Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/B1y_j1u9g0qNjj8C8v0HcyA8UG4.roa
File: B1y_j1u9g0qNjj8C8v0HcyA8UG4.roa (raw, json)
Hash identifier: jExWCU7AN5xlCKvgTQxEJ2ZhUdcFP/s+w25aD0rdZ4I=
Subject key identifier: 07:5C:BF:8F:5B:BD:83:4A:8D:8E:3F:02:F2:FD:07:73:20:3C:50:6E
Certificate issuer: /CN=b1a89b67c66debf5ded3f2880bb4941d30411257
Certificate serial: 01850690D552547888AE719908CD26114EF6
Authority key identifier: B1:A8:9B:67:C6:6D:EB:F5:DE:D3:F2:88:0B:B4:94:1D:30:41:12:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saibZ8Zt6_Xe0_KIC7SUHTBBElc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/B1y_j1u9g0qNjj8C8v0HcyA8UG4.roa
Signing time: Mon 12 Dec 2022 13:40:33 +0000
ROA not before: Mon 12 Dec 2022 13:40:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7155
IP address blocks: 185.15.100.0/24 maxlen: 24
185.15.100.0/22 maxlen: 22
5.8.184.0/21 maxlen: 21
5.8.188.0/24 maxlen: 24
5.8.189.0/24 maxlen: 24
37.1.176.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:06:90:d5:52:54:78:88:ae:71:99:08:cd:26:11:4e:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a89b67c66debf5ded3f2880bb4941d30411257
Validity
Not Before: Dec 12 13:40:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=075cbf8f5bbd834a8d8e3f02f2fd0773203c506e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:c5:f5:0b:aa:ba:35:00:8b:b2:1c:ed:b4:db:
30:54:a3:b7:f5:3a:a4:98:8d:c3:82:6d:80:76:0a:
34:fb:eb:97:f8:6d:d0:7e:73:3f:a9:74:b0:02:05:
d2:0e:f3:58:8f:f6:09:2d:b0:ae:c6:cb:2e:24:9a:
48:45:9d:0c:08:97:68:b1:43:9c:be:cb:b9:35:31:
98:6b:11:91:e5:5b:16:51:77:29:5d:68:55:36:6b:
3e:d1:71:3b:c6:30:cf:a5:b6:7b:4e:85:4a:70:2f:
67:3f:62:21:c2:65:be:af:75:d6:0b:e1:de:f1:df:
1e:0d:b0:77:23:9b:9f:9c:0f:3f:03:59:dc:1e:c9:
d0:12:04:fb:82:49:d3:6f:07:a0:f5:02:55:e9:bf:
65:ea:02:7d:22:56:3b:95:c0:12:6d:03:21:42:e5:
10:c9:71:5b:1c:80:d5:be:cb:59:22:15:46:9d:8b:
47:e8:e2:1d:7d:42:e0:e3:98:ce:6b:b4:46:f6:b1:
db:58:83:d6:1b:1b:6f:02:5f:76:ea:3e:8c:24:62:
1d:56:83:07:28:a8:15:97:0a:52:8f:2d:02:28:94:
31:df:cf:6c:81:45:d9:30:30:2c:22:eb:5c:51:4f:
b5:32:54:12:05:da:33:a7:5c:c4:93:53:a1:99:ff:
90:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:5C:BF:8F:5B:BD:83:4A:8D:8E:3F:02:F2:FD:07:73:20:3C:50:6E
X509v3 Authority Key Identifier:
keyid:B1:A8:9B:67:C6:6D:EB:F5:DE:D3:F2:88:0B:B4:94:1D:30:41:12:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saibZ8Zt6_Xe0_KIC7SUHTBBElc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/B1y_j1u9g0qNjj8C8v0HcyA8UG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/saibZ8Zt6_Xe0_KIC7SUHTBBElc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.184.0/21
