Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/ecb45e-2db6-4b54-bc91-0596296f12de/1/B8lf7E8wzRpYW1zOiiO5UR6nHrk.roa
File: B8lf7E8wzRpYW1zOiiO5UR6nHrk.roa (raw, json)
Hash identifier: ZtJnF2wUb8Qb0ndm3GXD7KC97NOwMBcHAuNzH93xgOA=
Subject key identifier: 07:C9:5F:EC:4F:30:CD:1A:58:5B:5C:CE:8A:23:B9:51:1E:A7:1E:B9
Certificate issuer: /CN=b45e62270d20f9467a6afc78963dbcfb80fbf52a
Certificate serial: 018570FBADE1C2EEF29195E526C33445C481
Authority key identifier: B4:5E:62:27:0D:20:F9:46:7A:6A:FC:78:96:3D:BC:FB:80:FB:F5:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tF5iJw0g-UZ6avx4lj28-4D79So.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/ecb45e-2db6-4b54-bc91-0596296f12de/1/B8lf7E8wzRpYW1zOiiO5UR6nHrk.roa
Signing time: Mon 02 Jan 2023 05:37:00 +0000
ROA not before: Mon 02 Jan 2023 05:37:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2607
IP address blocks: 193.87.0.0/16 maxlen: 17
194.160.0.0/16 maxlen: 17
2001:4118::/32 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:ad:e1:c2:ee:f2:91:95:e5:26:c3:34:45:c4:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b45e62270d20f9467a6afc78963dbcfb80fbf52a
Validity
Not Before: Jan 2 05:37:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=07c95fec4f30cd1a585b5cce8a23b9511ea71eb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:9a:3c:93:f7:d1:50:68:8f:95:7f:e9:b0:07:
a1:7a:07:a6:61:b3:b7:1a:00:45:50:89:3f:56:9a:
9a:ab:67:03:09:36:af:2a:ff:a7:9b:fb:26:fb:af:
83:7e:c1:25:35:2f:7c:c5:03:1c:f9:51:1c:30:97:
08:6e:66:d5:c8:51:80:74:92:3d:69:6e:10:74:a6:
61:db:f0:4f:13:81:25:f5:2d:06:9f:0d:80:02:8e:
fe:9e:a7:27:cc:02:f7:b1:7f:8b:33:15:c9:0f:f0:
d5:53:6d:af:29:76:8d:15:e5:5d:84:55:69:7a:7b:
eb:02:35:8b:3b:7c:5c:95:cb:b0:e4:b8:73:94:e3:
c4:34:2c:08:fd:49:05:17:e4:ef:50:8e:b6:58:06:
2b:43:50:54:70:05:65:1f:10:90:fa:ff:b1:2a:e1:
40:94:21:92:1e:8c:b8:1a:61:4c:e5:60:fc:e1:41:
a3:be:16:61:d7:fe:dd:66:5c:5f:a5:0b:60:0b:a0:
36:48:6a:63:91:0d:a6:b7:c7:9a:0f:d9:e8:b9:85:
11:9d:31:75:3b:06:d5:34:ca:8e:7a:c4:f1:23:39:
04:5f:07:91:1b:e8:47:0c:46:58:5b:c9:43:bd:a6:
cf:39:0c:26:2d:1b:16:80:23:08:f6:8f:21:a8:3c:
7e:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:C9:5F:EC:4F:30:CD:1A:58:5B:5C:CE:8A:23:B9:51:1E:A7:1E:B9
X509v3 Authority Key Identifier:
keyid:B4:5E:62:27:0D:20:F9:46:7A:6A:FC:78:96:3D:BC:FB:80:FB:F5:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tF5iJw0g-UZ6avx4lj28-4D79So.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/ecb45e-2db6-4b54-bc91-0596296f12de/1/B8lf7E8wzRpYW1zOiiO5UR6nHrk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/ecb45e-2db6-4b54-bc91-0596296f12de/1/tF5iJw0g-UZ6avx4lj28-4D79So.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.87.0.0/16
