Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/a87aec-beaa-4aeb-a48e-8f34bd391d18/1/bhss1TPNH7nzEqM-usKJR8uVPbQ.roa
File: bhss1TPNH7nzEqM-usKJR8uVPbQ.roa (raw, json)
Hash identifier: k7Ep2E9McK+9RdOtBDOf7Q9sxwuFQU3kAJPt2LTrH0Y=
Subject key identifier: 6E:1B:2C:D5:33:CD:1F:B9:F3:12:A3:3E:BA:C2:89:47:CB:95:3D:B4
Certificate issuer: /CN=a5ee926f1f1537b9be75eb4b9d792df41d25cd99
Certificate serial: 01C5FD
Authority key identifier: A5:EE:92:6F:1F:15:37:B9:BE:75:EB:4B:9D:79:2D:F4:1D:25:CD:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pe6Sbx8VN7m-detLnXkt9B0lzZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/a87aec-beaa-4aeb-a48e-8f34bd391d18/1/bhss1TPNH7nzEqM-usKJR8uVPbQ.roa
Signing time: Mon 02 May 2022 10:38:03 +0000
ROA not before: Mon 02 May 2022 10:38:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 38998
IP address blocks: 193.111.68.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116221 (0x1c5fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5ee926f1f1537b9be75eb4b9d792df41d25cd99
Validity
Not Before: May 2 10:38:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6e1b2cd533cd1fb9f312a33ebac28947cb953db4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:cf:2c:60:01:6a:a2:0f:eb:d0:9e:3a:67:b3:
c3:14:86:09:64:54:4a:91:74:bd:db:ce:0b:09:6e:
b7:53:99:ee:a1:62:aa:d6:03:d6:34:15:35:18:1f:
2f:23:c0:86:b5:24:a1:53:44:a8:e4:cb:19:db:d2:
1e:ed:ff:6a:0b:d7:b4:ef:59:9d:ba:51:98:55:8a:
17:e8:75:52:16:52:aa:0e:be:8b:db:23:a0:43:a1:
a6:86:d4:bc:d2:04:55:e9:38:1a:7a:97:d2:e6:5a:
6d:99:8e:ad:35:38:28:4c:1b:83:b6:83:4d:99:52:
88:80:c3:9a:e1:a9:56:62:79:40:ef:d3:b7:cb:16:
91:ee:21:02:a7:54:57:44:fe:a9:01:fc:34:eb:dc:
7e:7d:7f:3a:f4:77:34:68:f8:9e:7e:a9:eb:a3:97:
ec:58:2b:24:6b:ee:83:6f:80:09:10:a5:71:cb:17:
9a:f5:99:b8:a0:57:be:12:eb:f8:e7:04:4c:a0:10:
42:35:dd:86:4f:fc:5c:0a:66:61:68:ab:e2:15:80:
1d:6b:6b:a0:85:c3:57:b0:57:1b:23:e7:9e:31:40:
1d:b4:25:95:b5:ca:22:88:b7:1e:48:3e:29:48:80:
67:7c:99:6f:13:91:cd:80:98:9e:77:9e:5a:cd:47:
0c:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:1B:2C:D5:33:CD:1F:B9:F3:12:A3:3E:BA:C2:89:47:CB:95:3D:B4
X509v3 Authority Key Identifier:
keyid:A5:EE:92:6F:1F:15:37:B9:BE:75:EB:4B:9D:79:2D:F4:1D:25:CD:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pe6Sbx8VN7m-detLnXkt9B0lzZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/a87aec-beaa-4aeb-a48e-8f34bd391d18/1/bhss1TPNH7nzEqM-usKJR8uVPbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/a87aec-beaa-4aeb-a48e-8f34bd391d18/1/pe6Sbx8VN7m-detLnXkt9B0lzZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.68.0/23
