Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/bnJ6MObRKqVziHz7-8vLzo1_y6Q.roa
File: bnJ6MObRKqVziHz7-8vLzo1_y6Q.roa (raw, json)
Hash identifier: XwXRp6zj9qzIBtl4ud87qgeu3scpBuhzAuoX1CtocMU=
Subject key identifier: 6E:72:7A:30:E6:D1:2A:A5:73:88:7C:FB:FB:CB:CB:CE:8D:7F:CB:A4
Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Certificate serial: 0183C21F5816D84DA00A00F85B66DC1505AA
Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/bnJ6MObRKqVziHz7-8vLzo1_y6Q.roa
Signing time: Mon 10 Oct 2022 13:39:37 +0000
ROA not before: Mon 10 Oct 2022 13:39:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8262
IP address blocks: 194.12.224.0/19 maxlen: 19
194.12.249.0/24 maxlen: 24
194.12.254.0/24 maxlen: 24
82.119.92.0/24 maxlen: 24
82.119.95.0/24 maxlen: 24
82.119.94.0/24 maxlen: 24
185.92.132.0/22 maxlen: 22
82.119.64.0/19 maxlen: 19
82.119.68.0/24 maxlen: 24
82.119.69.0/24 maxlen: 24
82.119.75.0/24 maxlen: 24
82.119.74.0/24 maxlen: 24
82.119.83.0/24 maxlen: 24
82.119.80.0/21 maxlen: 21
89.252.223.0/24 maxlen: 24
89.252.241.0/24 maxlen: 24
89.252.246.0/24 maxlen: 24
89.252.192.0/18 maxlen: 18
89.252.199.0/24 maxlen: 24
89.252.200.0/24 maxlen: 24
85.14.36.0/24 maxlen: 24
85.14.44.0/24 maxlen: 24
85.14.49.0/24 maxlen: 24
85.14.47.0/24 maxlen: 24
176.67.233.0/24 maxlen: 24
85.14.0.0/23 maxlen: 23
85.14.0.0/18 maxlen: 18
176.67.234.0/24 maxlen: 24
85.14.12.0/24 maxlen: 24
85.14.13.0/24 maxlen: 24
85.14.24.0/24 maxlen: 24
2001:1ae0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c2:1f:58:16:d8:4d:a0:0a:00:f8:5b:66:dc:15:05:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Validity
Not Before: Oct 10 13:39:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6e727a30e6d12aa573887cfbfbcbcbce8d7fcba4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:c1:a6:77:ac:ea:81:45:fa:31:d6:00:90:eb:
74:9c:0c:f4:a2:57:29:f0:4b:78:14:6d:bc:66:56:
ad:78:d8:aa:da:5b:26:f8:fa:63:98:08:6a:25:49:
5e:41:76:c6:6b:4b:4e:65:e1:fd:3e:4b:d0:39:e6:
8c:58:de:9b:d6:a4:49:e7:7d:63:3a:91:8b:fd:d1:
fb:90:d5:5d:97:fe:2c:d8:43:84:02:d5:3c:b5:e9:
db:9c:a8:07:93:08:be:e8:ee:66:6a:2c:5b:7e:7b:
5f:95:3d:59:d9:fa:66:59:59:e7:d1:38:c0:27:ad:
5e:3d:40:03:af:1a:68:1f:b8:5a:ed:93:59:62:c7:
b8:bf:70:4e:a7:e6:21:72:df:26:86:15:c0:20:cc:
ab:89:4e:e2:2a:a8:96:c6:73:01:88:19:d8:6d:d4:
79:f1:6e:79:9a:7a:0d:99:03:b3:e7:90:bc:6c:56:
92:de:c7:39:2d:3e:63:a7:31:2f:7b:0e:c4:87:7d:
7c:38:9f:a3:d5:8f:03:9f:8a:ad:cf:b6:ef:95:86:
fe:4d:50:b3:65:2d:7a:ca:4e:93:bd:d9:59:3a:74:
cc:73:c2:f8:7b:9c:f1:f6:9d:97:d3:b5:4a:bd:eb:
80:de:29:78:d8:93:f5:71:35:de:55:79:48:ed:c6:
0d:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:72:7A:30:E6:D1:2A:A5:73:88:7C:FB:FB:CB:CB:CE:8D:7F:CB:A4
