Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/cfg-BJmUQC75TaETXJ_Qs-8rlBc.roa
File: cfg-BJmUQC75TaETXJ_Qs-8rlBc.roa (raw, json)
Hash identifier: aYkHJuK45RiODYCvKi2lpDnXA71bPhtOqAbjD0oJYzY=
Subject key identifier: 71:F8:3E:04:99:94:40:2E:F9:4D:A1:13:5C:9F:D0:B3:EF:2B:94:17
Certificate issuer: /CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Certificate serial: 199F968F
Authority key identifier: CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/cfg-BJmUQC75TaETXJ_Qs-8rlBc.roa
Signing time: Sat 01 Jan 2022 05:52:36 +0000
ROA not before: Sat 01 Jan 2022 05:52:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56534
IP address blocks: 92.255.96.0/21 maxlen: 21
185.47.52.0/22 maxlen: 22
92.255.60.0/24 maxlen: 24
89.223.80.0/21 maxlen: 21
92.255.88.0/21 maxlen: 32
2a04:ac00::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 429889167 (0x199f968f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Validity
Not Before: Jan 1 05:52:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=71f83e049994402ef94da1135c9fd0b3ef2b9417
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:60:a8:f5:59:20:50:72:24:b6:1d:e8:a7:42:
7a:5f:49:7c:42:1c:a9:50:e1:f7:13:34:46:03:19:
e9:13:ba:9a:9d:b3:01:26:1c:03:3d:1b:82:e5:d1:
a6:06:ea:97:c4:8e:75:97:29:fa:5c:81:c1:06:40:
39:0d:f7:d6:db:9e:ba:e7:23:3f:62:63:cc:64:92:
bd:a7:ca:73:77:f9:6e:39:17:0d:76:09:8e:c5:0d:
0c:e5:0f:a5:8a:6e:0e:22:7e:d6:3a:8d:f6:14:53:
34:6b:26:7a:e9:ea:3e:ad:b7:f1:30:f1:0b:d7:e2:
2c:87:04:41:45:c1:c8:bc:5a:76:94:1e:9d:e4:96:
f7:c7:34:bc:37:de:40:01:48:70:e0:2f:12:3d:0f:
b2:63:c8:0e:f7:23:01:bb:c6:58:36:30:7a:ba:be:
cf:88:fc:d2:71:22:0f:78:fe:5d:9c:2d:96:c8:62:
d0:03:a6:6d:d0:0d:98:a3:b4:1a:37:d6:e0:a0:85:
40:a8:4b:9f:17:ed:a4:10:24:ea:ad:8c:a6:6f:d1:
7c:22:d9:99:f5:35:3e:75:73:fb:6a:24:af:af:a1:
d6:9c:95:0c:f7:be:78:dc:97:e6:d6:9b:e8:14:56:
86:43:49:0e:db:af:9d:5b:f1:50:71:eb:be:02:32:
5a:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:F8:3E:04:99:94:40:2E:F9:4D:A1:13:5C:9F:D0:B3:EF:2B:94:17
X509v3 Authority Key Identifier:
keyid:CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/cfg-BJmUQC75TaETXJ_Qs-8rlBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.223.80.0/21
92.255.60.0/24
92.255.88.0-92.255.103.255
185.47.52.0/22
IPv6:
2a04:ac00::/29
Signature Algorithm: sha256WithRSAEncryption
34:40:0f:be:c6:9b:05:e5:32:b6:df:87:d9:5f:68:3f:09:64:
c6:88:77:52:28:05:de:e2:58:95:8f:6a:5c:ac:2f:a4:17:21:
