Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Bnx2cRVT93-OpWIMeTsM86MCq3I.roa
File: Bnx2cRVT93-OpWIMeTsM86MCq3I.roa (raw, json)
Hash identifier: 1rPcgvSbgEUyZypaGwLrpkE4p+FOU9VMG6U+4MXYdcE=
Subject key identifier: 06:7C:76:71:15:53:F7:7F:8E:A5:62:0C:79:3B:0C:F3:A3:02:AB:72
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0184CE2FAA2320FDECD7E98CBEC49ED17210
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Bnx2cRVT93-OpWIMeTsM86MCq3I.roa
Signing time: Thu 01 Dec 2022 14:55:41 +0000
ROA not before: Thu 01 Dec 2022 14:55:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3301
IP address blocks: 194.68.127.0/24 maxlen: 24
193.183.230.0/23 maxlen: 23
193.183.228.0/23 maxlen: 23
193.183.236.0/23 maxlen: 23
194.103.240.0/20 maxlen: 20
193.182.190.0/24 maxlen: 24
192.165.12.0/24 maxlen: 24
192.165.31.0/24 maxlen: 24
192.36.96.0/24 maxlen: 24
192.121.115.0/24 maxlen: 24
192.165.173.0/24 maxlen: 24
192.121.229.0/24 maxlen: 24
193.180.7.0/24 maxlen: 24
192.165.180.0/24 maxlen: 24
193.182.152.0/23 maxlen: 23
193.182.152.0/24 maxlen: 24
193.182.153.0/24 maxlen: 24
192.121.40.0/24 maxlen: 24
192.121.50.0/23 maxlen: 23
192.121.52.0/24 maxlen: 24
192.176.124.0/24 maxlen: 24
193.182.107.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ce:2f:aa:23:20:fd:ec:d7:e9:8c:be:c4:9e:d1:72:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Dec 1 14:55:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=067c76711553f77f8ea5620c793b0cf3a302ab72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:6b:6a:41:13:2e:03:1f:53:17:85:e2:36:cf:
56:62:cf:97:72:74:ab:5e:22:c2:9a:e7:08:82:31:
38:17:c0:d1:3b:d4:48:94:68:98:ab:60:52:86:00:
47:7f:ca:20:43:a5:6b:56:3c:87:c9:86:d9:db:8a:
3b:a6:cb:31:be:c5:58:21:66:5e:12:0e:fa:6f:a2:
a8:dd:6a:38:9e:2b:8d:4d:52:c7:f1:d0:0c:eb:7a:
0d:92:e3:d9:ee:86:61:d1:b3:e7:02:5f:0a:6e:fb:
f6:30:29:34:40:bb:03:2c:72:b4:ff:24:5d:60:01:
16:83:32:50:e5:de:99:dd:b0:af:75:b9:6a:6e:0c:
d2:10:c2:af:7b:3c:c9:b0:7a:66:82:3d:55:e4:19:
fb:d2:91:b2:16:aa:46:67:ad:6d:f5:66:0c:fb:71:
e0:9d:d7:bb:3c:ac:9c:52:95:69:dd:8f:ac:df:de:
63:3e:73:fd:c4:00:a8:10:11:bb:8a:26:67:59:61:
1f:ad:07:76:c2:bd:f8:c7:f1:82:2b:71:14:cc:b0:
76:cc:35:45:53:32:3b:c3:4b:a1:95:e4:7c:97:9f:
15:9c:85:81:15:51:3c:f1:c0:ae:ca:c9:41:77:61:
9c:05:89:6d:f0:7c:bb:56:52:1f:a6:d9:cc:e5:8e:
b3:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:7C:76:71:15:53:F7:7F:8E:A5:62:0C:79:3B:0C:F3:A3:02:AB:72
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Bnx2cRVT93-OpWIMeTsM86MCq3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.96.0/24
192.121.40.0/24
192.121.50.0-192.121.52.255
