Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/f3829a-9527-444b-bd72-3ef3fd969957/1/Bcx7_C95EntYuJeeqzui8H1ZMdY.roa
File: Bcx7_C95EntYuJeeqzui8H1ZMdY.roa (raw, json)
Hash identifier: YVQVADVGUw79paz9l8pZe7ETHbxwMgDJ3bA3YAQaoRM=
Subject key identifier: 05:CC:7B:FC:2F:79:12:7B:58:B8:97:9E:AB:3B:A2:F0:7D:59:31:D6
Certificate issuer: /CN=d766fc6f1b8e2b604f7fb73c29fd5d689a0ea81d
Certificate serial: 018A9AA6950543C946979F56E1BB2AED3528
Authority key identifier: D7:66:FC:6F:1B:8E:2B:60:4F:7F:B7:3C:29:FD:5D:68:9A:0E:A8:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12b8bxuOK2BPf7c8Kf1daJoOqB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/f3829a-9527-444b-bd72-3ef3fd969957/1/Bcx7_C95EntYuJeeqzui8H1ZMdY.roa
Signing time: Fri 15 Sep 2023 21:02:02 +0000
ROA not before: Fri 15 Sep 2023 21:02:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48135
IP address blocks: 151.89.128.0/17 maxlen: 17
193.111.46.0/24 maxlen: 24
94.127.84.0/22 maxlen: 22
94.127.83.0/24 maxlen: 24
94.127.80.0/22 maxlen: 22
94.127.81.0/24 maxlen: 24
94.127.86.0/24 maxlen: 24
94.127.86.0/23 maxlen: 23
94.127.87.0/24 maxlen: 24
151.89.232.0/22 maxlen: 22
151.89.55.0/24 maxlen: 24
151.89.56.0/24 maxlen: 24
151.89.54.0/24 maxlen: 24
185.51.13.0/24 maxlen: 24
185.51.12.0/24 maxlen: 24
185.51.14.0/24 maxlen: 24
185.51.15.0/24 maxlen: 24
151.89.0.0/17 maxlen: 17
151.89.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:9a:a6:95:05:43:c9:46:97:9f:56:e1:bb:2a:ed:35:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d766fc6f1b8e2b604f7fb73c29fd5d689a0ea81d
Validity
Not Before: Sep 15 21:02:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05cc7bfc2f79127b58b8979eab3ba2f07d5931d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:fe:98:1c:4f:e8:bf:f2:d0:91:d9:c5:09:84:
70:8c:f2:6a:e1:b4:0a:bd:f8:c1:ca:71:28:79:ff:
53:db:5e:5a:29:bf:a3:90:7f:54:6d:6a:a7:67:35:
78:ab:dd:d7:75:e4:d9:59:ab:93:1b:f9:61:70:e5:
0b:69:f5:ed:05:22:93:2c:e1:b9:da:cc:3a:eb:36:
3b:1c:f2:df:b3:95:47:8a:cf:0c:86:f5:c5:69:6e:
40:8d:8b:aa:66:1d:b7:59:2e:ec:d8:36:4e:7e:9c:
b0:f1:cb:c9:48:83:04:90:75:e7:00:ac:3b:9b:85:
0b:c5:00:11:6b:6e:19:bc:8e:3b:5b:d6:b6:28:d7:
91:20:77:91:0d:a8:3d:be:63:5d:50:dd:55:4e:21:
0a:07:f0:03:be:66:d3:d1:ec:d1:43:1f:fc:a7:9d:
23:22:ed:5b:c7:42:96:7d:38:bd:15:20:ce:38:90:
e8:27:e1:13:c4:4d:e1:d9:9a:21:33:73:b2:98:7e:
46:4b:f9:e9:24:b4:2f:a6:63:44:79:f6:3e:fb:85:
7a:39:df:ec:87:61:b9:20:11:1b:8e:1a:da:d9:f1:
05:3b:f7:f5:d4:2c:6c:89:00:1d:28:bd:8f:79:6c:
c8:14:d6:1a:2b:49:7e:45:4d:38:37:5b:1b:b4:53:
fd:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:CC:7B:FC:2F:79:12:7B:58:B8:97:9E:AB:3B:A2:F0:7D:59:31:D6
X509v3 Authority Key Identifier:
keyid:D7:66:FC:6F:1B:8E:2B:60:4F:7F:B7:3C:29:FD:5D:68:9A:0E:A8:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12b8bxuOK2BPf7c8Kf1daJoOqB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/f3829a-9527-444b-bd72-3ef3fd969957/1/Bcx7_C95EntYuJeeqzui8H1ZMdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/f3829a-9527-444b-bd72-3ef3fd969957/1/12b8bxuOK2BPf7c8Kf1daJoOqB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.127.80.0/21
151.89.0.0/16
185.51.12.0/22
193.111.46.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:1f:f3:56:15:44:37:dd:90:c9:b4:29:03:d0:14:94:44:0d:
90:98:77:99:7c:89:21:95:4f:6c:ea:4a:ef:72:bd:cc:ec:19:
27:64:b2:d3:8c:8c:aa:19:ed:09:1f:8e:c7:42:3d:1f:5c:2e:
aa:cf:ad:11:69:15:29:e3:3e:79:a5:41:78:24:96:05:90:0a:
33:69:e8:68:10:1f:11:8b:73:b1:0f:37:27:1d:57:b2:0f:f5:
59:84:d3:dc:58:91:57:13:b1:46:5a:53:da:a6:d9:7e:be:0c:
02:d6:67:58:5b:af:5a:83:09:06:ce:dc:db:99:48:10:56:cb:
7b:21:23:29:eb:14:56:e9:02:6e:ae:38:a2:ed:b5:87:87:b9:
0c:60:88:bf:24:29:fe:b9:e3:38:b4:b8:7d:ca:df:c3:0c:68:
33:bc:76:38:7e:35:39:96:07:79:b7:b1:91:af:c8:44:0c:4a:
66:d1:6e:53:91:33:40:c9:61:60:16:ce:b9:96:9a:ad:3c:99:
3d:0d:1c:8e:ea:3e:52:5d:57:63:9a:82:bc:84:13:ec:3c:ad:
f9:b6:fb:76:25:29:63:cb:b3:93:a8:23:5f:e9:a2:ba:c3:8c:
f3:6f:45:9a:98:d1:9f:3f:c7:e1:5a:e8:0b:d2:26:d9:a0:d7:
f1:2f:f3:92
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqappUFQ8lGl59W4bsq7TUoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NjZmYzZmMWI4ZTJiNjA0ZjdmYjczYzI5ZmQ1ZDY4OWEw
ZWE4MWQwHhcNMjMwOTE1MjEwMjAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWNjN2JmYzJmNzkxMjdiNThiODk3OWVhYjNiYTJmMDdkNTkzMWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkf6YHE/ov/LQkdnFCYRwjPJq4bQK
vfjBynEoef9T215aKb+jkH9UbWqnZzV4q93XdeTZWauTG/lhcOULafXtBSKTLOG5
2sw66zY7HPLfs5VHis8MhvXFaW5AjYuqZh23WS7s2DZOfpyw8cvJSIMEkHXnAKw7
m4ULxQARa24ZvI47W9a2KNeRIHeRDag9vmNdUN1VTiEKB/ADvmbT0ezRQx/8p50j
Iu1bx0KWfTi9FSDOOJDoJ+ETxE3h2ZohM3OymH5GS/npJLQvpmNEefY++4V6Od/s
h2G5IBEbjhra2fEFO/f11CxsiQAdKL2PeWzIFNYaK0l+RU04N1sbtFP9lQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAXMe/wveRJ7WLiXnqs7ovB9WTHWMB8GA1UdIwQY
MBaAFNdm/G8bjitgT3+3PCn9XWiaDqgdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJiOGJ4dU9LMkJQZjdjOEtmMWRhSm9PcUIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9mMzgyOWEtOTUyNy00NDRiLWJkNzIt
M2VmM2ZkOTY5OTU3LzEvQmN4N19DOTVFbnRZdUplZXF6dWk4SDFaTWRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9mMzgyOWEtOTUyNy00NDRiLWJkNzItM2VmM2ZkOTY5OTU3
LzEvMTJiOGJ4dU9LMkJQZjdjOEtmMWRhSm9PcUIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAATAXAwQDXn9QAwMA
l1kDBAK5MwwDBADBby4wDQYJKoZIhvcNAQELBQADggEBAI8f81YVRDfdkMm0KQPQ
FJREDZCYd5l8iSGVT2zqSu9yvczsGSdkstOMjKoZ7QkfjsdCPR9cLqrPrRFpFSnj
PnmlQXgklgWQCjNp6GgQHxGLc7EPNycdV7IP9VmE09xYkVcTsUZaU9qm2X6+DALW
Z1hbr1qDCQbO3NuZSBBWy3shIynrFFbpAm6uOKLttYeHuQxgiL8kKf654zi0uH3K
38MMaDO8djh+NTmWB3m3sZGvyEQMSmbRblORM0DJYWAWzrmWmq08mT0NHI7qPlJd
V2OagryEE+w8rfm2+3YlKWPLs5OoI1/porrDjPNvRZqY0Z8/x+Fa6AvSJtmg1/Ev
85I=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:47 2025 by rpki-client