a7:70:92:4d:ca:82:d4:d8:df:77:59:87:7f:a9:ae:3a:29:88:
d4:1d:76:f5:b4:68:e5:d7:52:1a:92:11:df:ec:ce:34:7b:c8:
d2:c5:fd:57:53:a3:67:60:b5:c8:63:9b:52:a9:ff:3d:07:68:
bf:25:e9:5f:bd:fa:3a:73:8a:01:35:d2:94:f4:9b:72:4b:b1:
39:c2:ee:52:1e:3d:de:ec:4b:49:f0:1d:63:e0:d0:5f:00:03:
b7:19:ae:43:77:7c:b6:6a:dc:14:ae:df:c0:41:3f:52:2c:e9:
4d:3c:f8:40:c6:78:ad:f5:a4:4d:c0:34:2d:9a:06:df:d9:f3:
7f:b7:33:e0:e9:c4:f7:61:c5:86:7f:8b:3d:48:15:d4:c0:6f:
fd:01:c8:49:aa:31:f1:f1:e8:b5:f0:31:3b:c4:6b:de:8d:31:
df:15:3b:1f:ad:8f:1a:71:75:44:c1:51:8d:45:4a:44:01:ec:
1d:d1:c5:52:15:b1:0b:7e:2c:0d:9d:0b:69:c0:e4:72:a0:52:
ee:f9:dd:14:e6:d6:4d:d7:2d:5d:b7:ad:c8:b9:94:9d:51:1c:
40:44:cf:b5
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIEGZ+WjzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZDgzMTNlNDFlNjQ2YTA5Y2QwMWUyZTZmNDczOWQzYmQyMzZjNGZmMB4XDTIyMDEw
MTA1NTIzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzFmODNlMDQ5OTk0
NDAyZWY5NGRhMTEzNWM5ZmQwYjNlZjJiOTQxNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI1gqPVZIFByJLYd6KdCel9JfEIcqVDh9xM0RgMZ6RO6mp2z
ASYcAz0bguXRpgbql8SOdZcp+lyBwQZAOQ331tueuucjP2JjzGSSvafKc3f5bjkX
DXYJjsUNDOUPpYpuDiJ+1jqN9hRTNGsmeunqPq238TDxC9fiLIcEQUXByLxadpQe
neSW98c0vDfeQAFIcOAvEj0PsmPIDvcjAbvGWDYwerq+z4j80nEiD3j+XZwtlshi
0AOmbdANmKO0GjfW4KCFQKhLnxftpBAk6q2Mpm/RfCLZmfU1PnVz+2okr6+h1pyV
DPe+eNyX5tab6BRWhkNJDtuvnVvxUHHrvgIyWncCAwEAAaOCAjIwggIuMB0GA1Ud
DgQWBBRx+D4EmZRALvlNoRNcn9Cz7yuUFzAfBgNVHSMEGDAWgBTNgxPkHmRqCc0B
4ub0c5070jbE/zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pZTVQ1QjVrYWduTkFlTG05SE9kTzlJMnhQOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvMzQ2NWYzLTAzYzItNGVhYS1hNjc0LTg4NjJiNTE3MzE3Yy8x
L2NmZy1CSm1VUUM3NVRhRVRYSl9Rcy04cmxCYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
MzQ2NWYzLTAzYzItNGVhYS1hNjc0LTg4NjJiNTE3MzE3Yy8xL3pZTVQ1QjVrYWdu
TkFlTG05SE9kTzlJMnhQOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBI
BggrBgEFBQcBBwEB/wQ5MDcwJgQCAAEwIAMEA1nfUAMEAFz/PDAMAwQDXP9YAwQD
XP9gAwQCuS80MA0EAgACMAcDBQMqBKwAMA0GCSqGSIb3DQEBCwUAA4IBAQA0QA++
xpsF5TK234fZX2g/CWTGiHdSKAXe4liVj2pcrC+kFyGncJJNyoLU2N93WYd/qa46
KYjUHXb1tGjl11IakhHf7M40e8jSxf1XU6NnYLXIY5tSqf89B2i/Jelfvfo6c4oB
NdKU9JtyS7E5wu5SHj3e7EtJ8B1j4NBfAAO3Ga5Dd3y2atwUrt/AQT9SLOlNPPhA
xnit9aRNwDQtmgbf2fN/tzPg6cT3YcWGf4s9SBXUwG/9AchJqjHx8ei18DE7xGve
jTHfFTsfrY8acXVEwVGNRUpEAewd0cVSFbELfiwNnQtpwORyoFLu+d0U5tZN1y1d
t63IuZSdURxARM+1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:02 2024 by rpki-client on console-fra.rpki-client.org