Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/BKDlfhWS-9oX1X_DZJsgYHE7isM.roa
File: BKDlfhWS-9oX1X_DZJsgYHE7isM.roa (raw, json)
Hash identifier: ZsNopmx4zI42IcpVohlfPX31y6rAZJmUkbf7+HwjNKE=
Subject key identifier: 04:A0:E5:7E:15:92:FB:DA:17:D5:7F:C3:64:9B:20:60:71:3B:8A:C3
Certificate issuer: /CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
Certificate serial: 018B8B95DC02B5714D1E4E11B0518492F130
Authority key identifier: 14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/BKDlfhWS-9oX1X_DZJsgYHE7isM.roa
Signing time: Wed 01 Nov 2023 15:52:16 +0000
ROA not before: Wed 01 Nov 2023 15:52:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211252
IP address blocks: 37.0.8.0/24 maxlen: 24
37.0.10.0/23 maxlen: 24
85.202.168.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8b:95:dc:02:b5:71:4d:1e:4e:11:b0:51:84:92:f1:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
Validity
Not Before: Nov 1 15:52:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=04a0e57e1592fbda17d57fc3649b2060713b8ac3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:83:1c:cb:be:28:9f:5d:12:e7:04:7d:ba:3e:
c4:51:4a:d6:91:23:32:1a:cc:35:25:bc:76:c7:db:
a0:31:79:05:da:8b:b8:6d:4d:e4:a0:cc:c8:0b:4f:
12:b4:f0:cd:8f:60:4b:a1:a6:60:7c:58:be:34:36:
b6:3f:52:89:4e:dc:e5:8b:7b:54:7a:8b:ef:84:7d:
9d:4a:de:68:c7:f6:20:9a:1e:b4:35:d0:96:d8:53:
53:9d:6f:ae:26:09:b0:7b:bb:70:61:f1:dc:63:27:
c8:88:3c:0d:eb:52:31:74:b2:aa:62:a3:a5:95:57:
0b:a8:c0:b4:d1:ba:27:66:92:66:d5:0e:a7:a0:b1:
f0:49:a8:ec:9b:69:30:d3:3e:70:22:7e:b2:d3:d0:
f1:9f:97:3a:e7:68:ed:f4:6f:a0:38:39:74:a6:90:
89:7e:02:ec:b2:00:ae:68:b9:21:5c:b0:60:f4:72:
c3:d3:d0:1e:e2:72:90:16:96:2c:47:c6:5f:ad:fc:
3b:52:6a:1f:a7:9a:45:00:51:e7:3c:14:bf:3e:f6:
be:90:9c:5b:15:de:c1:f9:12:2a:7f:bb:62:51:e5:
ad:13:80:87:75:0e:92:6c:96:b4:62:63:c1:b8:22:
a7:3b:8a:de:ee:17:b5:bd:aa:ac:bb:11:8a:70:6f:
9f:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:A0:E5:7E:15:92:FB:DA:17:D5:7F:C3:64:9B:20:60:71:3B:8A:C3
X509v3 Authority Key Identifier:
keyid:14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/BKDlfhWS-9oX1X_DZJsgYHE7isM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/FL7g69BrS4EvnhNxbiXxw8PRTMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.0.8.0/24
37.0.10.0/23
85.202.168.0/23
Signature Algorithm: sha256WithRSAEncryption
93:da:40:a6:69:96:d5:ed:85:a6:7d:85:07:22:e0:20:8e:31:
6f:96:33:cf:71:1f:2e:81:e6:79:44:21:8b:03:f4:14:95:f4:
