Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/BZ_QijxPSMQ_MepjRwR_vEn86XQ.roa
File: BZ_QijxPSMQ_MepjRwR_vEn86XQ.roa (raw, json)
Hash identifier: D/EVg9X46AgTdQ44LnlN7osfAJfJPxgsnYnknB5ONV8=
Subject key identifier: 05:9F:D0:8A:3C:4F:48:C4:3F:31:EA:63:47:04:7F:BC:49:FC:E9:74
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 0182A77FEDB5D4F0356DF6DFDE7EF5646DBB
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/BZ_QijxPSMQ_MepjRwR_vEn86XQ.roa
Signing time: Tue 16 Aug 2022 16:32:35 +0000
ROA not before: Tue 16 Aug 2022 16:32:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211237
IP address blocks: 45.8.186.0/24 maxlen: 24
45.8.204.0/24 maxlen: 24
85.208.104.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:a7:7f:ed:b5:d4:f0:35:6d:f6:df:de:7e:f5:64:6d:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Aug 16 16:32:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=059fd08a3c4f48c43f31ea6347047fbc49fce974
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:89:98:4c:11:22:e6:fe:f7:67:30:24:22:04:
24:8a:ba:88:1b:ac:a6:f3:7c:00:31:ac:ef:2e:6b:
97:2d:07:6e:81:e1:a7:1e:8b:18:76:f7:ab:85:26:
20:2a:72:b3:4a:3c:93:e4:f3:d3:41:92:37:ee:bd:
95:5c:54:ee:62:1f:af:53:3a:66:54:d9:6a:a8:65:
73:86:e0:87:c1:11:c9:3b:87:7c:61:1b:33:f8:aa:
ad:1b:0a:3c:bc:7a:01:db:43:ee:d7:e8:a4:81:c0:
8c:32:91:90:b1:ba:40:57:72:8f:e3:fc:99:34:72:
2d:ad:2b:4d:6e:35:c9:ed:9f:b8:1e:e2:60:a4:e4:
7e:68:a2:ac:4b:2d:59:55:79:1a:56:58:1a:95:02:
29:2c:35:e2:2d:af:f7:b8:fa:39:5e:a3:f1:4f:dc:
26:f0:7c:00:fb:4d:46:03:34:3b:b5:d7:af:e7:59:
52:40:ef:2b:5a:d4:d4:7f:a0:6a:a0:cf:87:cc:9b:
45:93:26:78:2d:9a:50:46:b2:66:4c:d6:7b:53:35:
9f:c2:e4:3a:0b:62:61:d1:2b:e7:8f:2a:bd:e3:79:
c1:82:66:13:86:41:76:e2:9b:c2:1a:90:55:28:be:
cf:91:66:08:d3:4a:1c:46:4d:59:63:ee:80:03:85:
7d:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:9F:D0:8A:3C:4F:48:C4:3F:31:EA:63:47:04:7F:BC:49:FC:E9:74
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/BZ_QijxPSMQ_MepjRwR_vEn86XQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.186.0/24
45.8.204.0/24
85.208.104.0/24
Signature Algorithm: sha256WithRSAEncryption
37:64:bf:51:ac:a7:ed:f4:ed:d5:dd:95:f2:e0:77:6b:e7:8a:
88:4a:3b:a6:69:e2:85:9e:fd:17:9d:56:b4:36:b7:a0:b4:34:
10:05:d4:7c:6a:d6:70:8d:01:03:53:66:55:4b:90:26:26:c9:
2e:4b:f2:52:ec:b8:2d:72:1b:39:bc:38:0d:db:40:63:47:24:
8f:b2:5f:96:37:89:b1:ec:bb:e7:7a:28:5f:ac:cd:09:47:c1:
1a:9e:94:df:84:44:18:1d:a4:5d:c9:3b:23:1d:7a:a1:1f:ef:
84:a8:13:c3:c0:c8:55:09:bc:6e:cb:7a:85:21:82:3d:a7:2e:
88:38:4e:6a:d3:c6:d6:ed:71:97:a0:1d:3d:47:3b:5a:99:ea:
6b:51:cf:52:1e:ac:a9:fc:3e:44:18:37:f1:f7:d2:95:85:ab:
89:f5:7e:d8:18:c5:cd:43:46:4a:11:99:6f:57:e9:63:3f:4f:
f2:5d:c3:f1:d3:9d:84:38:0e:b6:9a:18:6c:d2:80:12:c6:27:
fd:32:c0:9c:aa:75:07:2f:f6:cb:ab:6f:c7:23:e3:39:dc:99:
b8:0f:88:0f:25:15:ac:49:80:16:40:da:d0:db:2d:89:45:fd:
79:27:e3:ec:f3:ae:b5:cc:11:81:fb:9b:1b:07:34:14:14:3f:
17:c4:7c:ad
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYKnf+211PA1bfbf3n71ZG27MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjIwODE2MTYzMjM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTlmZDA4YTNjNGY0OGM0M2YzMWVhNjM0NzA0N2ZiYzQ5ZmNlOTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYmYTBEi5v73ZzAkIgQkirqIG6ym
83wAMazvLmuXLQdugeGnHosYdverhSYgKnKzSjyT5PPTQZI37r2VXFTuYh+vUzpm
VNlqqGVzhuCHwRHJO4d8YRsz+KqtGwo8vHoB20Pu1+ikgcCMMpGQsbpAV3KP4/yZ
NHItrStNbjXJ7Z+4HuJgpOR+aKKsSy1ZVXkaVlgalQIpLDXiLa/3uPo5XqPxT9wm
8HwA+01GAzQ7tdev51lSQO8rWtTUf6BqoM+HzJtFkyZ4LZpQRrJmTNZ7UzWfwuQ6
C2Jh0Svnjyq943nBgmYThkF24pvCGpBVKL7PkWYI00ocRk1ZY+6AA4V9OwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAWf0Io8T0jEPzHqY0cEf7xJ/Ol0MB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvQlpfUWlqeFBTTVFfTWVwalJ3Ul92RW44NlhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQi6AwQA
LQjMAwQAVdBoMA0GCSqGSIb3DQEBCwUAA4IBAQA3ZL9RrKft9O3V3ZXy4Hdr54qI
SjumaeKFnv0XnVa0NregtDQQBdR8atZwjQEDU2ZVS5AmJskuS/JS7Lgtchs5vDgN
20BjRySPsl+WN4mx7LvneihfrM0JR8EanpTfhEQYHaRdyTsjHXqhH++EqBPDwMhV
Cbxuy3qFIYI9py6IOE5q08bW7XGXoB09RztameprUc9SHqyp/D5EGDfx99KVhauJ
9X7YGMXNQ0ZKEZlvV+ljP0/yXcPx052EOA62mhhs0oASxif9MsCcqnUHL/bLq2/H
I+M53Jm4D4gPJRWsSYAWQNrQ2y2JRf15J+Ps8661zBGB+5sbBzQUFD8XxHyt
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:49 2025 by rpki-client