Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/4d4d9c-fbaf-42fd-98aa-2cd09b577066/1/BIt6j9BuP3Mkr9L8RXtCaDcboKI.roa
File: BIt6j9BuP3Mkr9L8RXtCaDcboKI.roa (raw, json)
Hash identifier: NSwc2ZKP1LivLuLoen0zVy1UegnYOPakMW/1b45CWWE=
Subject key identifier: 04:8B:7A:8F:D0:6E:3F:73:24:AF:D2:FC:45:7B:42:68:37:1B:A0:A2
Certificate issuer: /CN=d0bd40ef340664715c8c2cfa50e3d61ba286e037
Certificate serial: 125297A8
Authority key identifier: D0:BD:40:EF:34:06:64:71:5C:8C:2C:FA:50:E3:D6:1B:A2:86:E0:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0L1A7zQGZHFcjCz6UOPWG6KG4Dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/4d4d9c-fbaf-42fd-98aa-2cd09b577066/1/BIt6j9BuP3Mkr9L8RXtCaDcboKI.roa
Signing time: Sat 01 Jan 2022 00:56:25 +0000
ROA not before: Sat 01 Jan 2022 00:56:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44823
IP address blocks: 193.16.152.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 307402664 (0x125297a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0bd40ef340664715c8c2cfa50e3d61ba286e037
Validity
Not Before: Jan 1 00:56:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=048b7a8fd06e3f7324afd2fc457b4268371ba0a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a8:a4:c0:d3:29:30:27:53:4b:9e:74:a8:62:
e5:89:96:47:5e:e5:3d:8c:de:1f:51:cd:48:27:37:
90:c8:8d:d2:2a:da:fd:a6:71:66:2d:c3:89:3e:5b:
ce:b6:4b:ce:d9:62:e9:8a:07:22:21:c6:46:d5:15:
34:e4:a8:8c:6c:03:cd:56:66:d0:79:b2:a8:cb:b5:
78:0c:10:9c:d1:c2:f5:6d:10:f4:45:39:be:ae:89:
fd:7f:d1:f5:a8:74:ad:53:c4:2d:89:ef:b2:ae:3e:
59:b3:e4:3c:d0:5b:7d:57:28:b1:f2:1f:b7:94:b5:
47:ba:b7:00:75:c3:f4:c2:71:d3:d8:08:08:d3:0e:
36:04:dd:4a:7d:ef:f9:8b:c8:c4:d4:2a:c6:47:9f:
6d:a3:d4:1d:ae:75:a2:e4:61:8a:a0:6f:c7:dc:a0:
14:70:93:a3:96:42:a5:3c:55:e2:d0:47:df:82:94:
54:d0:d1:08:25:f6:94:5c:5d:4a:4c:9d:ae:4b:ce:
be:de:b6:d9:f7:29:b5:ca:7f:df:d3:78:41:ae:8c:
ec:70:e7:cc:76:f3:33:73:f5:f9:af:08:ad:01:fc:
b0:a1:9b:43:5d:b5:1e:4e:8e:70:26:26:64:8a:4a:
87:37:b1:ab:3c:9a:ee:d9:5e:d6:97:71:fa:e8:f8:
13:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:8B:7A:8F:D0:6E:3F:73:24:AF:D2:FC:45:7B:42:68:37:1B:A0:A2
X509v3 Authority Key Identifier:
keyid:D0:BD:40:EF:34:06:64:71:5C:8C:2C:FA:50:E3:D6:1B:A2:86:E0:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0L1A7zQGZHFcjCz6UOPWG6KG4Dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/4d4d9c-fbaf-42fd-98aa-2cd09b577066/1/BIt6j9BuP3Mkr9L8RXtCaDcboKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/4d4d9c-fbaf-42fd-98aa-2cd09b577066/1/0L1A7zQGZHFcjCz6UOPWG6KG4Dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.16.152.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:f9:32:b1:e4:ad:ef:47:cc:99:f5:0b:e1:16:19:85:76:9b:
