Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/bb560a-4284-4fc0-b05d-a8be9932aa89/1/bHZydzxzByvcEvUMC8dYOJdr3g4.roa
File: bHZydzxzByvcEvUMC8dYOJdr3g4.roa (raw, json)
Hash identifier: /Vr9SfKXmttnjLk4XRWjoZzhOhrVmiOy7Ci0m4PjFt8=
Subject key identifier: 6C:76:72:77:3C:73:07:2B:DC:12:F5:0C:0B:C7:58:38:97:6B:DE:0E
Certificate issuer: /CN=9017b0bd90827de08d24fef61bcc44862024bf7e
Certificate serial: 0182CC6610664E97B7162EED1190D8290CD6
Authority key identifier: 90:17:B0:BD:90:82:7D:E0:8D:24:FE:F6:1B:CC:44:86:20:24:BF:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kBewvZCCfeCNJP72G8xEhiAkv34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/bb560a-4284-4fc0-b05d-a8be9932aa89/1/bHZydzxzByvcEvUMC8dYOJdr3g4.roa
Signing time: Tue 23 Aug 2022 20:30:16 +0000
ROA not before: Tue 23 Aug 2022 20:30:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210367
IP address blocks: 195.234.49.0/24 maxlen: 24
2a12:840:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:cc:66:10:66:4e:97:b7:16:2e:ed:11:90:d8:29:0c:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9017b0bd90827de08d24fef61bcc44862024bf7e
Validity
Not Before: Aug 23 20:30:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6c7672773c73072bdc12f50c0bc75838976bde0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:52:f0:71:0a:67:ee:57:59:dc:6d:ca:36:aa:
72:cb:1d:fd:2a:77:95:0a:06:89:ab:f8:5a:e4:33:
5d:86:a2:95:fe:43:57:f4:63:15:1d:04:3d:47:a9:
ac:52:c2:29:d7:0b:2e:2f:ab:08:db:cd:8b:fb:d3:
bb:c5:46:23:0c:1d:f9:1c:24:00:2e:fb:e7:12:77:
24:db:3e:35:89:52:3a:07:4e:b7:0b:cf:17:8b:de:
a5:74:8d:51:10:bf:f3:1b:18:a7:86:91:4f:f8:a0:
10:93:59:26:71:aa:d5:4e:e7:24:47:8b:4a:73:31:
d6:3a:ee:1d:5d:9d:6d:70:8e:b9:38:40:89:d3:7d:
d2:e0:a3:86:07:0f:71:c1:b1:bb:d0:23:dd:5f:03:
74:34:58:be:9f:50:43:0d:5b:87:a6:60:fb:32:73:
82:78:ad:a4:01:e6:53:7d:e0:df:8d:b6:6f:37:0d:
dc:31:6f:d6:4d:b6:f1:58:16:bc:85:55:a8:9a:34:
19:76:e0:f4:4e:1f:83:cb:11:64:4b:e1:66:ec:35:
41:ae:a8:81:46:63:2f:09:9c:5a:87:98:52:7f:a8:
bc:db:b3:5f:9a:0e:ca:fc:bd:da:61:22:e2:94:3d:
64:d8:e5:10:1a:94:9d:6c:8c:a5:74:32:f9:ae:24:
92:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:76:72:77:3C:73:07:2B:DC:12:F5:0C:0B:C7:58:38:97:6B:DE:0E
X509v3 Authority Key Identifier:
keyid:90:17:B0:BD:90:82:7D:E0:8D:24:FE:F6:1B:CC:44:86:20:24:BF:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kBewvZCCfeCNJP72G8xEhiAkv34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/bb560a-4284-4fc0-b05d-a8be9932aa89/1/bHZydzxzByvcEvUMC8dYOJdr3g4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/bb560a-4284-4fc0-b05d-a8be9932aa89/1/kBewvZCCfeCNJP72G8xEhiAkv34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.49.0/24
