Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/BfriQmjMb4AxrwQgUQXohtjCK6c.roa
File: BfriQmjMb4AxrwQgUQXohtjCK6c.roa (raw, json)
Hash identifier: /v63cIEN4A01ZTzkf9Fepd6I8cjpA8OKKPV0OQH+CnQ=
Subject key identifier: 05:FA:E2:42:68:CC:6F:80:31:AF:04:20:51:05:E8:86:D8:C2:2B:A7
Certificate issuer: /CN=3f96240998fce4124c3cb4dfbacbb0ed1618405a
Certificate serial: 09483469
Authority key identifier: 3F:96:24:09:98:FC:E4:12:4C:3C:B4:DF:BA:CB:B0:ED:16:18:40:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P5YkCZj85BJMPLTfusuw7RYYQFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/BfriQmjMb4AxrwQgUQXohtjCK6c.roa
Signing time: Sat 01 Jan 2022 03:51:20 +0000
ROA not before: Sat 01 Jan 2022 03:51:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201457
IP address blocks: 185.74.204.0/24 maxlen: 24
185.74.205.0/24 maxlen: 24
185.74.206.0/24 maxlen: 24
185.74.204.0/22 maxlen: 22
185.74.207.0/24 maxlen: 24
2a03:4760::/32 maxlen: 32
2a03:4760:b::/48 maxlen: 48
2a03:4760:a::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 155726953 (0x9483469)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f96240998fce4124c3cb4dfbacbb0ed1618405a
Validity
Not Before: Jan 1 03:51:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=05fae24268cc6f8031af04205105e886d8c22ba7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:02:28:93:82:97:b7:35:83:16:f8:0a:dd:58:
9d:93:61:d7:e5:32:21:19:e2:18:18:d4:c4:e2:6a:
3a:4c:24:5f:a7:16:42:9c:d3:6a:64:ad:62:66:05:
3e:78:24:18:f7:2d:ca:2c:cc:82:19:9c:ad:70:2f:
44:1f:3d:2c:08:1a:43:6f:ed:14:d8:88:cc:f0:e9:
c2:d5:3f:ff:d2:b9:bf:9f:c8:1d:0c:04:d8:69:4f:
2c:23:f5:4b:23:9f:53:66:9c:54:f6:52:c6:ae:e1:
d3:7f:34:be:56:09:28:5e:b3:fe:40:df:93:81:f0:
19:b2:1b:28:1d:0e:53:74:6f:d8:f9:5d:bd:7e:fc:
68:33:09:55:18:e4:ea:61:22:5f:20:f8:3a:60:0c:
ee:83:99:42:cb:70:69:86:1a:e3:db:e4:eb:89:d8:
0b:4d:4c:d7:3e:6f:bc:60:72:26:37:9d:a4:79:12:
62:8d:a9:93:cd:22:95:db:1c:44:d1:35:2a:ad:70:
3d:fc:29:7b:88:63:6b:19:c9:ff:8b:c6:e9:f8:d8:
c0:b4:ea:b1:26:6e:37:5e:27:e1:4d:4d:31:2a:39:
ed:f6:8a:47:38:a6:17:33:f8:96:cc:cb:2a:d2:9f:
49:3c:19:35:ef:7c:0b:7b:a8:c7:17:25:ba:a1:f2:
f9:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:FA:E2:42:68:CC:6F:80:31:AF:04:20:51:05:E8:86:D8:C2:2B:A7
X509v3 Authority Key Identifier:
keyid:3F:96:24:09:98:FC:E4:12:4C:3C:B4:DF:BA:CB:B0:ED:16:18:40:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P5YkCZj85BJMPLTfusuw7RYYQFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/BfriQmjMb4AxrwQgUQXohtjCK6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/P5YkCZj85BJMPLTfusuw7RYYQFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.74.204.0/22
