Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/4bebe7-3f8e-4949-8980-9f6fa0e1a5a5/1/BMRO5IGjsYhLA_ZEE4X73tLMXpg.roa
File: BMRO5IGjsYhLA_ZEE4X73tLMXpg.roa (raw, json)
Hash identifier: fksxyhCDDdWNh5/AHQQr7HsfqyMj333eN2k7yEJkMAg=
Subject key identifier: 04:C4:4E:E4:81:A3:B1:88:4B:03:F6:44:13:85:FB:DE:D2:CC:5E:98
Certificate issuer: /CN=709eb6eaaa49dd6b483e04b1434e4dac79ed9d31
Certificate serial: 018259868224C74D3550464898D7A549E281
Authority key identifier: 70:9E:B6:EA:AA:49:DD:6B:48:3E:04:B1:43:4E:4D:AC:79:ED:9D:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cJ626qpJ3WtIPgSxQ05NrHntnTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/4bebe7-3f8e-4949-8980-9f6fa0e1a5a5/1/BMRO5IGjsYhLA_ZEE4X73tLMXpg.roa
Signing time: Mon 01 Aug 2022 13:09:23 +0000
ROA not before: Mon 01 Aug 2022 13:09:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49825
IP address blocks: 195.211.76.0/23 maxlen: 24
195.211.76.0/22 maxlen: 24
195.211.78.0/23 maxlen: 24
194.165.1.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:59:86:82:24:c7:4d:35:50:46:48:98:d7:a5:49:e2:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=709eb6eaaa49dd6b483e04b1434e4dac79ed9d31
Validity
Not Before: Aug 1 13:09:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=04c44ee481a3b1884b03f6441385fbded2cc5e98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:87:14:e6:a4:7e:6d:9a:f0:b3:af:a0:46:fb:
13:49:49:cc:6b:8a:10:c5:50:56:44:08:98:ff:3e:
de:88:ce:2b:85:a7:1d:e7:6f:59:29:b7:e5:fc:a6:
f7:2e:f9:86:56:dc:dd:4b:05:ce:8d:f5:3b:99:b1:
3f:42:98:88:ea:c8:95:85:76:11:23:e8:f3:cf:34:
77:62:db:73:7d:d2:b9:47:ad:e7:b6:b3:ff:65:7c:
1a:07:a5:f5:a5:bb:19:5f:b0:f7:4c:4b:89:d7:9e:
9f:ed:c5:ff:6d:8b:fb:2d:88:46:6c:6d:f3:d1:c5:
36:e5:06:09:1a:3c:28:2a:08:94:c6:54:a4:3f:b2:
f5:1b:e1:fd:ed:dc:9c:bf:02:65:6b:6b:8f:c5:8c:
d3:e6:2a:d2:f5:a2:70:72:88:39:bd:06:5d:10:61:
8d:3a:2e:f2:fb:9c:f9:15:ca:fe:4c:8a:39:1c:0e:
ca:a4:ac:9f:21:ca:3a:f7:80:54:03:09:22:24:0f:
fb:a1:3a:63:d9:88:ba:22:b3:77:8a:d6:9f:d6:8c:
a6:4c:19:d5:fd:bb:8c:76:4f:2c:cf:22:bc:96:29:
46:73:77:8f:e7:e6:a4:84:12:88:fa:33:05:59:be:
1d:c8:b9:32:9f:56:f5:92:ee:09:b3:59:1d:cc:0a:
e3:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:C4:4E:E4:81:A3:B1:88:4B:03:F6:44:13:85:FB:DE:D2:CC:5E:98
X509v3 Authority Key Identifier:
keyid:70:9E:B6:EA:AA:49:DD:6B:48:3E:04:B1:43:4E:4D:AC:79:ED:9D:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJ626qpJ3WtIPgSxQ05NrHntnTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/4bebe7-3f8e-4949-8980-9f6fa0e1a5a5/1/BMRO5IGjsYhLA_ZEE4X73tLMXpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/4bebe7-3f8e-4949-8980-9f6fa0e1a5a5/1/cJ626qpJ3WtIPgSxQ05NrHntnTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.165.1.0/24
