Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/8f3b6f-e86f-467d-aa90-18b1a937a567/1/BqN1xIGtnZQbP11f7JzLpz8VU6Y.roa
File: BqN1xIGtnZQbP11f7JzLpz8VU6Y.roa (raw, json)
Hash identifier: r9sd383358EDn2bs+qizS+/kh9ORmvNEI9w1ttTmiB0=
Subject key identifier: 06:A3:75:C4:81:AD:9D:94:1B:3F:5D:5F:EC:9C:CB:A7:3F:15:53:A6
Certificate issuer: /CN=8bfca7c96e804505a48b99603d9b2124f1dd3702
Certificate serial: 37DF11FB
Authority key identifier: 8B:FC:A7:C9:6E:80:45:05:A4:8B:99:60:3D:9B:21:24:F1:DD:37:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i_ynyW6ARQWki5lgPZshJPHdNwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/8f3b6f-e86f-467d-aa90-18b1a937a567/1/BqN1xIGtnZQbP11f7JzLpz8VU6Y.roa
Signing time: Sat 01 Jan 2022 14:58:53 +0000
ROA not before: Sat 01 Jan 2022 14:58:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34209
IP address blocks: 46.28.243.0/24 maxlen: 24
46.28.240.0/21 maxlen: 21
46.28.244.0/24 maxlen: 24
46.28.241.0/24 maxlen: 24
46.28.245.0/24 maxlen: 24
46.28.246.0/24 maxlen: 24
195.80.237.0/24 maxlen: 24
193.22.169.0/24 maxlen: 24
193.41.210.0/23 maxlen: 23
2a02:2978::/32 maxlen: 32
2a02:2978:a000::/36 maxlen: 36
2a02:2978:f000::/36 maxlen: 36
2a02:2978:c000::/36 maxlen: 36
2a02:2978:e000::/36 maxlen: 36
2a02:2978:b000::/36 maxlen: 36
2a02:2978::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 937366011 (0x37df11fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bfca7c96e804505a48b99603d9b2124f1dd3702
Validity
Not Before: Jan 1 14:58:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=06a375c481ad9d941b3f5d5fec9ccba73f1553a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:45:ea:6a:34:fc:44:ab:35:e1:06:7c:2c:60:
4a:71:d9:5b:bb:80:7c:bf:1c:47:5d:73:19:65:70:
6b:5d:ac:24:fc:1d:f3:f2:ca:5f:0d:99:5b:2e:af:
22:ac:d2:a3:e8:86:17:46:88:7f:96:94:27:4d:47:
a3:ad:ed:05:b7:e7:f5:79:40:91:7a:f5:7e:3b:b6:
a7:ed:56:9d:11:da:50:03:ac:fe:29:18:d4:c8:eb:
92:3a:4d:7a:8b:de:e8:cd:dc:48:94:37:82:08:dc:
b9:1c:61:c0:f0:ee:87:22:af:6e:d6:b8:01:46:be:
07:7f:19:5d:36:83:2d:77:0a:58:74:71:34:9d:62:
26:4b:98:28:71:1e:b0:b7:51:17:e1:d8:b6:21:b2:
7b:0b:0f:f2:2d:ec:ba:df:b0:9f:0d:f1:8b:d8:18:
d4:b7:d8:30:29:9d:68:35:1e:33:91:c8:14:7a:d7:
a9:c3:b1:0e:9b:2b:26:e3:d6:02:64:a3:f0:ad:fc:
3e:4d:a6:83:32:a1:63:53:d3:8c:0a:17:e0:fa:4f:
14:8a:14:f2:3f:9f:7b:eb:9c:18:ca:de:e9:84:a5:
3f:c8:4e:a1:cb:81:3b:5f:f9:15:10:7e:fe:16:cc:
9c:d6:f6:d5:c0:5f:9a:ca:01:6b:29:3b:3f:14:ff:
a2:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:A3:75:C4:81:AD:9D:94:1B:3F:5D:5F:EC:9C:CB:A7:3F:15:53:A6
X509v3 Authority Key Identifier:
keyid:8B:FC:A7:C9:6E:80:45:05:A4:8B:99:60:3D:9B:21:24:F1:DD:37:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i_ynyW6ARQWki5lgPZshJPHdNwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/8f3b6f-e86f-467d-aa90-18b1a937a567/1/BqN1xIGtnZQbP11f7JzLpz8VU6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/8f3b6f-e86f-467d-aa90-18b1a937a567/1/i_ynyW6ARQWki5lgPZshJPHdNwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.240.0/21
