Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/BBARw9oJgy3dENoKLSprmN_KU_I.roa
File: BBARw9oJgy3dENoKLSprmN_KU_I.roa (raw, json)
Hash identifier: Oa+HbUnvA7CLPiwYPsWrJVyk5qTR6qwSrI9NlfOqmVc=
Subject key identifier: 04:10:11:C3:DA:09:83:2D:DD:10:DA:0A:2D:2A:6B:98:DF:CA:53:F2
Certificate issuer: /CN=dafb645f134f4fdada45e70bcfcd93b897dbd725
Certificate serial: 018B8649C04647875659279696A12F570BC2
Authority key identifier: DA:FB:64:5F:13:4F:4F:DA:DA:45:E7:0B:CF:CD:93:B8:97:DB:D7:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2vtkXxNPT9raRecLz82TuJfb1yU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/BBARw9oJgy3dENoKLSprmN_KU_I.roa
Signing time: Tue 31 Oct 2023 15:11:02 +0000
ROA not before: Tue 31 Oct 2023 15:11:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51074
IP address blocks: 185.115.148.0/22 maxlen: 24
37.130.204.0/23 maxlen: 23
37.130.200.0/21 maxlen: 24
37.130.202.0/23 maxlen: 23
178.252.128.0/18 maxlen: 24
5.221.0.0/16 maxlen: 16
178.252.178.0/24 maxlen: 24
178.252.179.0/24 maxlen: 24
31.184.128.0/18 maxlen: 24
2a02:2b58::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:86:49:c0:46:47:87:56:59:27:96:96:a1:2f:57:0b:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dafb645f134f4fdada45e70bcfcd93b897dbd725
Validity
Not Before: Oct 31 15:11:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=041011c3da09832ddd10da0a2d2a6b98dfca53f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:ac:fb:10:5d:d8:d2:7c:c5:32:3a:49:9f:82:
d8:7b:cb:e9:6b:4c:67:bf:b0:c7:01:24:78:e3:b5:
11:49:f1:e4:f1:3c:d9:7e:43:a1:d4:8d:fc:67:ff:
bc:ad:30:cb:a2:34:9d:0b:83:6e:83:29:e1:25:cc:
32:94:e3:3e:18:93:77:b2:3d:97:41:1d:4b:ca:29:
21:c8:2c:63:30:96:9c:ad:c4:aa:02:7c:63:d1:b2:
52:5e:1e:32:b3:66:c5:8b:f3:9c:4f:4f:c9:aa:77:
cb:86:e7:20:46:f9:35:87:af:72:5e:b3:87:45:04:
5c:6f:b2:1c:70:09:79:80:11:26:fc:09:f5:aa:4d:
6e:5f:86:90:cd:bc:49:db:1d:41:e7:05:bf:c3:d4:
41:44:89:8f:09:7e:d3:35:52:d5:ca:84:cd:2b:4a:
dc:de:62:cb:90:3d:d8:0d:3b:56:0b:cb:87:cb:ac:
86:91:c9:ca:25:4b:77:85:7a:eb:21:66:75:1b:87:
02:f4:3c:c1:c5:c4:cc:eb:90:35:83:36:d7:48:24:
90:9a:a1:e5:f2:61:50:93:79:31:33:1f:d7:c3:93:
f4:ee:d4:1f:64:f6:12:7e:7e:39:f4:57:8c:fc:f2:
3b:fe:83:06:d6:9b:a6:5f:55:43:c8:5a:3b:64:e6:
04:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:10:11:C3:DA:09:83:2D:DD:10:DA:0A:2D:2A:6B:98:DF:CA:53:F2
X509v3 Authority Key Identifier:
keyid:DA:FB:64:5F:13:4F:4F:DA:DA:45:E7:0B:CF:CD:93:B8:97:DB:D7:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2vtkXxNPT9raRecLz82TuJfb1yU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/BBARw9oJgy3dENoKLSprmN_KU_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/2vtkXxNPT9raRecLz82TuJfb1yU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.221.0.0/16
