Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/bVH-8BTH3ZdlMMrDHMJIG3Q7xak.roa
File: bVH-8BTH3ZdlMMrDHMJIG3Q7xak.roa (raw, json)
Hash identifier: IoZbBUdMEmR+mgHpuvBMcDrAwOzUg0D5jj6QRks5Sz8=
Subject key identifier: 6D:51:FE:F0:14:C7:DD:97:65:30:CA:C3:1C:C2:48:1B:74:3B:C5:A9
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 0882EF53
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/bVH-8BTH3ZdlMMrDHMJIG3Q7xak.roa
Signing time: Thu 03 Mar 2022 10:55:54 +0000
ROA not before: Thu 03 Mar 2022 10:55:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3561
IP address blocks: 152.89.31.0/24 maxlen: 24
152.89.30.0/24 maxlen: 24
152.89.28.0/24 maxlen: 24
152.89.29.0/24 maxlen: 24
45.138.12.0/24 maxlen: 24
45.138.13.0/24 maxlen: 24
91.132.162.0/24 maxlen: 24
91.132.163.0/24 maxlen: 24
91.132.160.0/24 maxlen: 24
91.132.161.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 142798675 (0x882ef53)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Mar 3 10:55:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6d51fef014c7dd976530cac31cc2481b743bc5a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:97:64:14:9e:21:f3:f4:58:bd:0b:09:ef:bf:
22:26:13:d9:16:97:49:e8:dd:b2:a1:b0:d4:7f:6d:
f3:69:ce:ec:56:83:8f:8a:f8:52:5e:7b:d5:3b:a5:
86:a7:05:ab:30:e8:fd:1c:a0:51:7e:23:53:86:10:
e5:a1:9b:22:ca:c4:71:99:dd:a3:a5:12:bc:2a:bc:
01:92:23:cf:a6:44:a6:4a:f4:04:b8:1f:1a:85:54:
5e:f5:fc:7b:f4:19:1e:d9:3c:6f:f4:95:05:c6:57:
5d:86:d1:8e:46:06:6e:50:6b:40:54:9a:08:b6:2d:
d4:a4:68:7c:8f:79:32:9d:7c:d7:97:e4:5f:37:08:
a1:47:08:fd:1c:10:46:8a:f5:c0:10:11:ae:bc:63:
53:59:ad:59:79:2a:43:4e:77:02:43:9c:e2:e5:96:
6d:85:95:8d:8a:ea:54:fb:cb:be:22:0b:77:c9:13:
68:3b:86:e1:41:5e:f1:b5:6d:d2:e1:52:69:b1:3a:
b3:f0:d1:22:d9:35:df:fe:15:c7:c1:50:8c:f4:6c:
19:c4:6b:e7:85:b3:50:dd:42:0b:2b:87:b8:3b:53:
ba:fe:68:8a:32:05:d2:9c:65:71:d1:50:38:9c:62:
40:01:32:30:66:1c:e4:70:ca:7c:31:d2:cf:7a:69:
1a:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:51:FE:F0:14:C7:DD:97:65:30:CA:C3:1C:C2:48:1B:74:3B:C5:A9
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/bVH-8BTH3ZdlMMrDHMJIG3Q7xak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.12.0/23
91.132.160.0/22
152.89.28.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:87:39:51:97:cd:c5:4e:26:44:5b:22:e8:fa:07:5e:01:0d:
ea:dc:2e:b3:00:90:94:31:ee:56:b7:5c:c1:2f:a9:48:8f:cd:
86:10:0a:e8:e6:93:ac:2c:f3:3d:01:ab:3a:f4:cd:96:c7:62:
