Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/B1TZAV1E4wcC9rHx04XGs4SO_cw.roa
File: B1TZAV1E4wcC9rHx04XGs4SO_cw.roa (raw, json)
Hash identifier: AaB8J7JHSpWbx5BKjBJyQ5yDFFR08ytPUNhS4IghyMc=
Subject key identifier: 07:54:D9:01:5D:44:E3:07:02:F6:B1:F1:D3:85:C6:B3:84:8E:FD:CC
Certificate issuer: /CN=39027738f978feda24a9d87b0cb8bb9aa7af540d
Certificate serial: 01856C1372F7773B18265E9AF33983D6FB8E
Authority key identifier: 39:02:77:38:F9:78:FE:DA:24:A9:D8:7B:0C:B8:BB:9A:A7:AF:54:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQJ3OPl4_tokqdh7DLi7mqevVA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/B1TZAV1E4wcC9rHx04XGs4SO_cw.roa
Signing time: Sun 01 Jan 2023 06:44:51 +0000
ROA not before: Sun 01 Jan 2023 06:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202207
IP address blocks: 185.5.124.0/22 maxlen: 22
5.181.44.0/22 maxlen: 22
2a03:1c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:13:72:f7:77:3b:18:26:5e:9a:f3:39:83:d6:fb:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39027738f978feda24a9d87b0cb8bb9aa7af540d
Validity
Not Before: Jan 1 06:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0754d9015d44e30702f6b1f1d385c6b3848efdcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:53:12:3b:a2:d3:c3:c8:5f:d3:a1:21:56:77:
6a:a9:a1:9b:1a:89:01:d5:94:de:f5:4a:46:5f:18:
7a:54:33:a5:e5:ec:ca:33:02:98:02:2a:a3:01:36:
4c:c3:24:08:4c:4a:0f:1f:98:87:e9:76:48:3a:ab:
be:6e:df:df:dc:a9:eb:32:6b:39:f8:8f:f2:06:a6:
9d:4a:76:d1:e8:fd:e3:c3:1f:e4:5f:e6:fb:1f:38:
59:97:93:53:2f:89:29:c8:9d:c3:6d:8f:c8:8c:19:
66:dc:17:c2:11:ff:64:6f:60:99:cd:31:8f:33:e7:
47:ba:f1:1e:00:37:72:ca:43:40:d3:ba:2b:01:e7:
db:b5:30:76:29:72:fb:a4:92:7c:d4:4c:f8:19:48:
29:4d:80:96:a8:27:50:ae:40:6b:7f:04:b6:03:99:
42:31:b7:e4:ee:36:be:9d:7a:12:1d:02:61:af:bf:
05:e8:de:1a:c5:46:2f:a9:9b:1b:73:27:d4:26:6e:
15:5c:7f:a0:3b:5c:28:7f:51:6a:c6:2f:4c:48:04:
7c:86:1b:02:fe:fa:15:73:ce:a8:94:b3:94:5a:a9:
fe:af:eb:e6:2b:fd:8a:e1:17:a6:5d:45:92:86:4c:
eb:8c:7a:06:23:95:cb:ef:eb:b4:29:ec:cc:86:0d:
95:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:54:D9:01:5D:44:E3:07:02:F6:B1:F1:D3:85:C6:B3:84:8E:FD:CC
X509v3 Authority Key Identifier:
keyid:39:02:77:38:F9:78:FE:DA:24:A9:D8:7B:0C:B8:BB:9A:A7:AF:54:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQJ3OPl4_tokqdh7DLi7mqevVA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/B1TZAV1E4wcC9rHx04XGs4SO_cw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b9117c-51c5-4af8-bbef-f5d8ab7c15f0/1/OQJ3OPl4_tokqdh7DLi7mqevVA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.44.0/22
185.5.124.0/22
