Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/024554-7aa6-4c9f-a487-df7b45be46c7/1/B5owOrdWGbR8OSD5k6l2G793XXA.roa
File: B5owOrdWGbR8OSD5k6l2G793XXA.roa (raw, json)
Hash identifier: eaK5eEZwzwplyq7gaaPLSGGuR7NNwSK72OYMB5BnLvs=
Subject key identifier: 07:9A:30:3A:B7:56:19:B4:7C:39:20:F9:93:A9:76:1B:BF:77:5D:70
Certificate issuer: /CN=28069b4ec047c6c2d80a4992e4228b317cc8b20c
Certificate serial: 01856D93E9DCF80CFEFB20AF0B51CA16783E
Authority key identifier: 28:06:9B:4E:C0:47:C6:C2:D8:0A:49:92:E4:22:8B:31:7C:C8:B2:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KAabTsBHxsLYCkmS5CKLMXzIsgw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/024554-7aa6-4c9f-a487-df7b45be46c7/1/B5owOrdWGbR8OSD5k6l2G793XXA.roa
Signing time: Sun 01 Jan 2023 13:44:48 +0000
ROA not before: Sun 01 Jan 2023 13:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212435
IP address blocks: 193.163.76.0/24 maxlen: 24
2a12:4b80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:93:e9:dc:f8:0c:fe:fb:20:af:0b:51:ca:16:78:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28069b4ec047c6c2d80a4992e4228b317cc8b20c
Validity
Not Before: Jan 1 13:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=079a303ab75619b47c3920f993a9761bbf775d70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ce:c4:c5:ee:dc:27:0f:76:8b:be:39:bb:dc:
fb:ac:65:6e:f0:3d:76:93:87:ad:69:09:f2:a3:3d:
8a:d3:cd:00:ea:21:7c:b4:2f:11:ab:e8:76:18:6a:
a9:0b:ce:6f:6c:2b:4f:23:82:a4:6b:11:b3:a8:d4:
27:74:73:31:75:8c:02:34:d2:54:5e:dd:e4:bc:d2:
3e:f5:ef:0b:f8:81:92:e0:43:3f:5d:70:d4:ec:61:
72:8e:e6:96:2f:8e:8b:3a:01:27:4f:63:01:ab:54:
b6:99:ff:15:d4:75:4c:4c:cb:2a:f7:f3:39:fc:4d:
1d:cc:1c:64:65:e4:5a:ad:e1:92:e2:78:b5:dd:a2:
2a:c7:64:68:42:98:f8:0d:1e:54:22:d1:b8:a7:be:
26:d9:32:48:2a:8b:b3:af:e6:e5:c9:93:5b:0f:d6:
74:f8:82:35:46:2c:2f:74:55:5d:53:c7:89:5b:b0:
0e:1e:dc:86:6e:6e:ce:11:1a:f5:a1:b5:6f:d2:d3:
12:12:14:e8:54:47:73:0e:e8:2c:96:64:01:62:c5:
c7:d3:26:a8:7b:d4:b6:df:6c:ae:f4:ff:7d:7b:ce:
ac:63:48:2e:33:e5:b8:ca:20:81:c9:9e:16:df:b3:
4a:44:f1:b7:84:f9:54:ab:85:4c:bc:78:af:4d:cf:
30:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:9A:30:3A:B7:56:19:B4:7C:39:20:F9:93:A9:76:1B:BF:77:5D:70
X509v3 Authority Key Identifier:
keyid:28:06:9B:4E:C0:47:C6:C2:D8:0A:49:92:E4:22:8B:31:7C:C8:B2:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KAabTsBHxsLYCkmS5CKLMXzIsgw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/024554-7aa6-4c9f-a487-df7b45be46c7/1/B5owOrdWGbR8OSD5k6l2G793XXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/024554-7aa6-4c9f-a487-df7b45be46c7/1/KAabTsBHxsLYCkmS5CKLMXzIsgw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.163.76.0/24
