Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/BVflS0mji3ZXtaWqH4OW_ClS95U.roa
File: BVflS0mji3ZXtaWqH4OW_ClS95U.roa (raw, json)
Hash identifier: eRHlDiKUBIgv0VK0u/5a0+/4OUANTVhRJL9QxIx90No=
Subject key identifier: 05:57:E5:4B:49:A3:8B:76:57:B5:A5:AA:1F:83:96:FC:29:52:F7:95
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 4311A022
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/BVflS0mji3ZXtaWqH4OW_ClS95U.roa
Signing time: Thu 24 Feb 2022 11:36:22 +0000
ROA not before: Thu 24 Feb 2022 11:36:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9009
IP address blocks: 192.71.227.0/24 maxlen: 24
194.71.227.0/24 maxlen: 24
192.71.249.0/24 maxlen: 24
192.121.22.0/24 maxlen: 24
192.121.23.0/24 maxlen: 24
194.68.26.0/24 maxlen: 24
194.68.27.0/24 maxlen: 24
192.121.47.0/24 maxlen: 24
194.71.126.0/24 maxlen: 24
192.121.46.0/23 maxlen: 24
192.121.46.0/24 maxlen: 24
194.68.44.0/24 maxlen: 24
194.14.208.0/24 maxlen: 24
194.14.217.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1125228578 (0x4311a022)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Feb 24 11:36:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0557e54b49a38b7657b5a5aa1f8396fc2952f795
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:21:aa:7b:5d:b9:7b:13:ff:d8:1f:bf:e2:00:
8e:31:5f:8f:e2:3d:9c:5e:45:dc:40:6e:4a:80:73:
dc:e8:64:df:60:57:18:e8:36:9c:a5:5f:74:be:42:
61:6e:55:f3:75:e2:d3:eb:19:f9:41:62:98:83:90:
30:c6:bd:d3:72:47:0d:29:da:50:00:8f:a3:8f:5e:
c9:d9:a6:4b:5a:2f:ac:24:59:06:bd:38:c7:73:32:
3e:23:6f:c1:74:b2:3d:cf:f2:93:cf:0b:04:8c:39:
f7:f2:09:a6:94:36:6d:d9:4a:4e:25:5d:28:be:f3:
11:45:f1:6b:b4:2e:81:d7:26:28:31:a6:40:9f:2c:
0e:01:91:86:d0:cf:3d:4d:5b:e6:0a:7a:68:55:3a:
dc:29:ec:74:7a:5b:5c:be:b2:d0:11:ca:15:a2:e3:
29:90:2e:e4:b4:e8:ef:4a:3f:e4:2c:48:80:92:42:
60:34:5f:1e:2b:4e:cb:44:7c:85:8e:d0:32:8e:ce:
35:29:81:61:b0:ba:e4:5f:56:72:95:92:5c:e6:a9:
83:af:3f:b8:f6:db:cd:69:89:cb:b4:3e:b1:8f:18:
93:81:71:f1:63:1a:f2:58:f1:17:a8:0e:ec:9c:42:
30:db:0e:88:d8:95:3a:76:82:46:27:01:d5:20:54:
ec:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:57:E5:4B:49:A3:8B:76:57:B5:A5:AA:1F:83:96:FC:29:52:F7:95
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/BVflS0mji3ZXtaWqH4OW_ClS95U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.227.0/24
192.71.249.0/24
192.121.22.0/23
192.121.46.0/23
194.14.208.0/24
194.14.217.0/24
194.68.26.0/23
194.68.44.0/24
194.71.126.0/24
194.71.227.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:61:27:75:e2:83:b8:e3:ef:38:8f:73:e1:ff:62:c2:d6:a9:
