Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/bOK68iohszH45h8LkJtKQ1x3dP8.roa
File: bOK68iohszH45h8LkJtKQ1x3dP8.roa (raw, json)
Hash identifier: m5k9UY7EJgqnevrRQ4XaxG/2Kop4EbMyE16w52FKEbI=
Subject key identifier: 6C:E2:BA:F2:2A:21:B3:31:F8:E6:1F:0B:90:9B:4A:43:5C:77:74:FF
Certificate issuer: /CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34
Certificate serial: 01877EA2587B976E7F3072A29C18B3C0338B
Authority key identifier: 1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/bOK68iohszH45h8LkJtKQ1x3dP8.roa
Signing time: Fri 14 Apr 2023 07:19:41 +0000
ROA not before: Fri 14 Apr 2023 07:19:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1921
IP address blocks: 193.46.135.0/24 maxlen: 24
193.46.133.0/24 maxlen: 24
193.46.134.0/24 maxlen: 24
194.0.24.0/24 maxlen: 24
194.0.25.0/24 maxlen: 24
194.0.26.0/24 maxlen: 24
185.102.12.0/24 maxlen: 24
193.46.132.0/24 maxlen: 24
193.46.128.0/24 maxlen: 24
193.46.129.0/24 maxlen: 24
193.46.130.0/24 maxlen: 24
193.46.131.0/24 maxlen: 24
2001:678:20::/48 maxlen: 48
2a02:850:ffe5::/48 maxlen: 48
2a02:850:ffe0::/48 maxlen: 48
2001:67c:1bc::/48 maxlen: 48
2001:678:24::/48 maxlen: 48
2a02:850:ffe4::/48 maxlen: 48
2a02:850:ffff::/48 maxlen: 48
2a02:850:ffe2::/48 maxlen: 48
2a02:850:ffe3::/48 maxlen: 48
2a02:850:ffe6::/48 maxlen: 48
2a02:850:ffe1::/48 maxlen: 48
2a02:850:ffe7::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7e:a2:58:7b:97:6e:7f:30:72:a2:9c:18:b3:c0:33:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34
Validity
Not Before: Apr 14 07:19:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ce2baf22a21b331f8e61f0b909b4a435c7774ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:a4:23:4e:9c:6f:fc:9b:86:f9:ca:a6:73:ba:
fa:15:49:a6:8f:23:58:7a:4c:ef:85:c3:a0:0a:5e:
b9:08:5a:ea:c1:4e:7d:a0:c8:0f:a1:71:b4:d1:d5:
94:34:f7:7f:c4:0e:a1:02:2f:21:38:6e:fd:c9:e3:
b5:c8:97:78:9f:f2:e7:0f:f1:a5:83:1b:3d:74:b4:
1a:f6:c7:bb:b5:72:de:8d:2f:a6:04:2c:30:a6:6c:
58:f1:df:c2:d9:d1:5b:8e:b3:28:1a:70:04:2c:57:
fc:42:2c:56:d5:a5:e6:6f:d2:48:6c:78:39:6d:de:
d6:ef:c1:0e:81:e9:f0:d8:1a:f5:18:01:d0:8b:8e:
43:6a:2e:a9:90:fb:de:84:90:96:5b:55:5a:b0:0d:
96:b2:b3:20:59:cd:6f:a1:1a:b9:83:3b:d4:ba:9a:
52:03:40:da:b8:0b:47:47:65:05:53:dc:da:43:e8:
96:c3:c6:ac:6e:11:0e:2b:fc:1f:ec:14:68:da:6a:
8a:f3:c2:06:60:ee:b5:7e:a4:ce:0b:6b:8f:68:29:
9d:cd:33:fa:dc:dc:82:25:0a:bd:8f:80:b7:08:bc:
6d:95:bf:dc:3d:fe:b7:64:63:47:72:28:4c:1d:06:
d8:1b:3e:13:5e:fe:9e:e9:cb:d1:c0:b4:c0:95:38:
25:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:E2:BA:F2:2A:21:B3:31:F8:E6:1F:0B:90:9B:4A:43:5C:77:74:FF
X509v3 Authority Key Identifier:
keyid:1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/bOK68iohszH45h8LkJtKQ1x3dP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.102.12.0/24
