Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/d3e3d7-0357-487e-9fed-a8e8b8931552/1/BDtUp8iCAIjFeSRHeXWpVWS0NNA.roa
File: BDtUp8iCAIjFeSRHeXWpVWS0NNA.roa (raw, json)
Hash identifier: NG9cwyLGRHtT/zLU2KqKTdywYF3eRoejCuGk6qn7zpk=
Subject key identifier: 04:3B:54:A7:C8:82:00:88:C5:79:24:47:79:75:A9:55:64:B4:34:D0
Certificate issuer: /CN=f99abe45f21f12e4b802f309444c24759000ebcf
Certificate serial: 335C8446
Authority key identifier: F9:9A:BE:45:F2:1F:12:E4:B8:02:F3:09:44:4C:24:75:90:00:EB:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Zq-RfIfEuS4AvMJREwkdZAA688.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/d3e3d7-0357-487e-9fed-a8e8b8931552/1/BDtUp8iCAIjFeSRHeXWpVWS0NNA.roa
Signing time: Sat 01 Jan 2022 16:11:30 +0000
ROA not before: Sat 01 Jan 2022 16:11:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6830
IP address blocks: 188.167.0.0/17 maxlen: 17
188.167.0.0/16 maxlen: 16
85.216.192.0/18 maxlen: 18
89.173.0.0/17 maxlen: 17
217.23.240.0/21 maxlen: 21
217.23.240.0/20 maxlen: 20
217.23.248.0/21 maxlen: 21
89.173.0.0/16 maxlen: 16
89.173.128.0/17 maxlen: 17
85.216.128.0/18 maxlen: 18
85.216.128.0/17 maxlen: 17
82.119.96.0/20 maxlen: 20
82.119.96.0/19 maxlen: 19
82.119.112.0/20 maxlen: 20
188.167.128.0/17 maxlen: 17
2a02:ab04::/30 maxlen: 30
2a02:ab00::/29 maxlen: 29
2a02:ab00::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 861701190 (0x335c8446)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f99abe45f21f12e4b802f309444c24759000ebcf
Validity
Not Before: Jan 1 16:11:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=043b54a7c8820088c57924477975a95564b434d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:1b:37:ec:c6:3a:ff:ea:60:38:74:53:54:10:
70:b0:ca:94:e6:e4:33:94:68:60:4c:42:31:49:13:
88:41:24:e8:9d:2d:e6:fb:90:dc:75:19:65:a3:45:
25:d2:27:af:1c:c4:a3:21:6e:d9:1c:db:ad:db:a9:
eb:8c:5d:1f:a1:9a:96:ed:22:a6:24:fa:68:4a:aa:
0d:ad:d0:cb:91:32:34:0f:c4:c7:87:ed:8a:c6:59:
e1:b7:73:e8:5c:d8:08:a7:2e:8e:62:01:41:fe:0d:
24:f8:a0:10:0e:b9:f0:04:21:5c:07:75:25:93:95:
f4:57:8d:cf:2f:59:49:ec:ef:fa:d1:86:e5:a2:02:
5e:58:0b:bf:86:6b:b9:2f:20:f8:f8:50:9b:af:a7:
d3:6d:7f:f0:d5:b6:9a:89:ed:93:d5:49:3f:be:8c:
fc:29:ac:8f:29:3a:08:59:bf:4d:c8:e1:28:8c:c9:
cb:7c:46:e9:87:5b:77:e3:e1:0e:08:65:d4:0a:b9:
72:f8:57:09:4d:1f:24:54:28:af:27:da:2e:7a:c0:
ea:f8:98:41:b5:bf:53:68:8a:c1:2a:27:a8:a6:79:
6f:85:f3:41:ad:e4:6c:ff:61:31:e1:23:d9:c2:1a:
90:54:f6:ed:62:b9:4f:d1:bf:a0:93:2f:d1:10:03:
c0:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:3B:54:A7:C8:82:00:88:C5:79:24:47:79:75:A9:55:64:B4:34:D0
X509v3 Authority Key Identifier:
keyid:F9:9A:BE:45:F2:1F:12:E4:B8:02:F3:09:44:4C:24:75:90:00:EB:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Zq-RfIfEuS4AvMJREwkdZAA688.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/d3e3d7-0357-487e-9fed-a8e8b8931552/1/BDtUp8iCAIjFeSRHeXWpVWS0NNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/d3e3d7-0357-487e-9fed-a8e8b8931552/1/1-Zq-RfIfEuS4AvMJREwkdZAA688.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.119.96.0/19