X509v3 Authority Key Identifier:
keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/bnJ6MObRKqVziHz7-8vLzo1_y6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.119.64.0/19
85.14.0.0/18
89.252.192.0/18
176.67.233.0-176.67.234.255
185.92.132.0/22
194.12.224.0/19
IPv6:
2001:1ae0::/32
Signature Algorithm: sha256WithRSAEncryption
43:5e:bf:fd:2a:f0:4f:f7:65:c6:b7:8d:be:9e:e4:7c:51:41:
82:27:4b:21:f2:a2:57:c3:fb:25:1c:c7:e8:fc:fc:11:1b:60:
3a:41:64:8d:86:2e:91:3d:1e:54:c6:dd:8c:e1:d4:7d:4b:79:
8d:13:48:31:42:13:70:67:cb:fb:16:f5:d8:42:58:c9:2b:7d:
44:f3:dc:de:66:78:0d:14:a2:3f:76:b3:b8:80:fa:65:f4:61:
28:7b:6b:fe:78:52:08:b3:41:23:29:b5:7d:26:54:cd:5c:9a:
15:11:52:c8:34:52:d2:f9:07:3c:f4:c3:23:b3:21:bf:25:80:
5f:75:d3:28:f5:eb:af:00:e7:ed:b0:8e:85:4d:86:32:1d:96:
a8:a6:4c:6e:49:79:86:5b:b0:89:53:77:55:c4:4d:fe:e9:39:
19:01:87:65:e5:43:6e:08:e3:14:7d:93:9e:ea:8f:94:fe:ed:
19:dc:52:c2:4b:0f:71:8e:18:9f:d7:41:22:22:e6:40:f7:6b:
76:ed:44:86:af:cf:28:d3:21:8f:36:53:bf:4d:4b:1e:ff:65:
a3:00:a7:17:de:d4:85:f0:a4:51:ad:4d:2e:4c:f4:0a:f1:74:
99:60:89:e9:da:a3:83:fd:7f:02:4e:aa:9f:45:6c:54:41:f1:
97:29:4a:97
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYPCH1gW2E2gCgD4W2bcFQWqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj
M2YwMGEwHhcNMjIxMDEwMTMzOTM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTcyN2EzMGU2ZDEyYWE1NzM4ODdjZmJmYmNiY2JjZThkN2ZjYmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcGmd6zqgUX6MdYAkOt0nAz0olcp
8Et4FG28ZlateNiq2lsm+PpjmAhqJUleQXbGa0tOZeH9PkvQOeaMWN6b1qRJ531j
OpGL/dH7kNVdl/4s2EOEAtU8tenbnKgHkwi+6O5maixbfntflT1Z2fpmWVnn0TjA
J61ePUADrxpoH7ha7ZNZYse4v3BOp+Yhct8mhhXAIMyriU7iKqiWxnMBiBnYbdR5
8W55mnoNmQOz55C8bFaS3sc5LT5jpzEvew7Eh318OJ+j1Y8Dn4qtz7bvlYb+TVCz
ZS16yk6TvdlZOnTMc8L4e5zx9p2X07VKveuA3il42JP1cTXeVXlI7cYNhQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFG5yejDm0Sqlc4h8+/vLy86Nf8ukMB8GA1UdIwQY
MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt
YjI3ZDZlMjc4ZTE4LzEvYm5KNk1PYlJLcVZ6aUh6Ny04dkx6bzFfeTZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4
LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQFUndAAwQG
VQ4AAwQGWfzAMAwDBACwQ+kDBACwQ+oDBAK5XIQDBAXCDOAwDQQCAAIwBwMFACAB
GuAwDQYJKoZIhvcNAQELBQADggEBAENev/0q8E/3Zca3jb6e5HxRQYInSyHyolfD
+yUcx+j8/BEbYDpBZI2GLpE9HlTG3Yzh1H1LeY0TSDFCE3Bny/sW9dhCWMkrfUTz
3N5meA0Uoj92s7iA+mX0YSh7a/54UgizQSMptX0mVM1cmhURUsg0UtL5Bzz0wyOz
Ib8lgF910yj1668A5+2wjoVNhjIdlqimTG5JeYZbsIlTd1XETf7pORkBh2XlQ24I
4xR9k57qj5T+7RncUsJLD3GOGJ/XQSIi5kD3a3btRIavzyjTIY82U79NSx7/ZaMA
pxfe1IXwpFGtTS5M9ArxdJlgienao4P9fwJOqp9FbFRB8ZcpSpc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:56 2024 by rpki-client on console-fra.rpki-client.org