37.1.176.0/21
185.15.100.0/22
Signature Algorithm: sha256WithRSAEncryption
57:1f:72:f9:eb:52:1d:77:e1:bb:3e:4a:de:2a:b3:ad:a0:fd:
28:53:c6:0c:bc:7c:f2:94:f6:69:bc:1f:74:29:35:6a:fe:d0:
81:cf:60:33:20:40:60:fb:5a:e3:d3:78:5a:6d:32:5e:ab:b9:
85:46:74:92:83:ad:02:19:fa:95:2b:1f:fa:47:b6:cf:3d:9d:
1c:9f:7d:4e:59:e9:d3:59:01:3c:1b:c0:a3:e6:ae:ff:ac:00:
1e:9b:2b:b0:7b:a7:24:5c:e5:d2:d3:1b:1f:ea:4d:e0:fa:81:
0e:6c:94:06:55:a0:6c:ae:88:fb:a7:b3:ea:da:74:36:ca:81:
04:74:a9:b5:6c:1c:f6:06:40:1b:fb:0d:f9:e9:7d:20:b2:5a:
8c:2f:a1:e4:b2:a4:23:0d:76:f5:b4:0b:b6:0d:1d:2b:1f:da:
a2:4f:9c:19:cf:66:05:55:dd:c3:91:7e:7d:59:56:c1:1a:2a:
90:5b:cb:c8:cd:20:12:4d:1a:83:fc:d1:f1:b3:92:75:1b:c2:
85:9d:44:4f:07:45:55:01:22:cb:72:25:29:0e:1b:62:bd:ca:
5f:9d:5c:d6:c8:be:a4:1b:aa:65:d7:8f:92:63:57:14:a7:ca:
29:02:6d:28:74:8c:8c:b6:ec:6b:85:a5:d6:f0:53:45:6f:f9:
86:43:ab:21
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYUGkNVSVHiIrnGZCM0mEU72MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTg5YjY3YzY2ZGViZjVkZWQzZjI4ODBiYjQ5NDFkMzA0
MTEyNTcwHhcNMjIxMjEyMTM0MDMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzVjYmY4ZjViYmQ4MzRhOGQ4ZTNmMDJmMmZkMDc3MzIwM2M1MDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMX1C6q6NQCLshzttNswVKO39Tqk
mI3Dgm2Adgo0++uX+G3QfnM/qXSwAgXSDvNYj/YJLbCuxssuJJpIRZ0MCJdosUOc
vsu5NTGYaxGR5VsWUXcpXWhVNms+0XE7xjDPpbZ7ToVKcC9nP2IhwmW+r3XWC+He
8d8eDbB3I5ufnA8/A1ncHsnQEgT7gknTbweg9QJV6b9l6gJ9IlY7lcASbQMhQuUQ
yXFbHIDVvstZIhVGnYtH6OIdfULg45jOa7RG9rHbWIPWGxtvAl926j6MJGIdVoMH
KKgVlwpSjy0CKJQx389sgUXZMDAsIutcUU+1MlQSBdozp1zEk1Ohmf+QGwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAdcv49bvYNKjY4/AvL9B3MgPFBuMB8GA1UdIwQY
MBaAFLGom2fGbev13tPyiAu0lB0wQRJXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FpYlo4WnQ2X1hlMF9LSUM3U1VIVEJCRWxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9iYzRkN2ItM2NiNy00ZjMzLTg5ZTct
MjEwMGJmMGYxNDBhLzEvQjF5X2oxdTlnMHFOamo4Qzh2MEhjeUE4VUc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9iYzRkN2ItM2NiNy00ZjMzLTg5ZTctMjEwMGJmMGYxNDBh
LzEvc2FpYlo4WnQ2X1hlMF9LSUM3U1VIVEJCRWxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDBQi4AwQD
JQGwAwQCuQ9kMA0GCSqGSIb3DQEBCwUAA4IBAQBXH3L561Idd+G7PkreKrOtoP0o
U8YMvHzylPZpvB90KTVq/tCBz2AzIEBg+1rj03habTJeq7mFRnSSg60CGfqVKx/6
R7bPPZ0cn31OWenTWQE8G8Cj5q7/rAAemyuwe6ckXOXS0xsf6k3g+oEObJQGVaBs
roj7p7Pq2nQ2yoEEdKm1bBz2BkAb+w356X0gslqML6HksqQjDXb1tAu2DR0rH9qi
T5wZz2YFVd3DkX59WVbBGiqQW8vIzSASTRqD/NHxs5J1G8KFnURPB0VVASLLciUp
DhtivcpfnVzWyL6kG6pl14+SY1cUp8opAm0odIyMtuxrhaXW8FNFb/mGQ6sh
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:58 2025 by rpki-client