85.216.128.0/17
89.173.0.0/16
188.167.0.0/16
217.23.240.0/20
IPv6:
2a02:ab00::/29
Signature Algorithm: sha256WithRSAEncryption
95:26:2e:df:24:2c:58:7b:0e:34:38:a9:f8:e3:69:84:d6:65:
d1:83:9b:06:4f:e0:99:de:eb:ce:71:75:34:3e:26:6e:78:f3:
70:71:10:a5:98:78:8c:fe:34:60:9e:99:3e:7b:65:e5:d1:f0:
84:e2:98:6b:4e:82:ae:1b:b4:64:11:ae:67:5a:a0:f2:f0:90:
0b:a9:93:31:ae:50:ed:55:f4:55:65:bc:f5:4a:a7:3f:22:77:
93:dd:ac:08:5f:25:79:f2:28:64:7f:db:4d:c3:a7:49:20:36:
01:d1:bf:22:8c:d5:0b:fd:44:eb:29:cd:7c:91:e1:38:c2:e6:
99:3b:9a:a3:96:55:aa:aa:0b:f3:21:52:24:fb:1e:70:98:8c:
89:f5:f0:a6:b0:f5:c1:57:0e:50:8f:ee:f7:bf:57:0e:3c:ae:
bb:bd:32:a3:ff:5c:12:45:c9:15:3c:d1:03:99:11:09:2e:a8:
72:27:37:c5:f4:d2:03:6e:67:74:9c:a5:f8:33:d3:bb:e5:04:
49:61:26:ff:49:8a:45:0b:c5:83:08:2e:0f:3d:fa:f3:0b:7d:
05:82:04:19:15:18:76:c1:3d:c4:af:cb:c7:4a:55:37:5f:62:
3e:6b:7f:03:e9:20:4d:8a:d8:ce:e6:15:07:4f:4e:ba:aa:0f:
63:08:97:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEM1yERjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OTlhYmU0NWYyMWYxMmU0YjgwMmYzMDk0NDRjMjQ3NTkwMDBlYmNmMB4XDTIyMDEw
MTE2MTEzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDQzYjU0YTdjODgy
MDA4OGM1NzkyNDQ3Nzk3NWE5NTU2NGI0MzRkMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMIbN+zGOv/qYDh0U1QQcLDKlObkM5RoYExCMUkTiEEk6J0t
5vuQ3HUZZaNFJdInrxzEoyFu2Rzbrdup64xdH6Galu0ipiT6aEqqDa3Qy5EyNA/E
x4ftisZZ4bdz6FzYCKcujmIBQf4NJPigEA658AQhXAd1JZOV9FeNzy9ZSezv+tGG
5aICXlgLv4ZruS8g+PhQm6+n021/8NW2montk9VJP76M/Cmsjyk6CFm/TcjhKIzJ
y3xG6Ydbd+PhDghl1Aq5cvhXCU0fJFQoryfaLnrA6viYQbW/U2iKwSonqKZ5b4Xz
Qa3kbP9hMeEj2cIakFT27WK5T9G/oJMv0RADwBECAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBQEO1SnyIIAiMV5JEd5dalVZLQ00DAfBgNVHSMEGDAWgBT5mr5F8h8S5LgC
8wlETCR1kADrzzAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtWnEtUmZJZkV1UzRBdk1KUkV3a2RaQUE2ODguY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2Y3L2QzZTNkNy0wMzU3LTQ4N2UtOWZlZC1hOGU4Yjg5MzE1NTIv
MS9CRHRVcDhpQ0FJakZlU1JIZVhXcFZXUzBOTkEucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y3
L2QzZTNkNy0wMzU3LTQ4N2UtOWZlZC1hOGU4Yjg5MzE1NTIvMS8xLVpxLVJmSWZF
dVM0QXZNSlJFd2tkWkFBNjg4LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MEQGCCsGAQUFBwEHAQH/BDUwMzAiBAIAATAcAwQFUndgAwQHVdiAAwMAWa0DAwC8
pwMEBNkX8DANBAIAAjAHAwUDKgKrADANBgkqhkiG9w0BAQsFAAOCAQEAlSYu3yQs
WHsONDip+ONphNZl0YObBk/gmd7rznF1ND4mbnjzcHEQpZh4jP40YJ6ZPntl5dHw
hOKYa06Crhu0ZBGuZ1qg8vCQC6mTMa5Q7VX0VWW89UqnPyJ3k92sCF8lefIoZH/b
TcOnSSA2AdG/IozVC/1E6ynNfJHhOMLmmTuao5ZVqqoL8yFSJPsecJiMifXwprD1
wVcOUI/u979XDjyuu70yo/9cEkXJFTzRA5kRCS6ocic3xfTSA25ndJyl+DPTu+UE
SWEm/0mKRQvFgwguDz368wt9BYIEGRUYdsE9xK/Lx0pVN19iPmt/A+kgTYrYzuYV
B09OuqoPYwiX+g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:38 2023 by rpki-client on console-fra.rpki-client.org