Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/e61caa-2500-4388-a9fa-7324913975d5/1/BNDAD-T7QvlCN5SFO2-sjJKxUL4.roa
File: BNDAD-T7QvlCN5SFO2-sjJKxUL4.roa (raw, json)
Hash identifier: lJOvZs+nlQDrzlbVyiqmjSXU0GWxmd3oAsz8Mc/YunQ=
Subject key identifier: 04:D0:C0:0F:E4:FB:42:F9:42:37:94:85:3B:6F:AC:8C:92:B1:50:BE
Certificate issuer: /CN=3ee6cecffd9b8bba18d474e7b3993e0a1d14dbb3
Certificate serial: 328399A1
Authority key identifier: 3E:E6:CE:CF:FD:9B:8B:BA:18:D4:74:E7:B3:99:3E:0A:1D:14:DB:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PubOz_2bi7oY1HTns5k-Ch0U27M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/e61caa-2500-4388-a9fa-7324913975d5/1/BNDAD-T7QvlCN5SFO2-sjJKxUL4.roa
Signing time: Sat 01 Jan 2022 13:55:58 +0000
ROA not before: Sat 01 Jan 2022 13:55:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12301
IP address blocks: 194.246.4.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 847485345 (0x328399a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ee6cecffd9b8bba18d474e7b3993e0a1d14dbb3
Validity
Not Before: Jan 1 13:55:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=04d0c00fe4fb42f9423794853b6fac8c92b150be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:51:c9:f7:43:2d:4a:04:82:17:a4:cf:cb:c9:
5f:ac:69:81:c7:38:6a:d1:8a:01:51:66:ed:d0:1c:
9f:e6:69:05:43:5d:b8:40:00:b8:1f:56:14:94:a2:
38:24:b5:6b:f2:ea:ce:d5:21:4c:e9:0c:6d:87:9c:
04:70:da:e5:d7:12:2d:66:ca:fa:1d:15:dd:7e:2d:
2f:cf:d6:ae:f7:2a:9a:8a:5d:7e:53:85:14:cc:d4:
69:04:47:e3:5a:b2:07:2f:1f:66:71:bf:88:38:d6:
69:94:9c:88:6c:84:dc:e7:20:71:04:03:98:d0:b2:
59:49:78:d0:9f:d0:91:7c:6b:aa:e7:ea:f3:25:57:
a8:f5:be:8d:91:1f:7c:b4:1e:87:0c:19:9f:39:4d:
27:28:2b:c6:41:5b:84:8b:bd:2f:49:5b:89:d0:ae:
25:99:78:c6:4b:ef:66:2d:d4:17:bd:73:d5:7e:c7:
c3:1b:f3:4c:5a:09:7f:73:5f:5f:af:7c:1e:1c:d2:
85:68:2c:e4:0b:71:81:96:7d:fb:1a:09:f4:ea:29:
65:4b:b1:05:c8:4a:48:c5:93:7e:79:95:ab:5d:94:
a1:c0:9e:63:b7:6e:a8:57:d4:bd:a0:b4:79:db:06:
aa:08:3e:47:85:58:35:ee:7a:1c:55:10:be:c1:b8:
13:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:D0:C0:0F:E4:FB:42:F9:42:37:94:85:3B:6F:AC:8C:92:B1:50:BE
X509v3 Authority Key Identifier:
keyid:3E:E6:CE:CF:FD:9B:8B:BA:18:D4:74:E7:B3:99:3E:0A:1D:14:DB:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PubOz_2bi7oY1HTns5k-Ch0U27M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e61caa-2500-4388-a9fa-7324913975d5/1/BNDAD-T7QvlCN5SFO2-sjJKxUL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e61caa-2500-4388-a9fa-7324913975d5/1/PubOz_2bi7oY1HTns5k-Ch0U27M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.246.4.0/24