Signature Algorithm: sha256WithRSAEncryption
af:16:09:28:10:e2:39:e9:3d:41:e1:4e:06:4b:e8:15:fe:d1:
a4:e9:15:d9:7b:ed:17:46:2c:5f:f2:6d:b6:a8:bf:46:0c:12:
de:fb:1f:17:cb:3a:5a:ee:52:e8:08:c3:4b:d3:86:f8:ef:a0:
ab:a0:9b:80:07:c2:56:9a:24:12:12:ec:c0:21:dc:3f:d7:32:
c8:16:63:a3:ae:89:c3:c2:48:97:fd:10:17:0c:31:f3:28:95:
d0:a1:9a:c7:9d:5d:7f:82:b7:9b:f1:99:99:8d:31:8c:94:35:
56:fe:48:21:b5:51:38:7a:a6:f3:ad:d7:f0:6b:03:ff:02:1d:
f6:7d:35:1f:2b:79:49:67:5b:99:47:73:8f:f0:4a:4c:d7:02:
3a:18:a5:b3:aa:b7:40:6b:f5:36:e6:da:ed:38:0c:26:14:90:
ab:6b:31:aa:e1:be:c5:a9:44:ec:8e:3b:2c:c9:9c:eb:bb:c4:
fc:5b:cf:07:7e:ed:32:f4:0c:35:ca:bb:8d:25:66:57:d6:45:
94:18:73:6a:c4:cb:f8:f2:23:12:ae:e0:1b:57:26:b5:cb:df:
4d:57:26:37:cf:9a:7a:be:b3:8c:82:a9:4d:87:ed:bc:6b:c1:
12:03:b7:2e:07:fe:35:28:0a:80:78:b9:ff:30:83:3e:96:eb:
71:04:7a:66
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAcX9MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE1
ZWU5MjZmMWYxNTM3YjliZTc1ZWI0YjlkNzkyZGY0MWQyNWNkOTkwHhcNMjIwNTAy
MTAzODAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2ZTFiMmNkNTMzY2Qx
ZmI5ZjMxMmEzM2ViYWMyODk0N2NiOTUzZGI0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuc8sYAFqog/r0J46Z7PDFIYJZFRKkXS9284LCW63U5nuoWKq
1gPWNBU1GB8vI8CGtSShU0So5MsZ29Ie7f9qC9e071mdulGYVYoX6HVSFlKqDr6L
2yOgQ6GmhtS80gRV6TgaepfS5lptmY6tNTgoTBuDtoNNmVKIgMOa4alWYnlA79O3
yxaR7iECp1RXRP6pAfw069x+fX869Hc0aPiefqnro5fsWCska+6Db4AJEKVxyxea
9Zm4oFe+Euv45wRMoBBCNd2GT/xcCmZhaKviFYAda2ughcNXsFcbI+eeMUAdtCWV
tcoiiLceSD4pSIBnfJlvE5HNgJied55azUcM0wIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFG4bLNUzzR+58xKjPrrCiUfLlT20MB8GA1UdIwQYMBaAFKXukm8fFTe5vnXr
S515LfQdJc2ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cGU2U2J4OFZON20tZGV0TG5Ya3Q5QjBselprLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wOC9hODdhZWMtYmVhYS00YWViLWE0OGUtOGYzNGJkMzkxZDE4LzEv
YmhzczFUUE5IN256RXFNLXVzS0pSOHVWUGJRLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9h
ODdhZWMtYmVhYS00YWViLWE0OGUtOGYzNGJkMzkxZDE4LzEvcGU2U2J4OFZON20t
ZGV0TG5Ya3Q5QjBselprLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwW9EMA0GCSqGSIb3DQEBCwUAA4IB
AQCvFgkoEOI56T1B4U4GS+gV/tGk6RXZe+0XRixf8m22qL9GDBLe+x8Xyzpa7lLo
CMNL04b476CroJuAB8JWmiQSEuzAIdw/1zLIFmOjronDwkiX/RAXDDHzKJXQoZrH
nV1/greb8ZmZjTGMlDVW/kghtVE4eqbzrdfwawP/Ah32fTUfK3lJZ1uZR3OP8EpM
1wI6GKWzqrdAa/U25trtOAwmFJCrazGq4b7FqUTsjjssyZzru8T8W88Hfu0y9Aw1
yruNJWZX1kWUGHNqxMv48iMSruAbVya1y99NVyY3z5p6vrOMgqlNh+28a8ESA7cu
B/41KAqAeLn/MIM+lutxBHpm
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:11 2025 by rpki-client