192.121.115.0/24
192.121.229.0/24
192.165.12.0/24
192.165.31.0/24
192.165.173.0/24
192.165.180.0/24
192.176.124.0/24
193.180.7.0/24
193.182.107.0/24
193.182.152.0/23
193.182.190.0/24
193.183.228.0/22
193.183.236.0/23
194.68.127.0/24
194.103.240.0/20
Signature Algorithm: sha256WithRSAEncryption
1f:48:8a:17:9e:58:5c:0c:e8:ad:16:83:e3:c4:4a:67:46:94:
a2:8b:e9:22:e7:1e:87:b2:86:14:0c:9e:09:3c:b2:9b:18:02:
36:98:7e:cb:6e:54:31:58:13:60:6f:b0:40:78:44:bd:d7:d3:
25:43:68:d7:95:16:f1:22:42:83:36:67:e0:b0:e1:4e:9e:c3:
db:23:e4:78:15:32:c8:ac:e6:7a:20:19:bc:07:aa:cf:1f:63:
25:00:ce:e0:fd:46:f3:16:46:fa:46:90:59:3c:fb:98:5d:cd:
ca:8c:9b:f8:f4:6b:04:4e:b0:ae:48:25:e0:61:e8:aa:17:c5:
3d:d3:ec:c2:18:96:4d:95:b9:03:cb:ed:35:4c:31:0f:64:45:
5a:1e:10:16:5c:75:3a:c6:8a:ee:13:b1:dd:22:34:dc:0c:b9:
8b:03:3c:3c:60:5c:6e:55:a8:3a:36:01:ad:9e:08:71:dd:31:
b7:d1:3d:84:db:d8:87:14:69:80:bd:58:dc:33:6f:98:e0:64:
6f:34:8c:58:04:92:66:31:d0:13:56:52:d9:0a:ea:66:37:4a:
4a:98:7f:09:19:06:4f:73:cd:8a:46:03:22:1c:6b:24:53:ec:
8a:68:35:d8:19:c7:b3:43:06:e8:2f:9d:03:05:01:63:88:b0:
a6:da:fb:3e
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAYTOL6ojIP3s1+mMvsSe0XIQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjIxMjAxMTQ1NTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjdjNzY3MTE1NTNmNzdmOGVhNTYyMGM3OTNiMGNmM2EzMDJhYjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2tqQRMuAx9TF4XiNs9WYs+XcnSr
XiLCmucIgjE4F8DRO9RIlGiYq2BShgBHf8ogQ6VrVjyHyYbZ24o7pssxvsVYIWZe
Eg76b6Ko3Wo4niuNTVLH8dAM63oNkuPZ7oZh0bPnAl8Kbvv2MCk0QLsDLHK0/yRd
YAEWgzJQ5d6Z3bCvdblqbgzSEMKvezzJsHpmgj1V5Bn70pGyFqpGZ61t9WYM+3Hg
nde7PKycUpVp3Y+s395jPnP9xACoEBG7iiZnWWEfrQd2wr34x/GCK3EUzLB2zDVF
UzI7w0uhleR8l58VnIWBFVE88cCuyslBd2GcBYlt8Hy7VlIfptnM5Y6ziQIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFAZ8dnEVU/d/jqViDHk7DPOjAqtyMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvQm54MmNSVlQ5My1PcFdJTWVUc004Nk1DcTNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEAMAkYAME
AMB5KDAMAwQBwHkyAwQAwHk0AwQAwHlzAwQAwHnlAwQAwKUMAwQAwKUfAwQAwKWt
AwQAwKW0AwQAwLB8AwQAwbQHAwQAwbZrAwQBwbaYAwQAwba+AwQCwbfkAwQBwbfs
AwQAwkR/AwQEwmfwMA0GCSqGSIb3DQEBCwUAA4IBAQAfSIoXnlhcDOitFoPjxEpn
RpSii+ki5x6HsoYUDJ4JPLKbGAI2mH7LblQxWBNgb7BAeES919MlQ2jXlRbxIkKD
NmfgsOFOnsPbI+R4FTLIrOZ6IBm8B6rPH2MlAM7g/UbzFkb6RpBZPPuYXc3KjJv4
9GsETrCuSCXgYeiqF8U90+zCGJZNlbkDy+01TDEPZEVaHhAWXHU6xoruE7HdIjTc
DLmLAzw8YFxuVag6NgGtnghx3TG30T2E29iHFGmAvVjcM2+Y4GRvNIxYBJJmMdAT
VlLZCupmN0pKmH8JGQZPc82KRgMiHGskU+yKaDXYGcezQwboL50DBQFjiLCm2vs+
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:38 2023 by rpki-client on console-ams.rpki-client.org