Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/0044e2-a842-48ab-bc54-62542228291c/1/BXG0L6zHxK9QesUV7Z1gj9II_wg.roa
File: BXG0L6zHxK9QesUV7Z1gj9II_wg.roa (raw, json)
Hash identifier: k7Ea8iL3Tj9LB8d6RSsQDblMvczWHw/PQhJD7y4iWzs=
Subject key identifier: 05:71:B4:2F:AC:C7:C4:AF:50:7A:C5:15:ED:9D:60:8F:D2:08:FF:08
Certificate issuer: /CN=f177817124f20772743bd30594a8853b2bdec6aa
Certificate serial: 01849A6A1CCBABF2D85D03DE93CA8F50505F
Authority key identifier: F1:77:81:71:24:F2:07:72:74:3B:D3:05:94:A8:85:3B:2B:DE:C6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8XeBcSTyB3J0O9MFlKiFOyvexqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/0044e2-a842-48ab-bc54-62542228291c/1/BXG0L6zHxK9QesUV7Z1gj9II_wg.roa
Signing time: Mon 21 Nov 2022 13:39:16 +0000
ROA not before: Mon 21 Nov 2022 13:39:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49935
IP address blocks: 185.94.136.0/22 maxlen: 27
185.1.243.0/24 maxlen: 28
195.62.90.0/23 maxlen: 27
185.135.191.0/24 maxlen: 27
2a10:1740::/29 maxlen: 126
2001:7f8:12d::/48 maxlen: 126
2001:678:9ac::/48 maxlen: 126
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9a:6a:1c:cb:ab:f2:d8:5d:03:de:93:ca:8f:50:50:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f177817124f20772743bd30594a8853b2bdec6aa
Validity
Not Before: Nov 21 13:39:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0571b42facc7c4af507ac515ed9d608fd208ff08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:a0:60:65:77:b4:f9:c1:cb:37:54:4b:03:3e:
fe:3f:a9:8f:9e:9c:4e:aa:59:cb:44:ca:a2:d5:be:
7a:f6:32:33:cf:e6:0e:d8:8d:fd:29:c9:cb:27:5f:
ba:68:3b:ff:7b:be:68:93:fa:9b:e6:f1:20:a0:70:
6c:63:6f:d1:b9:44:62:dd:cf:ca:a6:4a:23:0c:4b:
62:87:91:09:6e:f2:e4:67:5e:aa:e2:a7:91:a5:10:
93:1e:30:9a:b8:70:a7:92:ec:c6:ad:b8:ca:69:60:
57:bc:44:ab:ee:9e:1f:7d:c3:7e:47:47:9c:10:e2:
57:7b:97:1c:ff:29:bd:1c:52:8b:b3:79:23:b8:08:
f7:ec:e3:26:5f:85:ac:d6:4c:30:f2:48:5d:54:42:
a1:5b:c6:7f:0e:03:39:50:36:da:0d:5d:e2:ec:56:
0b:d9:b6:4f:43:a6:a3:aa:86:69:2e:92:ba:55:43:
3b:4e:72:eb:98:da:95:7f:85:5e:81:48:11:01:8b:
01:9b:98:8c:ca:9a:e5:73:54:07:17:9c:30:33:6b:
49:d9:f5:17:e4:7d:5d:04:0f:1f:cf:d1:85:23:b9:
e3:44:1a:92:fc:7f:68:34:1e:39:40:08:d2:54:60:
59:1b:d5:90:22:5d:3a:2f:dc:d8:18:59:50:0a:4e:
e6:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:71:B4:2F:AC:C7:C4:AF:50:7A:C5:15:ED:9D:60:8F:D2:08:FF:08
X509v3 Authority Key Identifier:
keyid:F1:77:81:71:24:F2:07:72:74:3B:D3:05:94:A8:85:3B:2B:DE:C6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8XeBcSTyB3J0O9MFlKiFOyvexqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/0044e2-a842-48ab-bc54-62542228291c/1/BXG0L6zHxK9QesUV7Z1gj9II_wg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/0044e2-a842-48ab-bc54-62542228291c/1/8XeBcSTyB3J0O9MFlKiFOyvexqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.243.0/24