IPv6:
2a12:840:1::/48
Signature Algorithm: sha256WithRSAEncryption
1f:dc:ed:a7:4b:23:69:9b:ec:15:a3:4c:fc:9b:eb:c9:a3:23:
06:84:97:04:8e:a0:14:e4:2f:26:80:9d:63:c9:2f:63:1e:9b:
8b:e2:eb:3f:d5:71:0a:77:03:2e:f3:ce:9c:48:e7:29:45:f1:
eb:7b:64:ab:86:2b:ff:47:fe:f5:aa:76:73:a1:2c:53:df:0a:
0c:8d:69:b2:26:96:b0:3a:3f:d0:b2:4b:20:e1:94:6e:e4:c6:
34:aa:a2:12:3e:42:ac:c4:d0:1a:5a:74:88:bb:a2:63:e1:5f:
1f:79:45:35:c7:75:a9:48:6b:59:4e:f9:0a:be:72:e1:ba:98:
c1:0a:fc:ae:46:ef:b7:8d:81:7e:d1:f5:f2:48:70:71:ee:ab:
5f:e2:3a:14:d5:7a:e1:75:c0:58:06:be:90:a7:a7:9a:a5:3d:
07:66:86:60:b0:46:32:91:6a:d6:07:71:ce:98:20:b8:a5:2c:
f3:b6:4e:cc:4c:83:97:16:7c:63:9a:dc:4e:62:e2:55:0c:97:
43:60:bf:8e:4f:3f:2f:90:2e:5f:a2:50:a2:01:e0:b0:6e:7a:
75:56:97:24:c2:fa:4f:31:66:4e:80:2c:b4:2e:0b:5a:9d:b1:
df:61:60:cb:70:af:91:7b:4a:a5:6a:61:0e:aa:58:40:ec:0d:
dd:7c:29:c1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYLMZhBmTpe3Fi7tEZDYKQzWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwMTdiMGJkOTA4MjdkZTA4ZDI0ZmVmNjFiY2M0NDg2MjAy
NGJmN2UwHhcNMjIwODIzMjAzMDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yzc2NzI3NzNjNzMwNzJiZGMxMmY1MGMwYmM3NTgzODk3NmJkZTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVLwcQpn7ldZ3G3KNqpyyx39KneV
CgaJq/ha5DNdhqKV/kNX9GMVHQQ9R6msUsIp1wsuL6sI282L+9O7xUYjDB35HCQA
LvvnEnck2z41iVI6B063C88Xi96ldI1REL/zGxinhpFP+KAQk1kmcarVTuckR4tK
czHWOu4dXZ1tcI65OECJ033S4KOGBw9xwbG70CPdXwN0NFi+n1BDDVuHpmD7MnOC
eK2kAeZTfeDfjbZvNw3cMW/WTbbxWBa8hVWomjQZduD0Th+DyxFkS+Fm7DVBrqiB
RmMvCZxah5hSf6i827Nfmg7K/L3aYSLilD1k2OUQGpSdbIyldDL5riSSbwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGx2cnc8cwcr3BL1DAvHWDiXa94OMB8GA1UdIwQY
MBaAFJAXsL2Qgn3gjST+9hvMRIYgJL9+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0Jld3ZaQ0NmZUNOSlA3Mkc4eEVoaUFrdjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9iYjU2MGEtNDI4NC00ZmMwLWIwNWQt
YThiZTk5MzJhYTg5LzEvYkhaeWR6eHpCeXZjRXZVTUM4ZFlPSmRyM2c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9iYjU2MGEtNDI4NC00ZmMwLWIwNWQtYThiZTk5MzJhYTg5
LzEva0Jld3ZaQ0NmZUNOSlA3Mkc4eEVoaUFrdjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAw+oxMA8E
AgACMAkDBwAqEghAAAEwDQYJKoZIhvcNAQELBQADggEBAB/c7adLI2mb7BWjTPyb
68mjIwaElwSOoBTkLyaAnWPJL2Mem4vi6z/VcQp3Ay7zzpxI5ylF8et7ZKuGK/9H
/vWqdnOhLFPfCgyNabImlrA6P9CySyDhlG7kxjSqohI+QqzE0BpadIi7omPhXx95
RTXHdalIa1lO+Qq+cuG6mMEK/K5G77eNgX7R9fJIcHHuq1/iOhTVeuF1wFgGvpCn
p5qlPQdmhmCwRjKRatYHcc6YILilLPO2TsxMg5cWfGOa3E5i4lUMl0Ngv45PPy+Q
Ll+iUKIB4LBuenVWlyTC+k8xZk6ALLQuC1qdsd9hYMtwr5F7SqVqYQ6qWEDsDd18
KcE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:19 2024 by rpki-client on console-fra.rpki-client.org