Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/bjxhrU9M1wu-nHdAUMYqTAkgHFg.roa
File: bjxhrU9M1wu-nHdAUMYqTAkgHFg.roa (raw, json)
Hash identifier: 86TLgoYTJ+Vy9w0BzXUOSpQzFHm/yDJ4t7U/pkcG7AQ=
Subject key identifier: 6E:3C:61:AD:4F:4C:D7:0B:BE:9C:77:40:50:C6:2A:4C:09:20:1C:58
Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial: 01847F651E3EAF8D4C40993B5F8CDC8EE840
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/bjxhrU9M1wu-nHdAUMYqTAkgHFg.roa
Signing time: Wed 16 Nov 2022 07:44:04 +0000
ROA not before: Wed 16 Nov 2022 07:44:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5606
IP address blocks: 89.39.6.0/24 maxlen: 24
176.223.114.0/24 maxlen: 24
92.114.3.0/24 maxlen: 24
92.114.2.0/24 maxlen: 24
93.174.160.0/24 maxlen: 24
84.247.23.0/24 maxlen: 24
93.174.167.0/24 maxlen: 24
188.240.0.0/24 maxlen: 24
185.220.184.0/24 maxlen: 24
185.220.186.0/24 maxlen: 24
185.220.185.0/24 maxlen: 24
45.67.39.0/24 maxlen: 24
193.200.63.0/24 maxlen: 24
193.200.62.0/24 maxlen: 24
45.82.28.0/23 maxlen: 23
188.241.73.0/24 maxlen: 24
188.241.74.0/23 maxlen: 23
193.16.144.0/24 maxlen: 24
45.67.36.0/24 maxlen: 24
45.67.38.0/24 maxlen: 24
31.14.21.0/24 maxlen: 24
45.14.238.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7f:65:1e:3e:af:8d:4c:40:99:3b:5f:8c:dc:8e:e8:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Validity
Not Before: Nov 16 07:44:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6e3c61ad4f4cd70bbe9c774050c62a4c09201c58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:bd:f1:80:21:b4:23:ab:fa:08:2c:dd:87:c7:
51:98:fd:ed:e8:8c:be:48:9f:72:0f:b5:7b:52:66:
b4:d8:d1:a5:fa:33:db:17:4f:9d:77:e8:f6:73:d5:
e8:9b:ad:d3:9c:b4:5c:6d:98:b3:a0:dd:d4:b5:f1:
85:41:8e:78:c9:e9:ec:be:f3:87:8d:ef:a4:91:9c:
79:83:d5:f9:a0:70:e4:44:13:64:ad:41:74:ce:e6:
cf:f5:3c:a4:7c:05:b3:93:ff:8a:e4:af:ed:81:45:
fd:72:3c:05:31:af:99:85:c1:22:4e:f0:6a:e2:7c:
bc:e7:f8:e4:b2:20:48:39:2a:51:e8:bb:83:05:07:
be:73:fc:6a:cd:9a:50:84:11:1a:d6:de:05:34:c9:
04:6d:91:98:b1:36:a5:f3:a2:75:09:b3:c3:e0:ff:
cf:f8:b7:5e:05:2f:1b:b1:c8:48:2c:21:e8:8a:49:
35:b7:75:0a:04:66:13:1a:dd:18:65:22:f1:39:e9:
d5:7d:e2:9b:7a:47:28:1a:a8:79:27:75:44:97:55:
0f:74:ae:d6:2a:9c:09:b9:6a:5d:a8:c1:4a:82:12:
1e:c0:81:b9:ea:23:8a:81:ac:59:01:6f:35:3c:b4:
0a:41:a4:38:40:3a:a7:32:01:2a:38:c4:19:73:a9:
6e:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:3C:61:AD:4F:4C:D7:0B:BE:9C:77:40:50:C6:2A:4C:09:20:1C:58
X509v3 Authority Key Identifier:
keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/bjxhrU9M1wu-nHdAUMYqTAkgHFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.21.0/24
45.14.238.0/24
45.67.36.0/24
45.67.38.0/23
45.82.28.0/23
