Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/f-BfbiEmAxpyGEV5E_AQldId-BI.roa
File: f-BfbiEmAxpyGEV5E_AQldId-BI.roa (raw, json)
Hash identifier: CXX7v0N6A4CjKFuIof9zD/3McpCV06p1SmlQ45RSQXM=
Subject key identifier: 7F:E0:5F:6E:21:26:03:1A:72:18:45:79:13:F0:10:95:D2:1D:F8:12
Certificate issuer: /CN=af734108705a95796e8577125dd300c751dfd9a8
Certificate serial: 0183070EA07AFB51C3C80ADC13745F986979
Authority key identifier: AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/f-BfbiEmAxpyGEV5E_AQldId-BI.roa
Signing time: Sun 04 Sep 2022 05:52:22 +0000
ROA not before: Sun 04 Sep 2022 05:52:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34871
IP address blocks: 185.240.151.0/24 maxlen: 24
185.240.148.0/22 maxlen: 22
185.240.148.0/23 maxlen: 23
185.240.148.0/24 maxlen: 24
185.240.150.0/24 maxlen: 24
185.240.149.0/24 maxlen: 24
195.238.240.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:07:0e:a0:7a:fb:51:c3:c8:0a:dc:13:74:5f:98:69:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af734108705a95796e8577125dd300c751dfd9a8
Validity
Not Before: Sep 4 05:52:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7fe05f6e2126031a7218457913f01095d21df812
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:84:39:3b:3d:3c:73:ef:ce:d9:a6:3f:ff:51:
1d:9d:85:72:1d:d7:0e:e6:4a:7a:9d:35:e3:e8:b7:
b7:1a:df:7f:fa:00:92:48:87:68:de:0e:f2:e5:51:
bb:fb:fb:2a:52:be:bd:5d:ad:f0:b3:86:99:39:1d:
a8:76:c4:ac:93:35:c3:69:8d:b0:c3:f3:f7:bc:9e:
ed:26:1d:61:ad:1f:f3:e5:9f:42:b8:47:db:9a:56:
b2:eb:4b:b4:55:db:84:b3:84:75:52:64:c4:7c:35:
47:f3:c6:76:bf:ee:1e:74:b6:2a:13:e7:e1:44:04:
26:b6:2c:4b:80:77:ac:b0:38:a1:d2:4b:e1:35:56:
a1:42:34:0b:4f:b4:6c:d8:f2:35:97:8c:7d:88:6a:
e8:5e:87:1c:6d:3d:f9:80:4a:e3:7e:a0:ce:62:25:
41:60:6e:24:f6:7f:4a:66:3f:fe:b2:3a:02:45:50:
e5:08:06:44:c5:4f:ff:6e:a9:c1:90:34:44:75:2e:
13:19:a5:aa:8c:71:2f:ad:7e:d9:e9:80:ad:df:56:
35:24:a7:06:d0:95:4a:1b:b9:0a:b0:5d:0d:9b:dd:
eb:f1:60:90:ff:3f:26:48:a9:1a:96:bb:2a:4e:67:
40:e5:e0:07:e8:f3:63:7f:f7:3f:72:20:05:41:e4:
cf:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:E0:5F:6E:21:26:03:1A:72:18:45:79:13:F0:10:95:D2:1D:F8:12
X509v3 Authority Key Identifier:
keyid:AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/f-BfbiEmAxpyGEV5E_AQldId-BI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/r3NBCHBalXluhXcSXdMAx1Hf2ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.148.0/22
