Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/BYX-l2teexR_dabwaZNZYVgqryo.roa
File: BYX-l2teexR_dabwaZNZYVgqryo.roa (raw, json)
Hash identifier: QxTe+lCXcjhYsTo1t55Vm+sNss4NBepCRNOCi6rufXg=
Subject key identifier: 05:85:FE:97:6B:5E:7B:14:7F:75:A6:F0:69:93:59:61:58:2A:AF:2A
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01896E023127E1A900FAA0FD363E937FB814
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/BYX-l2teexR_dabwaZNZYVgqryo.roa
Signing time: Wed 19 Jul 2023 11:56:24 +0000
ROA not before: Wed 19 Jul 2023 11:56:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56361
IP address blocks: 95.46.172.0/22 maxlen: 24
95.46.166.0/23 maxlen: 24
95.46.168.0/22 maxlen: 24
31.148.40.0/21 maxlen: 24
31.148.192.0/22 maxlen: 24
31.148.104.0/21 maxlen: 24
93.171.36.0/22 maxlen: 24
93.171.34.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:6e:02:31:27:e1:a9:00:fa:a0:fd:36:3e:93:7f:b8:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jul 19 11:56:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0585fe976b5e7b147f75a6f069935961582aaf2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:e2:f4:17:f5:69:ca:a2:e3:5f:12:06:34:f4:
af:57:ee:ee:38:da:26:d8:22:00:7d:49:28:7f:b4:
c1:4b:99:bd:c1:08:4e:65:01:80:b1:a3:a1:19:2e:
d3:73:86:5c:ad:1f:dc:dc:83:df:94:7a:5f:89:8d:
87:8c:0b:9d:a2:2e:d3:27:d7:4b:9b:d1:a1:17:8d:
7d:0d:9a:f6:31:3a:21:97:dd:53:69:90:74:21:5b:
32:a8:af:36:ee:2e:1e:e2:5f:1e:81:e9:c2:f9:b1:
40:33:03:4a:df:55:b1:eb:9a:00:1f:fa:d3:cd:99:
b2:72:a3:14:54:22:1e:72:b6:3a:7b:71:5c:03:a8:
bc:d3:08:c6:7c:6f:aa:bf:99:13:3a:25:18:28:e1:
11:47:9d:a3:7f:e0:5a:d1:93:ee:0b:f4:14:0b:c5:
52:b7:6f:6c:88:3c:35:37:26:a5:7d:6b:3e:a7:8a:
ee:7b:de:6c:e8:8d:e6:99:a9:a2:4a:92:8f:3c:99:
c6:b8:b7:b3:af:ef:29:f1:7f:0e:8d:13:5a:f0:b8:
19:70:72:40:46:6b:6d:bb:79:78:5c:88:1b:14:69:
a6:8a:2c:69:4d:87:d9:4e:2d:15:03:da:36:54:7a:
aa:a1:df:1c:ae:21:2f:2a:53:d4:b5:ef:21:a2:4d:
52:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:85:FE:97:6B:5E:7B:14:7F:75:A6:F0:69:93:59:61:58:2A:AF:2A
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/BYX-l2teexR_dabwaZNZYVgqryo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.40.0/21
31.148.104.0/21
31.148.192.0/22
93.171.34.0-93.171.39.255
95.46.166.0-95.46.175.255
Signature Algorithm: sha256WithRSAEncryption
95:f7:df:5f:9e:e8:98:74:11:69:a9:a2:23:90:53:43:ff:f2:
03:79:ed:9c:aa:55:0a:fb:07:50:e9:af:c6:49:3f:82:19:69:
59:5e:6d:e9:d9:8c:45:36:31:84:b1:fd:55:0c:52:21:5f:44:
09:57:4c:95:ab:38:8b:af:de:17:a9:29:5f:21:0b:81:5f:b4:
67:f5:0f:48:a3:c6:86:a9:33:c8:41:77:a4:06:d9:60:de:e5:
25:df:71:f8:ce:1a:95:58:6d:6f:2f:a7:7f:2c:47:a9:dd:bc:
a9:2a:55:50:f1:22:73:16:6d:33:63:3b:dd:3f:d2:bf:a2:15:
92:e0:cc:c8:7f:50:3a:79:01:d3:a1:d2:e5:e6:8a:d6:d3:4c:
d0:2c:fc:d0:d9:de:3e:05:ab:0c:3e:f8:36:c5:96:5f:27:ad:
b1:9b:59:7d:af:9b:c7:d8:e0:13:d0:64:d7:6f:c1:c3:f4:40:
dc:cd:c7:59:25:dc:7a:89:5c:b4:4f:55:fd:b7:32:d1:d6:d5:
43:85:ff:04:0f:9e:ce:04:dc:07:bc:eb:7d:2c:88:84:56:a5:
f1:cf:d3:c7:bf:6e:95:18:24:ec:e0:23:fd:f9:0a:e1:cd:4b:
22:5d:8a:d0:c0:c3:3d:0b:16:0d:c5:48:fb:eb:d0:d5:9a:9c:
b0:ad:3d:1c
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYluAjEn4akA+qD9Nj6Tf7gUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwNzE5MTE1NjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTg1ZmU5NzZiNWU3YjE0N2Y3NWE2ZjA2OTkzNTk2MTU4MmFhZjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOL0F/VpyqLjXxIGNPSvV+7uONom
2CIAfUkof7TBS5m9wQhOZQGAsaOhGS7Tc4ZcrR/c3IPflHpfiY2HjAudoi7TJ9dL
m9GhF419DZr2MTohl91TaZB0IVsyqK827i4e4l8egenC+bFAMwNK31Wx65oAH/rT
zZmycqMUVCIecrY6e3FcA6i80wjGfG+qv5kTOiUYKOERR52jf+Ba0ZPuC/QUC8VS
t29siDw1NyalfWs+p4rue95s6I3mmamiSpKPPJnGuLezr+8p8X8OjRNa8LgZcHJA
Rmttu3l4XIgbFGmmiixpTYfZTi0VA9o2VHqqod8criEvKlPUte8hok1SOwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFAWF/pdrXnsUf3Wm8GmTWWFYKq8qMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvQllYLWwydGVleFJfZGFid2FaTlpZVmdxcnlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQDH5QoAwQD
H5RoAwQCH5TAMAwDBAFdqyIDBANdqyAwDAMEAV8upgMEBF8uoDANBgkqhkiG9w0B
AQsFAAOCAQEAlfffX57omHQRaamiI5BTQ//yA3ntnKpVCvsHUOmvxkk/ghlpWV5t
6dmMRTYxhLH9VQxSIV9ECVdMlas4i6/eF6kpXyELgV+0Z/UPSKPGhqkzyEF3pAbZ
YN7lJd9x+M4alVhtby+nfyxHqd28qSpVUPEicxZtM2M73T/Sv6IVkuDMyH9QOnkB
06HS5eaK1tNM0Cz80NnePgWrDD74NsWWXyetsZtZfa+bx9jgE9Bk12/Bw/RA3M3H
WSXceolctE9V/bcy0dbVQ4X/BA+ezgTcB7zrfSyIhFal8c/Tx79ulRgk7OAj/fkK
4c1LIl2K0MDDPQsWDcVI++vQ1ZqcsK09HA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:46:33 2025 by rpki-client