Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/bbp9oxTSxmiJuxdS-MK1mxbuqS0.roa
File: bbp9oxTSxmiJuxdS-MK1mxbuqS0.roa (raw, json)
Hash identifier: XFrmtACCA2+m1/9Ikw04hkjVO14+BKG+LAPHIlLYmrA=
Subject key identifier: 6D:BA:7D:A3:14:D2:C6:68:89:BB:17:52:F8:C2:B5:9B:16:EE:A9:2D
Certificate issuer: /CN=320b24a740f2e61632050adc146c1ee6a3e686c5
Certificate serial: 341BF375
Authority key identifier: 32:0B:24:A7:40:F2:E6:16:32:05:0A:DC:14:6C:1E:E6:A3:E6:86:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/bbp9oxTSxmiJuxdS-MK1mxbuqS0.roa
Signing time: Sat 01 Jan 2022 09:03:10 +0000
ROA not before: Sat 01 Jan 2022 09:03:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5538
IP address blocks: 92.240.64.0/19 maxlen: 19
194.8.1.0/24 maxlen: 24
85.254.192.0/18 maxlen: 18
5.152.224.0/21 maxlen: 21
185.23.160.0/22 maxlen: 22
2a02:500::/29 maxlen: 29
2a02:500::/32 maxlen: 32
2a02:500:4000::/35 maxlen: 35
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 874247029 (0x341bf375)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=320b24a740f2e61632050adc146c1ee6a3e686c5
Validity
Not Before: Jan 1 09:03:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6dba7da314d2c66889bb1752f8c2b59b16eea92d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ba:e8:1c:2d:f3:1d:13:18:83:ae:dc:d7:ac:
30:15:20:7f:34:22:14:cf:f2:fb:11:2c:76:e9:3b:
b0:da:b4:d5:58:73:9e:43:2c:45:5a:fe:46:1a:3d:
cd:1b:d4:bd:d6:92:7c:ca:f8:ca:2d:7b:ce:35:86:
2c:22:58:06:ca:8a:3b:ab:39:a5:aa:72:f5:31:bc:
c1:9b:36:34:82:53:8d:27:08:3c:90:45:5f:82:bf:
b7:25:55:69:c1:7a:cf:f6:02:34:99:1c:2d:26:8a:
56:00:50:36:41:4b:a9:08:a3:91:f4:bd:03:d3:bf:
58:99:0c:a2:e7:3f:cc:52:d7:80:4f:54:a4:06:6e:
fd:08:d0:01:e4:72:2c:b3:0c:ff:dd:85:c6:f7:1c:
29:97:64:ff:d8:c0:87:66:a2:03:e2:1d:f3:57:15:
16:be:07:36:67:f6:f9:c5:e1:f2:50:6a:d4:c0:ec:
1a:a3:1e:5c:9e:6c:73:87:ef:ea:90:d1:81:b2:c7:
f6:4c:cd:03:d1:9a:1b:f5:c8:ae:cf:3f:96:bc:7a:
1e:d4:5a:31:31:2b:3b:87:ad:a9:92:9b:e7:ab:3e:
1b:5d:74:66:0c:f9:b0:36:ca:8b:4c:0c:8b:09:d3:
43:07:ae:fe:c5:73:9a:e8:ea:f6:50:08:0d:b0:2e:
3b:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:BA:7D:A3:14:D2:C6:68:89:BB:17:52:F8:C2:B5:9B:16:EE:A9:2D
X509v3 Authority Key Identifier:
keyid:32:0B:24:A7:40:F2:E6:16:32:05:0A:DC:14:6C:1E:E6:A3:E6:86:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/bbp9oxTSxmiJuxdS-MK1mxbuqS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.152.224.0/21
85.254.192.0/18
92.240.64.0/19
185.23.160.0/22
194.8.1.0/24
IPv6:
2a02:500::/29
Signature Algorithm: sha256WithRSAEncryption
