Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/f8fb71-a7c7-4f92-8743-9c708dac1d92/1/BDWEcKZe1FqymnboKsE7Iq2-m8U.roa
File: BDWEcKZe1FqymnboKsE7Iq2-m8U.roa (raw, json)
Hash identifier: pwxwpSDpl4PDQT+oOhL6AWFhlvHIZuXf2x2MCfoBHic=
Subject key identifier: 04:35:84:70:A6:5E:D4:5A:B2:9A:76:E8:2A:C1:3B:22:AD:BE:9B:C5
Certificate issuer: /CN=59007408bbf8ad9044de68046587c7589b72ebef
Certificate serial: 0188F358
Authority key identifier: 59:00:74:08:BB:F8:AD:90:44:DE:68:04:65:87:C7:58:9B:72:EB:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WQB0CLv4rZBE3mgEZYfHWJty6-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/f8fb71-a7c7-4f92-8743-9c708dac1d92/1/BDWEcKZe1FqymnboKsE7Iq2-m8U.roa
Signing time: Wed 02 Mar 2022 08:51:40 +0000
ROA not before: Wed 02 Mar 2022 08:51:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35407
IP address blocks: 91.213.105.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25752408 (0x188f358)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59007408bbf8ad9044de68046587c7589b72ebef
Validity
Not Before: Mar 2 08:51:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=04358470a65ed45ab29a76e82ac13b22adbe9bc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:a9:fd:b5:68:33:4c:3d:39:32:1f:a6:23:a0:
d5:d6:f4:ac:e9:c6:cf:ec:77:42:05:8a:fa:85:a8:
73:a2:91:82:89:e9:e7:b6:3d:27:ac:43:d3:ec:3f:
55:67:81:7f:13:35:28:2b:95:74:7c:15:bb:11:cc:
f1:25:25:7d:cd:98:ca:a2:45:96:26:29:96:9e:1d:
aa:82:2c:31:4a:26:d2:53:ca:3b:d4:9e:ef:7e:a3:
1c:80:ea:e8:20:5a:9c:cc:e2:57:92:02:f2:ab:22:
f4:e3:bc:e4:72:b1:e5:11:0f:6e:f4:5f:f4:24:a1:
31:7b:9a:e7:db:c6:b6:5f:84:51:7a:a8:ff:a7:c2:
77:1a:da:80:d5:d5:5a:7c:84:c3:e3:e3:68:93:d5:
b8:81:a7:d5:5f:bb:cb:25:18:2a:0f:b8:56:cc:8d:
c2:24:b6:85:53:16:77:c0:d1:b1:4f:78:84:69:2d:
a5:03:80:0d:16:ad:a8:64:54:9a:0a:30:64:89:67:
49:2b:bb:68:ce:9e:e6:fd:6f:e3:eb:4e:d5:78:18:
23:47:3c:10:c8:f5:72:54:36:f3:85:58:98:2a:17:
f6:64:14:45:cc:84:72:b6:4a:85:dc:de:1b:29:2f:
15:5b:78:64:4e:61:65:56:12:92:f0:fc:0e:82:cc:
b7:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:35:84:70:A6:5E:D4:5A:B2:9A:76:E8:2A:C1:3B:22:AD:BE:9B:C5
X509v3 Authority Key Identifier:
keyid:59:00:74:08:BB:F8:AD:90:44:DE:68:04:65:87:C7:58:9B:72:EB:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WQB0CLv4rZBE3mgEZYfHWJty6-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f8fb71-a7c7-4f92-8743-9c708dac1d92/1/BDWEcKZe1FqymnboKsE7Iq2-m8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f8fb71-a7c7-4f92-8743-9c708dac1d92/1/WQB0CLv4rZBE3mgEZYfHWJty6-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.105.0/24
