Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/ace373-b81b-400c-845c-9628f5266542/1/bVsZYAtGaGjJ9GDKWIYtBVRx0Kg.roa
File: bVsZYAtGaGjJ9GDKWIYtBVRx0Kg.roa (raw, json)
Hash identifier: KRjftLN22+vH7tqQ4vLb758v/t6CGrmYT/5oRd2ERMc=
Subject key identifier: 6D:5B:19:60:0B:46:68:68:C9:F4:60:CA:58:86:2D:05:54:71:D0:A8
Certificate issuer: /CN=bd4e6edd26ef1b16d848e98130e6fc4450b32752
Certificate serial: 301580C4
Authority key identifier: BD:4E:6E:DD:26:EF:1B:16:D8:48:E9:81:30:E6:FC:44:50:B3:27:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vU5u3SbvGxbYSOmBMOb8RFCzJ1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/ace373-b81b-400c-845c-9628f5266542/1/bVsZYAtGaGjJ9GDKWIYtBVRx0Kg.roa
Signing time: Sat 01 Jan 2022 15:03:06 +0000
ROA not before: Sat 01 Jan 2022 15:03:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9051
IP address blocks: 194.26.4.0/22 maxlen: 24
80.89.176.0/20 maxlen: 24
2a06:b940::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 806715588 (0x301580c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd4e6edd26ef1b16d848e98130e6fc4450b32752
Validity
Not Before: Jan 1 15:03:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6d5b19600b466868c9f460ca58862d055471d0a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:12:84:2e:d4:4f:58:5b:74:f1:84:1d:bd:0a:
39:6a:4d:81:8a:7d:ca:0c:d5:96:a6:c2:c2:5f:4c:
48:9e:3b:53:88:5c:f7:3c:6a:30:84:6d:e0:e0:7c:
c4:fb:ca:a9:e5:d8:5c:a2:de:f9:a9:6a:63:5d:5e:
43:e4:c6:38:74:fe:61:14:9b:53:f9:fa:13:c2:f7:
df:a7:a8:e9:3c:16:04:e8:02:12:1b:aa:89:a2:02:
d3:1a:3b:11:b8:29:79:22:49:e7:8c:58:11:e7:da:
2e:77:05:37:bd:db:88:ab:2f:e1:1f:82:53:55:df:
e0:2b:41:3b:04:94:71:c5:e1:86:f6:b5:12:27:8e:
0d:db:40:2e:cc:a2:ca:a8:1c:96:ac:f1:a1:27:27:
7e:d5:59:c5:9d:00:57:22:31:d7:6b:1f:ac:7c:90:
ae:f2:e2:6e:f3:53:55:0f:e0:17:e0:33:64:dd:d8:
5f:7f:d6:28:82:b1:22:16:0a:c0:72:c0:dd:d6:15:
43:bb:87:c7:50:fb:51:45:ec:6a:6e:71:8b:4a:f2:
34:23:e4:54:a1:6c:0a:a9:1b:bc:8f:19:4c:26:01:
e6:5e:f9:eb:f9:eb:f9:32:a0:db:d5:5d:18:0d:6b:
b5:c7:6f:87:37:e1:a1:15:4b:8a:7d:57:4e:c9:2d:
e8:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:5B:19:60:0B:46:68:68:C9:F4:60:CA:58:86:2D:05:54:71:D0:A8
X509v3 Authority Key Identifier:
keyid:BD:4E:6E:DD:26:EF:1B:16:D8:48:E9:81:30:E6:FC:44:50:B3:27:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vU5u3SbvGxbYSOmBMOb8RFCzJ1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ace373-b81b-400c-845c-9628f5266542/1/bVsZYAtGaGjJ9GDKWIYtBVRx0Kg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ace373-b81b-400c-845c-9628f5266542/1/vU5u3SbvGxbYSOmBMOb8RFCzJ1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.89.176.0/20
