Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/091bd0-2f67-47ce-ae17-d68c57db4cae/1/bGg3PNyDaruDNt4PnFLZMPprc8Q.roa
File: bGg3PNyDaruDNt4PnFLZMPprc8Q.roa (raw, json)
Hash identifier: 5ssHe+NBgGNRDHEQW4ae7zOemkREeKwoIZHC9Hg3Tjc=
Subject key identifier: 6C:68:37:3C:DC:83:6A:BB:83:36:DE:0F:9C:52:D9:30:FA:6B:73:C4
Certificate issuer: /CN=9e1ac369c9456914a12e02dffc8dd79974eb1ef8
Certificate serial: 08BF24D2
Authority key identifier: 9E:1A:C3:69:C9:45:69:14:A1:2E:02:DF:FC:8D:D7:99:74:EB:1E:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nhrDaclFaRShLgLf_I3XmXTrHvg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/091bd0-2f67-47ce-ae17-d68c57db4cae/1/bGg3PNyDaruDNt4PnFLZMPprc8Q.roa
Signing time: Sat 01 Jan 2022 15:05:58 +0000
ROA not before: Sat 01 Jan 2022 15:05:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12693
IP address blocks: 156.67.152.0/21 maxlen: 21
82.193.255.0/24 maxlen: 24
212.204.32.0/19 maxlen: 24
156.67.144.0/21 maxlen: 21
82.193.224.0/19 maxlen: 24
85.199.96.0/20 maxlen: 24
149.249.48.0/21 maxlen: 21
153.92.72.0/21 maxlen: 24
185.90.156.0/22 maxlen: 24
156.67.224.0/21 maxlen: 21
85.199.64.0/18 maxlen: 24
85.199.74.0/24 maxlen: 24
2a01:a380::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146744530 (0x8bf24d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e1ac369c9456914a12e02dffc8dd79974eb1ef8
Validity
Not Before: Jan 1 15:05:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6c68373cdc836abb8336de0f9c52d930fa6b73c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:3d:bd:7f:b9:aa:19:ba:fd:d5:e9:62:d9:a9:
33:b0:b6:55:9d:0c:c6:ee:e8:85:1c:52:c3:7c:b9:
b1:70:41:a4:35:63:d4:38:c3:cd:a2:4f:1a:72:b0:
fb:b3:b9:e6:f4:f4:af:d9:37:58:04:46:48:31:a7:
41:b2:ca:9c:d6:6f:45:4d:6f:1a:52:64:03:82:3e:
95:e2:17:f6:b7:39:2e:5a:ba:23:fe:42:fe:9b:0f:
72:a0:5a:77:bd:ce:f1:89:68:d2:68:59:37:ad:82:
a8:06:73:98:32:b6:6f:4e:39:aa:31:68:52:37:bd:
e6:41:de:6d:76:da:6f:54:78:8b:47:48:a8:6f:8a:
98:31:9a:f1:6b:3f:78:fa:8f:83:65:e8:1a:ed:ad:
d2:b7:3c:f7:98:a9:c3:34:80:3e:90:ec:85:7e:5a:
5d:9e:18:05:d2:9a:51:68:8e:11:c4:e4:d8:d8:02:
05:e5:34:0e:2a:10:9c:76:c5:83:ba:f8:17:1f:b3:
86:9d:8d:04:a5:fc:4b:8f:65:3d:29:ab:e4:ac:d2:
a2:65:7e:65:db:24:6b:dd:7c:db:32:8d:58:b9:91:
9b:6d:22:02:82:f6:c7:31:9a:f6:61:88:c0:a3:31:
89:b6:a0:26:c9:da:a3:66:ea:8b:e4:d4:2c:61:f3:
ad:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:68:37:3C:DC:83:6A:BB:83:36:DE:0F:9C:52:D9:30:FA:6B:73:C4
X509v3 Authority Key Identifier:
keyid:9E:1A:C3:69:C9:45:69:14:A1:2E:02:DF:FC:8D:D7:99:74:EB:1E:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nhrDaclFaRShLgLf_I3XmXTrHvg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/091bd0-2f67-47ce-ae17-d68c57db4cae/1/bGg3PNyDaruDNt4PnFLZMPprc8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/091bd0-2f67-47ce-ae17-d68c57db4cae/1/nhrDaclFaRShLgLf_I3XmXTrHvg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.193.224.0/19
