Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/BEb871uZSmMWN8d8B6O2hOXtg3s.roa
File: BEb871uZSmMWN8d8B6O2hOXtg3s.roa (raw, json)
Hash identifier: dt3GDjfTxu4VZb5SphV0G4vQLbBeX32bzF+4cqjQeT4=
Subject key identifier: 04:46:FC:EF:5B:99:4A:63:16:37:C7:7C:07:A3:B6:84:E5:ED:83:7B
Certificate issuer: /CN=c0e8e56b18d45c646f03cb6f9069da0c8b3c74ad
Certificate serial: 06B3F5B3
Authority key identifier: C0:E8:E5:6B:18:D4:5C:64:6F:03:CB:6F:90:69:DA:0C:8B:3C:74:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wOjlaxjUXGRvA8tvkGnaDIs8dK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/BEb871uZSmMWN8d8B6O2hOXtg3s.roa
Signing time: Wed 27 Apr 2022 05:04:40 +0000
ROA not before: Wed 27 Apr 2022 05:04:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208909
IP address blocks: 162.213.67.0/24 maxlen: 24
162.213.66.0/24 maxlen: 24
162.213.65.0/24 maxlen: 24
45.15.137.0/24 maxlen: 24
45.15.136.0/24 maxlen: 24
45.15.139.0/24 maxlen: 24
45.15.138.0/24 maxlen: 24
185.41.98.0/24 maxlen: 24
185.41.97.0/24 maxlen: 24
185.41.96.0/24 maxlen: 24
185.41.99.0/24 maxlen: 24
162.213.64.0/24 maxlen: 24
91.204.124.0/22 maxlen: 22
2a0e:3c80::/29 maxlen: 29
2a01:57a0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112457139 (0x6b3f5b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0e8e56b18d45c646f03cb6f9069da0c8b3c74ad
Validity
Not Before: Apr 27 05:04:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0446fcef5b994a631637c77c07a3b684e5ed837b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:73:31:44:6e:50:10:e9:b4:e8:0c:26:d6:9a:
6f:24:e2:10:c0:3b:07:f6:4f:60:8f:00:78:09:a9:
52:f0:fa:93:f8:74:68:6b:c2:02:22:c7:9b:52:d3:
da:10:13:07:dc:3b:8f:a9:d6:62:37:ed:de:3e:63:
cb:24:95:1a:9d:5f:db:cb:21:3e:26:28:6b:2f:49:
83:58:02:93:88:14:da:83:84:fd:62:c3:2c:98:ee:
c6:e6:06:98:d0:a4:5f:ac:88:44:f7:2c:0a:eb:e2:
98:61:b7:89:61:92:01:f6:c3:66:6b:cd:2e:81:34:
01:cb:16:f8:cb:c7:7c:28:e6:9c:bf:6b:bb:c2:1d:
1c:51:bc:f5:d0:21:c1:0c:79:00:a3:ce:c7:d0:0f:
60:ae:1a:3c:2f:20:01:93:27:6d:48:87:d4:12:2c:
ab:55:af:73:5e:0d:89:f3:17:b9:93:d5:0d:bc:85:
ae:b5:f0:43:73:48:f7:33:7d:ad:47:14:57:b0:92:
d3:53:c2:4c:b4:80:c4:49:d5:18:81:40:42:9b:24:
42:54:af:df:ba:34:28:c7:6f:c7:cf:3f:74:51:8c:
24:c2:c0:b9:fe:f5:0e:74:ff:e6:37:b4:c0:88:19:
1e:53:b7:20:f7:77:4e:00:89:da:97:2d:00:6c:ad:
0b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:46:FC:EF:5B:99:4A:63:16:37:C7:7C:07:A3:B6:84:E5:ED:83:7B
X509v3 Authority Key Identifier:
keyid:C0:E8:E5:6B:18:D4:5C:64:6F:03:CB:6F:90:69:DA:0C:8B:3C:74:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wOjlaxjUXGRvA8tvkGnaDIs8dK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/BEb871uZSmMWN8d8B6O2hOXtg3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/wOjlaxjUXGRvA8tvkGnaDIs8dK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.136.0/22
