Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/aa5972-3538-4361-a134-31de1769fd8a/1/boGqHUtkRSX8daUicwc77-6ODng.roa
File: boGqHUtkRSX8daUicwc77-6ODng.roa (raw, json)
Hash identifier: VCNBdXaK0Ed4KmW0Y8BigqZ+EddXR5u/Jy4y1wujSiE=
Subject key identifier: 6E:81:AA:1D:4B:64:45:25:FC:75:A5:22:73:07:3B:EF:EE:8E:0E:78
Certificate issuer: /CN=be8b15c237f34c5c5c5344b4079ebb3a589d0148
Certificate serial: 01856F9DB336EB4600F7ADC6A7292298D11B
Authority key identifier: BE:8B:15:C2:37:F3:4C:5C:5C:53:44:B4:07:9E:BB:3A:58:9D:01:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vosVwjfzTFxcU0S0B567OlidAUg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/aa5972-3538-4361-a134-31de1769fd8a/1/boGqHUtkRSX8daUicwc77-6ODng.roa
Signing time: Sun 01 Jan 2023 23:14:44 +0000
ROA not before: Sun 01 Jan 2023 23:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34259
IP address blocks: 193.0.223.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:b3:36:eb:46:00:f7:ad:c6:a7:29:22:98:d1:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be8b15c237f34c5c5c5344b4079ebb3a589d0148
Validity
Not Before: Jan 1 23:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e81aa1d4b644525fc75a52273073befee8e0e78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:5c:ab:1b:c7:d3:ef:c9:67:0f:c1:5f:c1:70:
53:35:20:84:15:6b:18:04:5d:9f:5e:48:75:c8:8a:
ad:dd:7f:17:61:ca:e7:0b:76:34:c0:98:18:47:45:
4d:f8:a7:df:5e:ec:7c:84:d6:cc:51:df:81:70:21:
83:5c:5f:2c:c4:d7:85:b0:b8:4e:38:f9:65:1c:d6:
70:d4:f9:92:bc:98:ed:0f:89:c8:b2:4c:7c:9e:69:
2c:a4:99:b6:d7:5d:e7:a5:3a:b2:59:76:2d:d3:72:
7c:03:fb:67:9b:0b:f8:2a:50:a1:c4:3a:b2:7c:15:
e7:27:88:15:36:a4:fc:a7:71:96:4a:66:e9:c4:7b:
91:28:d0:67:c7:e8:6e:64:39:05:a5:cc:42:ff:6c:
74:d5:a4:15:05:59:ed:f5:c0:be:48:e8:52:6b:c9:
b7:28:44:fc:3b:00:7b:7b:85:cd:4e:aa:97:36:da:
bf:ef:bc:dd:38:84:04:80:6a:3c:15:74:be:64:78:
27:a6:51:01:06:a8:45:35:5a:f2:35:b0:e7:14:58:
83:4d:6c:83:ae:b4:9a:2e:fc:a2:fa:13:37:4f:08:
4e:3f:52:b1:61:cf:8a:f4:00:26:d7:8e:6b:9e:68:
69:ae:53:70:e6:1d:4a:9c:7e:d6:13:17:54:79:e5:
cc:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:81:AA:1D:4B:64:45:25:FC:75:A5:22:73:07:3B:EF:EE:8E:0E:78
X509v3 Authority Key Identifier:
keyid:BE:8B:15:C2:37:F3:4C:5C:5C:53:44:B4:07:9E:BB:3A:58:9D:01:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vosVwjfzTFxcU0S0B567OlidAUg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/aa5972-3538-4361-a134-31de1769fd8a/1/boGqHUtkRSX8daUicwc77-6ODng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/aa5972-3538-4361-a134-31de1769fd8a/1/vosVwjfzTFxcU0S0B567OlidAUg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.223.0/24