a6:10:b2:72:bd:1c:22:91:18:5b:ce:9d:69:65:61:16:c7:f7:
6e:79:18:d6:23:ae:7f:98:5e:a0:03:4c:6d:1f:c3:9d:2f:0e:
88:2a:bc:28:c9:ee:77:d4:93:23:87:81:4a:ca:1d:df:d6:97:
47:04:42:2f:49:1c:05:ab:8b:d8:56:aa:8b:c7:ce:85:d4:f2:
b3:42:df:80:01:4e:54:be:a3:90:1d:c0:41:59:e1:e5:dc:6a:
04:10:38:9f:c8:3f:e5:d3:b0:23:4a:a8:da:e4:f6:34:96:ae:
ba:62:73:05:9e:07:dc:7e:cb:7f:3d:e6:e0:c8:c9:74:0b:0b:
b9:17:58:54:31:37:85:db:17:41:e3:16:72:01:c3:a3:80:0d:
d8:56:c8:bf:3c:5e:2c:66:5a:88:cf:fc:ab:68:8b:41:17:a0:
a1:ac:a0:e5:a5:7a:1d:48:97:36:4d:3c:61:39:39:24:cf:94:
5b:be:0f:27:fb:dd:70:3e:d0:d8:35:2c:aa:c7:69:51:57:39:
9e:c7:cd:e6:e9:aa:19:75:97:af:94:26:30:40:66:98:20:05:
56:c0:a8:ef
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYuLldwCtXFNHk4RsFGEkvEwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YmVlMGViZDA2YjRiODEyZjllMTM3MTZlMjVmMWMzYzNk
MTRjYzYwHhcNMjMxMTAxMTU1MjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGEwZTU3ZTE1OTJmYmRhMTdkNTdmYzM2NDliMjA2MDcxM2I4YWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3oMcy74on10S5wR9uj7EUUrWkSMy
Gsw1Jbx2x9ugMXkF2ou4bU3koMzIC08StPDNj2BLoaZgfFi+NDa2P1KJTtzli3tU
eovvhH2dSt5ox/Ygmh60NdCW2FNTnW+uJgmwe7twYfHcYyfIiDwN61IxdLKqYqOl
lVcLqMC00bonZpJm1Q6noLHwSajsm2kw0z5wIn6y09Dxn5c652jt9G+gODl0ppCJ
fgLssgCuaLkhXLBg9HLD09Ae4nKQFpYsR8Zfrfw7Umofp5pFAFHnPBS/Pva+kJxb
Fd7B+RIqf7tiUeWtE4CHdQ6SbJa0YmPBuCKnO4re7he1vaqsuxGKcG+feQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFASg5X4VkvvaF9V/w2SbIGBxO4rDMB8GA1UdIwQY
MBaAFBS+4OvQa0uBL54TcW4l8cPD0UzGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkw3ZzY5QnJTNEV2bmhOeGJpWHh3OFBSVE1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xNjFjM2YtYjgzZC00NWIxLWFhOGUt
ZDFiYjZiNGRkNzAxLzEvQktEbGZoV1MtOW9YMVhfRFpKc2dZSEU3aXNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xNjFjM2YtYjgzZC00NWIxLWFhOGUtZDFiYjZiNGRkNzAx
LzEvRkw3ZzY5QnJTNEV2bmhOeGJpWHh3OFBSVE1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJQAIAwQB
JQAKAwQBVcqoMA0GCSqGSIb3DQEBCwUAA4IBAQCT2kCmaZbV7YWmfYUHIuAgjjFv
ljPPcR8ugeZ5RCGLA/QUlfSmELJyvRwikRhbzp1pZWEWx/dueRjWI65/mF6gA0xt
H8OdLw6IKrwoye531JMjh4FKyh3f1pdHBEIvSRwFq4vYVqqLx86F1PKzQt+AAU5U
vqOQHcBBWeHl3GoEEDifyD/l07AjSqja5PY0lq66YnMFngfcfst/PebgyMl0Cwu5
F1hUMTeF2xdB4xZyAcOjgA3YVsi/PF4sZlqIz/yraItBF6ChrKDlpXodSJc2TTxh
OTkkz5Rbvg8n+91wPtDYNSyqx2lRVzmex83m6aoZdZevlCYwQGaYIAVWwKjv
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:20:37 2025 by rpki-client