Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/16b02c-833a-48f0-ba56-ad6f0bf88438/1/BZ32LYJk98Lg1r1jGJIwCHTha14.roa
File: BZ32LYJk98Lg1r1jGJIwCHTha14.roa (raw, json)
Hash identifier: AI6uuFqhopDiC9eCY/bOydwNrVfJoloy4qjKAam3MeY=
Subject key identifier: 05:9D:F6:2D:82:64:F7:C2:E0:D6:BD:63:18:92:30:08:74:E1:6B:5E
Certificate issuer: /CN=12c889964b35b51ba8e5e679a15b19a31f133578
Certificate serial: 098CAB1B
Authority key identifier: 12:C8:89:96:4B:35:B5:1B:A8:E5:E6:79:A1:5B:19:A3:1F:13:35:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsiJlks1tRuo5eZ5oVsZox8TNXg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/16b02c-833a-48f0-ba56-ad6f0bf88438/1/BZ32LYJk98Lg1r1jGJIwCHTha14.roa
Signing time: Sat 01 Jan 2022 15:05:04 +0000
ROA not before: Sat 01 Jan 2022 15:05:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9051
IP address blocks: 91.245.248.0/22 maxlen: 24
82.146.160.0/19 maxlen: 24
2a0d:b3c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 160213787 (0x98cab1b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c889964b35b51ba8e5e679a15b19a31f133578
Validity
Not Before: Jan 1 15:05:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=059df62d8264f7c2e0d6bd631892300874e16b5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:14:34:08:9d:bb:95:c5:5b:ef:20:ac:c5:24:
39:45:dd:eb:fc:7b:a9:ca:bd:ad:ab:96:1a:d1:5a:
53:53:00:fd:e4:36:c5:0f:f0:9e:9e:ce:96:24:df:
1b:30:5f:81:45:64:b4:e6:92:2e:00:f2:f3:65:12:
1c:ce:13:49:ae:d3:39:ae:aa:9a:c8:dd:50:d0:cd:
7f:b1:d5:be:a1:39:7e:77:48:8a:fa:24:5d:71:52:
ea:4f:94:d3:84:20:7e:41:e5:d0:2d:99:3e:06:d1:
6c:e1:f2:7c:33:58:d2:3c:f4:a2:5e:02:b4:68:32:
b9:0d:bc:67:b5:16:77:db:6c:1d:ad:1b:d8:b1:c1:
e0:28:40:29:03:4a:c3:25:b4:ba:6a:7b:48:75:3d:
4f:17:9c:6d:95:07:52:23:e6:8b:0a:7c:25:b8:f5:
22:67:54:3d:6c:f3:90:75:cc:83:c2:dd:54:d5:f5:
d9:ab:85:21:ab:41:26:9d:6f:b9:c1:18:2c:06:ac:
43:80:3a:a1:9d:d1:5b:f8:c6:cb:2d:00:bd:ef:3b:
d8:c1:34:25:7c:e4:db:cd:4d:62:60:de:a3:41:d0:
10:6f:0c:61:6c:f3:e3:28:80:3a:52:9f:1d:b5:69:
25:c7:28:7d:75:96:b6:f3:fc:00:70:2f:0c:8c:f2:
88:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:9D:F6:2D:82:64:F7:C2:E0:D6:BD:63:18:92:30:08:74:E1:6B:5E
X509v3 Authority Key Identifier:
keyid:12:C8:89:96:4B:35:B5:1B:A8:E5:E6:79:A1:5B:19:A3:1F:13:35:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsiJlks1tRuo5eZ5oVsZox8TNXg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/16b02c-833a-48f0-ba56-ad6f0bf88438/1/BZ32LYJk98Lg1r1jGJIwCHTha14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/16b02c-833a-48f0-ba56-ad6f0bf88438/1/EsiJlks1tRuo5eZ5oVsZox8TNXg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.146.160.0/19