2c:ba:15:09:0b:6b:a0:52:5e:a6:15:a5:ed:c5:89:e8:9d:9f:
cf:fd:a5:a2:2f:f2:8a:2a:2d:07:0b:d7:35:ef:70:c0:24:ba:
27:32:b1:9b:70:62:91:1f:14:d8:0e:34:c7:2f:98:d8:dd:82:
26:5e:99:62:88:aa:67:88:8a:61:06:2f:e4:36:68:9c:f4:1d:
a9:20:d6:bd:73:d6:a8:df:ce:3d:d3:12:fa:2e:80:16:85:5a:
68:20:d2:21:83:16:e1:94:41:8d:05:42:79:d1:17:77:29:37:
15:2e:5b:5c:63:3f:ba:67:1d:a4:f6:f4:d9:38:b5:a2:b9:6f:
47:96:7b:fd:21:a3:51:be:80:e6:a0:4d:b1:24:09:4c:10:c8:
eb:28:1f:4e:95:27:89:33:d2:24:0b:79:33:18:f5:29:ba:e2:
eb:8d:7c:c0:81:fc:db:6c:32:2b:f8:0b:33:cd:f5:58:09:db:
98:35:c2:ab:da:05:c1:55:e3:b8:6d:c7:44:58:07:bc:dd:9e:
08:63:f4:7a:44:4d:a8:a2:4c:80:5f:cf:ab:b9:47:a7:bd:b5:
c0:d2:ab:62:5f:20:7b:e9:15:a3:94:94:b3:29:c1:49:6d:dc:
d5:78:b7:0f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEElKXqDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MGJkNDBlZjM0MDY2NDcxNWM4YzJjZmE1MGUzZDYxYmEyODZlMDM3MB4XDTIyMDEw
MTAwNTYyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDQ4YjdhOGZkMDZl
M2Y3MzI0YWZkMmZjNDU3YjQyNjgzNzFiYTBhMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKiopMDTKTAnU0uedKhi5YmWR17lPYzeH1HNSCc3kMiN0ira
/aZxZi3DiT5bzrZLztli6YoHIiHGRtUVNOSojGwDzVZm0HmyqMu1eAwQnNHC9W0Q
9EU5vq6J/X/R9ah0rVPELYnvsq4+WbPkPNBbfVcosfIft5S1R7q3AHXD9MJx09gI
CNMONgTdSn3v+YvIxNQqxkefbaPUHa51ouRhiqBvx9ygFHCTo5ZCpTxV4tBH34KU
VNDRCCX2lFxdSkydrkvOvt622fcptcp/39N4Qa6M7HDnzHbzM3P1+a8IrQH8sKGb
Q121Hk6OcCYmZIpKhzexqzya7tle1pdx+uj4E5UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQEi3qP0G4/cySv0vxFe0JoNxugojAfBgNVHSMEGDAWgBTQvUDvNAZkcVyM
LPpQ49YboobgNzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBMMUE3elFHWkhGY2pDejZVT1BXRzZLRzREYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGIvNGQ0ZDljLWZiYWYtNDJmZC05OGFhLTJjZDA5YjU3NzA2Ni8x
L0JJdDZqOUJ1UDNNa3I5TDhSWHRDYURjYm9LSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGIv
NGQ0ZDljLWZiYWYtNDJmZC05OGFhLTJjZDA5YjU3NzA2Ni8xLzBMMUE3elFHWkhG
Y2pDejZVT1BXRzZLRzREYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEQmDANBgkqhkiG9w0BAQsFAAOC
AQEAXPkyseSt70fMmfUL4RYZhXabLLoVCQtroFJephWl7cWJ6J2fz/2loi/yiiot
BwvXNe9wwCS6JzKxm3BikR8U2A40xy+Y2N2CJl6ZYoiqZ4iKYQYv5DZonPQdqSDW
vXPWqN/OPdMS+i6AFoVaaCDSIYMW4ZRBjQVCedEXdyk3FS5bXGM/umcdpPb02Ti1
orlvR5Z7/SGjUb6A5qBNsSQJTBDI6ygfTpUniTPSJAt5Mxj1Kbri6418wIH822wy
K/gLM831WAnbmDXCq9oFwVXjuG3HRFgHvN2eCGP0ekRNqKJMgF/Pq7lHp721wNKr
Yl8ge+kVo5SUsynBSW3c1Xi3Dw==
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:39:40 2025 by rpki-client