Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/443f87-4ae0-4198-bcb8-104a33437665/1/N_BjMHRem1rrbXA8D0wrJvRPocg.roa
File: N_BjMHRem1rrbXA8D0wrJvRPocg.roa (raw, json)
Hash identifier: ppsSEKNk6RN7bDOi1sya0p66rN2tihL6IL7+knaTLGs=
Subject key identifier: 37:F0:63:30:74:5E:9B:5A:EB:6D:70:3C:0F:4C:2B:26:F4:4F:A1:C8
Certificate issuer: /CN=13a0f7143ffa22113442dc8589ee1352ebe3daa3
Certificate serial: 01823B11DED315E8A50ABE0DD30C4D5349EE
Authority key identifier: 13:A0:F7:14:3F:FA:22:11:34:42:DC:85:89:EE:13:52:EB:E3:DA:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E6D3FD_6IhE0QtyFie4TUuvj2qM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/443f87-4ae0-4198-bcb8-104a33437665/1/N_BjMHRem1rrbXA8D0wrJvRPocg.roa
Signing time: Tue 26 Jul 2022 15:13:23 +0000
ROA not before: Tue 26 Jul 2022 15:13:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50889
IP address blocks: 185.136.71.0/24 maxlen: 24
185.136.69.0/24 maxlen: 24
77.111.250.0/24 maxlen: 24
77.111.251.0/24 maxlen: 24
77.111.248.0/24 maxlen: 24
77.111.249.0/24 maxlen: 24
80.84.166.0/24 maxlen: 24
80.84.160.0/24 maxlen: 24
80.84.164.0/24 maxlen: 24
80.84.165.0/24 maxlen: 24
80.84.163.0/24 maxlen: 24
80.84.161.0/24 maxlen: 24
80.84.162.0/24 maxlen: 24
80.84.167.0/24 maxlen: 24
80.84.171.0/24 maxlen: 24
80.84.172.0/24 maxlen: 24
80.84.170.0/24 maxlen: 24
80.84.168.0/24 maxlen: 24
80.84.169.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:3b:11:de:d3:15:e8:a5:0a:be:0d:d3:0c:4d:53:49:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13a0f7143ffa22113442dc8589ee1352ebe3daa3
Validity
Not Before: Jul 26 15:13:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=37f06330745e9b5aeb6d703c0f4c2b26f44fa1c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:33:b3:79:6f:b2:b1:51:e6:69:1a:d3:99:2f:
a0:db:93:16:6c:53:40:5a:7b:57:02:25:5b:5a:f9:
a9:aa:5b:cf:f3:26:88:c3:32:87:a6:14:04:ea:48:
1c:32:f4:19:01:3c:8c:e2:2f:26:5b:6f:41:31:ac:
85:66:96:df:4f:0c:ac:27:48:e1:18:b6:b9:a1:4e:
0c:58:63:77:4a:6c:78:de:e1:26:37:aa:1f:8e:63:
57:81:b3:2a:17:b9:ac:55:66:ac:3c:4c:39:7a:05:
b1:98:d3:0a:c6:f7:76:f8:2c:a9:4b:94:fa:29:e3:
f4:a2:a8:35:1f:df:59:90:66:39:b4:d6:eb:25:a7:
b8:68:ae:13:68:6c:ec:93:5c:7c:05:93:e2:a2:7f:
f0:c8:60:97:54:78:f4:04:50:92:0b:01:52:e6:a8:
24:a2:e1:7a:e0:6b:33:4e:e4:da:06:f9:84:94:13:
3d:ff:7e:7f:55:50:94:a6:55:f5:1d:ef:ce:9a:7c:
5e:e2:90:96:2b:ba:29:b2:1c:f5:67:da:6c:ac:06:
b9:84:85:6e:80:d0:8d:ac:76:02:2a:51:05:92:a3:
50:25:e6:04:ef:d3:9d:7a:34:0f:79:55:c1:61:b9:
c4:49:b1:c9:8a:ae:51:e2:c8:46:91:26:e8:8d:66:
45:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:F0:63:30:74:5E:9B:5A:EB:6D:70:3C:0F:4C:2B:26:F4:4F:A1:C8
X509v3 Authority Key Identifier:
keyid:13:A0:F7:14:3F:FA:22:11:34:42:DC:85:89:EE:13:52:EB:E3:DA:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E6D3FD_6IhE0QtyFie4TUuvj2qM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/443f87-4ae0-4198-bcb8-104a33437665/1/N_BjMHRem1rrbXA8D0wrJvRPocg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/443f87-4ae0-4198-bcb8-104a33437665/1/E6D3FD_6IhE0QtyFie4TUuvj2qM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.111.248.0/22
80.84.160.0-80.84.172.255
185.136.69.0/24
185.136.71.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:27:9b:71:40:86:23:1f:2a:65:08:ce:4f:9d:15:82:0e:92:
49:d2:24:93:69:e5:71:d1:4f:9f:4c:c5:9c:b6:7f:f8:9d:2e:
c2:98:44:02:75:ba:89:a0:2b:b3:61:3a:cb:d3:2c:aa:df:b0:
89:ba:ef:89:74:5e:b9:cd:d5:26:28:86:fb:73:de:9a:35:86:
0f:b0:0c:b6:64:94:a5:fb:5c:df:57:96:6b:c4:cc:fc:ec:16:
58:d9:62:0d:61:8d:f2:69:aa:99:56:20:0b:f2:f5:7b:32:4a:
50:06:86:e4:3c:3a:19:e7:ca:da:a1:f0:f2:b0:56:d7:26:f4:
2d:52:52:5f:30:9b:f5:1b:6d:5e:ce:11:70:fa:2f:99:ab:db:
b1:c2:e7:e8:de:f5:4c:4d:fc:dd:ce:46:f9:0d:4f:e2:f3:5b:
d4:ac:2b:a1:55:64:a8:d4:c0:b2:50:1c:08:c5:35:7d:e1:e7:
42:11:93:bb:a2:e1:03:af:e7:af:53:c5:74:a8:a8:e5:e4:0c:
f2:13:c4:5b:12:6f:7e:f7:c7:c0:44:19:d9:ed:a7:e2:62:70:
6e:42:8f:20:55:01:4c:37:5b:f4:9a:7f:d0:33:d1:76:c7:89:
d1:80:60:96:f2:61:c4:8a:00:f9:0e:f7:06:d9:61:c2:dc:b8:
fa:3d:5c:c2
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYI7Ed7TFeilCr4N0wxNU0nuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzYTBmNzE0M2ZmYTIyMTEzNDQyZGM4NTg5ZWUxMzUyZWJl
M2RhYTMwHhcNMjIwNzI2MTUxMzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2YwNjMzMDc0NWU5YjVhZWI2ZDcwM2MwZjRjMmIyNmY0NGZhMWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjOzeW+ysVHmaRrTmS+g25MWbFNA
WntXAiVbWvmpqlvP8yaIwzKHphQE6kgcMvQZATyM4i8mW29BMayFZpbfTwysJ0jh
GLa5oU4MWGN3Smx43uEmN6ofjmNXgbMqF7msVWasPEw5egWxmNMKxvd2+CypS5T6
KeP0oqg1H99ZkGY5tNbrJae4aK4TaGzsk1x8BZPion/wyGCXVHj0BFCSCwFS5qgk
ouF64GszTuTaBvmElBM9/35/VVCUplX1He/Omnxe4pCWK7opshz1Z9psrAa5hIVu
gNCNrHYCKlEFkqNQJeYE79OdejQPeVXBYbnESbHJiq5R4shGkSbojWZFcwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDfwYzB0Xpta621wPA9MKyb0T6HIMB8GA1UdIwQY
MBaAFBOg9xQ/+iIRNELchYnuE1Lr49qjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTZEM0ZEXzZJaEUwUXR5RmllNFRVdXZqMnFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi80NDNmODctNGFlMC00MTk4LWJjYjgt
MTA0YTMzNDM3NjY1LzEvTl9Cak1IUmVtMXJyYlhBOEQwd3JKdlJQb2NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi80NDNmODctNGFlMC00MTk4LWJjYjgtMTA0YTMzNDM3NjY1
LzEvRTZEM0ZEXzZJaEUwUXR5RmllNFRVdXZqMnFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCTW/4MAwD
BAVQVKADBABQVKwDBAC5iEUDBAC5iEcwDQYJKoZIhvcNAQELBQADggEBALknm3FA
hiMfKmUIzk+dFYIOkknSJJNp5XHRT59MxZy2f/idLsKYRAJ1uomgK7NhOsvTLKrf
sIm674l0XrnN1SYohvtz3po1hg+wDLZklKX7XN9XlmvEzPzsFljZYg1hjfJpqplW
IAvy9XsySlAGhuQ8Ohnnytqh8PKwVtcm9C1SUl8wm/UbbV7OEXD6L5mr27HC5+je
9UxN/N3ORvkNT+LzW9SsK6FVZKjUwLJQHAjFNX3h50IRk7ui4QOv569TxXSoqOXk
DPITxFsSb373x8BEGdntp+JicG5CjyBVAUw3W/Saf9Az0XbHidGAYJbyYcSKAPkO
9wbZYcLcuPo9XMI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:53 2025 by rpki-client