31.184.128.0/18
37.130.200.0/21
178.252.128.0/18
185.115.148.0/22
IPv6:
2a02:2b58::/29
Signature Algorithm: sha256WithRSAEncryption
14:98:b6:4d:d5:49:9b:c0:ba:02:c0:27:d6:41:06:d1:f7:31:
59:3c:17:25:48:a1:f0:5b:be:05:a9:60:9b:ce:7d:bc:e6:c3:
2a:27:d8:7e:20:f9:6d:9e:2e:c4:ff:c0:80:39:b2:db:27:56:
0c:21:31:40:4d:0d:74:95:54:c6:3a:ef:91:4c:55:8d:74:d6:
1f:86:e2:0e:2e:50:ba:67:c6:80:46:49:58:c1:ba:4a:30:a9:
ad:ec:d1:3a:2d:81:b4:96:0a:ff:d3:2a:2d:07:82:31:2f:11:
73:d9:43:d0:94:e9:dc:79:53:3c:e4:37:43:69:89:02:a0:2d:
98:ea:12:d1:b0:c5:3c:f6:21:c8:00:1e:e9:d8:02:3b:01:ff:
ee:e1:7b:60:bd:89:ab:70:c0:d4:3f:16:a4:36:69:fa:5b:96:
37:4b:bc:a4:62:59:87:f3:b4:bc:4b:70:80:b3:3b:e5:83:1f:
a3:1d:9f:89:77:52:0e:78:ee:fe:9d:99:93:90:5c:4a:63:75:
3b:ce:d0:4d:0b:4c:84:6b:56:61:9e:ff:59:cc:3e:d3:d1:5a:
de:9e:4d:78:54:af:c7:86:fc:7a:7a:08:59:5e:27:eb:e2:49:
60:fd:c9:56:b4:87:47:eb:82:48:0a:bf:c8:32:e3:88:57:c3:
c7:16:dd:aa
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYuGScBGR4dWWSeWlqEvVwvCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhZmI2NDVmMTM0ZjRmZGFkYTQ1ZTcwYmNmY2Q5M2I4OTdk
YmQ3MjUwHhcNMjMxMDMxMTUxMTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDEwMTFjM2RhMDk4MzJkZGQxMGRhMGEyZDJhNmI5OGRmY2E1M2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhaz7EF3Y0nzFMjpJn4LYe8vpa0xn
v7DHASR447URSfHk8TzZfkOh1I38Z/+8rTDLojSdC4NugynhJcwylOM+GJN3sj2X
QR1LyikhyCxjMJacrcSqAnxj0bJSXh4ys2bFi/OcT0/JqnfLhucgRvk1h69yXrOH
RQRcb7IccAl5gBEm/An1qk1uX4aQzbxJ2x1B5wW/w9RBRImPCX7TNVLVyoTNK0rc
3mLLkD3YDTtWC8uHy6yGkcnKJUt3hXrrIWZ1G4cC9DzBxcTM65A1gzbXSCSQmqHl
8mFQk3kxMx/Xw5P07tQfZPYSfn459FeM/PI7/oMG1pumX1VDyFo7ZOYEEQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFAQQEcPaCYMt3RDaCi0qa5jfylPyMB8GA1UdIwQY
MBaAFNr7ZF8TT0/a2kXnC8/Nk7iX29clMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnZ0a1h4TlBUOXJhUmVjTHo4MlR1SmZiMXlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi83YTQ4ZjUtYmQyNC00ZGM0LThjY2Et
NmJhMGEwY2UwMWVkLzEvQkJBUnc5b0pneTNkRU5vS0xTcHJtTl9LVV9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi83YTQ4ZjUtYmQyNC00ZGM0LThjY2EtNmJhMGEwY2UwMWVk
LzEvMnZ0a1h4TlBUOXJhUmVjTHo4MlR1SmZiMXlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAjBAIAATAdAwMABd0DBAYf
uIADBAMlgsgDBAay/IADBAK5c5QwDQQCAAIwBwMFAyoCK1gwDQYJKoZIhvcNAQEL
BQADggEBABSYtk3VSZvAugLAJ9ZBBtH3MVk8FyVIofBbvgWpYJvOfbzmwyon2H4g
+W2eLsT/wIA5stsnVgwhMUBNDXSVVMY675FMVY101h+G4g4uULpnxoBGSVjBukow
qa3s0TotgbSWCv/TKi0HgjEvEXPZQ9CU6dx5UzzkN0NpiQKgLZjqEtGwxTz2IcgA
HunYAjsB/+7he2C9iatwwNQ/FqQ2afpbljdLvKRiWYfztLxLcICzO+WDH6Mdn4l3
Ug547v6dmZOQXEpjdTvO0E0LTIRrVmGe/1nMPtPRWt6eTXhUr8eG/Hp6CFleJ+vi
SWD9yVa0h0frgkgKv8gy44hXw8cW3ao=
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:07:20 2025 by rpki-client