Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/bcccb8-6c74-4d0a-895f-01d19a74be23/1/EBk5NfRd1A537rT7l0anoFKMU1c.roa
File: EBk5NfRd1A537rT7l0anoFKMU1c.roa (raw, json)
Hash identifier: ANDgzaOB2V86VWQ7pijUwHTyUlfozlxpT+ckqO/4Ht4=
Subject key identifier: 10:19:39:35:F4:5D:D4:0E:77:EE:B4:FB:97:46:A7:A0:52:8C:53:57
Certificate issuer: /CN=bfa5f0e76547575957bc92c6dddd084d3ea7f863
Certificate serial: 0182BF4F3A6D9E24C2426758B90EA3108ECD
Authority key identifier: BF:A5:F0:E7:65:47:57:59:57:BC:92:C6:DD:DD:08:4D:3E:A7:F8:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v6Xw52VHV1lXvJLG3d0ITT6n-GM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/bcccb8-6c74-4d0a-895f-01d19a74be23/1/EBk5NfRd1A537rT7l0anoFKMU1c.roa
Signing time: Sun 21 Aug 2022 07:30:16 +0000
ROA not before: Sun 21 Aug 2022 07:30:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 134512
IP address blocks: 185.63.252.0/24 maxlen: 24
185.63.253.0/24 maxlen: 24
185.63.255.0/24 maxlen: 24
185.63.254.0/24 maxlen: 24
2a04:f780:1000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:bf:4f:3a:6d:9e:24:c2:42:67:58:b9:0e:a3:10:8e:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfa5f0e76547575957bc92c6dddd084d3ea7f863
Validity
Not Before: Aug 21 07:30:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=10193935f45dd40e77eeb4fb9746a7a0528c5357
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:cb:7e:f1:8f:90:dd:37:63:16:72:df:20:44:
58:5f:b8:af:cc:fc:08:a0:71:c8:50:e7:75:52:22:
e8:25:41:18:ab:b9:f8:ea:50:60:a5:a8:55:77:a5:
cc:7b:60:e6:0e:68:5a:b5:18:0c:41:a5:f1:4d:e1:
ca:b0:f4:3b:91:47:89:55:83:8a:b3:bf:36:b5:21:
d8:60:73:c0:62:6e:e1:ff:04:a2:cf:38:e7:fc:e9:
74:19:d9:0d:e6:7d:4b:84:fa:c0:22:38:ef:6b:00:
7b:3a:11:90:c7:9f:82:c1:d7:ea:63:de:dc:94:d1:
fb:ac:00:2f:ac:23:11:ea:84:9c:00:eb:c9:02:c0:
08:62:41:6e:e4:fc:e1:71:45:f2:26:66:a1:31:12:
94:76:de:d5:2f:9f:cc:38:25:76:77:7b:87:a9:0d:
7a:a3:ca:2a:ba:ad:28:ff:c1:39:e7:87:58:62:50:
c9:7a:e0:07:6b:6f:1d:4d:d6:be:6e:6a:93:e8:e1:
01:8e:8a:40:94:11:d0:0d:d2:95:e1:55:4a:d5:3a:
4d:25:67:b9:8c:8b:e1:8f:23:f9:f6:e8:f9:c6:f0:
af:ea:81:63:40:a4:fd:02:f9:dd:c6:2d:23:c7:09:
8a:e0:e8:14:92:a9:7a:0d:6b:b2:ab:59:e8:05:ba:
ea:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:19:39:35:F4:5D:D4:0E:77:EE:B4:FB:97:46:A7:A0:52:8C:53:57
X509v3 Authority Key Identifier:
keyid:BF:A5:F0:E7:65:47:57:59:57:BC:92:C6:DD:DD:08:4D:3E:A7:F8:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v6Xw52VHV1lXvJLG3d0ITT6n-GM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/bcccb8-6c74-4d0a-895f-01d19a74be23/1/EBk5NfRd1A537rT7l0anoFKMU1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/bcccb8-6c74-4d0a-895f-01d19a74be23/1/v6Xw52VHV1lXvJLG3d0ITT6n-GM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.63.252.0/22
