Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/ad6b73-0e8c-4a45-b6bb-42281f5518a9/1/bHwrhwSBUKP3TudTULUzgm15gY4.roa
File: bHwrhwSBUKP3TudTULUzgm15gY4.roa (raw, json)
Hash identifier: zPdv+KpxMk+z9Z0TpxD8pwPgzuavHl7HvinKZpI1qH4=
Subject key identifier: 6C:7C:2B:87:04:81:50:A3:F7:4E:E7:53:50:B5:33:82:6D:79:81:8E
Certificate issuer: /CN=7d15cfedb9aeab42bf8ac5b24cb1aeec2a660943
Certificate serial: 0B9F28BC
Authority key identifier: 7D:15:CF:ED:B9:AE:AB:42:BF:8A:C5:B2:4C:B1:AE:EC:2A:66:09:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fRXP7bmuq0K_isWyTLGu7CpmCUM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/ad6b73-0e8c-4a45-b6bb-42281f5518a9/1/bHwrhwSBUKP3TudTULUzgm15gY4.roa
Signing time: Sat 01 Jan 2022 12:02:16 +0000
ROA not before: Sat 01 Jan 2022 12:02:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2856
IP address blocks: 159.253.66.0/23 maxlen: 23
213.249.188.0/22 maxlen: 22
178.78.108.0/22 maxlen: 22
178.78.106.0/23 maxlen: 23
94.72.248.0/21 maxlen: 21
178.78.112.0/21 maxlen: 21
178.78.120.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 194980028 (0xb9f28bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d15cfedb9aeab42bf8ac5b24cb1aeec2a660943
Validity
Not Before: Jan 1 12:02:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6c7c2b87048150a3f74ee75350b533826d79818e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:9a:b1:2c:be:32:e7:06:0b:e8:c3:ee:6d:0c:
26:7c:8b:9d:40:26:5d:2c:9e:8c:d3:5c:d6:23:83:
d8:19:d9:a1:2f:0c:d7:75:34:c2:0d:5b:de:9f:95:
01:c6:53:5e:7d:e5:43:93:45:7f:3e:e1:3f:fa:d4:
5f:02:20:a0:66:35:62:7a:7b:72:23:3b:13:ca:e6:
01:7a:57:2f:c0:1e:6f:a9:2f:c3:dc:36:ec:78:7d:
61:33:bc:a2:64:00:e1:12:0d:e5:52:a1:5d:87:12:
bc:b6:92:97:ab:c0:41:c8:aa:6b:83:77:8c:a7:81:
11:d6:78:1c:e4:69:d2:11:4e:96:dd:a9:5f:f0:08:
f2:eb:24:40:9d:d3:ba:26:d6:fa:61:83:ce:00:82:
04:1c:80:7d:2d:99:2d:01:d5:83:88:25:f8:1d:12:
e3:b1:9a:57:2d:1b:29:62:c6:dc:27:37:a3:14:91:
e7:83:16:d1:0f:10:16:c1:c3:31:ec:60:44:46:cf:
eb:30:08:5e:55:5b:8c:fa:10:be:e3:1f:ea:e1:e9:
32:eb:27:5a:ef:28:79:f1:c8:e4:1c:02:e2:c0:87:
73:20:d5:35:24:f4:b3:8b:2f:56:9d:b7:de:1a:17:
ee:48:02:b1:ec:0a:5b:c2:fa:72:65:8c:6d:0a:c0:
ef:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:7C:2B:87:04:81:50:A3:F7:4E:E7:53:50:B5:33:82:6D:79:81:8E
X509v3 Authority Key Identifier:
keyid:7D:15:CF:ED:B9:AE:AB:42:BF:8A:C5:B2:4C:B1:AE:EC:2A:66:09:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fRXP7bmuq0K_isWyTLGu7CpmCUM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ad6b73-0e8c-4a45-b6bb-42281f5518a9/1/bHwrhwSBUKP3TudTULUzgm15gY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ad6b73-0e8c-4a45-b6bb-42281f5518a9/1/fRXP7bmuq0K_isWyTLGu7CpmCUM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.72.248.0/21