62:c7:a2:0b:11:61:99:4a:94:ac:d0:30:e0:a2:24:4b:1b:b9:
77:cb:c2:00:d7:2c:b4:f8:72:67:91:ae:9d:dd:b0:d6:8a:52:
36:69:9f:eb:8b:f6:1a:c1:cf:87:36:c2:e7:a1:45:f8:ae:4a:
81:0f:8e:af:b2:a1:f5:5d:3b:65:5d:9d:c8:ee:55:7c:2c:3b:
f4:2b:58:10:29:a7:30:3c:a9:b7:94:c1:e5:b1:05:43:7e:28:
67:b9:ea:2d:2a:dd:c3:e2:5e:c3:5e:f9:28:1f:00:50:b0:b3:
15:06:8a:e4:9a:f4:b9:05:5e:66:c8:b1:d4:c5:66:53:62:ab:
27:b5:6b:9f:f2:2a:28:e5:3b:34:7b:8c:d2:df:d5:fa:57:62:
0e:42:61:91:1c:ed:1a:46:77:f3:10:94:98:21:fa:e5:a4:d4:
ae:19:7c:d0:17:9a:63:55:f5:e2:2c:b6:a4:8f:66:a2:dc:90:
00:fe:4d:77:40:47:11:e1:af:aa:df:47:fe:65:c2:25:69:70:
a7:15:65:08:a0:f4:27:0f:86:02:f6:96:e7:36:4f:14:2a:45:
e3:e1:f7:7c:d8:38:38:7e:31:18:a8:c0:4a:4f:f6:6e:0f:de:
af:45:2e:4c:d6:94:74:93:ee:15:d3:93:88:ba:e3:6b:a6:62:
80:26:d1:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIENBvzdTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MjBiMjRhNzQwZjJlNjE2MzIwNTBhZGMxNDZjMWVlNmEzZTY4NmM1MB4XDTIyMDEw
MTA5MDMxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmRiYTdkYTMxNGQy
YzY2ODg5YmIxNzUyZjhjMmI1OWIxNmVlYTkyZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKm66Bwt8x0TGIOu3NesMBUgfzQiFM/y+xEsduk7sNq01Vhz
nkMsRVr+Rho9zRvUvdaSfMr4yi17zjWGLCJYBsqKO6s5papy9TG8wZs2NIJTjScI
PJBFX4K/tyVVacF6z/YCNJkcLSaKVgBQNkFLqQijkfS9A9O/WJkMouc/zFLXgE9U
pAZu/QjQAeRyLLMM/92FxvccKZdk/9jAh2aiA+Id81cVFr4HNmf2+cXh8lBq1MDs
GqMeXJ5sc4fv6pDRgbLH9kzNA9GaG/XIrs8/lrx6HtRaMTErO4etqZKb56s+G110
Zgz5sDbKi0wMiwnTQweu/sVzmujq9lAIDbAuOzECAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBRtun2jFNLGaIm7F1L4wrWbFu6pLTAfBgNVHSMEGDAWgBQyCySnQPLmFjIF
CtwUbB7mo+aGxTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01nc2twMER5NWhZeUJRcmNGR3dlNXFQbWhzVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDcvOWMyN2U0LWQ3YjEtNDNjMS1hMzhmLTk0OTE0ZjVkZGIzYy8x
L2JicDlveFRTeG1pSnV4ZFMtTUsxbXhidXFTMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcv
OWMyN2U0LWQ3YjEtNDNjMS1hMzhmLTk0OTE0ZjVkZGIzYy8xL01nc2twMER5NWhZ
eUJRcmNGR3dlNXFQbWhzVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAwWY4AMEBlX+wAMEBVzwQAMEArkX
oAMEAMIIATANBAIAAjAHAwUDKgIFADANBgkqhkiG9w0BAQsFAAOCAQEAYseiCxFh
mUqUrNAw4KIkSxu5d8vCANcstPhyZ5Gund2w1opSNmmf64v2GsHPhzbC56FF+K5K
gQ+Or7Kh9V07ZV2dyO5VfCw79CtYECmnMDypt5TB5bEFQ34oZ7nqLSrdw+Jew175
KB8AULCzFQaK5Jr0uQVeZsix1MVmU2KrJ7Vrn/IqKOU7NHuM0t/V+ldiDkJhkRzt
GkZ38xCUmCH65aTUrhl80BeaY1X14iy2pI9motyQAP5Nd0BHEeGvqt9H/mXCJWlw
pxVlCKD0Jw+GAvaW5zZPFCpF4+H3fNg4OH4xGKjASk/2bg/er0UuTNaUdJPuFdOT
iLrja6ZigCbRTg==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:34 2023 by rpki-client on console.sobornost.net