Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/bhUc2CwymBmnDZr1rGLyO3vMCcI.roa
File: bhUc2CwymBmnDZr1rGLyO3vMCcI.roa (raw, json)
Hash identifier: 7yMSonKT4FWzspligEzI9wxCfMe9Gga4VogAzI+rhhk=
Subject key identifier: 6E:15:1C:D8:2C:32:98:19:A7:0D:9A:F5:AC:62:F2:3B:7B:CC:09:C2
Certificate issuer: /CN=b14aba8b60749393478e83c360e6cbd75d156f89
Certificate serial: 01866B46F344A1F1B447C3CA38BD8AFB03B6
Authority key identifier: B1:4A:BA:8B:60:74:93:93:47:8E:83:C3:60:E6:CB:D7:5D:15:6F:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sUq6i2B0k5NHjoPDYObL110Vb4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/bhUc2CwymBmnDZr1rGLyO3vMCcI.roa
Signing time: Sun 19 Feb 2023 20:04:17 +0000
ROA not before: Sun 19 Feb 2023 20:04:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200040
IP address blocks: 188.124.17.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:6b:46:f3:44:a1:f1:b4:47:c3:ca:38:bd:8a:fb:03:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b14aba8b60749393478e83c360e6cbd75d156f89
Validity
Not Before: Feb 19 20:04:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e151cd82c329819a70d9af5ac62f23b7bcc09c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:e7:09:59:90:05:56:f6:11:3e:d7:6b:24:b5:
8b:18:29:cd:94:92:b1:40:57:e5:da:70:1d:5f:03:
82:c9:f0:0f:13:dd:96:15:2d:e5:b6:7f:94:e0:61:
ae:98:9e:88:7e:39:17:82:16:6f:74:0e:9c:24:47:
49:32:1e:f8:43:b8:99:c7:e6:4a:2b:25:f2:53:da:
25:ed:ab:b0:b8:60:07:18:c2:c7:c7:7e:30:83:e1:
dc:5d:45:2c:a3:77:0f:a5:58:e4:8c:c6:1f:af:71:
2f:1e:4b:67:db:cd:6c:93:67:ce:56:d0:ff:3d:3a:
d7:af:aa:3b:f8:5d:b0:9b:c6:55:31:f4:19:ff:d6:
88:d9:62:2c:7f:a2:76:c6:75:be:db:e6:ea:a0:4e:
c3:4e:6c:50:0b:be:9f:40:25:bc:ac:12:8c:59:09:
e3:4e:21:33:01:3f:1a:21:7d:e4:4f:60:cc:be:21:
de:23:68:ff:8f:bd:2d:42:d6:5f:92:3b:78:49:b5:
f9:28:f9:bf:e4:74:27:ba:8f:c1:ff:47:04:81:d3:
f7:43:58:2e:b9:e9:11:fc:bc:c6:f2:31:90:65:15:
d1:99:e1:df:ff:27:64:95:76:db:98:9b:96:4f:bf:
df:46:80:96:4b:33:12:ca:8a:21:68:4a:eb:e4:10:
56:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:15:1C:D8:2C:32:98:19:A7:0D:9A:F5:AC:62:F2:3B:7B:CC:09:C2
X509v3 Authority Key Identifier:
keyid:B1:4A:BA:8B:60:74:93:93:47:8E:83:C3:60:E6:CB:D7:5D:15:6F:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sUq6i2B0k5NHjoPDYObL110Vb4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/bhUc2CwymBmnDZr1rGLyO3vMCcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/sUq6i2B0k5NHjoPDYObL110Vb4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.124.17.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:87:8f:9a:fe:c5:6d:1f:ea:20:e2:96:ea:1b:ea:3e:90:70:
2a:0f:d7:cb:83:e4:14:28:61:2e:0e:f5:78:db:b5:d7:89:3e:
5b:26:3b:42:0f:b3:6b:e2:0a:7e:b6:62:67:bc:50:69:44:7b:
fa:69:8a:e0:62:dd:af:54:54:19:25:1d:fd:1c:7a:05:82:a4:
a2:bc:af:03:cf:4f:3b:b1:a9:b1:d5:3f:03:11:66:df:02:ec:
d9:0e:ae:49:20:55:d4:89:9e:25:7d:71:24:ce:75:69:00:61:
df:ab:10:69:18:a8:21:db:dd:ae:73:c2:a1:89:bb:fb:11:af:
60:b6:35:f8:e8:20:cb:a2:fd:9a:b9:41:66:05:f1:71:c2:68:
5f:b7:57:ce:6e:b2:8a:dd:73:1d:40:f9:1e:19:06:1d:95:f3:
bc:99:06:7e:a7:0a:df:d1:2f:75:70:b9:16:19:a9:ab:fb:77:
33:5d:24:43:2a:b3:32:19:9e:14:0e:30:b3:35:66:0d:07:d2:
cc:e9:83:a4:d0:b8:37:cb:2b:0b:3b:9b:6b:86:6d:2a:27:ec:
56:a6:21:67:75:ba:fe:f8:16:96:47:4a:2d:36:c0:10:32:b6:
4a:7c:9c:1c:68:7b:a4:62:b3:9d:23:0d:da:39:c5:0c:1e:7a:
d6:e5:5b:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZrRvNEofG0R8PKOL2K+wO2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNGFiYThiNjA3NDkzOTM0NzhlODNjMzYwZTZjYmQ3NWQx
NTZmODkwHhcNMjMwMjE5MjAwNDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTE1MWNkODJjMzI5ODE5YTcwZDlhZjVhYzYyZjIzYjdiY2MwOWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiecJWZAFVvYRPtdrJLWLGCnNlJKx
QFfl2nAdXwOCyfAPE92WFS3ltn+U4GGumJ6IfjkXghZvdA6cJEdJMh74Q7iZx+ZK
KyXyU9ol7auwuGAHGMLHx34wg+HcXUUso3cPpVjkjMYfr3EvHktn281sk2fOVtD/
PTrXr6o7+F2wm8ZVMfQZ/9aI2WIsf6J2xnW+2+bqoE7DTmxQC76fQCW8rBKMWQnj
TiEzAT8aIX3kT2DMviHeI2j/j70tQtZfkjt4SbX5KPm/5HQnuo/B/0cEgdP3Q1gu
uekR/LzG8jGQZRXRmeHf/ydklXbbmJuWT7/fRoCWSzMSyoohaErr5BBWQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG4VHNgsMpgZpw2a9axi8jt7zAnCMB8GA1UdIwQY
MBaAFLFKuotgdJOTR46Dw2Dmy9ddFW+JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1VxNmkyQjBrNU5Iam9QRFlPYkwxMTBWYjRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi80NjE2ODUtMDczZS00MWFmLTliYjYt
Y2Y2YzMwNTIxMmViLzEvYmhVYzJDd3ltQm1uRFpyMXJHTHlPM3ZNQ2NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi80NjE2ODUtMDczZS00MWFmLTliYjYtY2Y2YzMwNTIxMmVi
LzEvc1VxNmkyQjBrNU5Iam9QRFlPYkwxMTBWYjRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvHwRMA0G
CSqGSIb3DQEBCwUAA4IBAQA7h4+a/sVtH+og4pbqG+o+kHAqD9fLg+QUKGEuDvV4
27XXiT5bJjtCD7Nr4gp+tmJnvFBpRHv6aYrgYt2vVFQZJR39HHoFgqSivK8Dz087
samx1T8DEWbfAuzZDq5JIFXUiZ4lfXEkznVpAGHfqxBpGKgh292uc8Khibv7Ea9g
tjX46CDLov2auUFmBfFxwmhft1fObrKK3XMdQPkeGQYdlfO8mQZ+pwrf0S91cLkW
Gamr+3czXSRDKrMyGZ4UDjCzNWYNB9LM6YOk0Lg3yysLO5trhm0qJ+xWpiFndbr+
+BaWR0otNsAQMrZKfJwcaHukYrOdIw3aOcUMHnrW5Vs9
-----END CERTIFICATE-----
Generated at Wed Apr 23 01:05:14 2025 by rpki-client