Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/bwUR-vgfW5cRyZyfLAmihfJNI8A.roa
File: bwUR-vgfW5cRyZyfLAmihfJNI8A.roa (raw, json)
Hash identifier: t59+Z0fvN0oHenr/VSSJZJZ+SOTk7Xw9jCgiHNjhOTU=
Subject key identifier: 6F:05:11:FA:F8:1F:5B:97:11:C9:9C:9F:2C:09:A2:85:F2:4D:23:C0
Certificate issuer: /CN=cd65ee23bff42ccf679d7377fe4da695d341aef0
Certificate serial: 08BBF334
Authority key identifier: CD:65:EE:23:BF:F4:2C:CF:67:9D:73:77:FE:4D:A6:95:D3:41:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zWXuI7_0LM9nnXN3_k2mldNBrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/bwUR-vgfW5cRyZyfLAmihfJNI8A.roa
Signing time: Sat 01 Jan 2022 12:59:52 +0000
ROA not before: Sat 01 Jan 2022 12:59:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39570
IP address blocks: 93.188.2.0/23 maxlen: 23
93.188.4.0/22 maxlen: 22
93.188.0.0/24 maxlen: 24
93.188.1.0/24 maxlen: 24
194.9.94.0/23 maxlen: 23
2a02:250:ffff::/48 maxlen: 48
2a02:250::/33 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146535220 (0x8bbf334)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd65ee23bff42ccf679d7377fe4da695d341aef0
Validity
Not Before: Jan 1 12:59:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6f0511faf81f5b9711c99c9f2c09a285f24d23c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:35:40:61:cf:ea:41:88:f4:60:a7:bd:f6:7c:
5f:70:84:b0:bc:6f:9c:b1:b5:1b:ec:c9:be:23:ba:
5c:ce:e0:85:0e:8b:80:db:7e:8a:73:45:78:52:8b:
c4:2e:32:3c:5c:af:a8:ef:90:85:f8:f9:76:c9:28:
92:d4:28:70:ae:ab:88:65:64:e2:e0:d2:5f:1e:97:
42:2e:a0:bd:cc:aa:8b:ca:f4:c5:a9:55:23:dd:ab:
53:56:92:0c:08:8e:fb:5f:1f:6b:de:53:58:1e:65:
92:5e:6a:e1:e5:36:6f:7a:41:a4:84:17:ab:ea:33:
26:a7:0c:44:1d:ed:e9:a2:c0:30:5c:59:e7:88:2d:
3b:88:98:d8:ab:f4:ee:54:9a:b6:ee:bc:1b:49:cf:
c0:fb:8a:05:bc:43:93:87:82:b0:8f:85:65:12:a4:
b4:83:fa:f5:0f:46:74:09:c0:8a:4f:20:e8:a4:35:
a1:85:25:82:fa:2d:99:67:1e:40:39:4c:d6:65:26:
53:b4:58:12:f3:0e:96:30:a2:21:f1:1c:44:b8:61:
0c:c1:f9:ec:92:84:c6:30:fa:8a:10:9a:7e:d8:1e:
97:fe:6a:f7:ce:6e:72:9e:23:c1:6e:bb:96:0b:0c:
28:e5:9d:18:b7:64:82:e0:15:8e:34:b8:62:4b:f6:
7f:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:05:11:FA:F8:1F:5B:97:11:C9:9C:9F:2C:09:A2:85:F2:4D:23:C0
X509v3 Authority Key Identifier:
keyid:CD:65:EE:23:BF:F4:2C:CF:67:9D:73:77:FE:4D:A6:95:D3:41:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zWXuI7_0LM9nnXN3_k2mldNBrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/bwUR-vgfW5cRyZyfLAmihfJNI8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/zWXuI7_0LM9nnXN3_k2mldNBrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.188.0.0/21
194.9.94.0/23
IPv6:
2a02:250::/33
