Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/BzmoOoOU4e1kRN3P3REkojrvF8Y.roa
File: BzmoOoOU4e1kRN3P3REkojrvF8Y.roa (raw, json)
Hash identifier: HfZwvBcqfav1HfWEGpsR7e9B3QN3tlokLqJnidHC67k=
Subject key identifier: 07:39:A8:3A:83:94:E1:ED:64:44:DD:CF:DD:11:24:A2:3A:EF:17:C6
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 018570F0B18F225493900F2C697618D09B18
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/BzmoOoOU4e1kRN3P3REkojrvF8Y.roa
Signing time: Mon 02 Jan 2023 05:25:00 +0000
ROA not before: Mon 02 Jan 2023 05:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196928
IP address blocks: 82.177.138.0/23 maxlen: 23
82.177.163.0/24 maxlen: 24
88.220.182.0/23 maxlen: 23
88.220.98.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:b1:8f:22:54:93:90:0f:2c:69:76:18:d0:9b:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 2 05:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0739a83a8394e1ed6444ddcfdd1124a23aef17c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:74:8a:6a:3a:22:1d:f6:de:7b:00:a4:b2:8e:
25:e1:4e:fe:8a:cd:f2:75:6c:58:95:5c:fb:98:af:
20:0c:ea:a0:ac:3c:2b:5f:bb:b9:51:56:dc:00:0a:
da:bd:c7:f2:5b:e3:ce:82:ac:80:82:66:54:1c:82:
ab:b9:d9:64:80:ac:e5:0f:66:f8:af:45:25:75:2b:
9c:38:77:68:4a:4d:ab:71:f5:9e:1a:1d:2c:17:6b:
07:db:70:19:8a:b4:bb:d8:51:7f:03:71:69:70:3f:
a9:f7:a7:ba:10:fd:5c:a5:fe:ab:84:d9:c5:5c:91:
c2:af:27:86:1b:91:ce:6f:dc:cd:f9:28:9b:34:9a:
44:9a:0b:7e:c3:06:4e:1e:ad:ea:28:e9:b0:b1:19:
ba:d6:94:ef:68:09:80:74:5f:35:5b:ca:c1:3d:41:
65:19:62:aa:23:83:9c:c0:e5:68:dd:ad:1f:d1:6c:
2b:84:6c:72:6e:b9:09:4e:19:a5:44:de:df:15:80:
b4:be:68:ae:f8:b2:d9:ac:86:eb:89:67:d3:ea:99:
68:46:5d:73:ac:5e:44:80:7e:d2:78:f5:69:f5:a5:
9b:27:f7:f6:67:7b:ab:cd:e6:3a:cb:ab:15:dd:9d:
ba:d4:19:09:27:fe:94:86:6e:75:de:38:c9:20:2c:
37:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:39:A8:3A:83:94:E1:ED:64:44:DD:CF:DD:11:24:A2:3A:EF:17:C6
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/BzmoOoOU4e1kRN3P3REkojrvF8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.177.138.0/23
82.177.163.0/24
88.220.98.0/23
88.220.182.0/23
Signature Algorithm: sha256WithRSAEncryption
37:be:9e:29:34:f4:55:16:ba:6f:b3:ef:f3:e9:a6:64:c3:ff:
d8:0d:f1:90:3c:bf:b8:4f:2d:96:48:2d:51:e1:40:cf:7e:c0:
90:5c:57:a0:4b:32:66:37:da:64:99:15:53:70:e2:13:7e:45:
74:85:01:72:69:2f:32:1f:4f:4d:06:73:b0:d3:d7:75:e2:4f:
35:18:61:f5:03:f0:85:26:c9:5c:40:68:49:7b:00:86:81:a6:
c5:b0:cd:f7:23:cd:e5:29:d5:91:53:24:ef:d4:bf:37:b8:fa:
1f:57:55:8a:ff:67:06:d3:29:c2:b3:8a:2e:53:f3:07:ca:93:
93:c8:6e:5a:ac:aa:27:7c:07:52:ad:80:ca:c7:bd:31:76:4d:
8c:62:8b:9a:98:d5:c8:78:c1:62:fb:ca:28:c6:ef:5e:a3:23:
07:16:a2:b4:14:89:5d:ab:f1:06:51:36:06:18:ea:ee:9d:49:
db:c9:68:a0:d3:bb:6b:da:7a:3b:b2:35:23:28:cc:a6:1f:c2:
40:94:63:e4:d1:22:33:d3:a5:9c:5b:70:25:f1:0a:6c:d9:d1:
e6:71:5b:b0:20:7e:45:1b:b8:90:f1:29:3c:16:71:07:2b:43:
77:5a:dc:ac:4d:03:23:90:74:83:76:25:ed:6b:54:1a:b7:c6:
ce:2d:77:03
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVw8LGPIlSTkA8saXYY0JsYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjMwMTAyMDUyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzM5YTgzYTgzOTRlMWVkNjQ0NGRkY2ZkZDExMjRhMjNhZWYxN2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXSKajoiHfbeewCkso4l4U7+is3y
dWxYlVz7mK8gDOqgrDwrX7u5UVbcAAravcfyW+POgqyAgmZUHIKrudlkgKzlD2b4
r0UldSucOHdoSk2rcfWeGh0sF2sH23AZirS72FF/A3FpcD+p96e6EP1cpf6rhNnF
XJHCryeGG5HOb9zN+SibNJpEmgt+wwZOHq3qKOmwsRm61pTvaAmAdF81W8rBPUFl
GWKqI4OcwOVo3a0f0WwrhGxybrkJThmlRN7fFYC0vmiu+LLZrIbriWfT6ploRl1z
rF5EgH7SePVp9aWbJ/f2Z3urzeY6y6sV3Z261BkJJ/6Uhm513jjJICw3BwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAc5qDqDlOHtZETdz90RJKI67xfGMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvQnptb09vT1U0ZTFrUk4zUDNSRWtvanJ2RjhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBUrGKAwQA
UrGjAwQBWNxiAwQBWNy2MA0GCSqGSIb3DQEBCwUAA4IBAQA3vp4pNPRVFrpvs+/z
6aZkw//YDfGQPL+4Ty2WSC1R4UDPfsCQXFegSzJmN9pkmRVTcOITfkV0hQFyaS8y
H09NBnOw09d14k81GGH1A/CFJslcQGhJewCGgabFsM33I83lKdWRUyTv1L83uPof
V1WK/2cG0ynCs4ouU/MHypOTyG5arKonfAdSrYDKx70xdk2MYouamNXIeMFi+8oo
xu9eoyMHFqK0FIldq/EGUTYGGOrunUnbyWig07tr2no7sjUjKMymH8JAlGPk0SIz
06WcW3Al8Qps2dHmcVuwIH5FG7iQ8Sk8FnEHK0N3WtysTQMjkHSDdiXta1Qat8bO
LXcD
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:23 2025 by rpki-client