91.204.124.0/22
162.213.64.0/22
185.41.96.0/22
IPv6:
2a01:57a0::/32
2a0e:3c80::/29
Signature Algorithm: sha256WithRSAEncryption
48:a3:b3:35:cd:fc:ae:0b:02:45:f6:17:79:08:b7:ba:4d:e8:
b7:a9:07:70:66:ce:49:fe:ea:7c:7e:08:d6:da:4b:50:35:1e:
77:bf:6a:67:8b:47:47:26:e1:24:5d:57:f4:fe:1e:56:e4:5b:
f3:05:0a:0c:17:f1:24:84:83:d3:37:2a:f6:89:5d:b3:c0:13:
d1:98:2c:9f:ab:37:06:cf:ec:ca:a4:1b:98:9d:b3:ee:95:81:
6c:4b:e1:b1:59:cd:cb:82:35:c6:30:57:21:a3:87:7c:d0:db:
05:7c:29:3f:71:84:69:01:c5:5a:da:64:20:30:90:a2:89:15:
63:e4:eb:9d:21:ea:fa:9d:af:49:7f:f0:0d:3b:8d:2a:fa:b4:
0a:be:a2:4e:fd:7d:3f:6c:08:92:cc:f3:de:35:8f:7b:e1:f5:
cd:a9:82:77:21:2e:59:25:4a:6e:1e:68:f7:b1:3e:02:d8:11:
1b:06:d3:bf:ee:fb:ba:9e:8d:f1:55:b7:ac:fb:0f:ee:9b:dc:
a3:20:ad:8e:5d:34:39:48:0f:05:a7:72:0b:8c:ae:4c:f5:18:
40:09:74:a2:2c:41:f9:1b:9b:7b:d5:4e:46:27:69:bf:d5:e8:
8f:e2:e7:3a:1f:c9:2b:24:ac:d3:33:58:cc:e8:40:f1:3f:d2:
58:32:7a:f8
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIEBrP1szANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MGU4ZTU2YjE4ZDQ1YzY0NmYwM2NiNmY5MDY5ZGEwYzhiM2M3NGFkMB4XDTIyMDQy
NzA1MDQ0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDQ0NmZjZWY1Yjk5
NGE2MzE2MzdjNzdjMDdhM2I2ODRlNWVkODM3YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMtzMURuUBDptOgMJtaabyTiEMA7B/ZPYI8AeAmpUvD6k/h0
aGvCAiLHm1LT2hATB9w7j6nWYjft3j5jyySVGp1f28shPiYoay9Jg1gCk4gU2oOE
/WLDLJjuxuYGmNCkX6yIRPcsCuvimGG3iWGSAfbDZmvNLoE0AcsW+MvHfCjmnL9r
u8IdHFG89dAhwQx5AKPOx9APYK4aPC8gAZMnbUiH1BIsq1Wvc14NifMXuZPVDbyF
rrXwQ3NI9zN9rUcUV7CS01PCTLSAxEnVGIFAQpskQlSv37o0KMdvx88/dFGMJMLA
uf71DnT/5je0wIgZHlO3IPd3TgCJ2pctAGytC+cCAwEAAaOCAjEwggItMB0GA1Ud
DgQWBBQERvzvW5lKYxY3x3wHo7aE5e2DezAfBgNVHSMEGDAWgBTA6OVrGNRcZG8D
y2+QadoMizx0rTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3dPamxheGpVWEdSdkE4dHZrR25hRElzOGRLMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWMvMmFiZWEyLTMwZDAtNDY1NC1hODM0LTc0NWJjZTMwNjBjOS8x
L0JFYjg3MXVaU21NV044ZDhCNk8yaE9YdGczcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMv
MmFiZWEyLTMwZDAtNDY1NC1hODM0LTc0NWJjZTMwNjBjOS8xL3dPamxheGpVWEdS
dkE4dHZrR25hRElzOGRLMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBH
BggrBgEFBQcBBwEB/wQ4MDYwHgQCAAEwGAMEAi0PiAMEAlvMfAMEAqLVQAMEArkp
YDAUBAIAAjAOAwUAKgFXoAMFAyoOPIAwDQYJKoZIhvcNAQELBQADggEBAEijszXN
/K4LAkX2F3kIt7pN6LepB3Bmzkn+6nx+CNbaS1A1Hne/ameLR0cm4SRdV/T+Hlbk
W/MFCgwX8SSEg9M3KvaJXbPAE9GYLJ+rNwbP7MqkG5ids+6VgWxL4bFZzcuCNcYw
VyGjh3zQ2wV8KT9xhGkBxVraZCAwkKKJFWPk650h6vqdr0l/8A07jSr6tAq+ok79
fT9sCJLM8941j3vh9c2pgnchLlklSm4eaPexPgLYERsG07/u+7qejfFVt6z7D+6b
3KMgrY5dNDlIDwWncguMrkz1GEAJdKIsQfkbm3vVTkYnab/V6I/i5zofySskrNMz
WMzoQPE/0lgyevg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:47 2024 by rpki-client on console-fra.rpki-client.org