Signature Algorithm: sha256WithRSAEncryption
61:01:72:73:3b:af:73:f0:b5:16:58:61:e2:18:da:c0:86:e5:
f6:7c:a7:54:47:30:8a:7a:f0:2b:fb:de:b2:a4:50:82:f1:34:
cf:c1:1a:60:04:e9:47:6e:31:02:9c:66:31:7a:58:6d:ab:e5:
53:33:cb:34:85:63:64:70:51:aa:95:48:b5:14:26:0b:09:8e:
7f:86:14:ee:41:37:d5:61:1f:ee:0c:09:3b:8b:bd:fb:4b:93:
b2:e5:26:11:2d:09:9b:8e:8d:a0:3f:a5:e6:7f:21:06:49:f6:
c3:52:57:ff:0b:87:c6:b2:89:b2:24:15:bd:e4:91:db:61:f9:
34:48:9b:d7:6f:b4:b5:2d:73:06:45:4c:d3:22:a1:2e:0b:7d:
1d:b1:59:f3:5b:47:e3:de:70:c9:47:cd:fa:01:c1:9e:4e:2f:
db:57:72:3f:76:a0:bd:10:ae:60:25:76:06:fe:4d:e6:91:bb:
40:34:48:d8:f4:02:52:87:21:1b:65:04:58:0b:a9:ac:83:e4:
0d:68:5c:93:d8:44:b8:ba:2a:92:6b:cb:3f:fb:54:31:05:c9:
91:14:43:18:2f:9f:33:f5:75:da:00:8a:30:2c:c8:a0:83:5f:
0a:d9:80:e4:ef:2a:d3:43:c4:08:93:ee:5d:96:7e:4b:41:c9:
1e:7a:f0:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvnbM260YA963GpykimNEbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlOGIxNWMyMzdmMzRjNWM1YzUzNDRiNDA3OWViYjNhNTg5
ZDAxNDgwHhcNMjMwMTAxMjMxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTgxYWExZDRiNjQ0NTI1ZmM3NWE1MjI3MzA3M2JlZmVlOGUwZTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFyrG8fT78lnD8FfwXBTNSCEFWsY
BF2fXkh1yIqt3X8XYcrnC3Y0wJgYR0VN+KffXux8hNbMUd+BcCGDXF8sxNeFsLhO
OPllHNZw1PmSvJjtD4nIskx8nmkspJm2113npTqyWXYt03J8A/tnmwv4KlChxDqy
fBXnJ4gVNqT8p3GWSmbpxHuRKNBnx+huZDkFpcxC/2x01aQVBVnt9cC+SOhSa8m3
KET8OwB7e4XNTqqXNtq/77zdOIQEgGo8FXS+ZHgnplEBBqhFNVryNbDnFFiDTWyD
rrSaLvyi+hM3TwhOP1KxYc+K9AAm145rnmhprlNw5h1KnH7WExdUeeXMKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG6Bqh1LZEUl/HWlInMHO+/ujg54MB8GA1UdIwQY
MBaAFL6LFcI380xcXFNEtAeeuzpYnQFIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdm9zVndqZnpURnhjVTBTMEI1NjdPbGlkQVVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9hYTU5NzItMzUzOC00MzYxLWExMzQt
MzFkZTE3NjlmZDhhLzEvYm9HcUhVdGtSU1g4ZGFVaWN3Yzc3LTZPRG5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9hYTU5NzItMzUzOC00MzYxLWExMzQtMzFkZTE3NjlmZDhh
LzEvdm9zVndqZnpURnhjVTBTMEI1NjdPbGlkQVVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQDfMA0G
CSqGSIb3DQEBCwUAA4IBAQBhAXJzO69z8LUWWGHiGNrAhuX2fKdURzCKevAr+96y
pFCC8TTPwRpgBOlHbjECnGYxelhtq+VTM8s0hWNkcFGqlUi1FCYLCY5/hhTuQTfV
YR/uDAk7i737S5Oy5SYRLQmbjo2gP6XmfyEGSfbDUlf/C4fGsomyJBW95JHbYfk0
SJvXb7S1LXMGRUzTIqEuC30dsVnzW0fj3nDJR836AcGeTi/bV3I/dqC9EK5gJXYG
/k3mkbtANEjY9AJShyEbZQRYC6msg+QNaFyT2ES4uiqSa8s/+1QxBcmRFEMYL58z
9XXaAIowLMigg18K2YDk7yrTQ8QIk+5dln5LQckeevAf
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:29:56 2025 by rpki-client