Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Bhhi54Mbh3qqze5ZzOuMVqT4DIQ.roa
File: Bhhi54Mbh3qqze5ZzOuMVqT4DIQ.roa (raw, json)
Hash identifier: MGEC84dfT8b86xF2KteMxxFx9ehj9DtRMqpYB3maWIE=
Subject key identifier: 06:18:62:E7:83:1B:87:7A:AA:CD:EE:59:CC:EB:8C:56:A4:F8:0C:84
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01BE9BA1
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Bhhi54Mbh3qqze5ZzOuMVqT4DIQ.roa
Signing time: Sat 01 Jan 2022 03:57:50 +0000
ROA not before: Sat 01 Jan 2022 03:57:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8851
IP address blocks: 89.213.64.0/18 maxlen: 24
37.252.24.0/21 maxlen: 24
80.240.80.0/20 maxlen: 20
213.210.0.0/18 maxlen: 24
77.107.64.0/18 maxlen: 24
85.159.128.0/21 maxlen: 24
212.38.64.0/19 maxlen: 24
37.98.144.0/22 maxlen: 24
37.98.144.0/21 maxlen: 24
89.213.40.0/21 maxlen: 24
89.213.48.0/20 maxlen: 24
213.218.208.0/20 maxlen: 24
89.31.232.0/21 maxlen: 24
79.99.72.0/21 maxlen: 24
185.20.32.0/22 maxlen: 24
185.20.34.0/24 maxlen: 24
185.20.35.0/24 maxlen: 24
213.218.224.0/19 maxlen: 24
89.213.128.0/17 maxlen: 24
82.163.0.0/19 maxlen: 24
217.144.144.0/20 maxlen: 24
217.145.64.0/20 maxlen: 24
185.49.124.0/22 maxlen: 24
185.24.84.0/22 maxlen: 24
89.213.0.0/21 maxlen: 24
194.105.64.0/19 maxlen: 24
213.130.128.0/19 maxlen: 24
195.128.138.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29268897 (0x1be9ba1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 03:57:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=061862e7831b877aaacdee59cceb8c56a4f80c84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:71:df:e5:92:c4:6d:f3:9b:ad:81:9f:9b:f9:
5d:31:15:82:d5:e3:0f:c5:59:3a:4e:00:df:35:43:
65:46:69:3c:6c:df:13:ae:52:c4:00:84:ff:71:de:
0a:a1:e7:cb:7c:ea:3d:e2:54:f7:88:c1:57:0f:3b:
27:09:c7:18:09:25:d4:32:6c:71:8f:d2:26:cf:e8:
db:de:7b:7b:63:c4:57:03:0d:c3:7e:62:1d:08:cb:
a1:3c:54:7c:d3:fd:ec:fe:a2:5b:2c:79:f2:58:f8:
9a:9d:4c:32:9d:a7:f8:92:e5:7b:f2:e5:85:39:9c:
eb:0e:df:3f:90:4b:02:0f:bd:9c:40:c3:e6:74:5b:
4b:01:d1:f5:58:6f:25:40:e2:26:3e:4d:ad:e7:70:
55:3a:96:3a:ac:54:5e:70:3e:cc:94:bc:ed:49:95:
f3:03:1d:e3:89:b8:cf:37:66:34:7f:08:e1:a7:de:
95:f6:07:53:28:94:ae:0c:95:07:50:e8:a0:b1:03:
13:b6:aa:da:1d:68:97:49:4b:e8:74:47:13:8c:13:
db:d5:95:86:ea:be:2c:ba:73:50:8a:02:be:72:ca:
df:89:51:74:13:7d:21:26:26:8c:c9:f0:38:dd:74:
97:c5:88:b2:ae:97:79:82:44:9a:2a:0a:8e:63:0b:
c7:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:18:62:E7:83:1B:87:7A:AA:CD:EE:59:CC:EB:8C:56:A4:F8:0C:84
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Bhhi54Mbh3qqze5ZzOuMVqT4DIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.144.0/21
37.252.24.0/21
77.107.64.0/18
79.99.72.0/21
80.240.80.0/20
82.163.0.0/19
85.159.128.0/21
89.31.232.0/21
89.213.0.0/21
89.213.40.0-89.213.255.255
185.20.32.0/22
185.24.84.0/22
185.49.124.0/22
194.105.64.0/19
195.128.138.0/24
212.38.64.0/19
