Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/45fcd5-8812-432d-b537-76982f03ea0c/1/BsmRFEZ-zEUK2eItZJkYyMQzwf0.roa
File: BsmRFEZ-zEUK2eItZJkYyMQzwf0.roa (raw, json)
Hash identifier: Hk87FNSiwkvRbVJre3yYwB1VEoIAN0PGbdW5dcqxU98=
Subject key identifier: 06:C9:91:14:46:7E:CC:45:0A:D9:E2:2D:64:99:18:C8:C4:33:C1:FD
Certificate issuer: /CN=f83ccaef9c91120ec6fb14ff4c4c5745a0239b77
Certificate serial: 0566ACD6
Authority key identifier: F8:3C:CA:EF:9C:91:12:0E:C6:FB:14:FF:4C:4C:57:45:A0:23:9B:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-DzK75yREg7G-xT_TExXRaAjm3c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/45fcd5-8812-432d-b537-76982f03ea0c/1/BsmRFEZ-zEUK2eItZJkYyMQzwf0.roa
Signing time: Sat 01 Jan 2022 09:02:45 +0000
ROA not before: Sat 01 Jan 2022 09:02:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207869
IP address blocks: 91.230.134.0/24 maxlen: 24
91.230.143.0/24 maxlen: 24
91.230.147.0/24 maxlen: 24
91.230.82.0/24 maxlen: 24
2a0f:70c0:100::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90614998 (0x566acd6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f83ccaef9c91120ec6fb14ff4c4c5745a0239b77
Validity
Not Before: Jan 1 09:02:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=06c99114467ecc450ad9e22d649918c8c433c1fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:83:38:b3:60:6a:4b:36:c6:e9:15:6a:3d:62:
81:9e:3f:f5:7b:59:6b:fa:bf:47:20:f3:91:23:79:
2d:5a:0d:26:b8:e8:43:e7:55:83:55:e7:26:7c:13:
84:b9:d4:ec:7a:66:13:68:34:59:92:e7:48:97:6f:
f8:6d:6b:cb:66:a5:96:4d:e3:6f:f4:55:94:ca:7c:
bb:b9:45:c2:74:76:57:1b:88:0d:37:f1:82:e1:bd:
a8:4b:33:0f:94:43:4d:72:e9:41:f6:34:81:14:e1:
a4:57:d3:2d:8b:0d:bf:29:27:dc:e7:70:4f:79:5d:
87:1c:92:e8:b3:d3:ff:df:a5:a5:f5:a6:61:13:1a:
3a:ed:f4:a7:69:a3:aa:29:5d:94:14:12:f5:3d:de:
09:80:60:4b:b4:b2:43:99:ff:50:2e:bf:99:5c:fb:
13:ac:45:66:6f:98:e1:51:11:a3:f6:10:15:0b:89:
48:b3:14:ff:73:bb:fb:cb:8c:48:dc:24:30:7d:67:
9a:c8:4c:5e:06:9d:3a:4e:00:b6:bf:51:a0:73:7b:
96:fe:18:2b:81:bc:57:20:5e:8d:14:b8:0c:77:0a:
7e:c6:d9:74:65:1b:b9:fd:3f:5c:7e:ad:20:c0:0b:
40:c5:65:70:42:1e:32:15:cc:36:b9:3c:44:9b:13:
f7:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:C9:91:14:46:7E:CC:45:0A:D9:E2:2D:64:99:18:C8:C4:33:C1:FD
X509v3 Authority Key Identifier:
keyid:F8:3C:CA:EF:9C:91:12:0E:C6:FB:14:FF:4C:4C:57:45:A0:23:9B:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-DzK75yREg7G-xT_TExXRaAjm3c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/45fcd5-8812-432d-b537-76982f03ea0c/1/BsmRFEZ-zEUK2eItZJkYyMQzwf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/45fcd5-8812-432d-b537-76982f03ea0c/1/1-DzK75yREg7G-xT_TExXRaAjm3c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.82.0/24
