Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/36715a-32fc-4e9f-a577-5ac74dba17b8/1/BIs_rDnM60ELlHREyBcyVq_WRhA.roa
File: BIs_rDnM60ELlHREyBcyVq_WRhA.roa (raw, json)
Hash identifier: SHh6HvhS+r4j8M6eMS1e2dyUZgqlmAaO9x/tYZxOzKM=
Subject key identifier: 04:8B:3F:AC:39:CC:EB:41:0B:94:74:44:C8:17:32:56:AF:D6:46:10
Certificate issuer: /CN=456ecb3be1065e1e71589508bec6d74b5a7b1ed7
Certificate serial: 0185708CB5A5F230D9F8A76AAB927A4B566E
Authority key identifier: 45:6E:CB:3B:E1:06:5E:1E:71:58:95:08:BE:C6:D7:4B:5A:7B:1E:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RW7LO-EGXh5xWJUIvsbXS1p7Htc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/36715a-32fc-4e9f-a577-5ac74dba17b8/1/BIs_rDnM60ELlHREyBcyVq_WRhA.roa
Signing time: Mon 02 Jan 2023 03:35:47 +0000
ROA not before: Mon 02 Jan 2023 03:35:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196921
IP address blocks: 94.187.165.0/24 maxlen: 24
94.187.166.0/24 maxlen: 24
94.187.168.0/21 maxlen: 21
94.187.167.0/24 maxlen: 24
94.187.179.0/24 maxlen: 24
94.187.178.0/24 maxlen: 24
94.187.176.0/24 maxlen: 24
94.187.177.0/24 maxlen: 24
94.187.176.0/21 maxlen: 21
94.187.184.0/21 maxlen: 21
94.187.180.0/24 maxlen: 24
94.187.183.0/24 maxlen: 24
94.187.184.0/23 maxlen: 23
94.187.181.0/24 maxlen: 24
94.187.182.0/24 maxlen: 24
94.187.187.0/24 maxlen: 24
94.187.191.0/24 maxlen: 24
94.187.190.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:b5:a5:f2:30:d9:f8:a7:6a:ab:92:7a:4b:56:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=456ecb3be1065e1e71589508bec6d74b5a7b1ed7
Validity
Not Before: Jan 2 03:35:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=048b3fac39cceb410b947444c8173256afd64610
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:4b:0e:cf:3f:d9:4e:49:8f:86:50:84:ed:7b:
79:7c:9e:02:b6:c0:c7:42:f2:23:cb:83:16:b7:fe:
48:35:3e:15:93:72:16:68:a4:b0:23:50:1c:3f:e6:
4e:4b:bf:cb:4e:bb:5c:e6:14:75:c8:00:21:d0:89:
fb:ca:0d:6d:73:66:0b:f2:dd:41:9f:4a:cd:11:1d:
0a:9e:58:f7:15:6f:8d:a0:cb:d4:50:92:6b:8f:31:
74:de:12:90:65:4d:44:97:2a:c0:9a:6b:26:78:25:
f9:af:d0:cb:77:57:a6:b9:ab:3e:bd:6b:3f:6a:a0:
00:b7:b6:5a:7d:89:9e:e5:69:4f:95:57:47:70:23:
af:0f:41:10:fa:d3:5b:25:d6:23:22:72:5f:bc:ab:
76:57:46:0f:82:6b:91:c3:b9:53:0a:fb:af:e5:d9:
7f:b5:9d:c6:c6:3c:20:2f:67:9d:fe:85:01:c4:ae:
81:5c:16:8e:6c:1c:2b:2d:47:74:ab:8b:5b:71:60:
6a:7b:f7:69:ee:8f:39:38:8e:d3:fc:46:db:4d:1c:
75:73:07:5a:f4:29:e0:75:e7:2c:62:9d:bc:e3:20:
d7:5c:5f:a3:e5:cf:91:39:0b:08:6f:93:48:50:3d:
5c:62:b1:69:6e:fd:7c:37:00:75:f8:ee:8d:d7:86:
0e:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:8B:3F:AC:39:CC:EB:41:0B:94:74:44:C8:17:32:56:AF:D6:46:10
X509v3 Authority Key Identifier:
keyid:45:6E:CB:3B:E1:06:5E:1E:71:58:95:08:BE:C6:D7:4B:5A:7B:1E:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RW7LO-EGXh5xWJUIvsbXS1p7Htc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/36715a-32fc-4e9f-a577-5ac74dba17b8/1/BIs_rDnM60ELlHREyBcyVq_WRhA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/36715a-32fc-4e9f-a577-5ac74dba17b8/1/RW7LO-EGXh5xWJUIvsbXS1p7Htc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.187.165.0-94.187.191.255
Signature Algorithm: sha256WithRSAEncryption
59:ed:c6:e2:55:39:96:35:86:d6:7a:eb:4a:c9:a5:a3:ab:85:
0d:d2:ba:40:0c:06:17:0d:68:9f:20:8d:f9:3b:d6:89:d9:57:
cb:86:3e:6f:9e:a9:b6:28:89:50:0f:b1:89:f4:de:9e:ca:d5:
0a:07:4f:28:2d:b2:29:1b:8f:a0:41:d2:ee:84:ab:b8:82:9c:
30:41:56:77:39:83:b4:5c:3c:75:1e:86:b3:fb:59:83:99:a5:
c1:00:9a:08:e7:ba:4c:93:67:89:7d:ad:7b:88:44:b2:69:e0:
52:dc:2f:ad:72:05:ab:a7:86:18:74:fd:df:47:5d:db:30:ca:
76:c5:fa:4b:c2:b0:42:17:a2:3e:a7:e2:7c:b7:46:cc:e4:65:
e1:d4:6d:d5:56:4c:01:6a:b3:e1:6a:90:7b:f7:f1:49:f1:75:
e5:f6:2a:08:1a:f0:52:e4:09:9e:1b:66:f3:0b:f5:99:92:a2:
c6:9f:8d:73:ec:75:7d:49:4a:e5:fb:af:8b:b8:dd:25:bf:6e:
c2:d2:ca:90:e5:4d:02:22:77:2c:4c:8c:a9:51:c6:ec:51:4b:
48:69:3f:65:8b:36:7b:73:e5:ab:53:06:31:2c:f6:2f:6d:ae:
35:c8:e7:ab:70:ed:a7:1d:2d:48:ad:cd:9f:fe:e4:97:25:9e:
2d:9c:67:0a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVwjLWl8jDZ+Kdqq5J6S1ZuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NmVjYjNiZTEwNjVlMWU3MTU4OTUwOGJlYzZkNzRiNWE3
YjFlZDcwHhcNMjMwMTAyMDMzNTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDhiM2ZhYzM5Y2NlYjQxMGI5NDc0NDRjODE3MzI1NmFmZDY0NjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUsOzz/ZTkmPhlCE7Xt5fJ4CtsDH
QvIjy4MWt/5INT4Vk3IWaKSwI1AcP+ZOS7/LTrtc5hR1yAAh0In7yg1tc2YL8t1B
n0rNER0Knlj3FW+NoMvUUJJrjzF03hKQZU1ElyrAmmsmeCX5r9DLd1emuas+vWs/
aqAAt7ZafYme5WlPlVdHcCOvD0EQ+tNbJdYjInJfvKt2V0YPgmuRw7lTCvuv5dl/
tZ3GxjwgL2ed/oUBxK6BXBaObBwrLUd0q4tbcWBqe/dp7o85OI7T/EbbTRx1cwda
9CngdecsYp284yDXXF+j5c+ROQsIb5NIUD1cYrFpbv18NwB1+O6N14YOkwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFASLP6w5zOtBC5R0RMgXMlav1kYQMB8GA1UdIwQY
MBaAFEVuyzvhBl4ecViVCL7G10taex7XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlc3TE8tRUdYaDV4V0pVSXZzYlhTMXA3SHRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zNjcxNWEtMzJmYy00ZTlmLWE1Nzct
NWFjNzRkYmExN2I4LzEvQklzX3JEbk02MEVMbEhSRXlCY3lWcV9XUmhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zNjcxNWEtMzJmYy00ZTlmLWE1NzctNWFjNzRkYmExN2I4
LzEvUlc3TE8tRUdYaDV4V0pVSXZzYlhTMXA3SHRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABeu6UD
BAZeu4AwDQYJKoZIhvcNAQELBQADggEBAFntxuJVOZY1htZ660rJpaOrhQ3SukAM
BhcNaJ8gjfk71onZV8uGPm+eqbYoiVAPsYn03p7K1QoHTygtsikbj6BB0u6Eq7iC
nDBBVnc5g7RcPHUehrP7WYOZpcEAmgjnukyTZ4l9rXuIRLJp4FLcL61yBaunhhh0
/d9HXdswynbF+kvCsEIXoj6n4ny3RszkZeHUbdVWTAFqs+FqkHv38UnxdeX2Kgga
8FLkCZ4bZvML9ZmSosafjXPsdX1JSuX7r4u43SW/bsLSypDlTQIidyxMjKlRxuxR
S0hpP2WLNntz5atTBjEs9i9trjXI56tw7acdLUitzZ/+5Jclni2cZwo=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:45 2025 by rpki-client