IPv6:
2a03:1c0::/32
Signature Algorithm: sha256WithRSAEncryption
8c:34:f7:a6:15:f3:c9:09:37:41:1b:0f:d3:33:6b:96:61:17:
1e:9e:90:08:9c:d0:4d:98:2a:9e:6d:ff:4d:cf:10:36:06:bc:
69:0a:fc:37:33:dd:70:e4:43:00:fc:b7:4b:b0:34:75:05:7f:
24:5a:e2:39:1b:06:c2:b0:20:a7:43:b2:47:a8:2a:db:c7:e0:
55:b4:4a:59:6d:6d:a2:a3:4e:38:bc:78:23:dc:f0:52:db:03:
fd:85:9b:62:7d:e7:25:5c:3b:ea:fd:5f:6c:f6:1d:ad:c9:ad:
f8:61:a6:0b:95:5a:77:68:15:f8:3c:e0:b6:9c:27:50:47:aa:
5e:15:d7:21:d5:a3:1b:12:f5:4e:30:85:7b:03:37:5e:27:b6:
28:cb:bf:7d:ac:20:6a:e2:1a:e8:3d:41:f4:a0:4c:b4:c1:7a:
de:41:f5:fb:5d:b0:12:a2:3f:72:7f:5d:66:5f:c7:c3:f5:a1:
6b:65:99:a5:d3:ff:3f:b8:86:53:a3:7a:b8:01:b7:8a:5d:6e:
a4:5b:54:85:d9:b3:21:d5:d9:fa:43:e6:30:3d:5e:8e:b3:8e:
12:45:34:98:6a:23:3a:72:71:77:e2:b3:d3:32:54:7c:02:8d:
b8:3a:06:3a:69:ed:02:e9:e5:94:6c:c0:f8:dd:1a:a9:ed:67:
b4:75:a4:60
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsE3L3dzsYJl6a8zmD1vuOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MDI3NzM4Zjk3OGZlZGEyNGE5ZDg3YjBjYjhiYjlhYTdh
ZjU0MGQwHhcNMjMwMTAxMDY0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzU0ZDkwMTVkNDRlMzA3MDJmNmIxZjFkMzg1YzZiMzg0OGVmZGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1MSO6LTw8hf06EhVndqqaGbGokB
1ZTe9UpGXxh6VDOl5ezKMwKYAiqjATZMwyQITEoPH5iH6XZIOqu+bt/f3KnrMms5
+I/yBqadSnbR6P3jwx/kX+b7HzhZl5NTL4kpyJ3DbY/IjBlm3BfCEf9kb2CZzTGP
M+dHuvEeADdyykNA07orAefbtTB2KXL7pJJ81Ez4GUgpTYCWqCdQrkBrfwS2A5lC
Mbfk7ja+nXoSHQJhr78F6N4axUYvqZsbcyfUJm4VXH+gO1wof1Fqxi9MSAR8hhsC
/voVc86olLOUWqn+r+vmK/2K4RemXUWShkzrjHoGI5XL7+u0KezMhg2VWQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAdU2QFdROMHAvax8dOFxrOEjv3MMB8GA1UdIwQY
MBaAFDkCdzj5eP7aJKnYewy4u5qnr1QNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1FKM09QbDRfdG9rcWRoN0RMaTdtcWV2VkEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9iOTExN2MtNTFjNS00YWY4LWJiZWYt
ZjVkOGFiN2MxNWYwLzEvQjFUWkFWMUU0d2NDOXJIeDA0WEdzNFNPX2N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9iOTExN2MtNTFjNS00YWY4LWJiZWYtZjVkOGFiN2MxNWYw
LzEvT1FKM09QbDRfdG9rcWRoN0RMaTdtcWV2VkEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCBbUsAwQC
uQV8MA0EAgACMAcDBQAqAwHAMA0GCSqGSIb3DQEBCwUAA4IBAQCMNPemFfPJCTdB
Gw/TM2uWYRcenpAInNBNmCqebf9NzxA2BrxpCvw3M91w5EMA/LdLsDR1BX8kWuI5
GwbCsCCnQ7JHqCrbx+BVtEpZbW2io044vHgj3PBS2wP9hZtifeclXDvq/V9s9h2t
ya34YaYLlVp3aBX4POC2nCdQR6peFdch1aMbEvVOMIV7AzdeJ7Yoy799rCBq4hro
PUH0oEy0wXreQfX7XbASoj9yf11mX8fD9aFrZZml0/8/uIZTo3q4AbeKXW6kW1SF
2bMh1dn6Q+YwPV6Os44SRTSYaiM6cnF34rPTMlR8Ao24OgY6ae0C6eWUbMD43Rqp
7We0daRg
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:45 2025 by rpki-client