Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/b6db36-cf86-4172-8dd2-e5fd91d13950/1/bBQBV3LuJZwEvEufg3dyqjsjEdI.roa
File: bBQBV3LuJZwEvEufg3dyqjsjEdI.roa (raw, json)
Hash identifier: q9Lgh0Qpv1jp90chKoxt1cAfdq061sGt/tF8UDMUuYU=
Subject key identifier: 6C:14:01:57:72:EE:25:9C:04:BC:4B:9F:83:77:72:AA:3B:23:11:D2
Certificate issuer: /CN=c7eda6e52f877960a9e0fbc93e683fe6484a6b04
Certificate serial: 37D5A95F
Authority key identifier: C7:ED:A6:E5:2F:87:79:60:A9:E0:FB:C9:3E:68:3F:E6:48:4A:6B:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x-2m5S-HeWCp4PvJPmg_5khKawQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/b6db36-cf86-4172-8dd2-e5fd91d13950/1/bBQBV3LuJZwEvEufg3dyqjsjEdI.roa
Signing time: Sat 01 Jan 2022 01:53:13 +0000
ROA not before: Sat 01 Jan 2022 01:53:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24956
IP address blocks: 194.45.135.0/24 maxlen: 24
185.220.200.0/22 maxlen: 22
217.13.64.0/20 maxlen: 20
2a00:1030::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 936749407 (0x37d5a95f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7eda6e52f877960a9e0fbc93e683fe6484a6b04
Validity
Not Before: Jan 1 01:53:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6c14015772ee259c04bc4b9f837772aa3b2311d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:48:82:65:37:85:7b:ea:0b:b7:36:00:a1:f1:
6b:dd:07:88:70:3e:d6:3f:80:16:5d:b7:a0:10:10:
92:d4:e7:79:5f:05:db:f8:34:78:91:b0:44:c6:ec:
78:cf:71:da:85:25:17:92:2c:12:e8:a3:74:ad:b7:
b4:3e:07:fb:ff:f1:4a:5e:67:53:b2:92:a7:2e:7c:
c6:4c:7c:b0:21:06:e1:af:fe:e7:2e:41:df:06:ce:
3b:03:00:ba:ba:63:7c:bf:fd:c2:42:24:ca:cb:05:
3a:d5:1f:4e:5e:e8:b3:48:a1:d6:73:60:8d:b1:c0:
87:63:58:5f:e1:b3:12:35:f3:b1:7c:2d:f5:ce:cb:
80:89:0d:56:00:94:68:aa:52:a6:3a:a8:1c:ca:72:
fb:8a:1f:9f:ed:3a:39:c9:55:bc:c1:09:b1:88:b2:
3b:5d:a0:b5:9c:56:bd:c8:5b:e1:fa:05:ec:92:8a:
25:f2:3a:a2:90:40:02:62:dc:40:23:f4:ee:da:2a:
2a:89:39:2f:c9:ea:b9:f7:10:95:b3:c5:93:1c:96:
7c:a0:b4:10:01:cf:3f:df:28:0c:c7:ee:73:c1:0d:
96:82:30:ca:f3:b0:b7:f4:51:76:1a:ec:9d:17:2b:
7d:25:6e:a1:0e:f5:3f:ef:6f:c1:d7:2a:25:93:a3:
eb:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:14:01:57:72:EE:25:9C:04:BC:4B:9F:83:77:72:AA:3B:23:11:D2
X509v3 Authority Key Identifier:
keyid:C7:ED:A6:E5:2F:87:79:60:A9:E0:FB:C9:3E:68:3F:E6:48:4A:6B:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x-2m5S-HeWCp4PvJPmg_5khKawQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/b6db36-cf86-4172-8dd2-e5fd91d13950/1/bBQBV3LuJZwEvEufg3dyqjsjEdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/b6db36-cf86-4172-8dd2-e5fd91d13950/1/x-2m5S-HeWCp4PvJPmg_5khKawQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.200.0/22