ab:83:cc:39:60:25:38:ce:39:6a:40:09:d2:a8:3e:d1:d0:cb:
d5:75:2c:39:bd:38:f9:06:cf:e9:b0:88:a5:a5:cc:c8:64:c9:
63:77:57:61:28:32:7a:06:5d:db:4c:b4:0d:f9:ac:3f:4d:f5:
d8:99:0f:c9:cc:bf:f3:54:74:dc:4d:e1:32:c8:0e:1e:15:65:
ca:b1:77:03:9c:86:17:db:9b:63:66:3e:db:41:f4:8b:45:e4:
aa:76:0c:e5:2b:49:c8:e8:80:35:1b:d5:37:fd:3b:d1:e7:5c:
fd:d8:06:09:21:ba:9e:ae:25:b5:41:c1:83:09:8f:b9:87:c0:
75:92:f6:6e:20:05:d9:b2:58:8f:ea:ba:e9:2e:8a:12:b3:ef:
7d:d2:a3:a5:c9:f1:87:2b:b6:fc:91:1e:16:fc:4c:3d:97:e5:
fc:3e:56:89:c9:3d:f4:48:e8:ba:c3:98:15:c6:ba:2b:0f:5c:
3f:04:9f:62:ee:b3:ed:e7:5c:bd:33:b7:0e:8e:fa:c4:52:09:
66:a9:55:a3
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIECILvUzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
OTg2YzczOTk0ZDAyZDkxZmM5N2Q5MTZlOTgwOWE2ZDk4MWU2YjE3MB4XDTIyMDMw
MzEwNTU1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmQ1MWZlZjAxNGM3
ZGQ5NzY1MzBjYWMzMWNjMjQ4MWI3NDNiYzVhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPaXZBSeIfP0WL0LCe+/IiYT2RaXSejdsqGw1H9t82nO7FaD
j4r4Ul571TulhqcFqzDo/RygUX4jU4YQ5aGbIsrEcZndo6USvCq8AZIjz6ZEpkr0
BLgfGoVUXvX8e/QZHtk8b/SVBcZXXYbRjkYGblBrQFSaCLYt1KRofI95Mp1815fk
XzcIoUcI/RwQRor1wBARrrxjU1mtWXkqQ053AkOc4uWWbYWVjYrqVPvLviILd8kT
aDuG4UFe8bVt0uFSabE6s/DRItk13/4Vx8FQjPRsGcRr54WzUN1CCyuHuDtTuv5o
ijIF0pxlcdFQOJxiQAEyMGYc5HDKfDHSz3ppGgkCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRtUf7wFMfdl2UwysMcwkgbdDvFqTAfBgNVHSMEGDAWgBRJhsc5lNAtkfyX
2RbpgJptmB5rFzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NZYkhPWlRRTFpIOGw5a1c2WUNhYlpnZWF4Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWEvNDU3ZTEzLTQxZDMtNDBlZi1iNTcyLTllODk1ZDBlZjhkMi8x
L2JWSC04QlRIM1pkbE1NckRITUpJRzNRN3hhay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWEv
NDU3ZTEzLTQxZDMtNDBlZi1iNTcyLTllODk1ZDBlZjhkMi8xL1NZYkhPWlRRTFpI
OGw5a1c2WUNhYlpnZWF4Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAS2KDAMEAluEoAMEAphZHDANBgkq
hkiG9w0BAQsFAAOCAQEAHIc5UZfNxU4mRFsi6PoHXgEN6twuswCQlDHuVrdcwS+p
SI/NhhAK6OaTrCzzPQGrOvTNlsdiq4PMOWAlOM45akAJ0qg+0dDL1XUsOb04+QbP
6bCIpaXMyGTJY3dXYSgyegZd20y0DfmsP0312JkPycy/81R03E3hMsgOHhVlyrF3
A5yGF9ubY2Y+20H0i0XkqnYM5StJyOiANRvVN/070edc/dgGCSG6nq4ltUHBgwmP
uYfAdZL2biAF2bJYj+q66S6KErPvfdKjpcnxhyu2/JEeFvxMPZfl/D5Wick99Ejo
usOYFca6Kw9cPwSfYu6z7edcvTO3Do76xFIJZqlVow==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:42 2023 by rpki-client on console-ams.rpki-client.org