Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/f70e1a-732e-4e6b-b3b5-f562b8974d8b/1/BIuYxJEw0ljtt_b3Aw-odD8Dag0.roa
File: BIuYxJEw0ljtt_b3Aw-odD8Dag0.roa (raw, json)
Hash identifier: J9/0oDk1Iv8mHd5KiaCaV3kRCUqS1Y0joohWiN4EfL8=
Subject key identifier: 04:8B:98:C4:91:30:D2:58:ED:B7:F6:F7:03:0F:A8:74:3F:03:6A:0D
Certificate issuer: /CN=f10d39eddb008d1b89df9741960dbf2044f657fb
Certificate serial: 0875BD6F
Authority key identifier: F1:0D:39:ED:DB:00:8D:1B:89:DF:97:41:96:0D:BF:20:44:F6:57:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Q057dsAjRuJ35dBlg2_IET2V_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/f70e1a-732e-4e6b-b3b5-f562b8974d8b/1/BIuYxJEw0ljtt_b3Aw-odD8Dag0.roa
Signing time: Sat 01 Jan 2022 07:59:25 +0000
ROA not before: Sat 01 Jan 2022 07:59:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39923
IP address blocks: 185.111.204.0/22 maxlen: 22
185.111.204.0/24 maxlen: 24
185.111.205.0/24 maxlen: 24
185.111.206.0/24 maxlen: 24
185.58.96.0/22 maxlen: 22
195.189.202.0/23 maxlen: 23
109.68.160.0/21 maxlen: 21
109.68.164.0/24 maxlen: 24
91.238.219.0/24 maxlen: 24
2a02:2a08::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 141933935 (0x875bd6f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f10d39eddb008d1b89df9741960dbf2044f657fb
Validity
Not Before: Jan 1 07:59:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=048b98c49130d258edb7f6f7030fa8743f036a0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:c5:8d:bb:ef:d8:69:46:3c:40:98:00:5f:8b:
b4:25:db:1c:c5:2c:3f:b9:6e:c7:39:c8:eb:ce:9f:
af:28:18:61:f1:7f:19:f8:bd:aa:94:a1:1f:6b:80:
65:fa:cd:1c:22:07:0d:b5:65:52:47:14:e5:41:f4:
9b:29:81:90:e8:69:9e:cc:0c:9a:44:4b:2f:f6:00:
d2:9d:ac:d7:f1:ef:f6:53:33:03:c7:1f:06:b5:6b:
f0:92:29:67:7c:8a:de:b7:1d:d9:4e:66:c8:17:c9:
cb:30:a4:97:3c:c8:35:b2:29:b5:9c:c1:c5:59:62:
ea:0f:2f:ab:4f:dc:be:31:99:e4:c8:d4:0c:c2:9b:
94:0a:dd:d1:5c:4c:32:04:37:2d:f5:2e:ba:aa:97:
e1:47:6e:d2:16:0c:ab:32:90:a6:9c:54:cf:62:81:
61:05:7d:08:5f:fb:9b:a7:d1:bd:c4:26:18:6e:bd:
9c:bb:48:39:28:35:1e:6d:32:4d:97:cd:75:bb:c2:
7a:11:3a:12:11:dd:ee:8e:cf:9a:48:9d:e0:b3:ce:
1c:1c:73:7d:0f:11:ef:78:84:75:26:e1:c8:c7:fb:
cf:c8:60:3c:b1:91:73:3e:82:8c:03:ed:4d:52:61:
e5:53:aa:e5:b1:ec:e2:22:0b:8d:b0:59:68:b1:e5:
f7:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:8B:98:C4:91:30:D2:58:ED:B7:F6:F7:03:0F:A8:74:3F:03:6A:0D
X509v3 Authority Key Identifier:
keyid:F1:0D:39:ED:DB:00:8D:1B:89:DF:97:41:96:0D:BF:20:44:F6:57:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Q057dsAjRuJ35dBlg2_IET2V_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f70e1a-732e-4e6b-b3b5-f562b8974d8b/1/BIuYxJEw0ljtt_b3Aw-odD8Dag0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f70e1a-732e-4e6b-b3b5-f562b8974d8b/1/8Q057dsAjRuJ35dBlg2_IET2V_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.219.0/24