84.247.23.0/24
89.39.6.0/24
92.114.2.0/23
93.174.160.0/24
93.174.167.0/24
176.223.114.0/24
185.220.184.0-185.220.186.255
188.240.0.0/24
188.241.73.0-188.241.75.255
193.16.144.0/24
193.200.62.0/23
Signature Algorithm: sha256WithRSAEncryption
b1:78:8d:c0:06:f3:79:5d:46:c5:81:e8:29:8b:c7:21:3e:a3:
d4:52:14:e2:15:3b:7a:fe:c5:16:7c:c6:0c:3e:2e:3e:e2:22:
fa:a5:1b:45:87:62:7c:54:79:83:b0:d4:2f:06:6d:96:15:eb:
16:df:ae:a8:f6:65:8b:f4:12:29:7d:5c:1a:9a:76:58:0d:1f:
98:72:b0:a4:17:53:58:bc:f7:a9:0b:3d:8c:12:eb:26:8c:d2:
27:8c:40:c4:42:1c:70:f0:e3:e5:0e:c9:e7:a4:af:e3:60:51:
01:26:18:03:e5:c8:4a:49:35:a5:a2:db:3b:16:64:e1:bf:d2:
07:ff:ba:b6:87:88:e3:1e:b8:7f:a8:66:ff:e2:fa:c0:f2:27:
03:d4:b6:41:b0:b8:31:de:21:9c:2c:ae:4c:60:1e:d3:e7:32:
48:33:08:c7:cc:d5:95:7d:89:0d:16:8a:e1:df:bd:9a:ff:76:
a9:34:6a:b9:3c:78:df:ba:1b:d0:70:e8:da:02:b7:9f:77:58:
e6:0d:fe:3c:46:fc:4e:d9:1f:86:96:0f:3b:e5:86:8f:21:ed:
6b:06:1b:67:05:7f:29:80:83:b4:c1:fa:42:8d:eb:fa:6f:ff:
0a:37:a7:62:56:e1:d7:78:52:b9:d9:ef:9c:2c:94:45:c7:22:
c6:56:e7:56
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAYR/ZR4+r41MQJk7X4zcjuhAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3
YjQ1ODkwHhcNMjIxMTE2MDc0NDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTNjNjFhZDRmNGNkNzBiYmU5Yzc3NDA1MGM2MmE0YzA5MjAxYzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmL3xgCG0I6v6CCzdh8dRmP3t6Iy+
SJ9yD7V7Uma02NGl+jPbF0+dd+j2c9Xom63TnLRcbZizoN3UtfGFQY54yensvvOH
je+kkZx5g9X5oHDkRBNkrUF0zubP9TykfAWzk/+K5K/tgUX9cjwFMa+ZhcEiTvBq
4ny85/jksiBIOSpR6LuDBQe+c/xqzZpQhBEa1t4FNMkEbZGYsTal86J1CbPD4P/P
+LdeBS8bschILCHoikk1t3UKBGYTGt0YZSLxOenVfeKbekcoGqh5J3VEl1UPdK7W
KpwJuWpdqMFKghIewIG56iOKgaxZAW81PLQKQaQ4QDqnMgEqOMQZc6lurwIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFG48Ya1PTNcLvpx3QFDGKkwJIBxYMB8GA1UdIwQY
MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt
MmVjZTA0ZTE4NWMyLzEvYmp4aHJVOU0xd3UtbkhkQVVNWXFUQWtnSEZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy
LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEAB8OFQME
AC0O7gMEAC1DJAMEAS1DJgMEAS1SHAMEAFT3FwMEAFknBgMEAVxyAgMEAF2uoAME
AF2upwMEALDfcjAMAwQDudy4AwQAudy6AwQAvPAAMAwDBAC88UkDBAK88UgDBADB
EJADBAHByD4wDQYJKoZIhvcNAQELBQADggEBALF4jcAG83ldRsWB6CmLxyE+o9RS
FOIVO3r+xRZ8xgw+Lj7iIvqlG0WHYnxUeYOw1C8GbZYV6xbfrqj2ZYv0Eil9XBqa
dlgNH5hysKQXU1i896kLPYwS6yaM0ieMQMRCHHDw4+UOyeekr+NgUQEmGAPlyEpJ
NaWi2zsWZOG/0gf/uraHiOMeuH+oZv/i+sDyJwPUtkGwuDHeIZwsrkxgHtPnMkgz
CMfM1ZV9iQ0WiuHfvZr/dqk0ark8eN+6G9Bw6NoCt593WOYN/jxG/E7ZH4aWDzvl
ho8h7WsGG2cFfymAg7TB+kKN6/pv/wo3p2JW4dd4UrnZ75wslEXHIsZW51Y=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:54 2023 by rpki-client on console-ams.rpki-client.org