Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/c1afc6-fd95-4555-8625-3fe469db6626/1/BhCxHwbFgPhUXLmSgwL44g03LzQ.roa
File: BhCxHwbFgPhUXLmSgwL44g03LzQ.roa (raw, json)
Hash identifier: zLFGBNOpjTrne1fGFeQa7QJC9IMqo2xhVoFUX2wn14A=
Subject key identifier: 06:10:B1:1F:06:C5:80:F8:54:5C:B9:92:83:02:F8:E2:0D:37:2F:34
Certificate issuer: /CN=96d900b0bc1e5f1b78c65cd83e7a20d8634726b6
Certificate serial: 0F46D83B
Authority key identifier: 96:D9:00:B0:BC:1E:5F:1B:78:C6:5C:D8:3E:7A:20:D8:63:47:26:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ltkAsLweXxt4xlzYPnog2GNHJrY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/c1afc6-fd95-4555-8625-3fe469db6626/1/BhCxHwbFgPhUXLmSgwL44g03LzQ.roa
Signing time: Sat 01 Jan 2022 14:56:43 +0000
ROA not before: Sat 01 Jan 2022 14:56:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42365
IP address blocks: 195.22.155.0/24 maxlen: 24
195.22.154.0/23 maxlen: 23
195.22.154.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 256301115 (0xf46d83b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96d900b0bc1e5f1b78c65cd83e7a20d8634726b6
Validity
Not Before: Jan 1 14:56:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0610b11f06c580f8545cb9928302f8e20d372f34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:0d:50:b7:07:a6:da:61:4c:26:bb:26:bb:6d:
fd:f8:04:76:11:c8:7a:8c:d9:75:ea:39:84:29:c1:
d6:d2:c9:79:7c:68:72:25:8f:b4:d5:cc:77:a9:0c:
d6:7c:31:aa:f2:5d:54:95:c3:60:75:51:d7:14:53:
16:46:86:02:14:35:2c:7c:07:6d:69:16:6d:4e:f3:
10:05:d6:69:e7:4c:2c:7d:28:cf:9d:f6:54:08:ca:
c1:6e:03:20:4d:9c:51:3c:1a:2d:11:34:48:e0:05:
4f:21:23:ac:95:07:30:bc:90:ee:f3:e9:b2:39:8b:
49:67:57:b0:a3:4e:87:cd:7e:dc:91:d2:52:b3:12:
d9:23:17:d1:53:8c:c4:39:97:9c:88:12:06:f0:11:
1d:10:52:3b:13:d7:08:68:d7:04:37:5d:77:db:bd:
9d:de:a9:3c:bb:cd:d8:d4:e0:8a:de:78:3b:0e:3d:
05:63:e6:b7:a3:89:a2:f8:94:12:cf:ad:b5:dc:64:
a9:3b:a7:07:42:34:83:61:68:41:20:a7:61:bc:80:
fe:11:af:38:83:c9:16:c3:51:44:08:ec:83:a6:dc:
0d:2e:ab:4f:7e:eb:13:50:c3:43:ad:78:2a:f4:51:
09:91:e1:ae:a6:8d:08:dc:82:ef:e4:bc:5b:26:30:
3e:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:10:B1:1F:06:C5:80:F8:54:5C:B9:92:83:02:F8:E2:0D:37:2F:34
X509v3 Authority Key Identifier:
keyid:96:D9:00:B0:BC:1E:5F:1B:78:C6:5C:D8:3E:7A:20:D8:63:47:26:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ltkAsLweXxt4xlzYPnog2GNHJrY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c1afc6-fd95-4555-8625-3fe469db6626/1/BhCxHwbFgPhUXLmSgwL44g03LzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c1afc6-fd95-4555-8625-3fe469db6626/1/ltkAsLweXxt4xlzYPnog2GNHJrY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.22.154.0/23
