Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/a30bea-9e93-4091-b6e1-e1ef27772eaf/1/BlKXN0-_DmmB6bj47W1l8-zDtLo.roa
File: BlKXN0-_DmmB6bj47W1l8-zDtLo.roa (raw, json)
Hash identifier: YSxwSkKmYxoh9RyzE0J7H5LcmZ8bmjnUNhG3S81N/+Q=
Subject key identifier: 06:52:97:37:4F:BF:0E:69:81:E9:B8:F8:ED:6D:65:F3:EC:C3:B4:BA
Certificate issuer: /CN=adf0df77114741e13a17d7213e6956bf9627b558
Certificate serial: 05058D23
Authority key identifier: AD:F0:DF:77:11:47:41:E1:3A:17:D7:21:3E:69:56:BF:96:27:B5:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfDfdxFHQeE6F9chPmlWv5YntVg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/a30bea-9e93-4091-b6e1-e1ef27772eaf/1/BlKXN0-_DmmB6bj47W1l8-zDtLo.roa
Signing time: Sat 01 Jan 2022 15:02:55 +0000
ROA not before: Sat 01 Jan 2022 15:02:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62319
IP address blocks: 91.142.136.0/24 maxlen: 24
193.106.120.0/22 maxlen: 22
185.150.72.0/22 maxlen: 22
193.169.74.0/23 maxlen: 23
91.216.118.0/24 maxlen: 24
178.209.184.0/22 maxlen: 22
178.209.188.0/23 maxlen: 23
185.203.0.0/22 maxlen: 22
185.66.184.0/22 maxlen: 22
185.4.219.0/24 maxlen: 24
185.4.218.0/24 maxlen: 24
185.4.216.0/23 maxlen: 23
178.209.167.0/24 maxlen: 24
194.126.192.0/24 maxlen: 24
91.194.36.0/23 maxlen: 23
194.116.178.0/23 maxlen: 23
185.40.44.0/22 maxlen: 22
2a02:c900::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84249891 (0x5058d23)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf0df77114741e13a17d7213e6956bf9627b558
Validity
Not Before: Jan 1 15:02:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=065297374fbf0e6981e9b8f8ed6d65f3ecc3b4ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e9:6f:30:fe:13:d3:9a:f3:62:df:5a:c7:2f:
e5:de:27:76:b9:29:ab:05:a7:a5:d8:ae:bd:d8:c5:
14:6a:cf:35:8c:69:5a:d5:e2:60:1c:6a:4c:2d:d1:
7a:a9:6b:d7:a7:39:83:42:fa:8c:b5:cb:e1:44:02:
fb:14:6a:9e:5f:c9:06:93:14:dd:06:57:f4:22:42:
b7:db:46:ce:64:80:bc:61:40:25:84:51:61:07:92:
c9:a5:40:af:47:9b:5c:8a:00:48:3b:24:2e:40:61:
39:f3:73:97:b5:d7:0a:2e:85:a5:9a:ec:59:ca:2d:
7d:74:6c:fd:29:ad:03:b6:b2:da:f9:8a:29:91:38:
61:f2:b4:0f:16:9d:d3:75:0e:41:1f:07:40:67:fc:
a3:f5:bc:88:1b:d9:fb:40:50:e9:58:6c:f0:a5:38:
55:75:a4:f8:42:77:6b:3e:5b:72:a1:dc:de:12:6a:
a0:d1:69:41:36:35:d3:93:8b:21:27:c0:c2:fd:84:
03:c2:dc:34:7a:a3:19:fa:73:9e:16:a5:11:8b:06:
d9:89:95:92:8b:9a:ea:7f:66:aa:de:fa:3a:85:d5:
bd:7b:bd:af:d2:0b:4f:f8:92:0f:71:da:46:ac:30:
d3:48:6f:97:39:af:80:d4:61:dd:20:fd:8b:2a:14:
bd:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:52:97:37:4F:BF:0E:69:81:E9:B8:F8:ED:6D:65:F3:EC:C3:B4:BA
X509v3 Authority Key Identifier:
keyid:AD:F0:DF:77:11:47:41:E1:3A:17:D7:21:3E:69:56:BF:96:27:B5:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfDfdxFHQeE6F9chPmlWv5YntVg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/a30bea-9e93-4091-b6e1-e1ef27772eaf/1/BlKXN0-_DmmB6bj47W1l8-zDtLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/a30bea-9e93-4091-b6e1-e1ef27772eaf/1/rfDfdxFHQeE6F9chPmlWv5YntVg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.142.136.0/24
