Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/54d413-40f5-4ae2-aca9-ff3936fe9946/1/BETB7SuMxMYo5xKZhTNmlO29FgA.roa
File: BETB7SuMxMYo5xKZhTNmlO29FgA.roa (raw, json)
Hash identifier: XBZUyl/uGjvaNALnfAoDLpa6TQaCYMlnLsjusYQMIJE=
Subject key identifier: 04:44:C1:ED:2B:8C:C4:C6:28:E7:12:99:85:33:66:94:ED:BD:16:00
Certificate issuer: /CN=c2902f769bf681b1039f2cee61e9e0f975e4e56b
Certificate serial: 018558EACF993FCA1B5662A2454AD11A503F
Authority key identifier: C2:90:2F:76:9B:F6:81:B1:03:9F:2C:EE:61:E9:E0:F9:75:E4:E5:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wpAvdpv2gbEDnyzuYeng-XXk5Ws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/54d413-40f5-4ae2-aca9-ff3936fe9946/1/BETB7SuMxMYo5xKZhTNmlO29FgA.roa
Signing time: Wed 28 Dec 2022 13:27:41 +0000
ROA not before: Wed 28 Dec 2022 13:27:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29013
IP address blocks: 188.239.127.0/24 maxlen: 24
188.239.64.0/18 maxlen: 18
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:58:ea:cf:99:3f:ca:1b:56:62:a2:45:4a:d1:1a:50:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2902f769bf681b1039f2cee61e9e0f975e4e56b
Validity
Not Before: Dec 28 13:27:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0444c1ed2b8cc4c628e7129985336694edbd1600
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ca:30:81:44:32:27:e0:dd:3b:c6:83:40:04:
0d:81:5b:8d:09:99:62:cc:a0:4a:28:8f:b4:85:51:
e5:fd:50:76:e8:33:ca:97:fc:c1:09:89:c3:60:0a:
de:ec:4e:d9:62:c1:15:dc:e6:bf:61:5a:ba:0d:bd:
c6:aa:6c:6c:75:b5:06:75:03:36:bd:82:90:5b:e5:
4d:5c:ec:14:3b:f2:12:5f:68:85:2a:2a:ef:b9:cb:
7f:23:96:0e:12:4f:17:37:08:19:2f:56:c7:90:62:
11:e1:d9:af:74:c0:3d:65:76:2b:d5:e1:b4:86:15:
e3:03:58:19:37:0a:f0:7e:17:d2:5b:9c:86:4c:36:
d4:c7:ca:0d:75:81:cb:36:38:dd:df:e6:f6:77:5e:
22:b2:78:fd:92:8e:c7:0a:40:b5:ad:a1:e9:62:2d:
e6:7d:51:cf:d0:04:19:73:84:dd:c7:44:02:2b:06:
42:56:65:d5:3c:0d:4a:88:0e:23:b0:b7:1d:b8:80:
46:b3:fc:5f:66:1a:95:63:13:e8:5a:bd:c2:1d:cf:
99:f4:22:7e:13:eb:74:98:9e:c2:eb:1c:d0:bf:8d:
4a:43:e3:ce:77:54:14:02:85:40:32:a4:c8:ed:3a:
49:a8:b3:1f:a1:c0:40:0b:cb:eb:0b:14:63:00:2d:
70:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:44:C1:ED:2B:8C:C4:C6:28:E7:12:99:85:33:66:94:ED:BD:16:00
X509v3 Authority Key Identifier:
keyid:C2:90:2F:76:9B:F6:81:B1:03:9F:2C:EE:61:E9:E0:F9:75:E4:E5:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wpAvdpv2gbEDnyzuYeng-XXk5Ws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/54d413-40f5-4ae2-aca9-ff3936fe9946/1/BETB7SuMxMYo5xKZhTNmlO29FgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/54d413-40f5-4ae2-aca9-ff3936fe9946/1/wpAvdpv2gbEDnyzuYeng-XXk5Ws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.239.64.0/18
