Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/BZXZMfieQmfoIRbwEU80cS4iQwk.roa
File: BZXZMfieQmfoIRbwEU80cS4iQwk.roa (raw, json)
Hash identifier: wiJ+xBFvRXppX05ueaTGr+iIA0vy3FZhAH8A1D4AlCs=
Subject key identifier: 05:95:D9:31:F8:9E:42:67:E8:21:16:F0:11:4F:34:71:2E:22:43:09
Certificate issuer: /CN=979f5ca8c33f134c3c157d48b9c2ae4e91b630bf
Certificate serial: 01913AC6FB8D797D5B6A0BA19F9DACA9A40F
Authority key identifier: 97:9F:5C:A8:C3:3F:13:4C:3C:15:7D:48:B9:C2:AE:4E:91:B6:30:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/BZXZMfieQmfoIRbwEU80cS4iQwk.roa
Signing time: Sat 10 Aug 2024 05:33:24 +0000
ROA not before: Sat 10 Aug 2024 05:33:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6424
IP address blocks: 103.243.124.0/22 maxlen: 22
146.19.95.0/24 maxlen: 24
146.19.249.0/24 maxlen: 24
185.112.251.0/24 maxlen: 24
185.166.144.0/24 maxlen: 24
188.93.192.0/21 maxlen: 24
188.93.196.0/24 maxlen: 24
188.93.198.0/24 maxlen: 24
188.93.199.0/24 maxlen: 24
193.107.13.0/24 maxlen: 24
193.109.184.0/21 maxlen: 24
193.109.184.0/24 maxlen: 24
193.163.151.0/24 maxlen: 24
212.52.23.0/24 maxlen: 24
2001:b18::/32 maxlen: 48
2001:b18:a::/48 maxlen: 48
2001:b18:b::/48 maxlen: 48
2001:b18:1016::/48 maxlen: 48
2001:b18:1020::/48 maxlen: 48
2001:b18:1031::/48 maxlen: 48
2a0d:82c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:3a:c6:fb:8d:79:7d:5b:6a:0b:a1:9f:9d:ac:a9:a4:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=979f5ca8c33f134c3c157d48b9c2ae4e91b630bf
Validity
Not Before: Aug 10 05:33:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0595d931f89e4267e82116f0114f34712e224309
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:02:fd:4e:a6:ed:f5:59:55:eb:86:a1:83:87:
aa:07:32:18:b8:f9:ab:46:05:1f:e5:bc:27:35:02:
f3:15:00:bd:35:ad:e1:11:f0:c1:43:9e:77:f3:08:
a8:4e:19:71:0f:c5:9b:7c:cc:a1:12:2a:0b:06:e7:
5f:2d:71:15:51:11:29:0c:ad:ea:46:64:be:45:ee:
15:29:6a:d7:da:88:4e:c7:f2:20:f5:62:3a:73:df:
e1:4a:8c:04:ff:f9:d0:78:03:90:ce:b9:a4:34:e5:
38:7e:28:ea:43:82:a2:86:1c:76:45:0d:36:18:a4:
a2:75:a9:af:fd:9e:ab:b3:e1:7b:47:94:23:c6:60:
25:be:05:bb:d7:02:bc:b9:93:68:45:98:22:a8:35:
b9:5a:82:7f:56:4f:ff:b6:34:fd:be:e5:d8:9e:d7:
e0:80:b1:85:95:e8:4d:bb:cd:e2:0f:34:41:e6:9b:
58:c7:0a:d7:ed:a7:c2:17:72:18:2c:34:20:b7:f7:
fc:05:7f:eb:de:ea:78:56:7d:e3:5b:d8:e6:15:ec:
3d:02:c0:e0:39:43:61:0f:80:f2:42:7d:1a:96:1a:
38:37:5d:a0:50:38:4e:08:2a:01:cf:1b:f9:97:15:
44:4f:b0:6b:34:36:4d:03:a2:8a:e3:cb:84:96:36:
73:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:95:D9:31:F8:9E:42:67:E8:21:16:F0:11:4F:34:71:2E:22:43:09
X509v3 Authority Key Identifier:
keyid:97:9F:5C:A8:C3:3F:13:4C:3C:15:7D:48:B9:C2:AE:4E:91:B6:30:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/BZXZMfieQmfoIRbwEU80cS4iQwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/l59cqMM_E0w8FX1IucKuTpG2ML8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.243.124.0/22
