Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/bnpENOAljDB8VjdJfWAZFT5G9FI.roa
File: bnpENOAljDB8VjdJfWAZFT5G9FI.roa (raw, json)
Hash identifier: aIpdOpDRdlUMUAGhS7zXNCm9kNtZjfHItocRLcI6J6A=
Subject key identifier: 6E:7A:44:34:E0:25:8C:30:7C:56:37:49:7D:60:19:15:3E:46:F4:52
Certificate issuer: /CN=4dd74fbbbae58dd0876d99e80ec82a11a4477f7e
Certificate serial: CE22
Authority key identifier: 4D:D7:4F:BB:BA:E5:8D:D0:87:6D:99:E8:0E:C8:2A:11:A4:47:7F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/bnpENOAljDB8VjdJfWAZFT5G9FI.roa
Signing time: Tue 01 Feb 2022 08:33:01 +0000
ROA not before: Tue 01 Feb 2022 08:33:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25124
IP address blocks: 109.162.192.0/20 maxlen: 20
213.207.208.0/20 maxlen: 20
109.162.208.0/20 maxlen: 20
213.207.224.0/20 maxlen: 20
91.184.80.0/20 maxlen: 20
109.162.224.0/20 maxlen: 20
213.207.240.0/20 maxlen: 20
109.162.128.0/20 maxlen: 20
109.162.144.0/20 maxlen: 20
109.162.160.0/20 maxlen: 20
81.91.128.0/20 maxlen: 20
109.162.176.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52770 (0xce22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd74fbbbae58dd0876d99e80ec82a11a4477f7e
Validity
Not Before: Feb 1 08:33:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6e7a4434e0258c307c5637497d6019153e46f452
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d4:46:eb:a0:04:ab:8d:86:4d:4e:f2:e9:10:
3b:1e:43:cc:be:7a:8c:7f:03:a4:74:f7:47:ad:ee:
ad:d1:ea:2e:56:84:37:f1:64:b0:4f:1e:c0:d8:1a:
11:38:17:95:d6:a8:48:14:05:96:e9:82:1e:ef:de:
88:84:5f:57:ed:96:4b:36:bf:ea:04:bf:6c:23:95:
b3:29:de:c0:32:41:22:5a:70:c3:21:69:eb:c2:61:
84:ec:bb:bc:f4:8f:1e:77:cf:64:01:9c:6c:32:2f:
7e:d9:9a:fe:38:26:a8:12:d7:e6:f2:e7:8c:64:bc:
8c:d8:75:f8:20:b1:86:f4:f9:50:86:89:b0:c8:ee:
69:97:3b:63:4d:df:3c:48:e9:89:92:92:39:71:14:
f6:35:27:db:ce:07:68:30:c5:e0:ff:f6:ee:fb:ef:
63:1f:70:e4:b7:02:f0:e5:0c:e5:cc:a2:b9:cd:e2:
c7:18:d6:d2:e8:9d:ae:b7:6e:c2:fb:d8:e1:6f:e9:
3b:0c:53:37:0d:05:cc:e7:a4:f6:9f:b4:25:72:2c:
84:1c:ca:39:00:db:7d:70:17:88:b6:aa:a9:8b:15:
af:6c:a6:37:e2:05:b0:35:16:ce:33:5d:a6:f6:93:
8f:81:97:4b:ff:34:a5:c3:b7:8b:04:e8:70:af:45:
9f:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:7A:44:34:E0:25:8C:30:7C:56:37:49:7D:60:19:15:3E:46:F4:52
X509v3 Authority Key Identifier:
keyid:4D:D7:4F:BB:BA:E5:8D:D0:87:6D:99:E8:0E:C8:2A:11:A4:47:7F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/bnpENOAljDB8VjdJfWAZFT5G9FI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/TddPu7rljdCHbZnoDsgqEaRHf34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.91.128.0/20
91.184.80.0/20
109.162.128.0-109.162.239.255
213.207.208.0-213.207.255.255