Signature Algorithm: sha256WithRSAEncryption
52:f4:9a:b3:57:3f:aa:d8:b8:ff:a9:df:ad:96:84:ca:97:04:
1d:eb:15:6a:10:1d:0a:09:7b:ad:8d:f3:18:6c:e2:c3:3c:07:
c6:72:68:1b:bb:a6:61:24:e0:d3:a0:13:da:72:70:25:31:ca:
8a:09:62:2f:1e:25:8c:8a:11:0a:f5:88:c1:27:6d:44:a7:07:
f5:e3:d1:89:c1:4b:fd:23:e7:d8:06:43:15:6d:ab:a3:43:f2:
fb:84:a1:ff:fa:50:5b:ac:3a:cb:21:3a:99:bc:26:f4:c5:a5:
ae:d4:76:f2:52:fb:60:49:46:f1:8e:e0:51:ec:06:45:95:a6:
a9:14:55:85:fc:36:6b:cb:40:9f:fe:f2:5b:f0:64:4c:4c:fd:
ff:ec:6e:a9:e8:b2:58:8f:47:8d:e7:01:67:71:d1:8f:41:80:
e2:09:9b:01:b9:54:ca:61:28:c5:8c:5c:b0:ee:34:ce:c3:2c:
13:16:4d:a2:3a:50:fd:f9:02:7b:34:07:5e:e0:3b:36:73:3b:
9d:ee:6c:27:e1:6f:66:d9:3c:3b:93:af:77:98:ac:24:57:ab:
d0:78:ab:3b:3c:3d:d4:46:36:07:83:03:3d:c0:e6:5e:de:4d:
32:5f:ef:f8:d9:23:82:07:0f:1f:32:5b:08:05:15:ba:7e:92:
bb:0f:d9:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVY6s+ZP8obVmKiRUrRGlA/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyOTAyZjc2OWJmNjgxYjEwMzlmMmNlZTYxZTllMGY5NzVl
NGU1NmIwHhcNMjIxMjI4MTMyNzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDQ0YzFlZDJiOGNjNGM2MjhlNzEyOTk4NTMzNjY5NGVkYmQxNjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMowgUQyJ+DdO8aDQAQNgVuNCZli
zKBKKI+0hVHl/VB26DPKl/zBCYnDYAre7E7ZYsEV3Oa/YVq6Db3GqmxsdbUGdQM2
vYKQW+VNXOwUO/ISX2iFKirvuct/I5YOEk8XNwgZL1bHkGIR4dmvdMA9ZXYr1eG0
hhXjA1gZNwrwfhfSW5yGTDbUx8oNdYHLNjjd3+b2d14isnj9ko7HCkC1raHpYi3m
fVHP0AQZc4Tdx0QCKwZCVmXVPA1KiA4jsLcduIBGs/xfZhqVYxPoWr3CHc+Z9CJ+
E+t0mJ7C6xzQv41KQ+POd1QUAoVAMqTI7TpJqLMfocBAC8vrCxRjAC1wbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAREwe0rjMTGKOcSmYUzZpTtvRYAMB8GA1UdIwQY
MBaAFMKQL3ab9oGxA58s7mHp4Pl15OVrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3BBdmRwdjJnYkVEbnl6dVllbmctWFhrNVdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My81NGQ0MTMtNDBmNS00YWUyLWFjYTkt
ZmYzOTM2ZmU5OTQ2LzEvQkVUQjdTdU14TVlvNXhLWmhUTm1sTzI5RmdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My81NGQ0MTMtNDBmNS00YWUyLWFjYTktZmYzOTM2ZmU5OTQ2
LzEvd3BBdmRwdjJnYkVEbnl6dVllbmctWFhrNVdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGvO9AMA0G
CSqGSIb3DQEBCwUAA4IBAQBS9JqzVz+q2Lj/qd+tloTKlwQd6xVqEB0KCXutjfMY
bOLDPAfGcmgbu6ZhJODToBPacnAlMcqKCWIvHiWMihEK9YjBJ21Epwf149GJwUv9
I+fYBkMVbaujQ/L7hKH/+lBbrDrLITqZvCb0xaWu1HbyUvtgSUbxjuBR7AZFlaap
FFWF/DZry0Cf/vJb8GRMTP3/7G6p6LJYj0eN5wFncdGPQYDiCZsBuVTKYSjFjFyw
7jTOwywTFk2iOlD9+QJ7NAde4Ds2czud7mwn4W9m2Tw7k693mKwkV6vQeKs7PD3U
RjYHgwM9wOZe3k0yX+/42SOCBw8fMlsIBRW6fpK7D9kl
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:02 2025 by rpki-client