Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/27c6a1-1c94-4a49-8e3d-9fd503970ff0/1/BvGjVZ4W3xl-dDdEXFDFd--qdtw.roa
File: BvGjVZ4W3xl-dDdEXFDFd--qdtw.roa (raw, json)
Hash identifier: wt+bM0x8H7+eonhnUXEXBLxvljZzJgyCqkRs1yCTS00=
Subject key identifier: 06:F1:A3:55:9E:16:DF:19:7E:74:37:44:5C:50:C5:77:EF:AA:76:DC
Certificate issuer: /CN=ad466369f3927da0c89fb5f4b3ea9e324f928a84
Certificate serial: 018C8CC03F0DF44B4045FABBDC8E3BD1DD74
Authority key identifier: AD:46:63:69:F3:92:7D:A0:C8:9F:B5:F4:B3:EA:9E:32:4F:92:8A:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rUZjafOSfaDIn7X0s-qeMk-SioQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/27c6a1-1c94-4a49-8e3d-9fd503970ff0/1/BvGjVZ4W3xl-dDdEXFDFd--qdtw.roa
Signing time: Thu 21 Dec 2023 14:20:58 +0000
ROA not before: Thu 21 Dec 2023 14:20:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35525
IP address blocks: 185.164.0.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8c:c0:3f:0d:f4:4b:40:45:fa:bb:dc:8e:3b:d1:dd:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad466369f3927da0c89fb5f4b3ea9e324f928a84
Validity
Not Before: Dec 21 14:20:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06f1a3559e16df197e7437445c50c577efaa76dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:22:65:f1:31:f7:eb:57:05:f0:ea:3c:f5:98:
e8:ad:ce:ad:58:7d:22:6d:fe:4d:4e:63:fd:e3:a9:
f7:01:95:c9:36:43:19:6e:a0:c9:80:f2:d8:51:7b:
71:c6:c2:c5:6a:2c:40:0a:e3:7b:2f:49:bc:ac:0b:
fc:ee:a2:e6:6c:02:ee:e1:bb:e5:b0:30:19:5c:00:
8a:59:7e:47:e8:7b:5e:c1:e5:f4:8f:1a:3a:5a:f6:
83:8b:f0:63:c9:10:14:9f:fc:2c:00:1a:b8:ab:b6:
e6:c6:a4:d9:c5:f8:58:91:0e:0b:45:71:df:6e:d5:
e5:5a:22:9e:1a:0d:00:a3:d2:e7:9d:74:bb:96:f8:
cc:9f:59:ac:65:2f:df:85:d4:d5:b5:d2:3f:dd:a8:
35:09:69:65:f7:78:b0:f1:b1:6d:6f:2f:c4:a0:33:
32:48:df:f8:de:59:be:59:23:e5:04:7e:ee:6a:2a:
4b:3a:76:dc:05:48:15:c9:45:dd:02:2a:fe:31:71:
50:d0:0a:f2:a0:19:e7:e1:7a:7a:7c:77:ec:95:f7:
6f:d4:77:ce:66:1d:0a:5a:53:6e:f7:c9:0b:2d:0a:
0d:1b:7f:8b:0e:39:c6:81:be:10:16:ed:db:3c:0a:
dd:e2:11:a0:39:88:a2:37:fe:c5:54:bc:e2:22:e1:
86:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:F1:A3:55:9E:16:DF:19:7E:74:37:44:5C:50:C5:77:EF:AA:76:DC
X509v3 Authority Key Identifier:
keyid:AD:46:63:69:F3:92:7D:A0:C8:9F:B5:F4:B3:EA:9E:32:4F:92:8A:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rUZjafOSfaDIn7X0s-qeMk-SioQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/27c6a1-1c94-4a49-8e3d-9fd503970ff0/1/BvGjVZ4W3xl-dDdEXFDFd--qdtw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/27c6a1-1c94-4a49-8e3d-9fd503970ff0/1/rUZjafOSfaDIn7X0s-qeMk-SioQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.164.0.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:da:c2:99:15:ad:e0:30:2e:86:01:e7:ae:9d:23:1b:71:84:
f3:cc:69:bd:b9:55:f0:7c:79:30:c0:72:eb:6b:2c:92:50:ee:
d7:cd:d8:0f:04:af:a1:cb:31:25:9a:f1:8e:8e:ff:f0:80:a5:
f2:4b:bc:75:9b:64:aa:c9:30:36:ce:21:9c:fb:3c:9f:69:b0:
72:d0:fd:4f:4f:a2:a5:d6:0a:21:d6:df:9d:ed:7c:80:d1:7b:
c6:2b:a6:ab:ac:e2:79:a5:d6:fc:10:b9:7f:10:61:a3:f3:09:
b8:1e:30:1e:2e:af:51:fd:8d:84:e5:1d:70:ba:b7:27:f7:0e:
2e:55:6e:18:ca:8c:38:a5:fe:e3:c3:80:b0:72:d4:ba:9e:a6:
0b:f1:0b:11:a9:45:4b:7d:d9:79:c9:26:d6:6e:58:a9:cf:46:
f7:4b:d2:78:14:3b:1d:ab:7b:f1:5e:16:4e:e8:4a:27:22:39:
aa:26:1e:24:c7:13:b0:8a:b8:10:6b:5f:f0:fa:c6:20:86:a2:
76:30:69:d8:c3:11:98:9f:ae:b2:ac:eb:b6:02:30:2f:43:23:
ec:53:be:e1:ed:57:f8:17:35:1c:1b:de:40:aa:4c:a0:aa:b0:
16:0c:ea:2d:b0:94:6e:c3:e0:c8:0a:df:3a:eb:e6:ce:a4:69:
19:2b:f4:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyMwD8N9EtARfq73I470d10MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkNDY2MzY5ZjM5MjdkYTBjODlmYjVmNGIzZWE5ZTMyNGY5
MjhhODQwHhcNMjMxMjIxMTQyMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmYxYTM1NTllMTZkZjE5N2U3NDM3NDQ1YzUwYzU3N2VmYWE3NmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8iJl8TH361cF8Oo89Zjorc6tWH0i
bf5NTmP946n3AZXJNkMZbqDJgPLYUXtxxsLFaixACuN7L0m8rAv87qLmbALu4bvl
sDAZXACKWX5H6HteweX0jxo6WvaDi/BjyRAUn/wsABq4q7bmxqTZxfhYkQ4LRXHf
btXlWiKeGg0Ao9LnnXS7lvjMn1msZS/fhdTVtdI/3ag1CWll93iw8bFtby/EoDMy
SN/43lm+WSPlBH7uaipLOnbcBUgVyUXdAir+MXFQ0AryoBnn4Xp6fHfslfdv1HfO
Zh0KWlNu98kLLQoNG3+LDjnGgb4QFu3bPArd4hGgOYiiN/7FVLziIuGGZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAbxo1WeFt8ZfnQ3RFxQxXfvqnbcMB8GA1UdIwQY
MBaAFK1GY2nzkn2gyJ+19LPqnjJPkoqEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclVaamFmT1NmYURJbjdYMHMtcWVNay1TaW9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8yN2M2YTEtMWM5NC00YTQ5LThlM2Qt
OWZkNTAzOTcwZmYwLzEvQnZHalZaNFczeGwtZERkRVhGREZkLS1xZHR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8yN2M2YTEtMWM5NC00YTQ5LThlM2QtOWZkNTAzOTcwZmYw
LzEvclVaamFmT1NmYURJbjdYMHMtcWVNay1TaW9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaQAMA0G
CSqGSIb3DQEBCwUAA4IBAQA62sKZFa3gMC6GAeeunSMbcYTzzGm9uVXwfHkwwHLr
ayySUO7XzdgPBK+hyzElmvGOjv/wgKXyS7x1m2SqyTA2ziGc+zyfabBy0P1PT6Kl
1goh1t+d7XyA0XvGK6arrOJ5pdb8ELl/EGGj8wm4HjAeLq9R/Y2E5R1wurcn9w4u
VW4Yyow4pf7jw4CwctS6nqYL8QsRqUVLfdl5ySbWblipz0b3S9J4FDsdq3vxXhZO
6EonIjmqJh4kxxOwirgQa1/w+sYghqJ2MGnYwxGYn66yrOu2AjAvQyPsU77h7Vf4
FzUcG95AqkygqrAWDOotsJRuw+DICt866+bOpGkZK/T0
-----END CERTIFICATE-----
Generated at Tue Apr 22 21:14:40 2025 by rpki-client