Signature Algorithm: sha256WithRSAEncryption
1a:b0:7e:14:80:0b:64:06:76:81:c0:1e:72:e8:f7:01:57:ed:
f5:81:cb:c2:47:2b:33:f2:7c:d7:b9:07:17:c7:05:cd:ad:69:
f7:a2:8d:e5:41:82:6c:35:64:f8:42:e9:65:17:86:86:fd:f6:
bb:dd:52:95:e2:6c:a1:d6:33:99:e2:a7:b0:81:f6:04:a1:7b:
fd:49:67:c3:1f:52:19:b5:de:f0:94:c9:24:04:75:72:84:99:
e3:6e:b8:8b:90:7a:ef:f4:56:f9:00:11:44:42:4f:a2:cb:2e:
52:62:57:b9:14:87:a1:c7:e1:a2:51:83:01:71:cd:8f:6d:61:
f6:5b:93:7e:16:20:77:fe:3e:88:7e:d6:17:ea:59:21:73:50:
4a:26:a8:b7:39:91:66:04:40:2e:0a:90:6a:bf:c1:a3:39:78:
e6:3c:16:ba:81:15:15:9c:ca:ef:1a:ba:da:8f:f5:2f:d8:2c:
8a:5e:1e:2b:a6:f7:92:f5:34:d5:9d:5c:7f:48:7c:01:80:b2:
c3:94:b2:38:5b:8f:76:17:ac:07:30:7d:43:88:fd:58:51:5e:
9c:6b:ba:9a:22:da:ee:49:2a:d2:e2:7b:d1:fe:bf:6f:2b:2a:
fc:71:56:ea:78:de:6d:97:4f:f2:70:91:b9:0e:17:0d:a7:9d:
5a:aa:00:27
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIED0bYOzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NmQ5MDBiMGJjMWU1ZjFiNzhjNjVjZDgzZTdhMjBkODYzNDcyNmI2MB4XDTIyMDEw
MTE0NTY0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDYxMGIxMWYwNmM1
ODBmODU0NWNiOTkyODMwMmY4ZTIwZDM3MmYzNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANENULcHptphTCa7Jrtt/fgEdhHIeozZdeo5hCnB1tLJeXxo
ciWPtNXMd6kM1nwxqvJdVJXDYHVR1xRTFkaGAhQ1LHwHbWkWbU7zEAXWaedMLH0o
z532VAjKwW4DIE2cUTwaLRE0SOAFTyEjrJUHMLyQ7vPpsjmLSWdXsKNOh81+3JHS
UrMS2SMX0VOMxDmXnIgSBvARHRBSOxPXCGjXBDddd9u9nd6pPLvN2NTgit54Ow49
BWPmt6OJoviUEs+ttdxkqTunB0I0g2FoQSCnYbyA/hGvOIPJFsNRRAjsg6bcDS6r
T37rE1DDQ614KvRRCZHhrqaNCNyC7+S8WyYwPv8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQGELEfBsWA+FRcuZKDAvjiDTcvNDAfBgNVHSMEGDAWgBSW2QCwvB5fG3jG
XNg+eiDYY0cmtjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2x0a0FzTHdlWHh0NHhsellQbm9nMkdOSEpyWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTAvYzFhZmM2LWZkOTUtNDU1NS04NjI1LTNmZTQ2OWRiNjYyNi8x
L0JoQ3hId2JGZ1BoVVhMbVNnd0w0NGcwM0x6US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTAv
YzFhZmM2LWZkOTUtNDU1NS04NjI1LTNmZTQ2OWRiNjYyNi8xL2x0a0FzTHdlWHh0
NHhsellQbm9nMkdOSEpyWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcMWmjANBgkqhkiG9w0BAQsFAAOC
AQEAGrB+FIALZAZ2gcAecuj3AVft9YHLwkcrM/J817kHF8cFza1p96KN5UGCbDVk
+ELpZReGhv32u91SleJsodYzmeKnsIH2BKF7/Ulnwx9SGbXe8JTJJAR1coSZ4264
i5B67/RW+QARREJPossuUmJXuRSHocfholGDAXHNj21h9luTfhYgd/4+iH7WF+pZ
IXNQSiaotzmRZgRALgqQar/Bozl45jwWuoEVFZzK7xq62o/1L9gsil4eK6b3kvU0
1Z1cf0h8AYCyw5SyOFuPdhesBzB9Q4j9WFFenGu6miLa7kkq0uJ70f6/bysq/HFW
6njebZdP8nCRuQ4XDaedWqoAJw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:52 2024 by rpki-client on console-ams.rpki-client.org