Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/353f3d-6afa-4e31-91a9-5e6a92e7f68f/1/bKpEHU3OxLOw5ElH4S-mvh3RPz4.roa
File: bKpEHU3OxLOw5ElH4S-mvh3RPz4.roa (raw, json)
Hash identifier: EtkXuwonmGhaumBz2yWp362SedY4jihAZOb9x0ATFBg=
Subject key identifier: 6C:AA:44:1D:4D:CE:C4:B3:B0:E4:49:47:E1:2F:A6:BE:1D:D1:3F:3E
Certificate issuer: /CN=fcbb5e2e0fd9832d73b1ef8f9e486ffd00b3d789
Certificate serial: 01856DE67A7A725B146F5AC1A1CBA2E5E36E
Authority key identifier: FC:BB:5E:2E:0F:D9:83:2D:73:B1:EF:8F:9E:48:6F:FD:00:B3:D7:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_LteLg_Zgy1zse-Pnkhv_QCz14k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/353f3d-6afa-4e31-91a9-5e6a92e7f68f/1/bKpEHU3OxLOw5ElH4S-mvh3RPz4.roa
Signing time: Sun 01 Jan 2023 15:14:59 +0000
ROA not before: Sun 01 Jan 2023 15:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47295
IP address blocks: 93.90.128.0/20 maxlen: 20
194.48.144.0/22 maxlen: 22
2a03:2400::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:7a:7a:72:5b:14:6f:5a:c1:a1:cb:a2:e5:e3:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fcbb5e2e0fd9832d73b1ef8f9e486ffd00b3d789
Validity
Not Before: Jan 1 15:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6caa441d4dcec4b3b0e44947e12fa6be1dd13f3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:8c:cf:e4:47:da:87:dd:fe:33:f2:96:d8:ce:
f5:76:15:d4:a9:90:71:c1:31:8a:3d:aa:b1:2e:f9:
8f:46:01:63:42:b4:fc:ff:b7:03:72:f3:e8:6d:ab:
e9:a1:f6:40:70:7c:8c:e9:9b:91:2a:02:2d:26:e5:
b5:6b:07:21:ec:60:b5:db:a2:17:19:0a:30:e3:2a:
37:ae:59:2e:ec:a9:73:61:90:4a:f8:0c:1b:0a:dd:
44:18:f6:68:db:ca:30:c1:be:3e:44:e9:fe:16:d8:
a5:fa:b3:1d:cb:d2:41:8a:d3:2c:22:78:ee:98:34:
7d:d1:1d:e7:ed:06:fe:10:f3:37:69:52:28:90:0a:
ea:6e:ae:1b:00:63:f4:8d:cd:f8:36:a9:5d:23:98:
bb:b6:f6:55:c3:95:1d:fb:90:d9:76:b2:70:1a:d1:
f7:b1:53:f0:dc:79:6a:0d:78:19:f5:11:30:b7:ff:
05:58:e5:2d:3b:1e:37:86:9c:92:8c:28:34:d7:a8:
a6:3b:b1:b1:9c:6a:6e:df:35:0d:4a:17:0f:60:f6:
bd:84:1c:c5:09:72:57:9a:68:1a:68:a3:f6:dc:7e:
25:ca:78:e9:d4:05:e0:10:51:b5:b6:d7:be:09:4d:
95:70:91:de:0c:e4:66:62:9a:68:32:bd:6b:df:5d:
1d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:AA:44:1D:4D:CE:C4:B3:B0:E4:49:47:E1:2F:A6:BE:1D:D1:3F:3E
X509v3 Authority Key Identifier:
keyid:FC:BB:5E:2E:0F:D9:83:2D:73:B1:EF:8F:9E:48:6F:FD:00:B3:D7:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_LteLg_Zgy1zse-Pnkhv_QCz14k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/353f3d-6afa-4e31-91a9-5e6a92e7f68f/1/bKpEHU3OxLOw5ElH4S-mvh3RPz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/353f3d-6afa-4e31-91a9-5e6a92e7f68f/1/_LteLg_Zgy1zse-Pnkhv_QCz14k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.90.128.0/20
