Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/acdf4f-f10a-4323-893a-ba102cdb2397/1/bwmXcr-6zQmrTQL2kt-oA_2oI3c.roa
File: bwmXcr-6zQmrTQL2kt-oA_2oI3c.roa (raw, json)
Hash identifier: GNwmW87xm+5HpHeif15j0F9smvNF5IMKwgkJwWAv5hs=
Subject key identifier: 6F:09:97:72:BF:BA:CD:09:AB:4D:02:F6:92:DF:A8:03:FD:A8:23:77
Certificate issuer: /CN=0f516df64b3941b046743411ed86ea6030d72fba
Certificate serial: 048E2BB1
Authority key identifier: 0F:51:6D:F6:4B:39:41:B0:46:74:34:11:ED:86:EA:60:30:D7:2F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D1Ft9ks5QbBGdDQR7YbqYDDXL7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/acdf4f-f10a-4323-893a-ba102cdb2397/1/bwmXcr-6zQmrTQL2kt-oA_2oI3c.roa
Signing time: Sat 01 Jan 2022 03:55:47 +0000
ROA not before: Sat 01 Jan 2022 03:55:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208123
IP address blocks: 45.159.40.0/22 maxlen: 22
2a0f:6e80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76426161 (0x48e2bb1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f516df64b3941b046743411ed86ea6030d72fba
Validity
Not Before: Jan 1 03:55:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6f099772bfbacd09ab4d02f692dfa803fda82377
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:a1:66:f6:90:4c:43:44:d4:cc:2a:26:cf:57:
28:8f:9e:a6:33:6c:bb:d4:07:65:1d:92:d3:8f:b8:
d5:c1:53:03:c7:78:69:8c:4e:3d:e1:22:fd:ad:28:
b4:94:b4:e4:ed:ed:3a:a4:cf:c3:2b:d2:a9:a0:16:
3f:88:8c:df:ef:a6:95:ed:c4:63:f7:16:1f:42:31:
ca:55:53:3c:fc:f9:dd:74:36:2a:68:ed:22:05:17:
54:0e:59:6f:3c:88:52:87:9b:8c:5e:f1:97:f0:c8:
f9:54:e4:c1:c3:94:08:bd:12:c5:58:91:1d:b5:26:
56:d7:99:7c:4f:17:ac:a7:58:f8:83:57:24:a2:30:
08:20:b5:db:a9:ab:0f:c5:e3:cc:ea:0e:ba:e2:d7:
2a:bd:5b:27:7c:3b:5f:48:0e:e0:cb:1a:31:76:d1:
eb:41:b3:6a:1b:75:41:bb:02:57:68:23:dd:9a:98:
f4:d4:35:de:05:1f:5c:97:35:b5:65:84:f4:2c:6c:
fc:53:cf:9c:f4:ae:21:01:8e:dc:f9:78:4f:89:51:
7b:8f:57:2e:1e:d3:a4:c7:65:ff:b2:c2:68:7c:a3:
d8:50:83:46:81:e6:4b:08:8e:d1:de:7b:9e:ad:2c:
d8:c3:b9:84:74:89:26:24:d5:9e:59:6b:37:1f:55:
ad:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:09:97:72:BF:BA:CD:09:AB:4D:02:F6:92:DF:A8:03:FD:A8:23:77
X509v3 Authority Key Identifier:
keyid:0F:51:6D:F6:4B:39:41:B0:46:74:34:11:ED:86:EA:60:30:D7:2F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D1Ft9ks5QbBGdDQR7YbqYDDXL7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/acdf4f-f10a-4323-893a-ba102cdb2397/1/bwmXcr-6zQmrTQL2kt-oA_2oI3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/acdf4f-f10a-4323-893a-ba102cdb2397/1/D1Ft9ks5QbBGdDQR7YbqYDDXL7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.40.0/22
