Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/4393e8-5f59-4d57-8198-5c0c46d04ee1/1/bsWNWHN_6d67UCDN-YnP6LcB4O4.roa
File: bsWNWHN_6d67UCDN-YnP6LcB4O4.roa (raw, json)
Hash identifier: cCToTRDy1j4g7W3pzKbcB3VGNLrLfqh86pJOWpc14Rg=
Subject key identifier: 6E:C5:8D:58:73:7F:E9:DE:BB:50:20:CD:F9:89:CF:E8:B7:01:E0:EE
Certificate issuer: /CN=e4ff5bbf540c65954b9913a68c24d174de97d829
Certificate serial: 0186BBDFF04FD5A9A6B6F6FF8D2C675C6A21
Authority key identifier: E4:FF:5B:BF:54:0C:65:95:4B:99:13:A6:8C:24:D1:74:DE:97:D8:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5P9bv1QMZZVLmROmjCTRdN6X2Ck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/4393e8-5f59-4d57-8198-5c0c46d04ee1/1/bsWNWHN_6d67UCDN-YnP6LcB4O4.roa
Signing time: Tue 07 Mar 2023 11:41:00 +0000
ROA not before: Tue 07 Mar 2023 11:41:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49910
IP address blocks: 77.232.252.0/23 maxlen: 24
2a12:9940::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:bb:df:f0:4f:d5:a9:a6:b6:f6:ff:8d:2c:67:5c:6a:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4ff5bbf540c65954b9913a68c24d174de97d829
Validity
Not Before: Mar 7 11:41:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ec58d58737fe9debb5020cdf989cfe8b701e0ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ec:6d:dd:8d:20:c4:17:4a:c4:0e:da:70:2e:
56:5e:d7:3c:63:21:1d:8e:47:92:ac:3c:a6:cc:bd:
cb:29:bd:27:85:f0:96:98:c5:d8:cb:b8:87:27:23:
d8:d1:da:0f:c2:43:73:54:1c:6f:41:54:69:2f:67:
99:ab:3f:f3:c0:2d:12:47:f5:6f:23:6a:e5:68:46:
3c:96:1a:8a:54:f7:fa:01:61:70:49:2e:05:93:05:
f1:ae:01:b3:b5:4c:45:62:49:b5:de:79:ba:34:b6:
22:bd:c0:1a:87:5a:17:6e:ea:e2:9d:7e:40:2c:24:
c9:a4:16:d0:3a:4c:10:41:31:1c:4b:ff:3a:a0:fb:
42:f8:16:d3:6d:ac:45:65:63:08:da:01:cc:b6:b2:
6e:93:83:90:67:c9:48:27:0b:e4:34:02:28:40:2c:
28:d7:31:f4:57:77:8a:42:78:95:cd:08:46:23:7e:
4f:1d:48:84:a2:85:43:39:89:0f:f4:dd:fa:9b:7f:
98:91:41:f4:60:35:60:53:ad:a4:4a:03:a1:bd:fb:
e9:2e:fa:8d:4a:35:91:20:2c:4a:e5:eb:de:82:87:
39:52:56:7f:a7:74:40:b8:84:59:f6:2b:cd:45:81:
65:9c:51:de:09:3f:d5:20:cb:91:b2:2d:84:89:7d:
9c:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:C5:8D:58:73:7F:E9:DE:BB:50:20:CD:F9:89:CF:E8:B7:01:E0:EE
X509v3 Authority Key Identifier:
keyid:E4:FF:5B:BF:54:0C:65:95:4B:99:13:A6:8C:24:D1:74:DE:97:D8:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5P9bv1QMZZVLmROmjCTRdN6X2Ck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4393e8-5f59-4d57-8198-5c0c46d04ee1/1/bsWNWHN_6d67UCDN-YnP6LcB4O4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4393e8-5f59-4d57-8198-5c0c46d04ee1/1/5P9bv1QMZZVLmROmjCTRdN6X2Ck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.232.252.0/23