193.46.128.0/21
194.0.24.0-194.0.26.255
IPv6:
2001:678:20::/48
2001:678:24::/48
2001:67c:1bc::/48
2a02:850:ffe0::/45
2a02:850:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
4a:07:21:78:8f:14:da:c9:1c:b9:ae:d7:83:3a:d0:b7:6a:28:
58:bb:14:f6:75:37:f8:35:bf:e3:41:55:87:c7:51:ab:e4:fd:
f0:0c:25:5f:bf:5f:08:a2:7a:00:cf:ab:a7:12:43:23:6a:c5:
c1:65:1f:aa:6f:3e:1d:94:ca:ad:af:b0:60:3c:37:99:c3:8f:
77:e9:ea:4c:9b:e1:64:e1:f4:b3:e3:c2:b4:80:9b:aa:5d:16:
bc:1b:01:a2:ed:05:21:a5:c6:17:3c:e4:fc:7d:fc:c0:13:e3:
10:38:aa:3a:a6:79:36:00:a8:d0:5c:67:60:f2:bf:fc:9c:76:
52:b9:f9:67:a9:03:cf:28:85:cb:38:09:bb:99:4d:f6:41:c9:
3b:c4:ba:9d:b2:ee:e0:ea:c9:62:1d:03:d5:1e:5d:2f:21:4e:
77:43:ac:75:c9:fd:69:b4:66:95:cf:b0:89:cf:eb:24:08:9d:
0d:56:db:a9:c3:f0:cb:08:fc:a0:5d:69:1c:ed:8d:08:00:c8:
f0:3e:5c:55:72:61:99:da:4b:1d:e3:57:64:06:33:05:55:05:
a3:1c:73:cd:3f:0c:35:39:be:a1:38:da:3c:97:4c:d9:68:e0:
f0:d9:03:9c:9e:1b:cc:b9:db:4f:20:d8:db:a9:6e:cc:25:5d:
2c:3e:32:e8
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAYd+olh7l25/MHKinBizwDOLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMzkwYmZmNjVkY2VkY2E4MTNkN2ExMGQ3ZWMzMjhjMmY2
ZWFjMzQwHhcNMjMwNDE0MDcxOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2UyYmFmMjJhMjFiMzMxZjhlNjFmMGI5MDliNGE0MzVjNzc3NGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqQjTpxv/JuG+cqmc7r6FUmmjyNY
ekzvhcOgCl65CFrqwU59oMgPoXG00dWUNPd/xA6hAi8hOG79yeO1yJd4n/LnD/Gl
gxs9dLQa9se7tXLejS+mBCwwpmxY8d/C2dFbjrMoGnAELFf8QixW1aXmb9JIbHg5
bd7W78EOgenw2Br1GAHQi45Dai6pkPvehJCWW1VasA2WsrMgWc1voRq5gzvUuppS
A0DauAtHR2UFU9zaQ+iWw8asbhEOK/wf7BRo2mqK88IGYO61fqTOC2uPaCmdzTP6
3NyCJQq9j4C3CLxtlb/cPf63ZGNHcihMHQbYGz4TXv6e6cvRwLTAlTgltQIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFGziuvIqIbMx+OYfC5CbSkNcd3T/MB8GA1UdIwQY
MBaAFBw5C/9l3O3KgT16ENfsMowvbqw0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTIt
YTk3NjVlZGM3OTVjLzEvYk9LNjhpb2hzekg0NWg4TGtKdEtRMXgzZFA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTItYTk3NjVlZGM3OTVj
LzEvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzAgBAIAATAaAwQAuWYMAwQD
wS6AMAwDBAPCABgDBADCABowMwQCAAIwLQMHACABBngAIAMHACABBngAJAMHACAB
BnwBvAMHAyoCCFD/4AMHACoCCFD//zANBgkqhkiG9w0BAQsFAAOCAQEASgcheI8U
2skcua7XgzrQt2ooWLsU9nU3+DW/40FVh8dRq+T98AwlX79fCKJ6AM+rpxJDI2rF
wWUfqm8+HZTKra+wYDw3mcOPd+nqTJvhZOH0s+PCtICbql0WvBsBou0FIaXGFzzk
/H38wBPjEDiqOqZ5NgCo0FxnYPK//Jx2Urn5Z6kDzyiFyzgJu5lN9kHJO8S6nbLu
4OrJYh0D1R5dLyFOd0Osdcn9abRmlc+wic/rJAidDVbbqcPwywj8oF1pHO2NCADI
8D5cVXJhmdpLHeNXZAYzBVUFoxxzzT8MNTm+oTjaPJdM2Wjg8NkDnJ4bzLnbTyDY
26luzCVdLD4y6A==
-----END CERTIFICATE-----
Generated at Fri Apr 18 15:36:34 2025 by rpki-client