Signature Algorithm: sha256WithRSAEncryption
32:c7:e5:78:14:39:c2:8c:d8:cf:1b:c1:e1:8f:a1:0e:16:de:
12:86:f9:6c:71:ec:18:fe:91:da:57:72:77:e2:82:71:4e:80:
2b:4b:26:a9:91:14:18:f6:64:f7:61:c0:e6:e4:f5:c9:7e:b7:
92:26:37:61:ae:17:31:ad:1b:43:37:50:d7:40:bd:84:a6:07:
46:a7:a8:7e:be:7a:c0:3f:d1:17:a8:33:0a:45:90:41:a2:e2:
b1:99:58:99:87:bf:ad:5b:5b:08:9f:36:1c:f1:d3:d3:78:aa:
2e:86:63:dc:73:9e:d0:b6:8a:cb:46:af:2a:03:de:e0:0b:51:
1f:3c:3e:98:f4:28:c7:d4:45:4c:dd:6c:c1:c2:01:d0:cd:c3:
ac:f6:ec:2e:ef:47:ff:13:19:1e:de:1e:5c:cf:f0:fe:ed:72:
ae:b1:3b:fc:6f:01:51:f1:76:9f:f8:b1:17:21:81:d6:ea:b4:
73:62:0b:9a:ff:0d:04:17:b4:20:bb:3b:8c:95:a8:88:55:62:
0c:0e:87:53:9e:99:11:67:7e:9c:a0:55:fe:4b:b1:91:cf:b6:
45:d1:2c:10:cd:b9:e9:a9:92:87:f9:73:cd:79:99:dc:51:68:
8b:3d:49:30:a7:3c:5c:0e:33:a0:dd:d2:ba:2d:fd:1d:b2:70:
2e:c3:cc:5b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEMoOZoTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZWU2Y2VjZmZkOWI4YmJhMThkNDc0ZTdiMzk5M2UwYTFkMTRkYmIzMB4XDTIyMDEw
MTEzNTU1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDRkMGMwMGZlNGZi
NDJmOTQyMzc5NDg1M2I2ZmFjOGM5MmIxNTBiZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALlRyfdDLUoEghekz8vJX6xpgcc4atGKAVFm7dAcn+ZpBUNd
uEAAuB9WFJSiOCS1a/LqztUhTOkMbYecBHDa5dcSLWbK+h0V3X4tL8/Wrvcqmopd
flOFFMzUaQRH41qyBy8fZnG/iDjWaZSciGyE3OcgcQQDmNCyWUl40J/QkXxrqufq
8yVXqPW+jZEffLQehwwZnzlNJygrxkFbhIu9L0lbidCuJZl4xkvvZi3UF71z1X7H
wxvzTFoJf3NfX698HhzShWgs5AtxgZZ9+xoJ9OopZUuxBchKSMWTfnmVq12UocCe
Y7duqFfUvaC0edsGqgg+R4VYNe56HFUQvsG4EykCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQE0MAP5PtC+UI3lIU7b6yMkrFQvjAfBgNVHSMEGDAWgBQ+5s7P/ZuLuhjU
dOezmT4KHRTbszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1B1Yk96XzJiaTdvWTFIVG5zNWstQ2gwVTI3TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjkvZTYxY2FhLTI1MDAtNDM4OC1hOWZhLTczMjQ5MTM5NzVkNS8x
L0JOREFELVQ3UXZsQ041U0ZPMi1zakpLeFVMNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjkv
ZTYxY2FhLTI1MDAtNDM4OC1hOWZhLTczMjQ5MTM5NzVkNS8xL1B1Yk96XzJiaTdv
WTFIVG5zNWstQ2gwVTI3TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAML2BDANBgkqhkiG9w0BAQsFAAOC
AQEAMsfleBQ5wozYzxvB4Y+hDhbeEob5bHHsGP6R2ldyd+KCcU6AK0smqZEUGPZk
92HA5uT1yX63kiY3Ya4XMa0bQzdQ10C9hKYHRqeofr56wD/RF6gzCkWQQaLisZlY
mYe/rVtbCJ82HPHT03iqLoZj3HOe0LaKy0avKgPe4AtRHzw+mPQox9RFTN1swcIB
0M3DrPbsLu9H/xMZHt4eXM/w/u1yrrE7/G8BUfF2n/ixFyGB1uq0c2ILmv8NBBe0
ILs7jJWoiFViDA6HU56ZEWd+nKBV/kuxkc+2RdEsEM256amSh/lzzXmZ3FFoiz1J
MKc8XA4zoN3Sui39HbJwLsPMWw==
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:31:03 2025 by rpki-client