Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/f2d9e9-eeff-4633-a189-6bbb27081de2/1/bofXW0Clp4ykGvio6VE_wUvnX0E.roa
File: bofXW0Clp4ykGvio6VE_wUvnX0E.roa (raw, json)
Hash identifier: YLJDvdcOUCcsUMMjQZcwLod9Vc/GWL1D8aWGr9VKLCc=
Subject key identifier: 6E:87:D7:5B:40:A5:A7:8C:A4:1A:F8:A8:E9:51:3F:C1:4B:E7:5F:41
Certificate issuer: /CN=c946c4befe0fbbe3624bd748296b5fe2e7ec2d68
Certificate serial: 0187D92F377A803289D67989FCC5FE7808B8
Authority key identifier: C9:46:C4:BE:FE:0F:BB:E3:62:4B:D7:48:29:6B:5F:E2:E7:EC:2D:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yUbEvv4Pu-NiS9dIKWtf4ufsLWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/f2d9e9-eeff-4633-a189-6bbb27081de2/1/bofXW0Clp4ykGvio6VE_wUvnX0E.roa
Signing time: Mon 01 May 2023 21:19:22 +0000
ROA not before: Mon 01 May 2023 21:19:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58007
IP address blocks: 194.8.28.0/24 maxlen: 24
2a13:4380::/32 maxlen: 48
2a13:4380:10::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:d9:2f:37:7a:80:32:89:d6:79:89:fc:c5:fe:78:08:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c946c4befe0fbbe3624bd748296b5fe2e7ec2d68
Validity
Not Before: May 1 21:19:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e87d75b40a5a78ca41af8a8e9513fc14be75f41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:23:fe:0f:20:9d:85:b8:15:a3:33:71:b7:e4:
20:32:ef:d0:4f:ad:1b:a0:27:b1:40:e3:78:15:fd:
38:20:ee:3c:d1:16:73:46:35:33:b0:45:7e:0e:b8:
01:34:6a:3e:0d:f0:44:d6:18:dc:c3:1f:d8:4c:e3:
91:0d:13:0c:a9:92:65:11:1a:d9:6f:4d:2a:f1:b3:
2c:e1:c0:66:fb:ce:21:c7:e8:52:28:e9:23:95:6e:
f1:9c:ac:3b:22:e7:c6:0d:e0:3d:1f:a9:d7:d1:8a:
8c:80:3a:81:6e:2c:3a:36:5d:67:5d:28:8c:50:b3:
74:dd:32:21:7a:11:c8:46:83:45:1a:5e:d6:d4:ad:
e2:a9:58:64:08:a5:de:09:b4:e4:f3:bb:12:70:f5:
06:cc:69:60:51:11:84:6c:99:34:83:43:ac:95:52:
27:23:b7:3d:ab:40:36:7e:5f:3e:d5:91:5e:57:a8:
e2:09:ba:95:d3:0d:0e:7c:96:c2:11:1b:94:a2:d2:
4a:6a:a6:1d:54:94:fc:1d:76:a7:56:83:3e:36:e9:
eb:5f:0e:69:61:ef:b3:ca:12:2a:80:ed:1c:6d:a2:
ce:06:72:70:13:d2:54:66:92:4f:48:42:8a:bc:c9:
39:cc:41:5e:aa:d7:04:b9:ac:0c:47:7e:32:f6:c4:
2e:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:87:D7:5B:40:A5:A7:8C:A4:1A:F8:A8:E9:51:3F:C1:4B:E7:5F:41
X509v3 Authority Key Identifier:
keyid:C9:46:C4:BE:FE:0F:BB:E3:62:4B:D7:48:29:6B:5F:E2:E7:EC:2D:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yUbEvv4Pu-NiS9dIKWtf4ufsLWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/f2d9e9-eeff-4633-a189-6bbb27081de2/1/bofXW0Clp4ykGvio6VE_wUvnX0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/f2d9e9-eeff-4633-a189-6bbb27081de2/1/yUbEvv4Pu-NiS9dIKWtf4ufsLWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.8.28.0/24
