Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/9220da-0fd5-4a22-a11b-e1332e7f06fc/1/Bk8s0zFKAPrlRM5SUaKybHDFEfY.roa
File: Bk8s0zFKAPrlRM5SUaKybHDFEfY.roa (raw, json)
Hash identifier: W5oXJ+ZcN+o4woq10JIb2vSSrz0+STuD1sY5bAUtVaU=
Subject key identifier: 06:4F:2C:D3:31:4A:00:FA:E5:44:CE:52:51:A2:B2:6C:70:C5:11:F6
Certificate issuer: /CN=b2d9401eca6c8a9306d10092bbe0c2e19500e97f
Certificate serial: 01856D3860AA01DAE3D1B7FA93E56081AA5B
Authority key identifier: B2:D9:40:1E:CA:6C:8A:93:06:D1:00:92:BB:E0:C2:E1:95:00:E9:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/stlAHspsipMG0QCSu-DC4ZUA6X8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/9220da-0fd5-4a22-a11b-e1332e7f06fc/1/Bk8s0zFKAPrlRM5SUaKybHDFEfY.roa
Signing time: Sun 01 Jan 2023 12:04:49 +0000
ROA not before: Sun 01 Jan 2023 12:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43427
IP address blocks: 193.228.151.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:38:60:aa:01:da:e3:d1:b7:fa:93:e5:60:81:aa:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2d9401eca6c8a9306d10092bbe0c2e19500e97f
Validity
Not Before: Jan 1 12:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=064f2cd3314a00fae544ce5251a2b26c70c511f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:77:57:f9:16:22:f8:19:c1:c5:dd:03:d1:5e:
85:07:ab:07:e9:3f:be:d4:40:1a:9f:47:b8:75:35:
a5:8e:fd:01:3a:9a:33:c2:39:30:0d:bb:7b:e0:b2:
5e:b6:dc:da:f9:0a:f9:89:4d:80:46:5c:42:ab:66:
bf:2c:2b:26:af:f6:50:e2:a8:91:3b:7e:c3:4e:27:
a4:b3:20:76:52:9d:f5:0d:57:fc:0f:ee:00:ed:7b:
e6:7b:96:37:e3:8a:d8:7e:68:4b:91:fd:70:82:8a:
16:3e:a2:68:e0:1d:41:20:03:8f:01:dc:a5:8b:56:
54:62:b8:5b:82:b1:9c:34:71:9d:da:4c:b1:84:9e:
7e:44:55:72:bb:e7:00:e9:fc:24:f0:d5:3d:ea:df:
90:d2:62:5c:b9:9c:31:ce:4f:be:b9:65:57:61:f3:
bd:ef:b9:1a:7e:c8:05:2e:24:e7:68:ab:a1:cc:d5:
c4:0a:c8:56:66:a6:f9:09:22:40:db:2e:9a:bf:7c:
f7:50:37:d7:b3:c7:72:89:d7:c5:0a:82:7d:7e:6d:
56:b7:59:90:fc:73:40:a8:be:f6:83:8d:5e:4e:ad:
84:77:23:6e:3f:3f:23:d8:5b:19:b8:f4:af:d3:f9:
ec:c1:a0:f5:1f:35:4a:cf:1b:85:0c:0c:a3:d1:44:
10:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:4F:2C:D3:31:4A:00:FA:E5:44:CE:52:51:A2:B2:6C:70:C5:11:F6
X509v3 Authority Key Identifier:
keyid:B2:D9:40:1E:CA:6C:8A:93:06:D1:00:92:BB:E0:C2:E1:95:00:E9:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/stlAHspsipMG0QCSu-DC4ZUA6X8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9220da-0fd5-4a22-a11b-e1332e7f06fc/1/Bk8s0zFKAPrlRM5SUaKybHDFEfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9220da-0fd5-4a22-a11b-e1332e7f06fc/1/stlAHspsipMG0QCSu-DC4ZUA6X8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.228.151.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:4a:7b:2c:3f:fc:fb:8a:a9:e5:e0:d4:56:4c:b0:e2:2d:5b:
