Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/f21ee7-4925-4dd6-b202-64278c0d8ebf/1/BFFkCNjrQc8Nw-T-ViIM79cWMlM.roa
File: BFFkCNjrQc8Nw-T-ViIM79cWMlM.roa (raw, json)
Hash identifier: /Pdo0bxHnGHw6QSHSkN9DF0RGiDF3yvYEjIkw1ieK2c=
Subject key identifier: 04:51:64:08:D8:EB:41:CF:0D:C3:E4:FE:56:22:0C:EF:D7:16:32:53
Certificate issuer: /CN=54d6ff134bd656f0ce14d410b02bec551eb69a2c
Certificate serial: 03C153F6
Authority key identifier: 54:D6:FF:13:4B:D6:56:F0:CE:14:D4:10:B0:2B:EC:55:1E:B6:9A:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VNb_E0vWVvDOFNQQsCvsVR62miw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/f21ee7-4925-4dd6-b202-64278c0d8ebf/1/BFFkCNjrQc8Nw-T-ViIM79cWMlM.roa
Signing time: Thu 31 Mar 2022 11:04:12 +0000
ROA not before: Thu 31 Mar 2022 11:04:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206189
IP address blocks: 213.217.24.0/22 maxlen: 22
185.220.44.0/22 maxlen: 22
185.196.56.0/22 maxlen: 22
193.27.246.0/23 maxlen: 23
193.161.220.0/22 maxlen: 22
193.27.248.0/23 maxlen: 23
2a09:5000::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63001590 (0x3c153f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54d6ff134bd656f0ce14d410b02bec551eb69a2c
Validity
Not Before: Mar 31 11:04:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=04516408d8eb41cf0dc3e4fe56220cefd7163253
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:dc:d8:7b:ef:a6:e8:b0:01:36:89:87:c4:6b:
9e:59:5b:bf:0c:9c:b6:44:74:fb:1b:8b:31:9f:46:
de:12:71:ae:eb:59:3f:94:3a:16:6d:26:9f:8c:98:
b2:fd:3e:ec:83:f1:5c:e4:99:cf:e1:dd:34:9c:f6:
ec:ab:48:eb:be:c6:67:11:47:df:1c:a4:b7:78:e4:
d7:25:9a:ef:b7:c0:62:89:50:12:7e:46:33:e0:63:
3d:fd:70:fa:7b:29:ef:63:00:13:50:b9:1e:92:14:
05:4f:a9:21:17:76:3c:85:25:68:fc:89:01:4d:39:
e7:0b:bc:3c:e7:a5:7c:8d:fd:da:d2:b4:5b:9f:f5:
03:21:1a:5f:12:e8:51:f8:04:1d:09:a0:e9:64:31:
28:a1:95:7a:a7:48:68:c6:90:56:eb:50:b0:7f:17:
c2:94:b6:8a:ea:a1:b1:3e:d8:30:51:a6:d2:b9:11:
49:cc:a8:1b:fb:3b:36:b4:41:58:61:22:13:f0:57:
67:10:ea:3f:5d:87:f7:5a:32:ae:32:8e:9a:f5:11:
fd:76:15:7b:58:66:d9:d0:bf:49:7d:66:e1:c4:f0:
03:f1:46:7b:cb:f0:32:36:4b:d6:57:29:9e:b9:bd:
4f:91:42:aa:8f:48:db:8e:b9:2b:fa:8b:d5:1b:89:
3b:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:51:64:08:D8:EB:41:CF:0D:C3:E4:FE:56:22:0C:EF:D7:16:32:53
X509v3 Authority Key Identifier:
keyid:54:D6:FF:13:4B:D6:56:F0:CE:14:D4:10:B0:2B:EC:55:1E:B6:9A:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VNb_E0vWVvDOFNQQsCvsVR62miw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f21ee7-4925-4dd6-b202-64278c0d8ebf/1/BFFkCNjrQc8Nw-T-ViIM79cWMlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f21ee7-4925-4dd6-b202-64278c0d8ebf/1/VNb_E0vWVvDOFNQQsCvsVR62miw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.196.56.0/22