IPv6:
2a12:9940::/29
Signature Algorithm: sha256WithRSAEncryption
b5:35:ea:52:70:78:57:84:77:e8:cb:be:bc:e8:f7:1e:e4:82:
fb:94:3a:cf:2e:24:47:1d:a5:e6:8f:14:9d:8b:91:07:69:30:
4b:5e:79:c1:98:93:92:e9:53:6a:3f:a3:51:29:36:c6:d5:4f:
ec:29:8d:0b:75:04:d0:4e:18:5c:6a:9f:72:1d:7e:ac:01:73:
d9:36:4d:a1:1d:60:df:4b:42:cb:a1:01:32:a7:63:c6:4f:bf:
1a:d0:53:28:49:82:e4:ab:57:1b:56:23:f5:4c:e8:14:a8:44:
7e:c5:a2:67:ac:d3:2c:91:2e:1f:e6:33:6a:39:db:32:17:63:
05:0f:6a:2c:6e:e3:e4:80:de:69:97:8b:b0:82:ca:9b:3b:a6:
c7:2d:f7:0a:b9:20:53:bf:2d:4b:05:63:c2:6a:39:d7:00:64:
6f:d8:a0:0e:f2:50:e9:72:de:c8:56:e4:dd:0e:3f:17:68:8d:
1e:48:50:b6:ea:dc:80:d1:75:ce:e9:5e:e8:04:82:d5:cc:62:
0d:db:a2:ec:7e:da:00:84:4a:a2:7c:5b:2e:40:b7:a2:13:14:
a5:57:1e:a1:46:62:b5:de:b9:9a:23:43:a3:05:4c:b1:13:03:
61:08:df:3b:87:7e:ee:7a:d8:c4:8b:e0:60:b4:89:25:5e:05:
6b:28:80:e3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYa73/BP1ammtvb/jSxnXGohMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0ZmY1YmJmNTQwYzY1OTU0Yjk5MTNhNjhjMjRkMTc0ZGU5
N2Q4MjkwHhcNMjMwMzA3MTE0MTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWM1OGQ1ODczN2ZlOWRlYmI1MDIwY2RmOTg5Y2ZlOGI3MDFlMGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluxt3Y0gxBdKxA7acC5WXtc8YyEd
jkeSrDymzL3LKb0nhfCWmMXYy7iHJyPY0doPwkNzVBxvQVRpL2eZqz/zwC0SR/Vv
I2rlaEY8lhqKVPf6AWFwSS4FkwXxrgGztUxFYkm13nm6NLYivcAah1oXburinX5A
LCTJpBbQOkwQQTEcS/86oPtC+BbTbaxFZWMI2gHMtrJuk4OQZ8lIJwvkNAIoQCwo
1zH0V3eKQniVzQhGI35PHUiEooVDOYkP9N36m3+YkUH0YDVgU62kSgOhvfvpLvqN
SjWRICxK5evegoc5UlZ/p3RAuIRZ9ivNRYFlnFHeCT/VIMuRsi2EiX2c5QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG7FjVhzf+neu1AgzfmJz+i3AeDuMB8GA1UdIwQY
MBaAFOT/W79UDGWVS5kTpowk0XTel9gpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVA5YnYxUU1aWlZMbVJPbWpDVFJkTjZYMkNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC80MzkzZTgtNWY1OS00ZDU3LTgxOTgt
NWMwYzQ2ZDA0ZWUxLzEvYnNXTldITl82ZDY3VUNETi1ZblA2TGNCNE80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC80MzkzZTgtNWY1OS00ZDU3LTgxOTgtNWMwYzQ2ZDA0ZWUx
LzEvNVA5YnYxUU1aWlZMbVJPbWpDVFJkTjZYMkNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBTej8MA0E
AgACMAcDBQMqEplAMA0GCSqGSIb3DQEBCwUAA4IBAQC1NepScHhXhHfoy7686Pce
5IL7lDrPLiRHHaXmjxSdi5EHaTBLXnnBmJOS6VNqP6NRKTbG1U/sKY0LdQTQThhc
ap9yHX6sAXPZNk2hHWDfS0LLoQEyp2PGT78a0FMoSYLkq1cbViP1TOgUqER+xaJn
rNMskS4f5jNqOdsyF2MFD2osbuPkgN5pl4uwgsqbO6bHLfcKuSBTvy1LBWPCajnX
AGRv2KAO8lDpct7IVuTdDj8XaI0eSFC26tyA0XXO6V7oBILVzGIN26LsftoAhEqi
fFsuQLeiExSlVx6hRmK13rmaI0OjBUyxEwNhCN87h37uetjEi+BgtIklXgVrKIDj
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:32 2025 by rpki-client