194.160.0.0/16
IPv6:
2001:4118::/32
Signature Algorithm: sha256WithRSAEncryption
50:0c:6a:6e:53:a8:c5:0a:3e:15:8f:06:36:63:d4:07:0b:c0:
20:f7:bd:e4:2f:05:23:ce:33:aa:d4:0d:30:75:79:d5:01:97:
b3:31:1c:a4:b9:a5:dd:66:08:1d:0d:36:e3:45:9b:d0:32:1e:
6b:bf:53:ef:a1:eb:82:6d:24:b8:fc:6b:23:88:98:ee:45:01:
45:f4:44:47:85:fe:d6:28:79:1b:48:25:6b:6c:49:90:50:af:
2a:87:50:fd:64:68:49:a7:04:4e:e7:ee:b7:35:7c:7c:e6:12:
31:ff:1b:0a:a5:25:61:75:f6:57:69:fd:bb:11:af:3c:d2:6d:
cf:91:31:77:07:f9:75:17:3a:d5:ad:31:4f:a6:74:de:66:4c:
6b:06:1b:70:eb:1d:3a:c5:8f:51:53:57:7a:95:db:08:ef:b0:
c8:c3:6f:6d:09:bc:9e:13:34:d7:e9:8f:1f:02:79:dc:f0:71:
20:06:ae:c0:19:c6:44:30:44:08:85:eb:9e:25:47:4b:01:7e:
3a:f9:80:0f:00:0b:26:e7:6c:90:04:af:15:f6:eb:b4:82:49:
45:f6:0f:5c:b5:37:25:71:57:63:02:06:d2:ee:26:02:2e:b4:
92:94:52:7f:56:00:7a:dc:ea:c0:e5:7c:12:82:30:dd:6a:41:
7c:4b:bf:05
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYVw+63hwu7ykZXlJsM0RcSBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NWU2MjI3MGQyMGY5NDY3YTZhZmM3ODk2M2RiY2ZiODBm
YmY1MmEwHhcNMjMwMTAyMDUzNzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2M5NWZlYzRmMzBjZDFhNTg1YjVjY2U4YTIzYjk1MTFlYTcxZWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5o8k/fRUGiPlX/psAehegemYbO3
GgBFUIk/Vpqaq2cDCTavKv+nm/sm+6+DfsElNS98xQMc+VEcMJcIbmbVyFGAdJI9
aW4QdKZh2/BPE4El9S0Gnw2AAo7+nqcnzAL3sX+LMxXJD/DVU22vKXaNFeVdhFVp
envrAjWLO3xclcuw5LhzlOPENCwI/UkFF+TvUI62WAYrQ1BUcAVlHxCQ+v+xKuFA
lCGSHoy4GmFM5WD84UGjvhZh1/7dZlxfpQtgC6A2SGpjkQ2mt8eaD9nouYURnTF1
OwbVNMqOesTxIzkEXweRG+hHDEZYW8lDvabPOQwmLRsWgCMI9o8hqDx+bwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFAfJX+xPMM0aWFtczoojuVEepx65MB8GA1UdIwQY
MBaAFLReYicNIPlGemr8eJY9vPuA+/UqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEY1aUp3MGctVVo2YXZ4NGxqMjgtNEQ3OVNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9lY2I0NWUtMmRiNi00YjU0LWJjOTEt
MDU5NjI5NmYxMmRlLzEvQjhsZjdFOHd6UnBZVzF6T2lpTzVVUjZuSHJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9lY2I0NWUtMmRiNi00YjU0LWJjOTEtMDU5NjI5NmYxMmRl
LzEvdEY1aUp3MGctVVo2YXZ4NGxqMjgtNEQ3OVNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAQBAIAATAKAwMAwVcDAwDC
oDANBAIAAjAHAwUAIAFBGDANBgkqhkiG9w0BAQsFAAOCAQEAUAxqblOoxQo+FY8G
NmPUBwvAIPe95C8FI84zqtQNMHV51QGXszEcpLml3WYIHQ0240Wb0DIea79T76Hr
gm0kuPxrI4iY7kUBRfRER4X+1ih5G0gla2xJkFCvKodQ/WRoSacETufutzV8fOYS
Mf8bCqUlYXX2V2n9uxGvPNJtz5Exdwf5dRc61a0xT6Z03mZMawYbcOsdOsWPUVNX
epXbCO+wyMNvbQm8nhM01+mPHwJ53PBxIAauwBnGRDBECIXrniVHSwF+OvmADwAL
JudskASvFfbrtIJJRfYPXLU3JXFXYwIG0u4mAi60kpRSf1YAetzqwOV8EoIw3WpB
fEu/BQ==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:47:56 2025 by rpki-client