185.220.44.0/22
193.27.246.0-193.27.249.255
193.161.220.0/22
213.217.24.0/22
IPv6:
2a09:5000::/29
Signature Algorithm: sha256WithRSAEncryption
81:42:59:31:c4:9f:c8:e2:a6:ca:34:ab:34:27:60:b8:18:6a:
b0:91:50:b2:0b:47:ab:12:7f:0d:e5:75:e6:46:2c:96:98:4f:
a8:d6:18:58:23:d7:90:18:6d:9d:df:a5:24:49:9c:2f:87:0b:
08:22:cb:c0:a4:95:a1:ac:c2:be:49:bd:f5:1c:88:52:6e:95:
13:21:9c:27:b0:4d:b8:a2:49:c8:f8:fd:fe:7e:53:1f:d3:b2:
2c:b2:0d:b4:92:bf:dd:cb:13:af:fc:27:ad:75:6c:95:a1:71:
7c:9e:d2:d1:0d:92:c8:d5:48:8e:0c:f5:ce:0e:1f:d1:2c:ce:
47:fb:d5:7d:3f:50:73:d6:10:cd:d8:3a:06:7c:bc:2d:bb:be:
03:16:3d:2f:ba:1f:e0:84:41:74:18:27:84:03:aa:87:a2:86:
b5:8a:b6:d0:d8:b4:ed:3c:e1:00:f6:1a:b9:1d:f9:c0:87:7e:
ee:61:e9:1e:8e:1e:4b:87:e2:38:c1:c2:7d:a0:d6:fa:a8:57:
b9:5c:91:ca:8c:50:27:7d:9c:f3:92:01:39:65:73:6d:be:e3:
4f:86:f1:b0:89:0b:d0:f1:4f:ed:6d:b6:73:8d:fe:2b:94:7c:
d2:8c:33:b4:09:6e:f0:ab:52:90:fa:93:ed:8d:c6:ac:07:c1:
a3:46:22:cb
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIEA8FT9jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NGQ2ZmYxMzRiZDY1NmYwY2UxNGQ0MTBiMDJiZWM1NTFlYjY5YTJjMB4XDTIyMDMz
MTExMDQxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDQ1MTY0MDhkOGVi
NDFjZjBkYzNlNGZlNTYyMjBjZWZkNzE2MzI1MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALvc2HvvpuiwATaJh8RrnllbvwyctkR0+xuLMZ9G3hJxrutZ
P5Q6Fm0mn4yYsv0+7IPxXOSZz+HdNJz27KtI677GZxFH3xykt3jk1yWa77fAYolQ
En5GM+BjPf1w+nsp72MAE1C5HpIUBU+pIRd2PIUlaPyJAU055wu8POelfI392tK0
W5/1AyEaXxLoUfgEHQmg6WQxKKGVeqdIaMaQVutQsH8XwpS2iuqhsT7YMFGm0rkR
ScyoG/s7NrRBWGEiE/BXZxDqP12H91oyrjKOmvUR/XYVe1hm2dC/SX1m4cTwA/FG
e8vwMjZL1lcpnrm9T5FCqo9I2465K/qL1RuJOxUCAwEAAaOCAjgwggI0MB0GA1Ud
DgQWBBQEUWQI2OtBzw3D5P5WIgzv1xYyUzAfBgNVHSMEGDAWgBRU1v8TS9ZW8M4U
1BCwK+xVHraaLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZOYl9FMHZXVnZET0ZOUVFzQ3ZzVlI2Mm1pdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjMvZjIxZWU3LTQ5MjUtNGRkNi1iMjAyLTY0Mjc4YzBkOGViZi8x
L0JGRmtDTmpyUWM4TnctVC1WaUlNNzljV01sTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMv
ZjIxZWU3LTQ5MjUtNGRkNi1iMjAyLTY0Mjc4YzBkOGViZi8xL1ZOYl9FMHZXVnZE
T0ZOUVFzQ3ZzVlI2Mm1pdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBO
BggrBgEFBQcBBwEB/wQ/MD0wLAQCAAEwJgMEArnEOAMEArncLDAMAwQBwRv2AwQB
wRv4AwQCwaHcAwQC1dkYMA0EAgACMAcDBQMqCVAAMA0GCSqGSIb3DQEBCwUAA4IB
AQCBQlkxxJ/I4qbKNKs0J2C4GGqwkVCyC0erEn8N5XXmRiyWmE+o1hhYI9eQGG2d
36UkSZwvhwsIIsvApJWhrMK+Sb31HIhSbpUTIZwnsE24oknI+P3+flMf07Issg20
kr/dyxOv/CetdWyVoXF8ntLRDZLI1UiODPXODh/RLM5H+9V9P1Bz1hDN2DoGfLwt
u74DFj0vuh/ghEF0GCeEA6qHooa1irbQ2LTtPOEA9hq5HfnAh37uYekejh5Lh+I4
wcJ9oNb6qFe5XJHKjFAnfZzzkgE5ZXNtvuNPhvGwiQvQ8U/tbbZzjf4rlHzSjDO0
CW7wq1KQ+pPtjcasB8GjRiLL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:32 2024 by rpki-client on console-ams.rpki-client.org