IPv6:
2a04:f780:1000::/36
Signature Algorithm: sha256WithRSAEncryption
72:b3:f8:50:48:c9:5e:3a:ab:e1:0c:9e:ce:87:ef:ca:25:38:
ba:b6:88:06:73:ae:3c:fa:2b:5d:e4:9f:02:86:b1:7c:4d:c3:
cf:f2:e0:eb:3f:69:78:64:43:1e:3b:8e:ab:d7:0c:30:5a:45:
fe:83:18:48:db:43:e5:68:d2:db:1a:c2:16:ee:95:73:4c:05:
db:3f:b4:6c:88:28:a7:ee:d8:93:60:46:23:d4:4d:fb:6b:da:
84:e4:a8:58:a0:e0:1d:66:eb:bd:45:7e:fb:a2:e2:c2:3a:0f:
55:46:a0:06:be:e6:6a:88:cf:c2:36:61:ab:66:e3:03:43:bf:
db:b7:38:3a:9a:83:2f:69:74:64:9d:77:36:8e:41:23:d6:f3:
08:66:15:f1:da:dc:4a:31:a3:2b:08:c8:3a:c9:70:be:80:4f:
c4:0e:9b:05:b3:25:f5:57:6e:c2:97:53:e8:ce:5f:21:be:40:
3c:fd:af:83:15:24:b6:82:50:28:4f:3e:f8:d7:14:b5:41:36:
4a:28:6d:44:03:42:35:9a:37:a3:77:e4:c3:6f:bd:68:94:3f:
f9:5c:fb:01:8d:68:64:96:60:65:07:8a:e9:b1:cc:7f:92:6f:
04:8b:51:ce:4a:9b:d7:05:88:6f:e0:f2:6a:d0:49:78:0d:ec:
ce:29:ad:db
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYK/TzptniTCQmdYuQ6jEI7NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYTVmMGU3NjU0NzU3NTk1N2JjOTJjNmRkZGQwODRkM2Vh
N2Y4NjMwHhcNMjIwODIxMDczMDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDE5MzkzNWY0NWRkNDBlNzdlZWI0ZmI5NzQ2YTdhMDUyOGM1MzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxct+8Y+Q3TdjFnLfIERYX7ivzPwI
oHHIUOd1UiLoJUEYq7n46lBgpahVd6XMe2DmDmhatRgMQaXxTeHKsPQ7kUeJVYOK
s782tSHYYHPAYm7h/wSizzjn/Ol0GdkN5n1LhPrAIjjvawB7OhGQx5+CwdfqY97c
lNH7rAAvrCMR6oScAOvJAsAIYkFu5PzhcUXyJmahMRKUdt7VL5/MOCV2d3uHqQ16
o8oquq0o/8E554dYYlDJeuAHa28dTda+bmqT6OEBjopAlBHQDdKV4VVK1TpNJWe5
jIvhjyP59uj5xvCv6oFjQKT9Avndxi0jxwmK4OgUkql6DWuyq1noBbrqdwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFBAZOTX0XdQOd+60+5dGp6BSjFNXMB8GA1UdIwQY
MBaAFL+l8OdlR1dZV7ySxt3dCE0+p/hjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjZYdzUyVkhWMWxYdkpMRzNkMElUVDZuLUdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9iY2NjYjgtNmM3NC00ZDBhLTg5NWYt
MDFkMTlhNzRiZTIzLzEvRUJrNU5mUmQxQTUzN3JUN2wwYW5vRktNVTFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9iY2NjYjgtNmM3NC00ZDBhLTg5NWYtMDFkMTlhNzRiZTIz
LzEvdjZYdzUyVkhWMWxYdkpMRzNkMElUVDZuLUdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCuT/8MA4E
AgACMAgDBgQqBPeAEDANBgkqhkiG9w0BAQsFAAOCAQEAcrP4UEjJXjqr4Qyezofv
yiU4uraIBnOuPPorXeSfAoaxfE3Dz/Lg6z9peGRDHjuOq9cMMFpF/oMYSNtD5WjS
2xrCFu6Vc0wF2z+0bIgop+7Yk2BGI9RN+2vahOSoWKDgHWbrvUV++6LiwjoPVUag
Br7maojPwjZhq2bjA0O/27c4OpqDL2l0ZJ13No5BI9bzCGYV8drcSjGjKwjIOslw
voBPxA6bBbMl9VduwpdT6M5fIb5APP2vgxUktoJQKE8++NcUtUE2SihtRANCNZo3
o3fkw2+9aJQ/+Vz7AY1oZJZgZQeK6bHMf5JvBItRzkqb1wWIb+DyatBJeA3szimt
2w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:54 2024 by rpki-client on console-ams.rpki-client.org