Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/bXL6MeUYtij2VfxV7sqYsRfIBJM.roa
File: bXL6MeUYtij2VfxV7sqYsRfIBJM.roa (raw, json)
Hash identifier: 35EC7a+t6pCHfUHhQpyTj5xUrY/YfyglCKGU+2t+xLw=
Subject key identifier: 6D:72:FA:31:E5:18:B6:28:F6:55:FC:55:EE:CA:98:B1:17:C8:04:93
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0D39A2FA
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/bXL6MeUYtij2VfxV7sqYsRfIBJM.roa
Signing time: Tue 08 Feb 2022 22:53:06 +0000
ROA not before: Tue 08 Feb 2022 22:53:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 45.89.36.0/22 maxlen: 24
84.245.16.0/20 maxlen: 24
45.88.20.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 221881082 (0xd39a2fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 8 22:53:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6d72fa31e518b628f655fc55eeca98b117c80493
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:57:ca:a7:c4:7a:e8:24:d6:23:ca:55:7e:d9:
df:c4:54:16:2e:49:42:dd:c0:ce:05:89:d4:6f:9a:
8f:33:45:4f:fc:7f:9d:5f:dd:a8:a1:e4:1e:b2:2b:
16:e2:71:af:2a:81:80:3c:7e:8c:d4:35:17:a2:a7:
40:a1:a7:ee:cb:82:b5:a9:8e:b5:ba:b8:78:a4:00:
97:bc:1a:fd:a8:d7:c2:b2:47:03:34:ee:a5:77:f5:
42:2d:cd:fe:2b:8b:6f:d0:59:6d:fd:80:3c:6c:35:
fd:d0:34:2f:cb:d2:b8:9f:29:f7:a4:7f:26:3a:65:
94:f2:5c:33:a9:ba:1f:5a:9a:21:fd:4e:30:2f:79:
ad:2f:9f:f6:30:db:f0:aa:65:c0:2a:4c:55:27:39:
0e:70:d6:f0:f9:fb:59:8e:49:a9:ca:4e:1c:38:ba:
d7:69:22:80:ac:8e:1a:30:28:c5:5f:a4:7f:54:de:
53:eb:c5:c3:d8:7f:66:a6:57:21:89:59:a0:44:83:
7d:9d:d4:34:a8:1a:fa:c2:7e:b4:21:69:bc:40:77:
4d:37:17:3d:4f:de:d4:fb:60:96:ed:32:0d:db:61:
fa:9e:71:64:ac:90:0c:cf:3f:b7:4c:1b:5d:f3:cb:
e9:a2:ea:28:96:ad:f0:7b:0a:10:83:d9:b6:d6:36:
a2:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:72:FA:31:E5:18:B6:28:F6:55:FC:55:EE:CA:98:B1:17:C8:04:93
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/bXL6MeUYtij2VfxV7sqYsRfIBJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.20.0/22
45.89.36.0/22
84.245.16.0/20
Signature Algorithm: sha256WithRSAEncryption
4e:88:33:a5:b5:c0:ef:c8:dd:aa:39:dc:4c:9f:0b:31:7d:29:
9d:a7:87:aa:df:ce:9e:2f:db:30:52:c7:93:f9:63:ea:7b:6a:
88:c3:ac:b2:c3:c0:3e:ff:59:8d:5f:0e:88:b4:fb:60:21:d6:
97:4e:06:5c:aa:7a:ba:38:b3:2a:d0:25:dc:52:45:d5:af:0e:
7f:9f:98:a1:20:23:bd:ac:fa:90:2d:a9:98:7b:9d:1f:d9:8b:
e5:c0:50:fc:60:8e:4d:21:dc:12:03:34:3f:e2:2e:37:fc:c4:
1e:21:23:9d:1f:f8:65:e5:08:ac:fe:f4:71:1d:cd:24:ef:50:
b8:dc:eb:a9:a9:8f:08:0a:96:ef:49:d0:13:4a:ac:02:05:e6:
4d:fb:64:2c:45:8c:58:56:8c:46:a4:06:58:fd:25:ed:71:7f:
69:2b:da:6f:37:42:e0:de:60:f5:05:a2:a6:48:c6:3e:dd:59:
54:26:eb:17:70:ab:55:72:bd:ff:5a:1d:ba:11:db:d3:22:1e:
91:a7:d8:95:11:33:35:2b:92:b3:7e:ea:3e:69:bb:f5:19:ad:
fd:01:66:ca:89:62:e3:82:2f:03:17:b3:59:b0:25:d1:45:66:
84:9d:0b:d1:56:28:fd:05:a4:dc:a7:3a:80:5c:85:f4:af:5c:
4b:48:20:06
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEDTmi+jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmMyYTRiN2Q1ZDczYzViNTcwNDYyMjNiZjMwZWI2NTMwMDViMGUyMB4XDTIyMDIw
ODIyNTMwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmQ3MmZhMzFlNTE4
YjYyOGY2NTVmYzU1ZWVjYTk4YjExN2M4MDQ5MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKZXyqfEeugk1iPKVX7Z38RUFi5JQt3AzgWJ1G+ajzNFT/x/
nV/dqKHkHrIrFuJxryqBgDx+jNQ1F6KnQKGn7suCtamOtbq4eKQAl7wa/ajXwrJH
AzTupXf1Qi3N/iuLb9BZbf2APGw1/dA0L8vSuJ8p96R/JjpllPJcM6m6H1qaIf1O
MC95rS+f9jDb8KplwCpMVSc5DnDW8Pn7WY5JqcpOHDi612kigKyOGjAoxV+kf1Te
U+vFw9h/ZqZXIYlZoESDfZ3UNKga+sJ+tCFpvEB3TTcXPU/e1Ptglu0yDdth+p5x
ZKyQDM8/t0wbXfPL6aLqKJat8HsKEIPZttY2opcCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRtcvox5Ri2KPZV/FXuypixF8gEkzAfBgNVHSMEGDAWgBQ2wqS31dc8W1cE
YiO/MOtlMAWw4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8x
L2JYTDZNZVVZdGlqMlZmeFY3c3FZc1JmSUJKTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8xL05zS2t0OVhYUEZ0
WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAi1YFAMEAi1ZJAMEBFT1EDANBgkq
hkiG9w0BAQsFAAOCAQEATogzpbXA78jdqjncTJ8LMX0pnaeHqt/Oni/bMFLHk/lj
6ntqiMOsssPAPv9ZjV8OiLT7YCHWl04GXKp6ujizKtAl3FJF1a8Of5+YoSAjvaz6
kC2pmHudH9mL5cBQ/GCOTSHcEgM0P+IuN/zEHiEjnR/4ZeUIrP70cR3NJO9QuNzr
qamPCAqW70nQE0qsAgXmTftkLEWMWFaMRqQGWP0l7XF/aSvabzdC4N5g9QWipkjG
Pt1ZVCbrF3CrVXK9/1oduhHb0yIekafYlREzNSuSs37qPmm79Rmt/QFmyoli44Iv
AxezWbAl0UVmhJ0L0VYo/QWk3Kc6gFyF9K9cS0ggBg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:46 2024 by rpki-client on console-fra.rpki-client.org