IPv6:
2a0f:6e80::/32
Signature Algorithm: sha256WithRSAEncryption
96:bd:35:a6:78:7e:a5:b8:9e:1e:26:53:e8:b3:04:e8:7b:7b:
fb:e1:bb:c6:bf:5b:52:f4:b7:45:27:04:cd:23:2e:40:28:22:
ee:4d:ba:6f:31:3d:c0:d0:ba:4c:30:42:83:41:d7:dc:6b:e4:
43:39:73:86:4b:84:11:61:65:db:65:f5:ba:42:b0:d1:af:b5:
2e:7a:1b:5c:8c:f8:6f:2f:fc:16:80:a3:aa:01:1d:9b:9a:af:
ae:cf:6f:08:e9:2f:89:7b:8a:21:58:18:cf:08:3d:ea:9a:9e:
e3:52:aa:79:40:ff:9c:f5:8a:10:fa:4a:25:4a:ab:01:ee:62:
80:ad:76:3d:d0:fd:00:6f:db:ae:8b:e0:6a:3d:62:85:38:1a:
51:ca:a3:da:d7:c8:90:25:bc:f4:98:af:1b:87:4f:4c:08:4f:
04:f0:28:f9:32:d3:81:f9:07:82:a0:7c:da:36:7f:69:a0:d2:
ea:48:83:65:0e:01:a0:e7:22:70:bc:cb:d8:a8:34:cb:6d:48:
bb:44:84:e1:9b:d8:71:c6:48:f3:cd:bb:0c:07:95:fd:35:25:
95:5c:b1:87:83:56:c6:ab:a8:6b:ba:00:89:cb:33:0d:03:a6:
af:2d:de:5b:74:ac:e5:c0:db:fa:cc:0a:6a:27:88:f0:39:94:
7e:52:64:9c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBI4rsTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZjUxNmRmNjRiMzk0MWIwNDY3NDM0MTFlZDg2ZWE2MDMwZDcyZmJhMB4XDTIyMDEw
MTAzNTU0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmYwOTk3NzJiZmJh
Y2QwOWFiNGQwMmY2OTJkZmE4MDNmZGE4MjM3NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMyhZvaQTENE1MwqJs9XKI+epjNsu9QHZR2S04+41cFTA8d4
aYxOPeEi/a0otJS05O3tOqTPwyvSqaAWP4iM3++mle3EY/cWH0IxylVTPPz53XQ2
KmjtIgUXVA5ZbzyIUoebjF7xl/DI+VTkwcOUCL0SxViRHbUmVteZfE8XrKdY+INX
JKIwCCC126mrD8XjzOoOuuLXKr1bJ3w7X0gO4MsaMXbR60Gzaht1QbsCV2gj3ZqY
9NQ13gUfXJc1tWWE9Cxs/FPPnPSuIQGO3Pl4T4lRe49XLh7TpMdl/7LCaHyj2FCD
RoHmSwiO0d57nq0s2MO5hHSJJiTVnllrNx9VrScCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRvCZdyv7rNCatNAvaS36gD/agjdzAfBgNVHSMEGDAWgBQPUW32SzlBsEZ0
NBHthupgMNcvujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0QxRnQ5a3M1UWJCR2REUVI3WWJxWUREWEw3by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvYWNkZjRmLWYxMGEtNDMyMy04OTNhLWJhMTAyY2RiMjM5Ny8x
L2J3bVhjci02elFtclRRTDJrdC1vQV8yb0kzYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
YWNkZjRmLWYxMGEtNDMyMy04OTNhLWJhMTAyY2RiMjM5Ny8xL0QxRnQ5a3M1UWJC
R2REUVI3WWJxWUREWEw3by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi2fKDANBAIAAjAHAwUAKg9ugDAN
BgkqhkiG9w0BAQsFAAOCAQEAlr01pnh+pbieHiZT6LME6Ht7++G7xr9bUvS3RScE
zSMuQCgi7k26bzE9wNC6TDBCg0HX3GvkQzlzhkuEEWFl22X1ukKw0a+1LnobXIz4
by/8FoCjqgEdm5qvrs9vCOkviXuKIVgYzwg96pqe41KqeUD/nPWKEPpKJUqrAe5i
gK12PdD9AG/brovgaj1ihTgaUcqj2tfIkCW89JivG4dPTAhPBPAo+TLTgfkHgqB8
2jZ/aaDS6kiDZQ4BoOcicLzL2Kg0y21Iu0SE4ZvYccZI8827DAeV/TUllVyxh4NW
xquoa7oAicszDQOmry3eW3Ss5cDb+swKaieI8DmUflJknA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:12 2024 by rpki-client on console-fra.rpki-client.org