IPv6:
2a12:4b80::/29
Signature Algorithm: sha256WithRSAEncryption
52:23:4d:5d:73:74:7b:7e:b7:c7:4b:c0:90:d9:63:d2:c6:c7:
48:fe:77:4c:1d:40:d4:10:06:1d:3a:26:5c:bb:70:03:ff:cd:
32:46:8d:81:e4:d3:19:83:db:0a:fc:3d:98:5e:7c:21:7b:c4:
e5:e6:63:8b:fb:b5:ca:43:55:45:57:f5:c6:31:d9:86:f8:20:
9a:02:61:f6:d1:0c:fd:76:0d:a7:aa:4a:d8:6a:59:eb:26:4f:
4d:67:99:9a:b1:5c:19:77:57:c6:05:d2:69:6d:c2:10:9d:f8:
85:b2:96:42:44:94:c3:bc:bc:b2:9b:52:72:3b:5f:d2:34:64:
f8:6f:a4:f2:2e:69:5d:a1:38:dd:d6:89:4e:89:67:61:67:c7:
5e:02:12:f9:ab:0e:19:c4:dd:f1:0f:62:c7:02:ad:ad:b8:97:
9f:6e:86:cb:90:e3:f6:55:4f:00:3a:6f:0d:3d:4e:e2:b8:77:
c8:ad:97:23:30:e4:aa:16:68:21:2b:54:d3:6e:3b:c8:67:1a:
9e:eb:54:15:d9:b5:49:df:cf:96:6f:48:43:2a:6a:f5:99:a7:
52:e8:23:8e:45:6d:92:c0:8a:4b:54:89:91:5a:39:03:23:f8:
3c:c9:02:b4:21:87:72:c2:1e:34:08:4e:14:12:b4:83:5d:97:
41:6e:57:e4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtk+nc+Az++yCvC1HKFng+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MDY5YjRlYzA0N2M2YzJkODBhNDk5MmU0MjI4YjMxN2Nj
OGIyMGMwHhcNMjMwMTAxMTM0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzlhMzAzYWI3NTYxOWI0N2MzOTIwZjk5M2E5NzYxYmJmNzc1ZDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu87Exe7cJw92i745u9z7rGVu8D12
k4etaQnyoz2K080A6iF8tC8Rq+h2GGqpC85vbCtPI4KkaxGzqNQndHMxdYwCNNJU
Xt3kvNI+9e8L+IGS4EM/XXDU7GFyjuaWL46LOgEnT2MBq1S2mf8V1HVMTMsq9/M5
/E0dzBxkZeRareGS4ni13aIqx2RoQpj4DR5UItG4p74m2TJIKouzr+blyZNbD9Z0
+II1RiwvdFVdU8eJW7AOHtyGbm7OERr1obVv0tMSEhToVEdzDugslmQBYsXH0yao
e9S232yu9P99e86sY0guM+W4yiCByZ4W37NKRPG3hPlUq4VMvHivTc8wWwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAeaMDq3Vhm0fDkg+ZOpdhu/d11wMB8GA1UdIwQY
MBaAFCgGm07AR8bC2ApJkuQiizF8yLIMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0FhYlRzQkh4c0xZQ2ttUzVDS0xNWHpJc2d3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8wMjQ1NTQtN2FhNi00YzlmLWE0ODct
ZGY3YjQ1YmU0NmM3LzEvQjVvd09yZFdHYlI4T1NENWs2bDJHNzkzWFhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8wMjQ1NTQtN2FhNi00YzlmLWE0ODctZGY3YjQ1YmU0NmM3
LzEvS0FhYlRzQkh4c0xZQ2ttUzVDS0xNWHpJc2d3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwaNMMA0E
AgACMAcDBQMqEkuAMA0GCSqGSIb3DQEBCwUAA4IBAQBSI01dc3R7frfHS8CQ2WPS
xsdI/ndMHUDUEAYdOiZcu3AD/80yRo2B5NMZg9sK/D2YXnwhe8Tl5mOL+7XKQ1VF
V/XGMdmG+CCaAmH20Qz9dg2nqkrYalnrJk9NZ5masVwZd1fGBdJpbcIQnfiFspZC
RJTDvLyym1JyO1/SNGT4b6TyLmldoTjd1olOiWdhZ8deAhL5qw4ZxN3xD2LHAq2t
uJefbobLkOP2VU8AOm8NPU7iuHfIrZcjMOSqFmghK1TTbjvIZxqe61QV2bVJ38+W
b0hDKmr1madS6COORW2SwIpLVImRWjkDI/g8yQK0IYdywh40CE4UErSDXZdBblfk
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:53 2025 by rpki-client