Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/bcccb8-6c74-4d0a-895f-01d19a74be23/1/bOOuY7Qtvjg53Cs7f8P7Fd_dcdA.roa
File: bOOuY7Qtvjg53Cs7f8P7Fd_dcdA.roa (raw, json)
Hash identifier: 4zUfHKciG4AWkqyC6oI5VZ4RXmU25iR1KaoJzcUHQAE=
Subject key identifier: 6C:E3:AE:63:B4:2D:BE:38:39:DC:2B:3B:7F:C3:FB:15:DF:DD:71:D0
Certificate issuer: /CN=bfa5f0e76547575957bc92c6dddd084d3ea7f863
Certificate serial: 018514B0401A3C90262D7A1D8C1FDE29EB70
Authority key identifier: BF:A5:F0:E7:65:47:57:59:57:BC:92:C6:DD:DD:08:4D:3E:A7:F8:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v6Xw52VHV1lXvJLG3d0ITT6n-GM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/bcccb8-6c74-4d0a-895f-01d19a74be23/1/bOOuY7Qtvjg53Cs7f8P7Fd_dcdA.roa
Signing time: Thu 15 Dec 2022 07:29:33 +0000
ROA not before: Thu 15 Dec 2022 07:29:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60064
IP address blocks: 185.63.253.0/24 maxlen: 24
185.63.252.0/24 maxlen: 24
185.63.255.0/24 maxlen: 24
185.63.254.0/24 maxlen: 24
91.239.55.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:14:b0:40:1a:3c:90:26:2d:7a:1d:8c:1f:de:29:eb:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfa5f0e76547575957bc92c6dddd084d3ea7f863
Validity
Not Before: Dec 15 07:29:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6ce3ae63b42dbe3839dc2b3b7fc3fb15dfdd71d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:c1:82:20:b2:d1:39:24:19:cc:dc:0c:c8:52:
d2:c2:73:9d:d1:df:8c:4f:7f:02:50:a5:27:c9:48:
ef:07:f9:9b:17:54:9b:9c:60:40:aa:50:a8:7e:5f:
b5:e8:8f:64:3e:4f:72:f1:d4:ce:29:97:33:93:5a:
0a:b7:d0:35:50:92:38:f3:64:45:8e:db:64:38:c7:
04:9a:f4:b4:4b:21:87:b8:b2:ad:2e:f8:b2:f1:69:
5e:c1:6f:8b:72:fe:36:68:ce:ea:a9:40:a8:df:12:
58:c9:7a:f2:ee:64:a1:2d:91:06:ed:61:35:8d:42:
c9:1e:8d:23:9f:a4:12:98:92:62:6d:df:3f:b1:eb:
16:cd:9b:34:01:06:7c:4d:ac:52:98:1a:53:31:ff:
5c:2c:00:63:a5:3b:0f:64:b7:cb:ee:fb:da:6a:9c:
12:aa:c8:e3:00:9b:13:d0:4f:a2:ab:d2:b8:c3:fe:
d2:7a:a3:f2:75:c9:07:a1:32:c7:a8:55:e3:f6:ec:
f6:7a:59:15:0a:e2:d9:95:0f:f4:5b:06:34:31:e2:
9e:0e:74:2b:17:95:db:3c:40:7e:90:2b:22:20:68:
e1:48:fb:ee:ff:a2:03:15:76:87:92:91:5c:65:f8:
39:a6:90:68:92:8e:54:01:62:20:fb:3b:1d:e5:88:
db:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:E3:AE:63:B4:2D:BE:38:39:DC:2B:3B:7F:C3:FB:15:DF:DD:71:D0
X509v3 Authority Key Identifier:
keyid:BF:A5:F0:E7:65:47:57:59:57:BC:92:C6:DD:DD:08:4D:3E:A7:F8:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v6Xw52VHV1lXvJLG3d0ITT6n-GM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/bcccb8-6c74-4d0a-895f-01d19a74be23/1/bOOuY7Qtvjg53Cs7f8P7Fd_dcdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/bcccb8-6c74-4d0a-895f-01d19a74be23/1/v6Xw52VHV1lXvJLG3d0ITT6n-GM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.55.0/24