85.199.64.0/18
149.249.48.0/21
153.92.72.0/21
156.67.144.0/20
156.67.224.0/21
185.90.156.0/22
212.204.32.0/19
IPv6:
2a01:a380::/32
Signature Algorithm: sha256WithRSAEncryption
1a:74:a8:89:11:95:df:36:91:d5:69:70:d4:4e:41:15:25:10:
70:9d:93:71:17:c1:7e:68:06:34:61:6d:7d:3f:d8:94:8d:fe:
69:f7:f9:02:e0:dd:31:2d:66:e0:19:fe:4c:7b:e2:f5:d3:86:
8b:9b:0d:4f:66:92:9c:c1:c3:b8:92:d4:79:81:27:fd:fd:bc:
c5:01:ba:72:76:17:6b:ac:bd:3a:fb:0c:bc:8d:28:ba:af:f8:
60:41:d7:85:4d:e2:58:c0:0a:64:1b:3a:9c:cc:27:c8:47:0b:
a8:2f:b8:b4:34:6b:3c:9a:a2:67:49:45:74:42:05:24:f4:bb:
ba:b9:24:91:dc:dc:f4:94:ca:62:bd:8a:e1:cd:46:59:c1:24:
5b:16:c0:f4:8c:ee:3c:fa:7d:c3:b2:53:97:07:53:10:9a:4f:
61:06:3f:37:32:8b:9b:f5:24:97:9e:68:1a:fb:a6:58:d1:f6:
b5:dc:cb:74:57:7d:15:15:3a:42:95:d2:b9:86:f7:c9:d9:d8:
2d:c3:17:4d:58:7d:26:e3:64:0f:c2:a4:e9:02:fc:55:57:e2:
a1:d0:17:41:2c:c7:a7:ec:95:01:dc:95:4d:58:25:bc:1e:12:
82:6d:1d:d4:fb:34:3c:b0:be:0c:35:26:52:19:ed:af:02:0b:
9f:8b:26:a4
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIECL8k0jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZTFhYzM2OWM5NDU2OTE0YTEyZTAyZGZmYzhkZDc5OTc0ZWIxZWY4MB4XDTIyMDEw
MTE1MDU1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmM2ODM3M2NkYzgz
NmFiYjgzMzZkZTBmOWM1MmQ5MzBmYTZiNzNjNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKw9vX+5qhm6/dXpYtmpM7C2VZ0Mxu7ohRxSw3y5sXBBpDVj
1DjDzaJPGnKw+7O55vT0r9k3WARGSDGnQbLKnNZvRU1vGlJkA4I+leIX9rc5Llq6
I/5C/psPcqBad73O8Ylo0mhZN62CqAZzmDK2b045qjFoUje95kHebXbab1R4i0dI
qG+KmDGa8Ws/ePqPg2XoGu2t0rc895ipwzSAPpDshX5aXZ4YBdKaUWiOEcTk2NgC
BeU0DioQnHbFg7r4Fx+zhp2NBKX8S49lPSmr5KzSomV+Zdska9182zKNWLmRm20i
AoL2xzGa9mGIwKMxibagJsnao2bqi+TULGHzrT0CAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBRsaDc83INqu4M23g+cUtkw+mtzxDAfBgNVHSMEGDAWgBSeGsNpyUVpFKEu
At/8jdeZdOse+DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25ockRhY2xGYVJTaExnTGZfSTNYbVhUckh2Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzgvMDkxYmQwLTJmNjctNDdjZS1hZTE3LWQ2OGM1N2RiNGNhZS8x
L2JHZzNQTnlEYXJ1RE50NFBuRkxaTVBwcmM4US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzgv
MDkxYmQwLTJmNjctNDdjZS1hZTE3LWQ2OGM1N2RiNGNhZS8xL25ockRhY2xGYVJT
aExnTGZfSTNYbVhUckh2Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBY
BggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEBVLB4AMEBlXHQAMEA5X5MAMEA5lc
SAMEBJxDkAMEA5xD4AMEArlanAMEBdTMIDANBAIAAjAHAwUAKgGjgDANBgkqhkiG
9w0BAQsFAAOCAQEAGnSoiRGV3zaR1Wlw1E5BFSUQcJ2TcRfBfmgGNGFtfT/YlI3+
aff5AuDdMS1m4Bn+THvi9dOGi5sNT2aSnMHDuJLUeYEn/f28xQG6cnYXa6y9OvsM
vI0ouq/4YEHXhU3iWMAKZBs6nMwnyEcLqC+4tDRrPJqiZ0lFdEIFJPS7urkkkdzc
9JTKYr2K4c1GWcEkWxbA9IzuPPp9w7JTlwdTEJpPYQY/NzKLm/Ukl55oGvumWNH2
tdzLdFd9FRU6QpXSuYb3ydnYLcMXTVh9JuNkD8Kk6QL8VVfiodAXQSzHp+yVAdyV
TVglvB4Sgm0d1Ps0PLC+DDUmUhntrwILn4smpA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:51 2023 by rpki-client on console-fra.rpki-client.org