194.48.144.0/22
IPv6:
2a03:2400::/29
Signature Algorithm: sha256WithRSAEncryption
88:a4:06:39:61:1d:70:ec:4a:97:9e:f0:0d:4a:10:67:32:e5:
be:b9:af:f0:df:8e:db:49:fa:4c:a4:8b:69:05:25:b0:1a:62:
b5:b4:39:05:cc:a8:8d:39:dc:31:5d:86:53:cc:66:df:ea:ae:
3b:2a:73:dc:15:e0:ad:0e:92:d3:ed:f9:24:f6:9a:0c:5e:a3:
75:6f:42:8a:b1:72:91:84:b6:6c:e6:61:68:80:ef:d1:de:ec:
de:ab:7a:82:8b:7c:73:1b:f9:f8:b5:45:4c:5c:71:0d:77:03:
a7:de:f0:f2:e6:14:b0:13:dc:65:7d:05:78:bf:9b:d9:c9:a5:
b6:5e:5d:ba:c1:8a:b5:a0:76:4b:7d:7d:b5:18:1f:56:12:6e:
2a:83:ce:59:46:9f:cb:40:25:01:56:52:60:36:d2:87:b1:3a:
89:c0:59:9d:09:d2:88:ab:93:c9:9c:e8:46:0c:99:b1:0d:81:
b2:c2:ab:09:c4:00:fa:93:bc:92:18:e8:f3:a4:b7:af:67:fc:
bd:f7:4f:5f:0d:30:b6:dc:99:08:b0:bf:85:43:84:93:2d:af:
18:22:2c:3b:85:dd:ec:ba:88:27:c1:36:c8:af:fb:da:01:50:
13:2d:92:04:fd:b3:88:81:8b:08:36:23:64:e2:fc:b0:ff:aa:
eb:f4:13:c1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVt5np6clsUb1rBocui5eNuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjYmI1ZTJlMGZkOTgzMmQ3M2IxZWY4ZjllNDg2ZmZkMDBi
M2Q3ODkwHhcNMjMwMTAxMTUxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2FhNDQxZDRkY2VjNGIzYjBlNDQ5NDdlMTJmYTZiZTFkZDEzZjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIzP5Efah93+M/KW2M71dhXUqZBx
wTGKPaqxLvmPRgFjQrT8/7cDcvPobavpofZAcHyM6ZuRKgItJuW1awch7GC126IX
GQow4yo3rlku7KlzYZBK+AwbCt1EGPZo28owwb4+ROn+Ftil+rMdy9JBitMsInju
mDR90R3n7Qb+EPM3aVIokArqbq4bAGP0jc34NqldI5i7tvZVw5Ud+5DZdrJwGtH3
sVPw3HlqDXgZ9REwt/8FWOUtOx43hpySjCg016imO7GxnGpu3zUNShcPYPa9hBzF
CXJXmmgaaKP23H4lynjp1AXgEFG1tte+CU2VcJHeDORmYppoMr1r310d9wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGyqRB1NzsSzsORJR+Evpr4d0T8+MB8GA1UdIwQY
MBaAFPy7Xi4P2YMtc7Hvj55Ib/0As9eJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0x0ZUxnX1pneTF6c2UtUG5raHZfUUN6MTRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8zNTNmM2QtNmFmYS00ZTMxLTkxYTkt
NWU2YTkyZTdmNjhmLzEvYktwRUhVM094TE93NUVsSDRTLW12aDNSUHo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8zNTNmM2QtNmFmYS00ZTMxLTkxYTktNWU2YTkyZTdmNjhm
LzEvX0x0ZUxnX1pneTF6c2UtUG5raHZfUUN6MTRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEXVqAAwQC
wjCQMA0EAgACMAcDBQMqAyQAMA0GCSqGSIb3DQEBCwUAA4IBAQCIpAY5YR1w7EqX
nvANShBnMuW+ua/w347bSfpMpItpBSWwGmK1tDkFzKiNOdwxXYZTzGbf6q47KnPc
FeCtDpLT7fkk9poMXqN1b0KKsXKRhLZs5mFogO/R3uzeq3qCi3xzG/n4tUVMXHEN
dwOn3vDy5hSwE9xlfQV4v5vZyaW2Xl26wYq1oHZLfX21GB9WEm4qg85ZRp/LQCUB
VlJgNtKHsTqJwFmdCdKIq5PJnOhGDJmxDYGywqsJxAD6k7ySGOjzpLevZ/y9909f
DTC23JkIsL+FQ4STLa8YIiw7hd3suognwTbIr/vaAVATLZIE/bOIgYsINiNk4vyw
/6rr9BPB
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:27:32 2025 by rpki-client