185.63.252.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:be:3d:0a:d7:a5:f1:e4:b6:25:28:d6:7f:dd:5c:31:8c:25:
10:a7:bd:81:87:7f:21:ce:09:57:5d:55:0a:73:08:67:94:d1:
f7:a4:91:61:41:77:0d:e7:ba:1f:68:15:b4:42:0a:4c:8d:ca:
13:c7:ed:2e:8d:d8:c0:a5:7e:ec:26:d5:7b:9b:c9:20:84:8c:
2b:f4:08:fd:41:7f:d4:63:3c:46:83:73:a7:70:42:01:3e:0f:
6a:74:b6:d7:3d:d6:d6:f2:0f:b3:6b:35:c0:71:06:43:5a:c2:
58:aa:0a:15:91:8c:64:21:b3:00:dc:5a:94:de:ff:4f:be:93:
81:36:6e:18:d8:78:9c:6b:fe:3b:ea:92:23:4a:3d:de:ae:a6:
b2:ac:8a:46:82:c9:b7:94:f3:fe:e2:96:c4:41:8c:cb:1b:63:
5c:d7:7d:10:6e:fb:1b:d6:5c:6c:40:a7:75:29:ca:17:1f:d3:
3b:12:27:4a:07:9c:61:25:01:3a:2e:ac:33:4d:5b:24:27:41:
18:ed:ea:64:be:02:26:f6:7a:ec:96:32:a5:d9:45:de:7d:48:
26:2a:07:c6:7f:3c:a8:c0:4b:85:19:ad:8f:c2:81:9e:75:f1:
af:26:2e:27:49:63:37:d8:3b:12:75:34:54:33:9c:e4:d6:76:
ec:a4:d5:ad
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYUUsEAaPJAmLXodjB/eKetwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYTVmMGU3NjU0NzU3NTk1N2JjOTJjNmRkZGQwODRkM2Vh
N2Y4NjMwHhcNMjIxMjE1MDcyOTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2UzYWU2M2I0MmRiZTM4MzlkYzJiM2I3ZmMzZmIxNWRmZGQ3MWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMGCILLROSQZzNwMyFLSwnOd0d+M
T38CUKUnyUjvB/mbF1SbnGBAqlCofl+16I9kPk9y8dTOKZczk1oKt9A1UJI482RF
jttkOMcEmvS0SyGHuLKtLviy8WlewW+Lcv42aM7qqUCo3xJYyXry7mShLZEG7WE1
jULJHo0jn6QSmJJibd8/sesWzZs0AQZ8TaxSmBpTMf9cLABjpTsPZLfL7vvaapwS
qsjjAJsT0E+iq9K4w/7SeqPydckHoTLHqFXj9uz2elkVCuLZlQ/0WwY0MeKeDnQr
F5XbPEB+kCsiIGjhSPvu/6IDFXaHkpFcZfg5ppBoko5UAWIg+zsd5YjbnQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGzjrmO0Lb44OdwrO3/D+xXf3XHQMB8GA1UdIwQY
MBaAFL+l8OdlR1dZV7ySxt3dCE0+p/hjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjZYdzUyVkhWMWxYdkpMRzNkMElUVDZuLUdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9iY2NjYjgtNmM3NC00ZDBhLTg5NWYt
MDFkMTlhNzRiZTIzLzEvYk9PdVk3UXR2amc1M0NzN2Y4UDdGZF9kY2RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9iY2NjYjgtNmM3NC00ZDBhLTg5NWYtMDFkMTlhNzRiZTIz
LzEvdjZYdzUyVkhWMWxYdkpMRzNkMElUVDZuLUdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+83AwQC
uT/8MA0GCSqGSIb3DQEBCwUAA4IBAQAKvj0K16Xx5LYlKNZ/3VwxjCUQp72Bh38h
zglXXVUKcwhnlNH3pJFhQXcN57ofaBW0QgpMjcoTx+0ujdjApX7sJtV7m8kghIwr
9Aj9QX/UYzxGg3OncEIBPg9qdLbXPdbW8g+zazXAcQZDWsJYqgoVkYxkIbMA3FqU
3v9PvpOBNm4Y2Hica/476pIjSj3erqayrIpGgsm3lPP+4pbEQYzLG2Nc130Qbvsb
1lxsQKd1KcoXH9M7EidKB5xhJQE6LqwzTVskJ0EY7epkvgIm9nrsljKl2UXefUgm
KgfGfzyowEuFGa2PwoGedfGvJi4nSWM32DsSdTRUM5zk1nbspNWt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:54 2024 by rpki-client on console-ams.rpki-client.org