1f:ee:78:4c:18:9e:d9:
77:10:83:38:2c:63:d4:cc:c8:e7:fb:82:b7:04:c6:28:8f:ce:
01:59:d3:7f:3c:50:7a:78:03:4e:65:77:d7:e6:63:c5:5e:95:
c2:12:b1:5d:43:70:2a:09:b5:e8:41:d2:b1:3c:57:93:2b:64:
c0:59:cd:1b:47:60:68:15:89:90:98:0f:71:71:00:05:02:a8:
18:fd:db:69:e7:87:be:92:dd:31:75:3c:a8:92:80:04:90:7e:
10:5d:4c:7f:1b:2e:ba:63:17:71:a2:71:b1:1e:3b:1a:7a:ad:
cf:e3:f9:2f:ca:be:e9:fa:f8:fb:10:51:5a:48:55:b6:2e:b7:
05:e4:a0:c0:b6:31:38:88:fd:6b:26:49:99:3b:c0:09:00:c2:
0d:04:97:d3:55:f0:ed:83:56:f4:9f:5e:49:e1:b1:d7:3f:92:
dd:4c:ce:5f
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEQVW0yDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
Njg4ZWYzNzNmOGYwMGUwMWMyNWNmOTI0YjRmMmU4ZWM2YTIxOWQxMB4XDTIyMDEw
MTExNTc1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDVmZjUwNWI3Nzkw
NDAwNGVlZTJiZjZhZmExM2NhOTBmN2FhYmY1ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOVLAZvZ/IlZ/DHQpMHhPyg/GHPPg/pE9Zc0i2ApV9BWkZdi
Nuw4yMkSRIbrnUGWnnQI+fEV8h82S68Hz9d1jCtWybuPnPoMaVL1N+l8XoDBDJ5u
oKTEDMcv7uI55ymb9sVAwsHLtceArHycjBr8Wwi0EHP1uCqiK2M1KBHk+6eqFUxQ
bHDqGEwMqPz/xYan54KWU0c+x5UlZiT9WhJMqhmEG2wIBYq32+h3GDQBSzv5S+py
ftkeTAZg8TSUREyVzkua/76f9Tijyu3Uej5N7DRF2o+/rFF//sJLvQP86+4fGUJR
WYin8MzbMwLND01J0uWtk49tOPKrt3VnDL+1hCMCAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBQF/1Bbd5BABO7iv2r6E8qQ96q/XjAfBgNVHSMEGDAWgBQmiO83P48A4Bwl
z5JLTy6OxqIZ0TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pvanZOei1QQU9BY0pjLVNTMDh1anNhaUdkRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2MvZjZmMzM5LTg0NTUtNGRiNC1hNjUwLTdmNzhhM2JhYTdjMS8x
L0JmOVFXM2VRUUFUdTRyOXEtaFBLa1BlcXYxNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Mv
ZjZmMzM5LTg0NTUtNGRiNC1hNjUwLTdmNzhhM2JhYTdjMS8xL0pvanZOei1QQU9B
Y0pjLVNTMDh1anNhaUdkRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEBB/McAMEBCWCgAMEA0+rOAMEBFtq
AAMEA5JC4AMEBLDxoAMEArkCeDANBAIAAjAHAwUAKgBzgDANBgkqhkiG9w0BAQsF
AAOCAQEAISyxnKYO9Vq6DbMTgHQGBYtGUqvee3Jh1UnIvlKBCOvc7xBNNaOQih+N
6SrHCECg2zDX0xNM71hV1gb6xSpSSr591sETYPV6gPlwOgSzOyEQq5Af7nhMGJ7Z
dxCDOCxj1MzI5/uCtwTGKI/OAVnTfzxQengDTmV31+ZjxV6VwhKxXUNwKgm16EHS
sTxXkytkwFnNG0dgaBWJkJgPcXEABQKoGP3baeeHvpLdMXU8qJKABJB+EF1Mfxsu
umMXcaJxsR47Gnqtz+P5L8q+6fr4+xBRWkhVti63BeSgwLYxOIj9ayZJmTvACQDC
DQSX01Xw7YNW9J9eSeGx1z+S3UzOXw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:45 2024 by rpki-client on console-ams.rpki-client.org