5a:f3:e7:18:52:cc:93:7d:f8:ee:fd:bd:08:65:85:c6:0c:b8:
8f:49:02:df:45:f8:2d:2f:a9:d0:23:d2:6d:86:e9:8d:f3:5e:
09:5d:3b:b5:70:0f:0a:ad:3c:e3:b3:f1:40:bb:f8:f0:83:27:
9c:d9:66:ba:1c:3b:d6:16:f9:34:48:db:c5:60:c5:12:7a:da:
51:ea:74:46:6f:75:d1:b8:05:dd:09:23:26:f7:ce:6f:3d:73:
cf:84:d5:bc:b6:10:2b:a3:44:42:52:ba:19:83:19:8f:ea:b6:
eb:9b:63:d2:d1:7d:d9:67:19:b1:85:2b:9a:37:70:af:1d:7f:
ff:7a:1b:54:b1:c3:64:47:22:4c:6c:32:3f:40:2c:9c:fe:29:
0e:a4:55:fe:ec:91:47:87:eb:59:32:f9:ca:4a:45:2b:d6:30:
63:9a:1a:ba:87:b4:c0:b7:fc:f2:11:3d:67:93:0a:77:bb:ff:
d8:fc:5e:37:eb:fb:4e:d9:69:92:21:fd:ac:9c:39:3d:9e:8a:
b0:94:13:4f:38:d8:06:67:56:fd:62:b4:08:c5:dc:bd:e9:12:
d1:9e:21:d0:12:60:44:d7:01:8b:6c:87:8c:d0:28:54:41:ae:
a8:3a:d7:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtOGCqAdrj0bf6k+VggapbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZDk0MDFlY2E2YzhhOTMwNmQxMDA5MmJiZTBjMmUxOTUw
MGU5N2YwHhcNMjMwMTAxMTIwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjRmMmNkMzMxNGEwMGZhZTU0NGNlNTI1MWEyYjI2YzcwYzUxMWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3dX+RYi+BnBxd0D0V6FB6sH6T++
1EAan0e4dTWljv0BOpozwjkwDbt74LJettza+Qr5iU2ARlxCq2a/LCsmr/ZQ4qiR
O37DTieksyB2Up31DVf8D+4A7Xvme5Y344rYfmhLkf1wgooWPqJo4B1BIAOPAdyl
i1ZUYrhbgrGcNHGd2kyxhJ5+RFVyu+cA6fwk8NU96t+Q0mJcuZwxzk++uWVXYfO9
77kafsgFLiTnaKuhzNXECshWZqb5CSJA2y6av3z3UDfXs8dyidfFCoJ9fm1Wt1mQ
/HNAqL72g41eTq2EdyNuPz8j2FsZuPSv0/nswaD1HzVKzxuFDAyj0UQQcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAZPLNMxSgD65UTOUlGismxwxRH2MB8GA1UdIwQY
MBaAFLLZQB7KbIqTBtEAkrvgwuGVAOl/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3RsQUhzcHNpcE1HMFFDU3UtREM0WlVBNlg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS85MjIwZGEtMGZkNS00YTIyLWExMWIt
ZTEzMzJlN2YwNmZjLzEvQms4czB6RktBUHJsUk01U1VhS3liSERGRWZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS85MjIwZGEtMGZkNS00YTIyLWExMWItZTEzMzJlN2YwNmZj
LzEvc3RsQUhzcHNpcE1HMFFDU3UtREM0WlVBNlg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAweSXMA0G
CSqGSIb3DQEBCwUAA4IBAQBeSnssP/z7iqnl4NRWTLDiLVta8+cYUsyTffju/b0I
ZYXGDLiPSQLfRfgtL6nQI9JthumN814JXTu1cA8KrTzjs/FAu/jwgyec2Wa6HDvW
Fvk0SNvFYMUSetpR6nRGb3XRuAXdCSMm985vPXPPhNW8thAro0RCUroZgxmP6rbr
m2PS0X3ZZxmxhSuaN3CvHX//ehtUscNkRyJMbDI/QCyc/ikOpFX+7JFHh+tZMvnK
SkUr1jBjmhq6h7TAt/zyET1nkwp3u//Y/F436/tO2WmSIf2snDk9noqwlBNPONgG
Z1b9YrQIxdy96RLRniHQEmBE1wGLbIeM0ChUQa6oOter
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:23:39 2025 by rpki-client