IPv6:
2a03:4760::/32
Signature Algorithm: sha256WithRSAEncryption
14:5c:46:ea:ae:21:49:7d:3b:0e:92:3c:04:ec:50:35:21:00:
bf:46:59:48:7e:5f:74:63:44:c7:9e:f1:0c:83:fa:ba:50:ff:
f1:d6:5a:68:83:11:af:22:cf:3b:89:e0:37:d2:db:ad:2f:0b:
86:f4:67:39:b8:6c:3e:29:3c:bf:1e:78:42:e5:55:05:8b:b8:
c8:1d:44:70:98:f1:15:da:47:03:11:c5:a0:13:14:a3:a4:97:
ed:48:d9:9e:b5:3e:7b:14:44:57:4a:ff:af:a7:50:58:56:de:
c6:9f:67:20:e0:1e:01:81:3c:ff:43:b1:0e:9a:fd:d5:73:63:
73:63:9e:49:aa:77:3f:10:28:0b:f3:ed:8f:c8:db:af:2a:6c:
12:c8:2a:a8:44:b0:d6:bc:f4:b0:b8:53:15:94:8a:45:86:08:
2a:a6:ec:70:06:93:f2:02:d7:8b:00:20:60:91:69:dd:12:0f:
ad:87:38:0f:c0:6b:2f:a2:35:31:5b:1c:55:15:13:e6:30:f9:
92:96:0a:60:fd:31:7a:45:a0:55:10:4b:af:8e:13:67:8a:e5:
91:77:27:a6:a4:95:11:1e:b9:60:62:22:58:75:76:1d:20:de:
04:bb:1d:a2:f6:91:b7:ad:64:17:16:ba:71:32:79:87:47:3d:
5f:21:cd:79
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECUg0aTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
Zjk2MjQwOTk4ZmNlNDEyNGMzY2I0ZGZiYWNiYjBlZDE2MTg0MDVhMB4XDTIyMDEw
MTAzNTEyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDVmYWUyNDI2OGNj
NmY4MDMxYWYwNDIwNTEwNWU4ODZkOGMyMmJhNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMoCKJOCl7c1gxb4Ct1YnZNh1+UyIRniGBjUxOJqOkwkX6cW
QpzTamStYmYFPngkGPctyizMghmcrXAvRB89LAgaQ2/tFNiIzPDpwtU//9K5v5/I
HQwE2GlPLCP1SyOfU2acVPZSxq7h0380vlYJKF6z/kDfk4HwGbIbKB0OU3Rv2Pld
vX78aDMJVRjk6mEiXyD4OmAM7oOZQstwaYYa49vk64nYC01M1z5vvGByJjedpHkS
Yo2pk80ildscRNE1Kq1wPfwpe4hjaxnJ/4vG6fjYwLTqsSZuN14n4U1NMSo57faK
RzimFzP4lszLKtKfSTwZNe98C3uoxxcluqHy+bUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQF+uJCaMxvgDGvBCBRBeiG2MIrpzAfBgNVHSMEGDAWgBQ/liQJmPzkEkw8
tN+6y7DtFhhAWjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1A1WWtDWmo4NUJKTVBMVGZ1c3V3N1JZWVFGby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmYvNjBmZWM3LTBiNTEtNDQ0Ni05YjVkLWM3NDFjMjdiNGUyMi8x
L0JmcmlRbWpNYjRBeHJ3UWdVUVhvaHRqQ0s2Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmYv
NjBmZWM3LTBiNTEtNDQ0Ni05YjVkLWM3NDFjMjdiNGUyMi8xL1A1WWtDWmo4NUJK
TVBMVGZ1c3V3N1JZWVFGby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArlKzDANBAIAAjAHAwUAKgNHYDAN
BgkqhkiG9w0BAQsFAAOCAQEAFFxG6q4hSX07DpI8BOxQNSEAv0ZZSH5fdGNEx57x
DIP6ulD/8dZaaIMRryLPO4ngN9LbrS8LhvRnObhsPik8vx54QuVVBYu4yB1EcJjx
FdpHAxHFoBMUo6SX7UjZnrU+exREV0r/r6dQWFbexp9nIOAeAYE8/0OxDpr91XNj
c2OeSap3PxAoC/Ptj8jbrypsEsgqqESw1rz0sLhTFZSKRYYIKqbscAaT8gLXiwAg
YJFp3RIPrYc4D8BrL6I1MVscVRUT5jD5kpYKYP0xekWgVRBLr44TZ4rlkXcnpqSV
ER65YGIiWHV2HSDeBLsdovaRt61kFxa6cTJ5h0c9XyHNeQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:47 2024 by rpki-client on console-ams.rpki-client.org