195.238.240.0/24
Signature Algorithm: sha256WithRSAEncryption
65:b7:bb:49:d8:cb:4f:66:56:80:61:a4:8b:23:9a:1d:c8:a3:
c7:55:67:6e:1a:9d:fc:ae:a2:5a:b0:71:17:a5:58:8d:4e:75:
d1:02:0f:9d:0c:4d:bc:0d:13:66:39:78:75:c5:34:89:32:cf:
08:18:a2:68:fc:32:d4:c2:60:f6:f3:6f:f2:45:d2:64:52:55:
cd:54:ee:b4:a9:01:15:41:6b:16:b7:8f:49:5e:93:0a:39:fa:
20:32:c0:bc:2b:9e:8a:36:11:22:54:31:42:3d:da:e1:d0:20:
bf:81:be:81:c1:01:fc:0c:0f:8c:e3:58:d5:a2:a5:75:c4:95:
79:f3:60:e5:92:a6:be:1c:1f:be:4c:57:98:ee:e8:60:27:b7:
d6:ec:38:b7:41:e1:4f:cf:67:8b:e4:9b:eb:70:da:64:e1:05:
e8:82:cf:d0:c0:f9:d3:2e:b3:11:09:73:bf:4f:35:3a:2e:17:
86:c2:fc:27:e4:1d:06:11:18:85:3b:2e:24:17:40:b6:67:17:
bf:32:77:ae:fa:1f:4c:98:20:ab:c9:74:fc:0c:df:ff:90:9f:
b7:47:05:06:e4:1e:b0:92:ca:a9:a2:c4:75:b7:5b:39:3f:65:
3d:18:25:13:13:0a:0f:5e:ee:3e:7a:3b:d3:44:cc:c2:34:8e:
b9:f3:83:6d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYMHDqB6+1HDyArcE3RfmGl5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzM0MTA4NzA1YTk1Nzk2ZTg1NzcxMjVkZDMwMGM3NTFk
ZmQ5YTgwHhcNMjIwOTA0MDU1MjIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmUwNWY2ZTIxMjYwMzFhNzIxODQ1NzkxM2YwMTA5NWQyMWRmODEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoQ5Oz08c+/O2aY//1EdnYVyHdcO
5kp6nTXj6Le3Gt9/+gCSSIdo3g7y5VG7+/sqUr69Xa3ws4aZOR2odsSskzXDaY2w
w/P3vJ7tJh1hrR/z5Z9CuEfbmlay60u0VduEs4R1UmTEfDVH88Z2v+4edLYqE+fh
RAQmtixLgHessDih0kvhNVahQjQLT7Rs2PI1l4x9iGroXoccbT35gErjfqDOYiVB
YG4k9n9KZj/+sjoCRVDlCAZExU//bqnBkDREdS4TGaWqjHEvrX7Z6YCt31Y1JKcG
0JVKG7kKsF0Nm93r8WCQ/z8mSKkalrsqTmdA5eAH6PNjf/c/ciAFQeTPDQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH/gX24hJgMachhFeRPwEJXSHfgSMB8GA1UdIwQY
MBaAFK9zQQhwWpV5boV3El3TAMdR39moMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUt
MThkMWE0MDZhYWVkLzEvZi1CZmJpRW1BeHB5R0VWNUVfQVFsZElkLUJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUtMThkMWE0MDZhYWVk
LzEvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCufCUAwQA
w+7wMA0GCSqGSIb3DQEBCwUAA4IBAQBlt7tJ2MtPZlaAYaSLI5odyKPHVWduGp38
rqJasHEXpViNTnXRAg+dDE28DRNmOXh1xTSJMs8IGKJo/DLUwmD282/yRdJkUlXN
VO60qQEVQWsWt49JXpMKOfogMsC8K56KNhEiVDFCPdrh0CC/gb6BwQH8DA+M41jV
oqV1xJV582Dlkqa+HB++TFeY7uhgJ7fW7Di3QeFPz2eL5JvrcNpk4QXogs/QwPnT
LrMRCXO/TzU6LheGwvwn5B0GERiFOy4kF0C2Zxe/Mneu+h9MmCCryXT8DN//kJ+3
RwUG5B6wksqposR1t1s5P2U9GCUTEwoPXu4+ejvTRMzCNI6584Nt
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:14 2025 by rpki-client