109.68.160.0/21
185.58.96.0/22
185.111.204.0/22
195.189.202.0/23
IPv6:
2a02:2a08::/32
Signature Algorithm: sha256WithRSAEncryption
58:e7:05:91:a0:71:93:4b:05:da:fe:a7:ea:e3:15:b0:29:10:
52:74:12:b2:96:34:74:3e:19:da:f9:18:48:d9:49:42:be:a2:
fd:e0:55:e1:f0:de:73:35:65:f8:68:a7:e5:9a:ca:0c:c7:38:
eb:d9:66:a0:64:36:a7:bd:8f:be:85:c4:ed:1b:e6:c8:5e:42:
93:96:f9:f5:e3:af:c9:87:a0:7d:79:9e:98:68:84:cb:a9:dc:
59:36:93:52:05:9b:39:5f:90:77:14:1a:56:fe:57:8b:3c:6b:
4e:44:6b:43:72:75:bc:37:56:6b:43:d3:79:0e:63:ef:00:a5:
60:dd:ff:f6:d5:ef:1d:15:be:6e:08:4f:ab:c4:9f:29:ed:66:
db:db:7d:c1:e6:d7:50:dc:bf:03:87:29:ee:26:63:ab:98:3a:
a4:bf:59:c1:81:62:95:28:79:1b:84:8f:e1:96:54:e7:d8:36:
22:01:4e:6d:d0:e1:13:97:5d:60:6b:61:d3:dd:fd:39:6b:2a:
24:45:a8:a7:63:03:8b:1b:f7:87:ef:c3:67:bc:0a:2c:17:65:
68:7f:c6:3e:eb:df:3d:ee:1d:43:c0:ad:25:39:71:c8:b0:45:
aa:a7:e7:48:99:eb:84:ed:13:d7:39:32:e9:85:ad:5e:ce:f3:
ef:78:2c:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIECHW9bzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MTBkMzllZGRiMDA4ZDFiODlkZjk3NDE5NjBkYmYyMDQ0ZjY1N2ZiMB4XDTIyMDEw
MTA3NTkyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDQ4Yjk4YzQ5MTMw
ZDI1OGVkYjdmNmY3MDMwZmE4NzQzZjAzNmEwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAObFjbvv2GlGPECYAF+LtCXbHMUsP7luxznI686frygYYfF/
Gfi9qpShH2uAZfrNHCIHDbVlUkcU5UH0mymBkOhpnswMmkRLL/YA0p2s1/Hv9lMz
A8cfBrVr8JIpZ3yK3rcd2U5myBfJyzCklzzINbIptZzBxVli6g8vq0/cvjGZ5MjU
DMKblArd0VxMMgQ3LfUuuqqX4Udu0hYMqzKQppxUz2KBYQV9CF/7m6fRvcQmGG69
nLtIOSg1Hm0yTZfNdbvCehE6EhHd7o7Pmkid4LPOHBxzfQ8R73iEdSbhyMf7z8hg
PLGRcz6CjAPtTVJh5VOq5bHs4iILjbBZaLHl9x8CAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBQEi5jEkTDSWO239vcDD6h0PwNqDTAfBgNVHSMEGDAWgBTxDTnt2wCNG4nf
l0GWDb8gRPZX+zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhRMDU3ZHNBalJ1SjM1ZEJsZzJfSUVUMlZfcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmQvZjcwZTFhLTczMmUtNGU2Yi1iM2I1LWY1NjJiODk3NGQ4Yi8x
L0JJdVl4SkV3MGxqdHRfYjNBdy1vZEQ4RGFnMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmQv
ZjcwZTFhLTczMmUtNGU2Yi1iM2I1LWY1NjJiODk3NGQ4Yi8xLzhRMDU3ZHNBalJ1
SjM1ZEJsZzJfSUVUMlZfcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAFvu2wMEA21EoAMEArk6YAMEArlv
zAMEAcO9yjANBAIAAjAHAwUAKgIqCDANBgkqhkiG9w0BAQsFAAOCAQEAWOcFkaBx
k0sF2v6n6uMVsCkQUnQSspY0dD4Z2vkYSNlJQr6i/eBV4fDeczVl+Gin5ZrKDMc4
69lmoGQ2p72PvoXE7RvmyF5Ck5b59eOvyYegfXmemGiEy6ncWTaTUgWbOV+QdxQa
Vv5XizxrTkRrQ3J1vDdWa0PTeQ5j7wClYN3/9tXvHRW+bghPq8SfKe1m29t9webX
UNy/A4cp7iZjq5g6pL9ZwYFilSh5G4SP4ZZU59g2IgFObdDhE5ddYGth0939OWsq
JEWop2MDixv3h+/DZ7wKLBdlaH/GPuvfPe4dQ8CtJTlxyLBFqqfnSJnrhO0T1zky
6YWtXs7z73gsiA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:09 2023 by rpki-client on console-fra.rpki-client.org