IPv6:
2a13:4380::/32
Signature Algorithm: sha256WithRSAEncryption
ac:8f:a0:63:ad:50:c6:13:33:5d:87:a2:e7:6a:67:99:da:53:
61:60:78:46:70:97:90:ba:c8:ee:36:1d:0c:00:35:2b:74:04:
4c:a0:9e:e8:95:c8:21:1d:49:1f:48:bf:71:07:66:4f:14:ab:
a8:81:b3:11:7f:6e:06:ba:ae:be:57:a9:c2:04:69:91:c5:35:
5b:7f:0f:e4:c2:e2:08:28:49:3e:a7:5d:96:48:fc:9e:23:28:
6e:89:c6:c4:6d:23:76:84:73:53:c6:90:48:56:ca:31:5f:50:
57:d0:e5:50:9d:44:e5:ef:f8:d2:5c:ab:eb:1b:3b:04:8e:ca:
e3:81:d7:d2:15:0a:b5:d1:1e:19:6e:ab:b2:10:ee:84:52:2f:
60:64:f0:50:e0:08:61:49:a6:e8:f5:e8:73:ce:4c:cc:55:14:
83:82:c0:66:1e:8a:66:f1:46:60:b2:07:ef:8f:e4:1a:3a:97:
21:15:9b:d8:aa:2e:ed:56:b9:48:15:17:b5:ca:1f:43:05:72:
d6:99:92:af:d9:49:99:c6:a6:2c:2e:65:9c:58:14:a2:3d:a5:
81:f9:2d:74:1d:ad:2a:82:40:74:74:67:80:2d:1c:d7:39:8e:
80:79:48:97:c3:60:bf:1d:c4:32:d7:34:65:8b:28:91:59:b6:
dd:7a:36:d6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYfZLzd6gDKJ1nmJ/MX+eAi4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5NDZjNGJlZmUwZmJiZTM2MjRiZDc0ODI5NmI1ZmUyZTdl
YzJkNjgwHhcNMjMwNTAxMjExOTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTg3ZDc1YjQwYTVhNzhjYTQxYWY4YThlOTUxM2ZjMTRiZTc1ZjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0yP+DyCdhbgVozNxt+QgMu/QT60b
oCexQON4Ff04IO480RZzRjUzsEV+DrgBNGo+DfBE1hjcwx/YTOORDRMMqZJlERrZ
b00q8bMs4cBm+84hx+hSKOkjlW7xnKw7IufGDeA9H6nX0YqMgDqBbiw6Nl1nXSiM
ULN03TIhehHIRoNFGl7W1K3iqVhkCKXeCbTk87sScPUGzGlgURGEbJk0g0OslVIn
I7c9q0A2fl8+1ZFeV6jiCbqV0w0OfJbCERuUotJKaqYdVJT8HXanVoM+NunrXw5p
Ye+zyhIqgO0cbaLOBnJwE9JUZpJPSEKKvMk5zEFeqtcEuawMR34y9sQu6wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG6H11tApaeMpBr4qOlRP8FL519BMB8GA1UdIwQY
MBaAFMlGxL7+D7vjYkvXSClrX+Ln7C1oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVViRXZ2NFB1LU5pUzlkSUtXdGY0dWZzTFdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9mMmQ5ZTktZWVmZi00NjMzLWExODkt
NmJiYjI3MDgxZGUyLzEvYm9mWFcwQ2xwNHlrR3ZpbzZWRV93VXZuWDBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9mMmQ5ZTktZWVmZi00NjMzLWExODktNmJiYjI3MDgxZGUy
LzEveVViRXZ2NFB1LU5pUzlkSUtXdGY0dWZzTFdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwggcMA0E
AgACMAcDBQAqE0OAMA0GCSqGSIb3DQEBCwUAA4IBAQCsj6BjrVDGEzNdh6LnameZ
2lNhYHhGcJeQusjuNh0MADUrdARMoJ7olcghHUkfSL9xB2ZPFKuogbMRf24Guq6+
V6nCBGmRxTVbfw/kwuIIKEk+p12WSPyeIyhuicbEbSN2hHNTxpBIVsoxX1BX0OVQ
nUTl7/jSXKvrGzsEjsrjgdfSFQq10R4ZbquyEO6EUi9gZPBQ4AhhSabo9ehzzkzM
VRSDgsBmHopm8UZgsgfvj+QaOpchFZvYqi7tVrlIFRe1yh9DBXLWmZKv2UmZxqYs
LmWcWBSiPaWB+S10Ha0qgkB0dGeALRzXOY6AeUiXw2C/HcQy1zRliyiRWbbdejbW
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:30:37 2025 by rpki-client