213.130.128.0/19
213.210.0.0/18
213.218.208.0-213.218.255.255
217.144.144.0/20
217.145.64.0/20
Signature Algorithm: sha256WithRSAEncryption
1b:36:07:c3:0c:35:f1:ea:5c:cd:c2:25:61:7c:02:2d:5c:3e:
ee:8e:dc:b7:22:b0:c1:42:a5:42:a9:c8:b3:3c:d0:25:e0:22:
15:33:20:a2:43:de:81:89:1c:3f:10:4f:e1:39:a7:f1:74:1c:
25:24:c7:1e:57:cb:8a:22:01:f5:6a:0e:63:90:52:b4:94:99:
70:bf:7c:09:4e:86:e5:5b:a4:ed:14:8a:6a:33:87:1b:b6:14:
a8:e0:d2:ae:83:34:65:e4:43:cd:38:b7:f6:7c:69:64:f3:79:
b0:c3:2c:24:0b:7e:15:b3:1a:a7:2f:d2:72:d7:f5:42:14:0e:
de:44:fd:89:02:00:83:12:e8:65:46:e6:d5:1b:b6:a5:86:a6:
e1:a0:02:0f:91:23:0d:fe:f4:53:e1:76:c3:18:c1:62:e3:ba:
52:34:1f:9f:de:ee:ca:aa:4a:96:f2:7f:02:25:96:1c:7a:76:
7e:f8:db:ef:34:94:75:c1:e5:87:36:c5:f6:03:0f:6b:88:29:
8a:4c:44:62:22:78:cd:62:bc:c8:8a:10:ad:e8:95:e7:a0:b1:
59:a2:b5:e7:92:cd:23:5e:35:52:4d:8a:5d:f0:7e:21:81:fe:
65:8b:fa:fc:05:1c:dd:7e:e9:01:78:9a:72:88:3d:1f:e6:4e:
2d:5a:bb:0f
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgIEAb6boTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZmQzMGQ4YTdlMTJmYzdiZjYyZTBjMTIxZTdjYzIyNmRlYTUzYjliMB4XDTIyMDEw
MTAzNTc1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDYxODYyZTc4MzFi
ODc3YWFhY2RlZTU5Y2NlYjhjNTZhNGY4MGM4NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKhx3+WSxG3zm62Bn5v5XTEVgtXjD8VZOk4A3zVDZUZpPGzf
E65SxACE/3HeCqHny3zqPeJU94jBVw87JwnHGAkl1DJscY/SJs/o2957e2PEVwMN
w35iHQjLoTxUfNP97P6iWyx58lj4mp1MMp2n+JLle/LlhTmc6w7fP5BLAg+9nEDD
5nRbSwHR9VhvJUDiJj5NredwVTqWOqxUXnA+zJS87UmV8wMd44m4zzdmNH8I4afe
lfYHUyiUrgyVB1DooLEDE7aq2h1ol0lL6HRHE4wT29WVhuq+LLpzUIoCvnLK34lR
dBN9ISYmjMnwON10l8WIsq6XeYJEmioKjmMLx6UCAwEAAaOCApQwggKQMB0GA1Ud
DgQWBBQGGGLngxuHeqrN7lnM64xWpPgMhDAfBgNVHSMEGDAWgBQ/0w2KfhL8e/Yu
DBIefMIm3qU7mzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1A5TU5pbjRTX0h2Mkxnd1NIbnpDSnQ2bE81cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGEvNDlkYzAwLTk3ZTItNDYyOC1hZTM5LTQxMjI4ZTM5ZmY3Yy8x
L0JoaGk1NE1iaDNxcXplNVp6T3VNVnFUNERJUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGEv
NDlkYzAwLTk3ZTItNDYyOC1hZTM5LTQxMjI4ZTM5ZmY3Yy8xL1A5TU5pbjRTX0h2
Mkxnd1NIbnpDSnQ2bE81cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
qQYIKwYBBQUHAQcBAf8EgZkwgZYwgZMEAgABMIGMAwQDJWKQAwQDJfwYAwQGTWtA
AwQDT2NIAwQEUPBQAwQFUqMAAwQDVZ+AAwQDWR/oAwQDWdUAMAsDBANZ1SgDAwFZ
1AMEArkUIAMEArkYVAMEArkxfAMEBcJpQAMEAMOAigMEBdQmQAMEBdWCgAMEBtXS
ADALAwQE1drQAwMA1doDBATZkJADBATZkUAwDQYJKoZIhvcNAQELBQADggEBABs2
B8MMNfHqXM3CJWF8Ai1cPu6O3LcisMFCpUKpyLM80CXgIhUzIKJD3oGJHD8QT+E5
p/F0HCUkxx5Xy4oiAfVqDmOQUrSUmXC/fAlOhuVbpO0Uimozhxu2FKjg0q6DNGXk
Q804t/Z8aWTzebDDLCQLfhWzGqcv0nLX9UIUDt5E/YkCAIMS6GVG5tUbtqWGpuGg
Ag+RIw3+9FPhdsMYwWLjulI0H5/e7sqqSpbyfwIllhx6dn742+80lHXB5Yc2xfYD
D2uIKYpMRGIieM1ivMiKEK3oleegsVmiteeSzSNeNVJNil3wfiGB/mWL+vwFHN1+
6QF4mnKIPR/mTi1auw8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:14 2024 by rpki-client on console-fra.rpki-client.org