Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/BpLL32IdwCkBEwE3tdsnGAuslaY.roa
File: BpLL32IdwCkBEwE3tdsnGAuslaY.roa (raw, json)
Hash identifier: jy1xNHmqwyI4cQofa7LCXVGaaGTBIoE+/Wo2/y4aCCY=
Subject key identifier: 06:92:CB:DF:62:1D:C0:29:01:13:01:37:B5:DB:27:18:0B:AC:95:A6
Certificate issuer: /CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Certificate serial: 018441C48A8B9E1B1B2F80E3A89A92E2A13D
Authority key identifier: 6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/BpLL32IdwCkBEwE3tdsnGAuslaY.roa
Signing time: Fri 04 Nov 2022 08:31:50 +0000
ROA not before: Fri 04 Nov 2022 08:31:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212988
IP address blocks: 185.221.190.0/24 maxlen: 24
185.221.191.0/24 maxlen: 24
185.221.188.0/24 maxlen: 24
185.221.189.0/24 maxlen: 24
185.194.26.0/24 maxlen: 24
185.194.27.0/24 maxlen: 24
185.219.218.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:41:c4:8a:8b:9e:1b:1b:2f:80:e3:a8:9a:92:e2:a1:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Validity
Not Before: Nov 4 08:31:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0692cbdf621dc02901130137b5db27180bac95a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:9a:41:7a:7a:e7:7a:45:f2:be:74:04:f4:28:
46:b7:7d:82:86:9e:23:24:46:d6:89:15:6f:da:07:
31:c7:a2:ac:bf:94:4a:24:24:2b:e0:e0:42:7f:85:
18:d0:2e:40:23:59:bb:9f:7f:29:94:a4:55:c1:27:
65:bb:3b:37:fa:a3:f5:a2:ff:e6:af:df:58:f7:1e:
ce:90:2e:a9:f0:4c:37:34:eb:6c:75:25:15:de:96:
0d:af:a9:98:90:3c:bc:85:b6:33:fc:06:b6:74:7a:
b4:32:b6:81:a2:94:5c:0f:13:2b:c0:4e:8a:6b:cb:
8a:49:22:dd:30:77:46:3c:f1:bb:44:5f:d0:80:17:
3c:c0:fe:00:7a:f6:07:06:31:f4:89:79:44:56:f2:
f0:94:1e:bb:51:a7:54:bf:b8:2a:4c:13:7e:44:90:
f6:b4:1d:05:07:0d:6d:4f:a5:78:63:b6:c9:27:07:
f4:c0:61:e0:db:b7:58:7a:43:2a:4a:dc:40:90:68:
e0:54:ab:27:96:fb:df:f6:80:70:4b:85:0b:1f:39:
bd:d9:05:bf:13:d1:97:88:d4:18:aa:0f:71:50:b7:
fb:31:98:ea:7a:e7:6f:46:98:8f:39:8d:ed:83:f9:
05:10:5e:ef:a6:18:ee:58:3e:c7:0f:e3:48:5c:fe:
9f:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:92:CB:DF:62:1D:C0:29:01:13:01:37:B5:DB:27:18:0B:AC:95:A6
X509v3 Authority Key Identifier:
keyid:6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/BpLL32IdwCkBEwE3tdsnGAuslaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/a6MYZZd0KpJs0mUE4e12-FQ_2yY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.26.0/23
185.219.218.0/24
185.221.188.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:f9:db:47:d4:70:a0:af:c9:6c:47:54:85:5e:96:34:2f:cb:
b2:6d:86:47:ea:3e:4f:f0:7c:4d:34:8e:d1:18:a9:06:b8:94:
a4:84:57:26:b2:78:5d:03:61:d9:43:39:12:1d:c0:77:dc:db:
4b:cd:c3:74:2d:a0:8f:8d:67:c6:e5:38:7f:dd:4a:96:e9:32:
8e:9b:49:a4:c1:47:0d:d6:31:90:11:13:d3:30:1b:20:05:b8:
fa:ee:a4:0f:fb:f3:ad:1c:b6:5c:03:2d:b7:ce:2a:0e:5d:b0:
46:92:f6:96:0b:0d:be:ce:ef:a8:a6:1f:9b:6e:0e:fc:fa:7f:
33:5a:59:6b:04:4b:6c:76:e4:4f:79:a6:72:83:4f:ff:f7:d8:
69:47:68:de:0f:d1:a0:d0:90:41:eb:36:a7:21:97:d9:ab:32:
94:2a:54:bb:d0:ac:6b:e2:48:1f:3d:e6:5c:53:21:d0:e6:f1:
3e:40:41:2c:a7:1f:3c:8d:f6:02:ff:c3:8e:be:ea:eb:82:25:
1a:c0:4b:d3:72:ab:69:5c:f1:42:34:61:b0:12:f2:83:75:41:
c1:78:5c:03:77:0e:dd:87:d2:f5:5a:21:03:f1:17:d9:46:83:
c7:06:17:5a:53:e7:b5:1d:67:05:5e:db:cc:2f:f7:ba:63:0e:
7a:d3:41:02
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYRBxIqLnhsbL4DjqJqS4qE9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYTMxODY1OTc3NDJhOTI2Y2QyNjUwNGUxZWQ3NmY4NTQz
ZmRiMjYwHhcNMjIxMTA0MDgzMTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjkyY2JkZjYyMWRjMDI5MDExMzAxMzdiNWRiMjcxODBiYWM5NWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5pBenrnekXyvnQE9ChGt32Chp4j
JEbWiRVv2gcxx6Ksv5RKJCQr4OBCf4UY0C5AI1m7n38plKRVwSdluzs3+qP1ov/m
r99Y9x7OkC6p8Ew3NOtsdSUV3pYNr6mYkDy8hbYz/Aa2dHq0MraBopRcDxMrwE6K
a8uKSSLdMHdGPPG7RF/QgBc8wP4AevYHBjH0iXlEVvLwlB67UadUv7gqTBN+RJD2
tB0FBw1tT6V4Y7bJJwf0wGHg27dYekMqStxAkGjgVKsnlvvf9oBwS4ULHzm92QW/
E9GXiNQYqg9xULf7MZjqeudvRpiPOY3tg/kFEF7vphjuWD7HD+NIXP6fTQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAaSy99iHcApARMBN7XbJxgLrJWmMB8GA1UdIwQY
MBaAFGujGGWXdCqSbNJlBOHtdvhUP9smMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2Mt
YmMwMDdmMmRhYzI0LzEvQnBMTDMySWR3Q2tCRXdFM3Rkc25HQXVzbGFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2MtYmMwMDdmMmRhYzI0
LzEvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBucIaAwQA
udvaAwQCud28MA0GCSqGSIb3DQEBCwUAA4IBAQCK+dtH1HCgr8lsR1SFXpY0L8uy
bYZH6j5P8HxNNI7RGKkGuJSkhFcmsnhdA2HZQzkSHcB33NtLzcN0LaCPjWfG5Th/
3UqW6TKOm0mkwUcN1jGQERPTMBsgBbj67qQP+/OtHLZcAy23zioOXbBGkvaWCw2+
zu+oph+bbg78+n8zWllrBEtsduRPeaZyg0//99hpR2jeD9Gg0JBB6zanIZfZqzKU
KlS70Kxr4kgfPeZcUyHQ5vE+QEEspx88jfYC/8OOvurrgiUawEvTcqtpXPFCNGGw
EvKDdUHBeFwDdw7dh9L1WiED8RfZRoPHBhdaU+e1HWcFXtvML/e6Yw5600EC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:38 2024 by rpki-client on console-fra.rpki-client.org