91.194.36.0/23
91.216.118.0/24
178.209.167.0/24
178.209.184.0-178.209.189.255
185.4.216.0/22
185.40.44.0/22
185.66.184.0/22
185.150.72.0/22
185.203.0.0/22
193.106.120.0/22
193.169.74.0/23
194.116.178.0/23
194.126.192.0/24
IPv6:
2a02:c900::/29
Signature Algorithm: sha256WithRSAEncryption
67:c1:57:52:52:95:42:2e:38:d7:2b:b7:cf:1c:6c:bb:42:13:
45:24:16:a1:00:2f:ab:d8:ea:ae:ab:6b:5f:a4:f1:f6:c3:31:
5b:29:dd:ff:72:f5:96:ad:d1:03:d8:a3:4c:44:e6:35:f1:2c:
5b:4c:3c:b9:16:21:0f:d0:6e:50:d2:ab:d4:1f:3c:8a:b3:d6:
e3:6f:2a:cf:db:c8:2c:d7:85:13:94:a8:16:93:59:ee:0a:c7:
88:a3:a6:df:15:57:2d:39:17:40:15:1e:4a:50:f1:bf:df:38:
2d:33:c6:c0:f9:ef:cf:e8:19:6a:2a:10:28:b2:f1:5c:b6:83:
9a:38:69:af:18:85:12:ba:ec:9a:71:1e:09:50:9e:37:f2:fd:
b4:63:90:1c:23:32:4a:f3:88:21:dd:36:4b:38:94:9d:fc:41:
45:ae:a4:53:6b:cd:47:4f:41:e5:dd:c5:73:e4:0f:f0:55:a0:
cc:1f:7a:44:e3:1f:1f:8f:96:f0:89:0d:3c:04:ec:b9:e4:05:
76:04:14:96:85:3d:1d:14:5a:61:04:47:2c:f7:8f:5d:68:79:
67:10:7c:f0:31:2c:af:3d:b7:b6:68:e8:e3:68:1e:f3:83:97:
d3:45:1d:19:2b:ed:8a:6e:6e:33:60:6c:fb:d4:46:d6:17:46:
f3:01:3b:03
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgIEBQWNIzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZGYwZGY3NzExNDc0MWUxM2ExN2Q3MjEzZTY5NTZiZjk2MjdiNTU4MB4XDTIyMDEw
MTE1MDI1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDY1Mjk3Mzc0ZmJm
MGU2OTgxZTliOGY4ZWQ2ZDY1ZjNlY2MzYjRiYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALvpbzD+E9Oa82LfWscv5d4ndrkpqwWnpdiuvdjFFGrPNYxp
WtXiYBxqTC3Reqlr16c5g0L6jLXL4UQC+xRqnl/JBpMU3QZX9CJCt9tGzmSAvGFA
JYRRYQeSyaVAr0ebXIoASDskLkBhOfNzl7XXCi6FpZrsWcotfXRs/SmtA7ay2vmK
KZE4YfK0Dxad03UOQR8HQGf8o/W8iBvZ+0BQ6Vhs8KU4VXWk+EJ3az5bcqHc3hJq
oNFpQTY105OLISfAwv2EA8LcNHqjGfpznhalEYsG2YmVkoua6n9mqt76OoXVvXu9
r9ILT/iSD3HaRqww00hvlzmvgNRh3SD9iyoUvZECAwEAAaOCAm8wggJrMB0GA1Ud
DgQWBBQGUpc3T78OaYHpuPjtbWXz7MO0ujAfBgNVHSMEGDAWgBSt8N93EUdB4ToX
1yE+aVa/lie1WDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JmRGZkeEZIUWVFNkY5Y2hQbWxXdjVZbnRWZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvYTMwYmVhLTllOTMtNDA5MS1iNmUxLWUxZWYyNzc3MmVhZi8x
L0JsS1hOMC1fRG1tQjZiajQ3VzFsOC16RHRMby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
YTMwYmVhLTllOTMtNDA5MS1iNmUxLWUxZWYyNzc3MmVhZi8xL3JmRGZkeEZIUWVF
NkY5Y2hQbWxXdjVZbnRWZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
hAYIKwYBBQUHAQcBAf8EdTBzMGIEAgABMFwDBABbjogDBAFbwiQDBABb2HYDBACy
0acwDAMEA7LRuAMEAbLRvAMEArkE2AMEArkoLAMEArlCuAMEArmWSAMEArnLAAME
AsFqeAMEAcGpSgMEAcJ0sgMEAMJ+wDANBAIAAjAHAwUDKgLJADANBgkqhkiG9w0B
AQsFAAOCAQEAZ8FXUlKVQi441yu3zxxsu0ITRSQWoQAvq9jqrqtrX6Tx9sMxWynd
/3L1lq3RA9ijTETmNfEsW0w8uRYhD9BuUNKr1B88irPW428qz9vILNeFE5SoFpNZ
7grHiKOm3xVXLTkXQBUeSlDxv984LTPGwPnvz+gZaioQKLLxXLaDmjhprxiFErrs
mnEeCVCeN/L9tGOQHCMySvOIId02SziUnfxBRa6kU2vNR09B5d3Fc+QP8FWgzB96
ROMfH4+W8IkNPATsueQFdgQUloU9HRRaYQRHLPePXWh5ZxB88DEsrz23tmjo42ge
84OX00UdGSvtim5uM2Bs+9RG1hdG8wE7Aw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:55 2023 by rpki-client on console-fra.rpki-client.org