91.230.134.0/24
91.230.143.0/24
91.230.147.0/24
IPv6:
2a0f:70c0:100::/48
Signature Algorithm: sha256WithRSAEncryption
05:e9:ad:a7:7d:0d:e2:e4:39:3f:85:c4:5e:ab:18:fe:cb:84:
97:da:32:e1:e2:8e:bf:cd:7e:ae:ef:32:ec:64:5c:e1:08:e9:
f0:09:e5:28:8f:f5:c7:ac:4c:f3:da:4c:91:ca:16:33:0b:1f:
63:bd:2f:91:45:a9:be:cb:21:d7:cc:b7:8e:dd:09:d9:dd:ac:
fb:48:d6:92:b1:a5:72:37:bc:5d:c0:91:de:07:1a:e6:c6:52:
8d:e9:ed:46:08:ed:12:75:32:2f:91:87:16:d5:66:23:79:61:
58:68:cb:58:ad:dd:d1:42:52:cc:67:83:46:3b:42:58:11:cd:
5e:df:8c:68:1c:ec:29:fa:8c:bc:bb:a5:c3:a1:c3:c2:33:fa:
12:9f:5f:9c:63:c8:20:da:35:da:7d:67:fd:05:6d:4f:39:86:
d1:17:a9:f4:97:3c:55:13:45:ca:26:10:6b:66:78:79:f7:29:
ed:e9:f2:ec:22:68:fb:90:7a:bb:9f:23:f5:32:06:c5:d9:e8:
d7:a6:9e:ea:e9:97:bc:f9:63:86:72:60:18:d6:9a:71:80:13:
d5:6e:01:ca:47:6e:90:04:d7:69:c5:4d:4a:c2:7a:a2:7d:f3:
2e:83:76:54:cc:a5:c5:20:5c:d1:da:98:9c:7b:30:87:45:8e:
90:27:a0:76
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgIEBWas1jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ODNjY2FlZjljOTExMjBlYzZmYjE0ZmY0YzRjNTc0NWEwMjM5Yjc3MB4XDTIyMDEw
MTA5MDI0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDZjOTkxMTQ0Njdl
Y2M0NTBhZDllMjJkNjQ5OTE4YzhjNDMzYzFmZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMaDOLNgaks2xukVaj1igZ4/9XtZa/q/RyDzkSN5LVoNJrjo
Q+dVg1XnJnwThLnU7HpmE2g0WZLnSJdv+G1ry2allk3jb/RVlMp8u7lFwnR2VxuI
DTfxguG9qEszD5RDTXLpQfY0gRThpFfTLYsNvykn3OdwT3ldhxyS6LPT/9+lpfWm
YRMaOu30p2mjqildlBQS9T3eCYBgS7SyQ5n/UC6/mVz7E6xFZm+Y4VERo/YQFQuJ
SLMU/3O7+8uMSNwkMH1nmshMXgadOk4Atr9RoHN7lv4YK4G8VyBejRS4DHcKfsbZ
dGUbuf0/XH6tIMALQMVlcEIeMhXMNrk8RJsT930CAwEAAaOCAi4wggIqMB0GA1Ud
DgQWBBQGyZEURn7MRQrZ4i1kmRjIxDPB/TAfBgNVHSMEGDAWgBT4PMrvnJESDsb7
FP9MTFdFoCObdzAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtRHpLNzV5UkVnN0cteFRfVEV4WFJhQWptM2MuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2JmLzQ1ZmNkNS04ODEyLTQzMmQtYjUzNy03Njk4MmYwM2VhMGMv
MS9Cc21SRkVaLXpFVUsyZUl0WkprWXlNUXp3ZjAucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Jm
LzQ1ZmNkNS04ODEyLTQzMmQtYjUzNy03Njk4MmYwM2VhMGMvMS8xLUR6Szc1eVJF
ZzdHLXhUX1RFeFhSYUFqbTNjLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQAW+ZSAwQAW+aGAwQAW+aPAwQA
W+aTMA8EAgACMAkDBwAqD3DAAQAwDQYJKoZIhvcNAQELBQADggEBAAXprad9DeLk
OT+FxF6rGP7LhJfaMuHijr/Nfq7vMuxkXOEI6fAJ5SiP9cesTPPaTJHKFjMLH2O9
L5FFqb7LIdfMt47dCdndrPtI1pKxpXI3vF3Akd4HGubGUo3p7UYI7RJ1Mi+RhxbV
ZiN5YVhoy1it3dFCUsxng0Y7QlgRzV7fjGgc7Cn6jLy7pcOhw8Iz+hKfX5xjyCDa
Ndp9Z/0FbU85htEXqfSXPFUTRcomEGtmeHn3Ke3p8uwiaPuQerufI/UyBsXZ6Nem
nurpl7z5Y4ZyYBjWmnGAE9VuAcpHbpAE12nFTUrCeqJ98y6DdlTMpcUgXNHamJx7
MIdFjpAnoHY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:10 2024 by rpki-client on console-fra.rpki-client.org