Signature Algorithm: sha256WithRSAEncryption
55:58:5f:6e:1b:79:01:92:0e:93:08:ab:dc:04:58:67:ac:25:
42:b4:cb:f2:46:83:b3:13:bc:2f:46:0a:45:cf:00:ed:6c:5c:
79:45:81:86:e7:75:47:70:3c:6f:2d:74:7b:f5:61:d5:33:52:
4c:f7:5b:92:9e:9a:71:2a:ff:e9:1e:a2:c7:72:fb:62:32:e8:
6d:c0:4e:c6:bd:a7:01:09:f1:fd:39:d9:51:13:e1:9f:1b:c8:
d2:d6:68:84:51:d8:98:49:bd:87:73:2f:d2:84:b6:d4:7a:f8:
b0:42:29:cc:cd:a5:b0:6b:2c:3e:d2:ba:81:54:02:40:01:5a:
9a:a5:d1:85:9d:ef:38:11:12:ff:21:49:0f:1b:8f:48:74:c5:
be:2a:23:fc:5d:18:0d:d3:f7:b6:77:eb:80:c7:fe:6b:27:e4:
e4:21:c4:0c:07:c7:35:d0:a9:61:19:72:8b:ca:89:28:23:00:
74:b2:13:41:e6:44:f4:c9:d4:6d:05:d3:20:55:0d:1e:5b:3d:
76:61:54:83:a5:a4:1f:3d:47:3a:7e:bb:d4:20:9f:90:51:f6:
ad:c9:b2:2a:c3:35:42:45:a3:7b:d9:67:04:fe:c2:2a:20:4c:
fc:47:d8:8e:bf:13:cd:fd:a8:e4:e4:27:d3:16:c4:3b:3b:77:
bf:63:64:c5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAYjzWDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
OTAwNzQwOGJiZjhhZDkwNDRkZTY4MDQ2NTg3Yzc1ODliNzJlYmVmMB4XDTIyMDMw
MjA4NTE0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDQzNTg0NzBhNjVl
ZDQ1YWIyOWE3NmU4MmFjMTNiMjJhZGJlOWJjNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJap/bVoM0w9OTIfpiOg1db0rOnGz+x3QgWK+oWoc6KRgonp
57Y9J6xD0+w/VWeBfxM1KCuVdHwVuxHM8SUlfc2YyqJFliYplp4dqoIsMUom0lPK
O9Se736jHIDq6CBanMziV5IC8qsi9OO85HKx5REPbvRf9CShMXua59vGtl+EUXqo
/6fCdxragNXVWnyEw+PjaJPVuIGn1V+7yyUYKg+4VsyNwiS2hVMWd8DRsU94hGkt
pQOADRatqGRUmgowZIlnSSu7aM6e5v1v4+tO1XgYI0c8EMj1clQ284VYmCoX9mQU
RcyEcrZKhdzeGykvFVt4ZE5hZVYSkvD8DoLMt3UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQENYRwpl7UWrKadugqwTsirb6bxTAfBgNVHSMEGDAWgBRZAHQIu/itkETe
aARlh8dYm3Lr7zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dRQjBDTHY0clpCRTNtZ0VaWWZIV0p0eTYtOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjAvZjhmYjcxLWE3YzctNGY5Mi04NzQzLTljNzA4ZGFjMWQ5Mi8x
L0JEV0VjS1plMUZxeW1uYm9Lc0U3SXEyLW04VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAv
ZjhmYjcxLWE3YzctNGY5Mi04NzQzLTljNzA4ZGFjMWQ5Mi8xL1dRQjBDTHY0clpC
RTNtZ0VaWWZIV0p0eTYtOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvVaTANBgkqhkiG9w0BAQsFAAOC
AQEAVVhfbht5AZIOkwir3ARYZ6wlQrTL8kaDsxO8L0YKRc8A7WxceUWBhud1R3A8
by10e/Vh1TNSTPdbkp6acSr/6R6ix3L7YjLobcBOxr2nAQnx/TnZURPhnxvI0tZo
hFHYmEm9h3Mv0oS21Hr4sEIpzM2lsGssPtK6gVQCQAFamqXRhZ3vOBES/yFJDxuP
SHTFvioj/F0YDdP3tnfrgMf+ayfk5CHEDAfHNdCpYRlyi8qJKCMAdLITQeZE9MnU
bQXTIFUNHls9dmFUg6WkHz1HOn671CCfkFH2rcmyKsM1QkWje9lnBP7CKiBM/EfY
jr8Tzf2o5OQn0xbEOzt3v2NkxQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:33:36 2025 by rpki-client