ea:7c:b1:e2:13:ab:d3:24:69:aa:6f:d9:f6:a0:8e:04:80:f1:
2f:c2:82:b1:6a:ba:58:95:1c:fa:48:d1:1c:c9:a6:83:8f:e5:
09:f1:4d:dd:6b:fa:9c:9d:e3:76:18:ac:fd:44:74:62:36:c9:
66:bb:66:fb:a1:41:2d:13:3b:e5:00:7b:10:e3:20:78:68:f6:
18:09:06:e2:dc:b6:61:c0:0b:23:14:a5:31:b7:14:de:d0:16:
5d:25:ff:f6:8f:e8:b9:ac:c6:8b:51:ee:5d:86:43:ab:44:36:
6f:3c:90:52:c1:0f:02:af:35:0e:9f:74:47:20:ff:d8:8b:07:
ad:ee:2b:e3:25:51:41:e6:11:e9:aa:06:7d:c8:9e:7a:ed:4b:
30:8a:a9:b9:cb:d5:38:e6:76:51:fc:e3:19:5a:04:97:fc:8d:
a9:f6:75:5c:80:a3:8d:df:c5:e0:5a:02:b1:93:43:bc:b0:62:
0c:d0:04:1b:ca:ca:0b:fa:49:08:d4:0a:cf:93:f2:aa:ae:2f:
c1:df:84:05:76:62:da:ae:6f:1b:e3:f7:8a:fd:22:51:55:a8:
63:3c:57:cd:63:c4:6d:a3:b1:00:75:4e:dc:7c:68:c1:09:fd:
d5:66:99:3a
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgIEQxGgIjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTM1YzdmNTcxZWVmZWI2NzQwNGFiNmM0NWZkNDc1NTUxYWRhZjFiMB4XDTIyMDIy
NDExMzYyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDU1N2U1NGI0OWEz
OGI3NjU3YjVhNWFhMWY4Mzk2ZmMyOTUyZjc5NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOghqntduXsT/9gfv+IAjjFfj+I9nF5F3EBuSoBz3Ohk32BX
GOg2nKVfdL5CYW5V83Xi0+sZ+UFimIOQMMa903JHDSnaUACPo49eydmmS1ovrCRZ
Br04x3MyPiNvwXSyPc/yk88LBIw59/IJppQ2bdlKTiVdKL7zEUXxa7QugdcmKDGm
QJ8sDgGRhtDPPU1b5gp6aFU63CnsdHpbXL6y0BHKFaLjKZAu5LTo70o/5CxIgJJC
YDRfHitOy0R8hY7QMo7ONSmBYbC65F9WcpWSXOapg68/uPbbzWmJy7Q+sY8Yk4Fx
8WMa8ljxF6gO7JxCMNsOiNiVOnaCRicB1SBU7BcCAwEAAaOCAj8wggI7MB0GA1Ud
DgQWBBQFV+VLSaOLdle1paofg5b8KVL3lTAfBgNVHSMEGDAWgBQhNcf1ce7+tnQE
q2xF/UdVUa2vGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lUWEg5WEh1X3JaMEJLdHNSZjFIVlZHdHJ4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8x
L0JWZmxTMG1qaTNaWHRhV3FINE9XX0NsUzk1VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
NjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8xL0lUWEg5WEh1X3Ja
MEJLdHNSZjFIVlZHdHJ4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBV
BggrBgEFBQcBBwEB/wRGMEQwQgQCAAEwPAMEAMBH4wMEAMBH+QMEAcB5FgMEAcB5
LgMEAMIO0AMEAMIO2QMEAcJEGgMEAMJELAMEAMJHfgMEAMJH4zANBgkqhkiG9w0B
AQsFAAOCAQEAp2EndeKDuOPvOI9z4f9iwtap6nyx4hOr0yRpqm/Z9qCOBIDxL8KC
sWq6WJUc+kjRHMmmg4/lCfFN3Wv6nJ3jdhis/UR0YjbJZrtm+6FBLRM75QB7EOMg
eGj2GAkG4ty2YcALIxSlMbcU3tAWXSX/9o/ouazGi1HuXYZDq0Q2bzyQUsEPAq81
Dp90RyD/2IsHre4r4yVRQeYR6aoGfcieeu1LMIqpucvVOOZ2UfzjGVoEl/yNqfZ1
XICjjd/F4FoCsZNDvLBiDNAEG8rKC/pJCNQKz5Pyqq4vwd+EBXZi2q5vG+P3iv0i
UVWoYzxXzWPEbaOxAHVO3HxowQn91WaZOg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:47 2023 by rpki-client on console-fra.rpki-client.org