91.245.248.0/22
IPv6:
2a0d:b3c0::/29
Signature Algorithm: sha256WithRSAEncryption
16:17:a2:c1:f6:c0:78:24:fa:f8:79:ab:e7:32:8b:fd:ae:22:
e9:68:70:f3:24:57:9a:ee:5e:12:33:d2:79:1d:8b:a8:46:34:
7c:69:23:01:95:93:07:e8:1b:58:c1:5d:4b:5f:9a:96:f9:26:
e4:90:51:a2:f5:55:90:81:6f:78:e0:34:fc:9c:cd:84:8c:80:
26:76:62:8b:fa:c4:c9:67:3b:89:57:eb:c1:27:5b:74:78:ee:
88:a6:fc:0a:84:ab:f6:98:02:01:c6:58:28:38:3f:f5:a1:2c:
71:59:de:36:d5:fb:e8:e1:cb:dd:6e:34:d1:57:f3:9c:bd:54:
c9:a5:c5:a9:46:ec:f9:89:84:bd:69:19:bb:7f:dc:6e:eb:ae:
dd:f7:c0:1c:c2:b8:52:85:9a:f2:97:5f:69:67:d6:81:9b:bb:
ab:62:0e:10:17:fe:77:a7:08:6b:73:3f:b5:2c:1d:72:57:11:
29:2c:42:f5:fd:c4:1c:27:f2:9f:ba:9a:67:b0:6c:20:6f:bf:
7c:4e:85:19:be:11:89:cd:d5:be:0e:ff:3a:47:24:3d:44:79:
f9:9c:62:9c:60:5c:bf:68:7f:48:cb:5a:81:66:62:69:9e:db:
09:32:f5:d3:1e:c6:3e:47:c2:92:f3:a5:82:52:ad:bb:fb:8c:
f5:ac:22:a7
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECYyrGzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MmM4ODk5NjRiMzViNTFiYThlNWU2NzlhMTViMTlhMzFmMTMzNTc4MB4XDTIyMDEw
MTE1MDUwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDU5ZGY2MmQ4MjY0
ZjdjMmUwZDZiZDYzMTg5MjMwMDg3NGUxNmI1ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJsUNAidu5XFW+8grMUkOUXd6/x7qcq9rauWGtFaU1MA/eQ2
xQ/wnp7OliTfGzBfgUVktOaSLgDy82USHM4TSa7TOa6qmsjdUNDNf7HVvqE5fndI
ivokXXFS6k+U04QgfkHl0C2ZPgbRbOHyfDNY0jz0ol4CtGgyuQ28Z7UWd9tsHa0b
2LHB4ChAKQNKwyW0ump7SHU9TxecbZUHUiPmiwp8Jbj1ImdUPWzzkHXMg8LdVNX1
2auFIatBJp1vucEYLAasQ4A6oZ3RW/jGyy0Ave872ME0JXzk281NYmDeo0HQEG8M
YWzz4yiAOlKfHbVpJccofXWWtvP8AHAvDIzyiDcCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQFnfYtgmT3wuDWvWMYkjAIdOFrXjAfBgNVHSMEGDAWgBQSyImWSzW1G6jl
5nmhWxmjHxM1eDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VzaUpsa3MxdFJ1bzVlWjVvVnNab3g4VE5YZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvMTZiMDJjLTgzM2EtNDhmMC1iYTU2LWFkNmYwYmY4ODQzOC8x
L0JaMzJMWUprOThMZzFyMWpHSkl3Q0hUaGExNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
MTZiMDJjLTgzM2EtNDhmMC1iYTU2LWFkNmYwYmY4ODQzOC8xL0VzaUpsa3MxdFJ1
bzVlWjVvVnNab3g4VE5YZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBVKSoAMEAlv1+DANBAIAAjAHAwUD
Kg2zwDANBgkqhkiG9w0BAQsFAAOCAQEAFheiwfbAeCT6+Hmr5zKL/a4i6Whw8yRX
mu5eEjPSeR2LqEY0fGkjAZWTB+gbWMFdS1+alvkm5JBRovVVkIFveOA0/JzNhIyA
JnZii/rEyWc7iVfrwSdbdHjuiKb8CoSr9pgCAcZYKDg/9aEscVneNtX76OHL3W40
0VfznL1UyaXFqUbs+YmEvWkZu3/cbuuu3ffAHMK4UoWa8pdfaWfWgZu7q2IOEBf+
d6cIa3M/tSwdclcRKSxC9f3EHCfyn7qaZ7BsIG+/fE6FGb4Ric3Vvg7/OkckPUR5
+ZxinGBcv2h/SMtagWZiaZ7bCTL10x7GPkfCkvOlglKtu/uM9awipw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:01 2023 by rpki-client on console-ams.rpki-client.org