193.22.169.0/24
193.41.210.0/23
195.80.237.0/24
IPv6:
2a02:2978::/32
Signature Algorithm: sha256WithRSAEncryption
18:1d:41:9c:90:34:59:c1:22:3b:16:8e:3f:a1:41:65:2d:22:
c4:57:59:7b:b2:94:1f:59:f1:2f:a4:ce:6f:d8:95:3f:6b:83:
e2:5d:35:ff:ac:29:a1:05:7a:a7:34:c7:c1:22:55:65:6b:21:
f9:8a:70:3e:06:3b:f2:1c:cb:da:95:83:03:4e:42:40:25:39:
8a:49:d5:b3:de:17:57:71:05:5e:8e:27:1c:5a:2c:ef:4a:a5:
f1:0f:f2:79:70:08:51:1f:06:94:3b:a9:43:ab:57:c2:fc:36:
2a:3b:85:49:92:88:d6:17:72:8d:b3:f7:72:b0:f5:83:a8:93:
a0:72:eb:f7:89:96:cb:47:5a:18:4c:b1:54:3f:ca:42:85:a7:
28:2a:19:7b:b8:6b:db:0f:2e:73:f5:74:96:a5:72:6c:14:83:
7c:73:57:4f:f5:c5:57:13:23:cb:76:9c:01:bc:0f:ef:df:73:
cc:e7:a9:26:1d:ef:bf:59:f6:d1:5d:78:0b:d3:24:f0:8a:1b:
84:32:97:8d:b5:ff:30:01:06:17:88:5a:b1:5b:38:6a:c5:f6:
5d:3d:a3:06:79:94:2d:e9:5f:5e:a3:bd:57:cc:10:a4:9e:f1:
e0:d3:ab:32:bb:2f:9c:5f:1d:52:f1:16:c4:bf:6c:8d:4e:29:
90:36:5c:55
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEN98R+zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmZjYTdjOTZlODA0NTA1YTQ4Yjk5NjAzZDliMjEyNGYxZGQzNzAyMB4XDTIyMDEw
MTE0NTg1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDZhMzc1YzQ4MWFk
OWQ5NDFiM2Y1ZDVmZWM5Y2NiYTczZjE1NTNhNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPFF6mo0/ESrNeEGfCxgSnHZW7uAfL8cR11zGWVwa12sJPwd
8/LKXw2ZWy6vIqzSo+iGF0aIf5aUJ01Ho63tBbfn9XlAkXr1fju2p+1WnRHaUAOs
/ikY1MjrkjpNeove6M3cSJQ3ggjcuRxhwPDuhyKvbta4AUa+B38ZXTaDLXcKWHRx
NJ1iJkuYKHEesLdRF+HYtiGyewsP8i3sut+wnw3xi9gY1LfYMCmdaDUeM5HIFHrX
qcOxDpsrJuPWAmSj8K38Pk2mgzKhY1PTjAoX4PpPFIoU8j+fe+ucGMre6YSlP8hO
ocuBO1/5FRB+/hbMnNb21cBfmsoBayk7PxT/oqsCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBQGo3XEga2dlBs/XV/snMunPxVTpjAfBgNVHSMEGDAWgBSL/KfJboBFBaSL
mWA9myEk8d03AjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lfeW55VzZBUlFXa2k1bGdQWnNoSlBIZE53SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTMvOGYzYjZmLWU4NmYtNDY3ZC1hYTkwLTE4YjFhOTM3YTU2Ny8x
L0JxTjF4SUd0blpRYlAxMWY3SnpMcHo4VlU2WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTMv
OGYzYjZmLWU4NmYtNDY3ZC1hYTkwLTE4YjFhOTM3YTU2Ny8xL2lfeW55VzZBUlFX
a2k1bGdQWnNoSlBIZE53SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAy4c8AMEAMEWqQMEAcEp0gMEAMNQ
7TANBAIAAjAHAwUAKgIpeDANBgkqhkiG9w0BAQsFAAOCAQEAGB1BnJA0WcEiOxaO
P6FBZS0ixFdZe7KUH1nxL6TOb9iVP2uD4l01/6wpoQV6pzTHwSJVZWsh+YpwPgY7
8hzL2pWDA05CQCU5iknVs94XV3EFXo4nHFos70ql8Q/yeXAIUR8GlDupQ6tXwvw2
KjuFSZKI1hdyjbP3crD1g6iToHLr94mWy0daGEyxVD/KQoWnKCoZe7hr2w8uc/V0
lqVybBSDfHNXT/XFVxMjy3acAbwP799zzOepJh3vv1n20V14C9Mk8IobhDKXjbX/
MAEGF4hasVs4asX2XT2jBnmULelfXqO9V8wQpJ7x4NOrMrsvnF8dUvEWxL9sjU4p
kDZcVQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:12 2024 by rpki-client on console-fra.rpki-client.org