194.45.135.0/24
217.13.64.0/20
IPv6:
2a00:1030::/32
Signature Algorithm: sha256WithRSAEncryption
3a:e7:75:3f:cb:96:af:71:ac:fd:f6:c7:83:2e:f6:db:bc:1b:
a4:5b:e2:3e:a2:7c:79:03:db:ac:57:35:9e:75:0e:7c:a1:60:
df:15:3b:5d:3d:a1:81:8a:f0:bf:4d:3a:b6:10:e1:00:e4:40:
bc:cf:39:c6:f3:c3:01:fd:72:b9:6e:c6:74:be:e0:ff:35:65:
70:55:6b:1c:2b:7a:9b:98:73:7c:eb:c3:f3:8d:31:d1:49:3e:
51:d5:6d:34:9b:a7:31:ea:5c:e9:c0:df:8c:0e:1d:02:f9:f3:
49:1c:bc:95:30:bd:cd:4e:2f:80:ba:f8:4a:87:7e:4e:b3:95:
6c:34:80:9c:33:0f:1c:2c:54:3d:9f:68:31:40:a8:d3:4f:66:
02:b3:a0:e2:6b:da:f6:d6:ce:3a:81:97:3b:2d:84:c0:76:a6:
bf:79:9f:e1:df:40:1f:dd:d3:4d:ab:56:fb:61:16:13:7c:88:
8d:f8:e5:c5:89:0d:48:e8:70:d2:28:5e:4b:48:3d:8e:a2:3c:
8a:b7:a1:36:b4:a5:56:cb:38:a6:b5:4a:11:83:a2:09:e4:19:
b6:5c:19:47:39:eb:98:77:40:f8:bf:41:be:fb:98:52:5b:ce:
57:0c:f7:a7:e6:c2:33:53:af:e5:93:40:eb:52:2e:f1:7a:b5:
3b:66:c3:dc
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEN9WpXzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
N2VkYTZlNTJmODc3OTYwYTllMGZiYzkzZTY4M2ZlNjQ4NGE2YjA0MB4XDTIyMDEw
MTAxNTMxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmMxNDAxNTc3MmVl
MjU5YzA0YmM0YjlmODM3NzcyYWEzYjIzMTFkMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMFIgmU3hXvqC7c2AKHxa90HiHA+1j+AFl23oBAQktTneV8F
2/g0eJGwRMbseM9x2oUlF5IsEuijdK23tD4H+//xSl5nU7KSpy58xkx8sCEG4a/+
5y5B3wbOOwMAurpjfL/9wkIkyssFOtUfTl7os0ih1nNgjbHAh2NYX+GzEjXzsXwt
9c7LgIkNVgCUaKpSpjqoHMpy+4ofn+06OclVvMEJsYiyO12gtZxWvchb4foF7JKK
JfI6opBAAmLcQCP07toqKok5L8nqufcQlbPFkxyWfKC0EAHPP98oDMfuc8ENloIw
yvOwt/RRdhrsnRcrfSVuoQ71P+9vwdcqJZOj6/ECAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBRsFAFXcu4lnAS8S5+Dd3KqOyMR0jAfBgNVHSMEGDAWgBTH7ablL4d5YKng
+8k+aD/mSEprBDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3gtMm01Uy1IZVdDcDRQdkpQbWdfNWtoS2F3US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmEvYjZkYjM2LWNmODYtNDE3Mi04ZGQyLWU1ZmQ5MWQxMzk1MC8x
L2JCUUJWM0x1Slp3RXZFdWZnM2R5cWpzakVkSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmEv
YjZkYjM2LWNmODYtNDE3Mi04ZGQyLWU1ZmQ5MWQxMzk1MC8xL3gtMm01Uy1IZVdD
cDRQdkpQbWdfNWtoS2F3US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEArncyAMEAMIthwMEBNkNQDANBAIA
AjAHAwUAKgAQMDANBgkqhkiG9w0BAQsFAAOCAQEAOud1P8uWr3Gs/fbHgy7227wb
pFviPqJ8eQPbrFc1nnUOfKFg3xU7XT2hgYrwv006thDhAORAvM85xvPDAf1yuW7G
dL7g/zVlcFVrHCt6m5hzfOvD840x0Uk+UdVtNJunMepc6cDfjA4dAvnzSRy8lTC9
zU4vgLr4Sod+TrOVbDSAnDMPHCxUPZ9oMUCo009mArOg4mva9tbOOoGXOy2EwHam
v3mf4d9AH93TTatW+2EWE3yIjfjlxYkNSOhw0iheS0g9jqI8irehNrSlVss4prVK
EYOiCeQZtlwZRznrmHdA+L9BvvuYUlvOVwz3p+bCM1Ov5ZNA61Iu8Xq1O2bD3A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:32 2024 by rpki-client on console-fra.rpki-client.org