194.26.4.0/22
IPv6:
2a06:b940::/29
Signature Algorithm: sha256WithRSAEncryption
8b:f1:d5:f2:f2:ab:7e:11:d2:15:26:be:a3:eb:ab:01:fc:bc:
f2:58:26:4c:57:96:b3:94:0b:7a:de:cb:00:f3:0c:a9:4a:4f:
fb:80:76:48:55:2b:99:8d:3b:85:56:54:1f:82:37:f2:9c:60:
0d:8f:22:f3:dc:c0:08:66:28:1a:61:2d:30:ed:3d:63:01:40:
c5:d9:02:47:53:a5:c9:ac:06:a6:88:27:44:32:f2:ff:61:ef:
5c:cc:70:40:a0:ef:86:3d:04:d7:68:fd:58:ea:c4:5b:de:49:
71:db:16:2e:6e:d6:bc:20:c5:84:a0:73:85:70:3f:c1:24:bb:
9b:ce:64:65:76:c0:4f:55:c5:d8:97:81:4b:64:cc:1f:02:54:
ec:0c:f8:02:44:dd:99:b6:7f:09:2e:f9:40:14:93:50:42:77:
53:a4:6e:d1:d7:e7:54:84:4f:5a:d5:ea:bc:a0:4c:be:86:a9:
48:66:bc:69:ff:3f:f6:4c:15:30:58:00:c9:ec:1c:6c:30:8e:
08:42:6b:8b:a2:0e:81:84:98:c2:b4:06:b9:55:4c:6a:d4:1c:
f9:f2:8d:09:fd:9c:e0:18:f6:5c:f5:8a:d1:2f:52:ec:f1:86:
a4:4a:bd:3f:f0:11:32:8b:2f:13:30:3c:3a:26:47:3c:36:66:
6f:f8:29:bc
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEMBWAxDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZDRlNmVkZDI2ZWYxYjE2ZDg0OGU5ODEzMGU2ZmM0NDUwYjMyNzUyMB4XDTIyMDEw
MTE1MDMwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmQ1YjE5NjAwYjQ2
Njg2OGM5ZjQ2MGNhNTg4NjJkMDU1NDcxZDBhODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKoShC7UT1hbdPGEHb0KOWpNgYp9ygzVlqbCwl9MSJ47U4hc
9zxqMIRt4OB8xPvKqeXYXKLe+alqY11eQ+TGOHT+YRSbU/n6E8L336eo6TwWBOgC
EhuqiaIC0xo7EbgpeSJJ54xYEefaLncFN73biKsv4R+CU1Xf4CtBOwSUccXhhva1
EieODdtALsyiyqgclqzxoScnftVZxZ0AVyIx12sfrHyQrvLibvNTVQ/gF+AzZN3Y
X3/WKIKxIhYKwHLA3dYVQ7uHx1D7UUXsam5xi0ryNCPkVKFsCqkbvI8ZTCYB5l75
6/nr+TKg29VdGA1rtcdvhzfhoRVLin1XTskt6K8CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBRtWxlgC0ZoaMn0YMpYhi0FVHHQqDAfBgNVHSMEGDAWgBS9Tm7dJu8bFthI
6YEw5vxEULMnUjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZVNXUzU2J2R3hiWVNPbUJNT2I4UkZDekoxSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzMvYWNlMzczLWI4MWItNDAwYy04NDVjLTk2MjhmNTI2NjU0Mi8x
L2JWc1pZQXRHYUdqSjlHREtXSVl0QlZSeDBLZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMv
YWNlMzczLWI4MWItNDAwYy04NDVjLTk2MjhmNTI2NjU0Mi8xL3ZVNXUzU2J2R3hi
WVNPbUJNT2I4UkZDekoxSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBFBZsAMEAsIaBDANBAIAAjAHAwUD
Kga5QDANBgkqhkiG9w0BAQsFAAOCAQEAi/HV8vKrfhHSFSa+o+urAfy88lgmTFeW
s5QLet7LAPMMqUpP+4B2SFUrmY07hVZUH4I38pxgDY8i89zACGYoGmEtMO09YwFA
xdkCR1OlyawGpognRDLy/2HvXMxwQKDvhj0E12j9WOrEW95JcdsWLm7WvCDFhKBz
hXA/wSS7m85kZXbAT1XF2JeBS2TMHwJU7Az4AkTdmbZ/CS75QBSTUEJ3U6Ru0dfn
VIRPWtXqvKBMvoapSGa8af8/9kwVMFgAyewcbDCOCEJri6IOgYSYwrQGuVVMatQc
+fKNCf2c4Bj2XPWK0S9S7PGGpEq9P/ARMosvEzA8OiZHPDZmb/gpvA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:35 2025 by rpki-client