Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/BdWbMuTxQMLFs-mDKgx6ggTbQZo.roa
File: BdWbMuTxQMLFs-mDKgx6ggTbQZo.roa (raw, json)
Hash identifier: /RcWa2IQOVu9mNMM70TVwc/42Y+MpR3mMhQBkD7SX94=
Subject key identifier: 05:D5:9B:32:E4:F1:40:C2:C5:B3:E9:83:2A:0C:7A:82:04:DB:41:9A
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0185709506AA317D3A753FFF177553090DEA
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/BdWbMuTxQMLFs-mDKgx6ggTbQZo.roa
Signing time: Mon 02 Jan 2023 03:44:52 +0000
ROA not before: Mon 02 Jan 2023 03:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8870
IP address blocks: 93.171.240.0/22 maxlen: 24
93.171.246.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:06:aa:31:7d:3a:75:3f:ff:17:75:53:09:0d:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05d59b32e4f140c2c5b3e9832a0c7a8204db419a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:fb:7b:54:6a:c7:65:37:74:e5:30:fa:12:e4:
5d:71:82:06:70:0b:e8:b7:d4:17:08:fd:cd:79:a3:
ed:25:27:2a:f9:6d:02:33:9c:47:91:57:d6:84:4a:
df:a7:9d:4b:fb:50:be:7d:e3:ca:b3:f9:1b:59:88:
d7:72:e3:b0:ac:54:a4:aa:3e:50:36:5a:61:36:5b:
6c:a5:89:10:2e:45:0c:7d:94:e2:e1:a2:18:e8:94:
50:00:99:43:49:f4:3d:e9:2c:9e:f5:1e:7b:db:cf:
bf:c2:19:61:d7:db:ce:00:fa:d3:eb:d0:9f:b1:df:
eb:b2:af:d7:7f:0e:77:51:a6:1e:dd:67:cb:2f:a0:
d8:b7:94:b3:6e:90:a7:ba:ae:69:45:9f:fb:fc:ad:
b8:aa:68:9c:bc:69:68:75:f6:17:a1:5b:d9:c7:7a:
e9:5f:89:be:60:bf:be:12:bd:62:85:c6:c5:b3:22:
03:a4:3f:a5:56:65:fa:a8:5e:35:d2:b5:9b:f4:15:
08:ac:93:15:33:37:e0:78:d1:3d:0c:06:e9:a2:ad:
40:3b:7d:5f:26:ed:3e:8a:da:76:3c:a0:8c:99:b6:
44:4c:80:aa:ca:6c:ae:40:ce:b6:ca:75:6f:24:99:
12:02:2c:1d:ff:a3:1d:54:df:9a:ab:9e:69:5d:4d:
78:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:D5:9B:32:E4:F1:40:C2:C5:B3:E9:83:2A:0C:7A:82:04:DB:41:9A
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/BdWbMuTxQMLFs-mDKgx6ggTbQZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.171.240.0/22
93.171.246.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:86:48:62:46:4c:85:ad:d5:f2:05:98:64:95:c3:e9:bf:58:
1f:cb:a8:98:58:0e:9b:11:5e:fa:dc:91:de:80:81:bc:12:1b:
9c:b5:cd:18:1d:e3:c1:e5:1e:5c:f7:55:6d:35:f3:23:3c:48:
60:b5:90:81:1f:8c:f6:a6:f6:ea:e6:6e:ca:89:11:d7:28:01:
70:27:3a:99:04:aa:f5:1f:91:a3:20:36:37:fa:01:ee:7e:6c:
f8:9e:ca:c5:00:d1:89:de:e5:b3:e3:79:70:d9:30:92:c5:23:
2b:03:0e:43:90:ed:f2:2f:92:2b:e5:ff:f7:f5:0f:8c:b5:52:
0f:e4:9b:66:d8:1b:a8:75:75:4c:81:9d:9c:f5:5b:e2:9c:97:
19:39:71:80:60:cb:ac:4b:81:71:e6:92:5c:42:86:60:02:de:
97:08:21:e2:a8:bf:a3:18:89:3e:3d:eb:9e:7f:7e:77:40:f3:
88:5d:4b:10:c1:bd:81:e1:9c:31:a2:49:ec:46:d0:d0:50:f4:
09:ce:70:eb:b1:0e:7a:7a:33:b4:1f:48:55:3d:02:68:a4:0b:
f4:7c:c0:da:d5:6d:5b:e7:e7:e1:a5:6a:aa:1c:a8:20:59:ed:
fc:cb:fc:01:43:ba:55:ee:ed:45:bb:6d:df:a8:14:ee:2e:ac:
0a:5a:2a:47
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwlQaqMX06dT//F3VTCQ3qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWQ1OWIzMmU0ZjE0MGMyYzViM2U5ODMyYTBjN2E4MjA0ZGI0MTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/t7VGrHZTd05TD6EuRdcYIGcAvo
t9QXCP3NeaPtJScq+W0CM5xHkVfWhErfp51L+1C+fePKs/kbWYjXcuOwrFSkqj5Q
NlphNltspYkQLkUMfZTi4aIY6JRQAJlDSfQ96Sye9R5728+/whlh19vOAPrT69Cf
sd/rsq/Xfw53UaYe3WfLL6DYt5SzbpCnuq5pRZ/7/K24qmicvGlodfYXoVvZx3rp
X4m+YL++Er1ihcbFsyIDpD+lVmX6qF410rWb9BUIrJMVMzfgeNE9DAbpoq1AO31f
Ju0+itp2PKCMmbZETICqymyuQM62ynVvJJkSAiwd/6MdVN+aq55pXU14qQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAXVmzLk8UDCxbPpgyoMeoIE20GaMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvQmRXYk11VHhRTUxGcy1tREtneDZnZ1RiUVpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXavwAwQB
Xav2MA0GCSqGSIb3DQEBCwUAA4IBAQA6hkhiRkyFrdXyBZhklcPpv1gfy6iYWA6b
EV763JHegIG8Ehuctc0YHePB5R5c91VtNfMjPEhgtZCBH4z2pvbq5m7KiRHXKAFw
JzqZBKr1H5GjIDY3+gHufmz4nsrFANGJ3uWz43lw2TCSxSMrAw5DkO3yL5Ir5f/3
9Q+MtVIP5Jtm2BuodXVMgZ2c9VvinJcZOXGAYMusS4Fx5pJcQoZgAt6XCCHiqL+j
GIk+Peuef353QPOIXUsQwb2B4ZwxoknsRtDQUPQJznDrsQ56ejO0H0hVPQJopAv0
fMDa1W1b5+fhpWqqHKggWe38y/wBQ7pV7u1Fu23fqBTuLqwKWipH
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:36:35 2025 by rpki-client