146.19.95.0/24
146.19.249.0/24
185.112.251.0/24
185.166.144.0/24
188.93.192.0/21
193.107.13.0/24
193.109.184.0/21
193.163.151.0/24
212.52.23.0/24
IPv6:
2001:b18::/32
2a0d:82c0::/29
Signature Algorithm: sha256WithRSAEncryption
8f:f7:20:d0:aa:bc:6b:95:42:85:c3:26:07:04:42:7a:c8:21:
dd:b6:58:51:1d:2f:31:29:49:1d:92:7c:40:8f:a2:4b:1d:cd:
c4:32:90:37:47:65:c3:01:a8:f9:13:20:f9:cd:bf:81:1c:8d:
87:52:34:0e:4d:3f:59:39:b3:08:dc:e3:4e:28:bf:50:73:99:
fa:11:35:7c:d8:0f:ce:7e:81:9e:dc:cf:49:bf:5c:0c:6d:50:
47:ab:ed:1a:39:94:2a:0f:6d:08:f3:44:b4:92:ba:3b:d8:8f:
61:f9:d9:8f:b9:1e:c7:2e:dd:cb:df:bd:48:f7:d2:a6:8b:50:
43:a5:fa:20:0c:c1:92:6d:b7:1e:f1:61:e7:27:da:ca:65:ba:
9e:55:20:c6:a3:16:de:8b:0c:ee:fb:c9:4d:9c:6e:5a:97:08:
5d:bf:6f:c5:ff:f5:e3:e0:8b:dd:70:c9:fc:6d:dd:1c:94:9b:
6c:f9:df:21:a4:d7:10:ce:d5:6d:2b:6d:14:1c:96:02:01:f3:
84:af:f3:4e:97:6e:c6:f0:7c:7c:d1:00:0f:1a:b7:91:7b:7c:
53:66:41:98:4a:7a:02:ad:ad:fb:e8:31:e3:5e:c9:1c:27:0a:
b1:cc:26:36:18:cf:64:ea:5f:b9:d3:c5:73:58:78:35:e6:1c:
d2:12:82:3c
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZE6xvuNeX1baguhn52sqaQPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OWY1Y2E4YzMzZjEzNGMzYzE1N2Q0OGI5YzJhZTRlOTFi
NjMwYmYwHhcNMjQwODEwMDUzMzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTk1ZDkzMWY4OWU0MjY3ZTgyMTE2ZjAxMTRmMzQ3MTJlMjI0MzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQL9Tqbt9VlV64ahg4eqBzIYuPmr
RgUf5bwnNQLzFQC9Na3hEfDBQ5538wioThlxD8WbfMyhEioLBudfLXEVUREpDK3q
RmS+Re4VKWrX2ohOx/Ig9WI6c9/hSowE//nQeAOQzrmkNOU4fijqQ4Kihhx2RQ02
GKSidamv/Z6rs+F7R5QjxmAlvgW71wK8uZNoRZgiqDW5WoJ/Vk//tjT9vuXYntfg
gLGFlehNu83iDzRB5ptYxwrX7afCF3IYLDQgt/f8BX/r3up4Vn3jW9jmFew9AsDg
OUNhD4DyQn0alho4N12gUDhOCCoBzxv5lxVET7BrNDZNA6KK48uEljZzFwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFAWV2TH4nkJn6CEW8BFPNHEuIkMJMB8GA1UdIwQY
MBaAFJefXKjDPxNMPBV9SLnCrk6RtjC/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDU5Y3FNTV9FMHc4RlgxSXVjS3VUcEcyTUw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9mNjU2MTAtNTlmNi00YWQ2LWE5ZDgt
MTQ3MGFjMzY0ZGQyLzEvQlpYWk1maWVRbWZvSVJid0VVODBjUzRpUXdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9mNjU2MTAtNTlmNi00YWQ2LWE5ZDgtMTQ3MGFjMzY0ZGQy
LzEvbDU5Y3FNTV9FMHc4RlgxSXVjS3VUcEcyTUw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBCBAIAATA8AwQCZ/N8AwQA
khNfAwQAkhP5AwQAuXD7AwQAuaaQAwQDvF3AAwQAwWsNAwQDwW24AwQAwaOXAwQA
1DQXMBQEAgACMA4DBQAgAQsYAwUDKg2CwDANBgkqhkiG9w0BAQsFAAOCAQEAj/cg
0Kq8a5VChcMmBwRCesgh3bZYUR0vMSlJHZJ8QI+iSx3NxDKQN0dlwwGo+RMg+c2/
gRyNh1I0Dk0/WTmzCNzjTii/UHOZ+hE1fNgPzn6BntzPSb9cDG1QR6vtGjmUKg9t
CPNEtJK6O9iPYfnZj7kexy7dy9+9SPfSpotQQ6X6IAzBkm23HvFh5yfaymW6nlUg
xqMW3osM7vvJTZxuWpcIXb9vxf/14+CL3XDJ/G3dHJSbbPnfIaTXEM7VbSttFByW
AgHzhK/zTpduxvB8fNEADxq3kXt8U2ZBmEp6Aq2t++gx417JHCcKscwmNhjPZOpf
udPFc1h4NeYc0hKCPA==
-----END CERTIFICATE-----
Generated at Fri Jul 25 00:23:29 2025 by rpki-client