2a02:250:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
75:a4:14:f0:aa:42:e0:e2:1a:bf:5a:25:00:3f:61:94:ad:82:
55:fe:59:ba:68:71:38:22:91:b4:09:54:b5:63:cd:f3:18:ce:
55:08:20:0e:fe:fe:65:b1:4a:cf:5f:14:22:2a:2a:b7:60:33:
58:52:8e:11:5d:18:df:e5:5d:f0:f7:46:93:05:5e:5c:d5:d8:
bc:73:c1:1e:1c:e3:be:af:4e:61:89:9c:25:26:26:d5:b2:b2:
d4:81:c1:09:1f:04:fe:fd:95:79:ff:8a:d1:3c:e5:82:7f:0a:
1a:4d:aa:f2:75:0c:fc:a0:51:53:ce:7e:5c:f2:f3:60:85:0f:
65:40:52:84:bb:d1:01:2f:c7:10:33:c0:7a:04:c8:29:48:b6:
5d:0b:2e:b5:bc:5c:28:46:78:82:41:33:86:7f:c0:50:ca:6b:
02:65:ae:15:04:b0:4c:9a:1e:86:be:52:93:af:aa:18:13:01:
fb:ad:e2:a4:fe:db:a7:f1:f1:01:b5:d3:99:c6:77:e9:c0:f9:
98:31:eb:5c:1b:d7:75:89:fb:71:7c:62:d3:6c:50:9a:f8:e9:
36:17:41:6d:1f:ef:35:91:0b:51:1a:19:af:02:88:e8:19:33:
e6:12:39:08:4a:7a:56:58:d9:3d:e5:59:47:c5:68:19:27:98:
d3:c4:70:93
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIECLvzNDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZDY1ZWUyM2JmZjQyY2NmNjc5ZDczNzdmZTRkYTY5NWQzNDFhZWYwMB4XDTIyMDEw
MTEyNTk1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmYwNTExZmFmODFm
NWI5NzExYzk5YzlmMmMwOWEyODVmMjRkMjNjMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJA1QGHP6kGI9GCnvfZ8X3CEsLxvnLG1G+zJviO6XM7ghQ6L
gNt+inNFeFKLxC4yPFyvqO+Qhfj5dskoktQocK6riGVk4uDSXx6XQi6gvcyqi8r0
xalVI92rU1aSDAiO+18fa95TWB5lkl5q4eU2b3pBpIQXq+ozJqcMRB3t6aLAMFxZ
54gtO4iY2Kv07lSatu68G0nPwPuKBbxDk4eCsI+FZRKktIP69Q9GdAnAik8g6KQ1
oYUlgvotmWceQDlM1mUmU7RYEvMOljCiIfEcRLhhDMH57JKExjD6ihCaftgel/5q
985ucp4jwW67lgsMKOWdGLdkguAVjjS4Ykv2f1cCAwEAAaOCAigwggIkMB0GA1Ud
DgQWBBRvBRH6+B9blxHJnJ8sCaKF8k0jwDAfBgNVHSMEGDAWgBTNZe4jv/Qsz2ed
c3f+TaaV00Gu8DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pXWHVJN18wTE05bm5YTjNfazJtbGROQnJ2QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTEvMDA2ZDQzLTNkYmYtNGNmOC04MTVkLTVkYzJmYTZhMzUwMy8x
L2J3VVItdmdmVzVjUnlaeWZMQW1paGZKTkk4QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTEv
MDA2ZDQzLTNkYmYtNGNmOC04MTVkLTVkYzJmYTZhMzUwMy8xL3pXWHVJN18wTE05
bm5YTjNfazJtbGROQnJ2QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA+
BggrBgEFBQcBBwEB/wQvMC0wEgQCAAEwDAMEA128AAMEAcIJXjAXBAIAAjARAwYH
KgICUAADBwAqAgJQ//8wDQYJKoZIhvcNAQELBQADggEBAHWkFPCqQuDiGr9aJQA/
YZStglX+WbpocTgikbQJVLVjzfMYzlUIIA7+/mWxSs9fFCIqKrdgM1hSjhFdGN/l
XfD3RpMFXlzV2LxzwR4c476vTmGJnCUmJtWystSBwQkfBP79lXn/itE85YJ/ChpN
qvJ1DPygUVPOflzy82CFD2VAUoS70QEvxxAzwHoEyClItl0LLrW8XChGeIJBM4Z/
wFDKawJlrhUEsEyaHoa+UpOvqhgTAfut4qT+26fx8QG105nGd+nA+Zgx61wb13WJ
+3F8YtNsUJr46TYXQW0f7zWRC1EaGa8CiOgZM+YSOQhKelZY2T3lWUfFaBknmNPE
cJM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:56 2024 by rpki-client on console-fra.rpki-client.org