Signature Algorithm: sha256WithRSAEncryption
1e:1c:43:e2:a6:2d:bb:57:58:0f:c0:fe:79:d9:e5:19:9a:4e:
fa:96:79:87:00:3d:18:f9:ec:ac:68:ed:39:24:90:77:82:c7:
00:8a:5c:71:eb:84:8a:3d:b7:f7:c1:0e:35:0e:8d:ee:14:ec:
be:6e:ad:65:49:dd:f7:5c:e9:f9:9d:20:de:20:9c:a1:82:5d:
58:8d:4c:75:af:eb:be:30:3e:26:15:f9:db:58:23:90:b7:0f:
ee:77:17:45:2f:bb:09:08:cc:41:8e:0d:26:75:0e:f0:cb:43:
f0:b3:f0:ad:3d:d0:a6:db:70:51:58:2a:8f:dd:8e:1e:85:57:
d5:07:68:dd:a7:1e:bc:42:53:12:2c:fb:f7:45:b0:b6:bc:db:
8c:04:f7:b2:f8:e0:72:99:91:0d:32:ec:73:c0:f2:ee:66:72:
d9:cf:fe:2c:20:f6:44:9e:40:61:8d:40:a5:61:db:2d:17:c7:
b7:bd:8b:94:e8:ef:16:54:04:0e:d3:5a:fd:2d:53:9b:d1:98:
d5:fb:a5:ca:ec:58:48:55:41:bc:06:6f:7a:e8:13:f2:48:37:
74:ec:cb:50:bf:12:c4:7d:fc:7f:41:db:00:88:86:78:fc:2b:
c0:e7:e1:94:02:e0:0e:e4:7a:f2:c2:cc:9f:fe:e4:31:ea:88:
6d:ec:01:8c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIDAM4iMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDRk
ZDc0ZmJiYmFlNThkZDA4NzZkOTllODBlYzgyYTExYTQ0NzdmN2UwHhcNMjIwMjAx
MDgzMzAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2ZTdhNDQzNGUwMjU4
YzMwN2M1NjM3NDk3ZDYwMTkxNTNlNDZmNDUyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtNRG66AEq42GTU7y6RA7HkPMvnqMfwOkdPdHre6t0eouVoQ3
8WSwTx7A2BoROBeV1qhIFAWW6YIe796IhF9X7ZZLNr/qBL9sI5WzKd7AMkEiWnDD
IWnrwmGE7Lu89I8ed89kAZxsMi9+2Zr+OCaoEtfm8ueMZLyM2HX4ILGG9PlQhomw
yO5plztjTd88SOmJkpI5cRT2NSfbzgdoMMXg//bu++9jH3DktwLw5QzlzKK5zeLH
GNbS6J2ut27C+9jhb+k7DFM3DQXM56T2n7QlciyEHMo5ANt9cBeItqqpixWvbKY3
4gWwNRbOM12m9pOPgZdL/zSlw7eLBOhwr0WfNQIDAQABo4ICKjCCAiYwHQYDVR0O
BBYEFG56RDTgJYwwfFY3SX1gGRU+RvRSMB8GA1UdIwQYMBaAFE3XT7u65Y3Qh22Z
6A7IKhGkR39+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
VGRkUHU3cmxqZENIYlpub0RzZ3FFYVJIZjM0LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9hYi85ZjVmNTctZTgyOC00YmNmLThkMmItOGVhYjdmNGZlNzdlLzEv
Ym5wRU5PQWxqREI4VmpkSmZXQVpGVDVHOUZJLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85
ZjVmNTctZTgyOC00YmNmLThkMmItOGVhYjdmNGZlNzdlLzEvVGRkUHU3cmxqZENI
Ylpub0RzZ3FFYVJIZjM0LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEAG
CCsGAQUFBwEHAQH/BDEwLzAtBAIAATAnAwQEUVuAAwQEW7hQMAwDBAdtooADBARt
ouAwCwMEBNXP0AMDBNXAMA0GCSqGSIb3DQEBCwUAA4IBAQAeHEPipi27V1gPwP55
2eUZmk76lnmHAD0Y+eysaO05JJB3gscAilxx64SKPbf3wQ41Do3uFOy+bq1lSd33
XOn5nSDeIJyhgl1YjUx1r+u+MD4mFfnbWCOQtw/udxdFL7sJCMxBjg0mdQ7wy0Pw
s/CtPdCm23BRWCqP3Y4ehVfVB2jdpx68QlMSLPv3RbC2vNuMBPey+OBymZENMuxz
wPLuZnLZz/4sIPZEnkBhjUClYdstF8e3vYuU6O8WVAQO01r9LVOb0ZjV+6XK7FhI
VUG8Bm966BPySDd07MtQvxLEffx/QdsAiIZ4/CvA5+GUAuAO5Hrywsyf/uQx6oht
7AGM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:21 2024 by rpki-client on console-fra.rpki-client.org