185.94.136.0/22
185.135.191.0/24
195.62.90.0/23
IPv6:
2001:678:9ac::/48
2001:7f8:12d::/48
2a10:1740::/29
Signature Algorithm: sha256WithRSAEncryption
78:a3:14:fc:3c:6a:8e:d2:5d:15:31:31:00:41:c2:d7:59:14:
2e:4b:37:b1:43:f3:04:03:82:1a:f1:b6:14:4c:47:97:12:c2:
ac:a5:02:e4:50:01:2e:b8:ba:2a:63:06:94:bd:10:3b:00:1d:
dc:65:83:5c:90:80:18:9d:27:07:74:17:5c:55:9f:6c:6c:75:
53:1a:7e:8e:11:23:a9:31:65:bd:2b:cb:05:17:ae:fe:3b:16:
ad:f8:0e:b1:ee:da:3d:87:d4:6f:64:55:6d:58:c9:50:11:4e:
d8:2f:e9:05:2d:52:a3:73:54:f9:9a:05:11:0f:94:0e:b9:99:
71:80:26:7e:88:ea:93:c8:f6:e1:bd:fb:66:f8:06:0d:95:cc:
a2:80:7e:94:d1:0f:39:36:2a:cd:ca:14:81:0c:8b:d6:58:5c:
70:ed:10:b9:dc:17:6a:43:f0:b1:3c:e8:c8:4c:aa:e4:de:8d:
da:12:2f:5c:56:81:d1:3e:63:a8:ab:04:3b:f9:b4:ea:ee:8f:
bb:90:97:5c:0b:70:6f:da:97:51:d2:2d:f0:ef:56:ed:07:a1:
63:7e:a4:0f:98:44:bc:30:06:45:4f:c4:d4:48:71:8e:f1:00:
f8:d4:9f:0f:f2:b7:0a:3f:c0:cc:6e:96:c6:f3:5f:5d:7b:e7:
25:15:0c:e9
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYSaahzLq/LYXQPek8qPUFBfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNzc4MTcxMjRmMjA3NzI3NDNiZDMwNTk0YTg4NTNiMmJk
ZWM2YWEwHhcNMjIxMTIxMTMzOTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTcxYjQyZmFjYzdjNGFmNTA3YWM1MTVlZDlkNjA4ZmQyMDhmZjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqBgZXe0+cHLN1RLAz7+P6mPnpxO
qlnLRMqi1b569jIzz+YO2I39KcnLJ1+6aDv/e75ok/qb5vEgoHBsY2/RuURi3c/K
pkojDEtih5EJbvLkZ16q4qeRpRCTHjCauHCnkuzGrbjKaWBXvESr7p4ffcN+R0ec
EOJXe5cc/ym9HFKLs3kjuAj37OMmX4Ws1kww8khdVEKhW8Z/DgM5UDbaDV3i7FYL
2bZPQ6ajqoZpLpK6VUM7TnLrmNqVf4VegUgRAYsBm5iMyprlc1QHF5wwM2tJ2fUX
5H1dBA8fz9GFI7njRBqS/H9oNB45QAjSVGBZG9WQIl06L9zYGFlQCk7mhwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFAVxtC+sx8SvUHrFFe2dYI/SCP8IMB8GA1UdIwQY
MBaAFPF3gXEk8gdydDvTBZSohTsr3saqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFhlQmNTVHlCM0owTzlNRmxLaUZPeXZleHFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8wMDQ0ZTItYTg0Mi00OGFiLWJjNTQt
NjI1NDIyMjgyOTFjLzEvQlhHMEw2ekh4SzlRZXNVVjdaMWdqOUlJX3dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8wMDQ0ZTItYTg0Mi00OGFiLWJjNTQtNjI1NDIyMjgyOTFj
LzEvOFhlQmNTVHlCM0owTzlNRmxLaUZPeXZleHFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAeBAIAATAYAwQAuQHzAwQC
uV6IAwQAuYe/AwQBwz5aMB8EAgACMBkDBwAgAQZ4CawDBwAgAQf4AS0DBQMqEBdA
MA0GCSqGSIb3DQEBCwUAA4IBAQB4oxT8PGqO0l0VMTEAQcLXWRQuSzexQ/MEA4Ia
8bYUTEeXEsKspQLkUAEuuLoqYwaUvRA7AB3cZYNckIAYnScHdBdcVZ9sbHVTGn6O
ESOpMWW9K8sFF67+Oxat+A6x7to9h9RvZFVtWMlQEU7YL+kFLVKjc1T5mgURD5QO
uZlxgCZ+iOqTyPbhvftm+AYNlcyigH6U0Q85NirNyhSBDIvWWFxw7RC53BdqQ/Cx
POjITKrk3o3aEi9cVoHRPmOoqwQ7+bTq7o+7kJdcC3Bv2pdR0i3w71btB6FjfqQP
mES8MAZFT8TUSHGO8QD41J8P8rcKP8DMbpbG819de+clFQzp
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:30 2023 by rpki-client on console.sobornost.net