159.253.66.0/23
178.78.106.0-178.78.127.255
213.249.188.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:fe:80:d7:f0:db:32:a9:eb:06:b8:6b:9d:5e:94:c8:dd:8d:
c2:3b:5c:22:be:af:19:50:bb:03:7a:43:57:72:b3:e7:d7:d4:
fc:07:f5:99:b1:16:c7:69:cb:15:9d:b5:db:85:ba:2b:2d:ef:
a8:8a:fd:0b:53:b2:31:51:de:13:81:68:bf:f7:fb:f9:c0:e3:
97:e2:33:ba:22:46:67:e6:b0:38:21:80:63:6d:25:f1:31:6f:
ef:e1:42:19:e6:17:fa:17:81:cd:4a:b9:67:4e:ee:91:51:b8:
73:f9:3b:e7:c1:1c:3e:9e:92:c7:86:5a:72:7f:06:c6:be:ce:
67:0d:04:49:35:8c:fe:62:e5:f4:1c:25:04:20:58:bf:83:46:
38:dc:e4:c2:6a:a7:c9:9d:83:e2:c8:68:fd:03:06:8b:d0:15:
ad:de:03:e7:23:7e:17:40:76:e8:0a:4d:1c:5c:fc:0a:03:02:
ea:3e:66:2f:86:8c:38:49:e3:2a:28:f0:23:4f:39:75:3a:d3:
f4:54:7c:f0:42:0e:c0:6b:72:58:09:7d:18:9e:d2:3a:ee:0a:
2d:60:16:d0:41:05:fc:73:9e:e4:31:c9:a8:2d:46:ae:ee:ea:
0f:99:8f:8f:d1:1e:d7:21:27:f6:48:ec:99:db:c8:09:72:d0:
ea:80:c5:21
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEC58ovDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDE1Y2ZlZGI5YWVhYjQyYmY4YWM1YjI0Y2IxYWVlYzJhNjYwOTQzMB4XDTIyMDEw
MTEyMDIxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmM3YzJiODcwNDgx
NTBhM2Y3NGVlNzUzNTBiNTMzODI2ZDc5ODE4ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMSasSy+MucGC+jD7m0MJnyLnUAmXSyejNNc1iOD2BnZoS8M
13U0wg1b3p+VAcZTXn3lQ5NFfz7hP/rUXwIgoGY1Ynp7ciM7E8rmAXpXL8Aeb6kv
w9w27Hh9YTO8omQA4RIN5VKhXYcSvLaSl6vAQciqa4N3jKeBEdZ4HORp0hFOlt2p
X/AI8uskQJ3TuibW+mGDzgCCBByAfS2ZLQHVg4gl+B0S47GaVy0bKWLG3Cc3oxSR
54MW0Q8QFsHDMexgREbP6zAIXlVbjPoQvuMf6uHpMusnWu8oefHI5BwC4sCHcyDV
NST0s4svVp233hoX7kgCsewKW8L6cmWMbQrA79UCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBRsfCuHBIFQo/dO51NQtTOCbXmBjjAfBgNVHSMEGDAWgBR9Fc/tua6rQr+K
xbJMsa7sKmYJQzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZSWFA3Ym11cTBLX2lzV3lUTEd1N0NwbUNVTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTMvYWQ2YjczLTBlOGMtNGE0NS1iNmJiLTQyMjgxZjU1MThhOS8x
L2JId3Jod1NCVUtQM1R1ZFRVTFV6Z20xNWdZNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTMv
YWQ2YjczLTBlOGMtNGE0NS1iNmJiLTQyMjgxZjU1MThhOS8xL2ZSWFA3Ym11cTBL
X2lzV3lUTEd1N0NwbUNVTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEA15I+AMEAZ/9QjAMAwQBsk5qAwQH
sk4AAwQC1fm8MA0GCSqGSIb3DQEBCwUAA4IBAQAP/oDX8NsyqesGuGudXpTI3Y3C
O1wivq8ZULsDekNXcrPn19T8B/WZsRbHacsVnbXbhborLe+oiv0LU7IxUd4TgWi/
9/v5wOOX4jO6IkZn5rA4IYBjbSXxMW/v4UIZ5hf6F4HNSrlnTu6RUbhz+TvnwRw+
npLHhlpyfwbGvs5nDQRJNYz+YuX0HCUEIFi/g0Y43OTCaqfJnYPiyGj9AwaL0BWt
3gPnI34XQHboCk0cXPwKAwLqPmYvhow4SeMqKPAjTzl1OtP0VHzwQg7Aa3JYCX0Y
ntI67gotYBbQQQX8c57kMcmoLUau7uoPmY+P0R7XISf2SOyZ28gJctDqgMUh
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:21 2023 by rpki-client on console-ams.rpki-client.org