195.211.76.0/22
Signature Algorithm: sha256WithRSAEncryption
54:a6:7f:45:4b:1f:33:34:87:4c:13:54:c6:7b:06:4f:2a:64:
b0:c2:76:0f:10:67:17:17:c6:72:5e:60:97:2e:14:d7:88:44:
a2:49:67:e4:f5:96:fb:16:3d:18:06:26:06:0f:6e:68:c0:ba:
65:67:e2:10:c0:dd:51:92:5a:28:1d:93:45:62:36:19:1c:fb:
6a:be:c6:63:45:1d:9b:45:84:bf:90:43:8e:e8:09:3d:bc:41:
26:e9:60:79:a4:f7:ba:4c:c1:79:8e:02:c1:65:d0:e1:01:d8:
ae:58:f6:16:3b:27:fa:0a:91:83:93:3d:d7:16:9e:f2:ec:56:
49:a7:77:44:3d:e1:92:c6:99:f6:a2:ce:1e:44:8a:1a:08:b4:
97:69:93:80:10:40:a4:f5:1f:2a:d4:50:08:8b:3b:b0:cd:ee:
11:eb:47:f8:27:6f:dd:91:40:b4:ce:13:09:2c:83:92:f3:7d:
4a:37:62:58:3e:88:75:04:a4:8b:10:2f:21:3b:14:53:f2:81:
fd:b9:ab:4f:a7:9f:c5:5a:0f:c8:40:1b:fb:16:8a:06:e7:a4:
d5:a6:36:33:a6:be:bb:23:c1:bd:d8:18:10:4c:ca:84:f8:81:
3d:cd:b8:b0:1c:b1:99:89:d5:d5:8a:54:5f:89:9e:55:85:fc:
22:5b:74:e4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYJZhoIkx001UEZImNelSeKBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwOWViNmVhYWE0OWRkNmI0ODNlMDRiMTQzNGU0ZGFjNzll
ZDlkMzEwHhcNMjIwODAxMTMwOTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGM0NGVlNDgxYTNiMTg4NGIwM2Y2NDQxMzg1ZmJkZWQyY2M1ZTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIcU5qR+bZrws6+gRvsTSUnMa4oQ
xVBWRAiY/z7eiM4rhacd529ZKbfl/Kb3LvmGVtzdSwXOjfU7mbE/QpiI6siVhXYR
I+jzzzR3YttzfdK5R63ntrP/ZXwaB6X1pbsZX7D3TEuJ156f7cX/bYv7LYhGbG3z
0cU25QYJGjwoKgiUxlSkP7L1G+H97dycvwJla2uPxYzT5irS9aJwcog5vQZdEGGN
Oi7y+5z5Fcr+TIo5HA7KpKyfIco694BUAwkiJA/7oTpj2Yi6IrN3itaf1oymTBnV
/buMdk8szyK8lilGc3eP5+akhBKI+jMFWb4dyLkyn1b1ku4Js1kdzArjeQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFATETuSBo7GISwP2RBOF+97SzF6YMB8GA1UdIwQY
MBaAFHCetuqqSd1rSD4EsUNOTax57Z0xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0o2MjZxcEozV3RJUGdTeFEwNU5ySG50blRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy80YmViZTctM2Y4ZS00OTQ5LTg5ODAt
OWY2ZmEwZTFhNWE1LzEvQk1STzVJR2pzWWhMQV9aRUU0WDczdExNWHBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy80YmViZTctM2Y4ZS00OTQ5LTg5ODAtOWY2ZmEwZTFhNWE1
LzEvY0o2MjZxcEozV3RJUGdTeFEwNU5ySG50blRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwqUBAwQC
w9NMMA0GCSqGSIb3DQEBCwUAA4IBAQBUpn9FSx8zNIdME1TGewZPKmSwwnYPEGcX
F8ZyXmCXLhTXiESiSWfk9Zb7Fj0YBiYGD25owLplZ+IQwN1RklooHZNFYjYZHPtq
vsZjRR2bRYS/kEOO6Ak9vEEm6WB5pPe6TMF5jgLBZdDhAdiuWPYWOyf6CpGDkz3X
Fp7y7FZJp3dEPeGSxpn2os4eRIoaCLSXaZOAEECk9R8q1FAIizuwze4R60f4J2/d
kUC0zhMJLIOS831KN2JYPoh1BKSLEC8hOxRT8oH9uatPp5/FWg/IQBv7FooG56TV
pjYzpr67I8G92BgQTMqE+IE9zbiwHLGZidXVilRfiZ5VhfwiW3Tk
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:49 2023 by rpki-client on console.sobornost.net