Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/b15658-10b6-4041-a3da-8d3a6d165da3/1/4xnvEYH84xHsZo510tKLtVY3AUs.roa
File: 4xnvEYH84xHsZo510tKLtVY3AUs.roa (raw, json)
Hash identifier: rDLdDH/06kECwfT/AB7OLpb2EU1KmuERDjk7qlzgjBE=
Subject key identifier: E3:19:EF:11:81:FC:E3:11:EC:66:8E:75:D2:D2:8B:B5:56:37:01:4B
Certificate issuer: /CN=bfe3542dd63fed250de5cb65f6eca487e7f47847
Certificate serial: 01856EF432F968EFCAAA0A38691EDAB1E0FB
Authority key identifier: BF:E3:54:2D:D6:3F:ED:25:0D:E5:CB:65:F6:EC:A4:87:E7:F4:78:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v-NULdY_7SUN5ctl9uykh-f0eEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/b15658-10b6-4041-a3da-8d3a6d165da3/1/4xnvEYH84xHsZo510tKLtVY3AUs.roa
Signing time: Sun 01 Jan 2023 20:09:35 +0000
ROA not before: Sun 01 Jan 2023 20:09:35 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12333
IP address blocks: 193.23.0.0/23 maxlen: 23
94.143.0.0/21 maxlen: 21
5.61.224.0/21 maxlen: 21
193.23.46.0/23 maxlen: 23
195.70.0.0/19 maxlen: 19
2a00:1840::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:f4:32:f9:68:ef:ca:aa:0a:38:69:1e:da:b1:e0:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfe3542dd63fed250de5cb65f6eca487e7f47847
Validity
Not Before: Jan 1 20:09:35 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e319ef1181fce311ec668e75d2d28bb55637014b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a6:71:c9:3d:a9:64:f7:d8:e0:5d:d3:4f:b5:
8f:e2:c1:1b:8c:2b:50:ee:8e:0d:50:a2:f0:a7:18:
af:5f:59:23:3b:22:99:16:bd:a2:f8:f9:e6:85:d1:
0b:1a:bd:5c:6e:61:e0:94:96:77:d9:ea:63:86:07:
79:6a:68:86:e2:d1:2f:07:92:32:10:d3:09:77:a1:
de:66:32:f2:ff:92:68:1d:6a:bd:a2:93:ac:8a:3f:
85:60:74:75:a6:f6:36:cd:b6:57:b6:ab:71:cd:f8:
13:68:b4:91:35:a7:ef:de:1a:09:a0:17:66:6f:43:
ac:e8:08:c7:3f:3d:2e:08:ae:21:6d:e5:60:87:0d:
f2:e3:d0:15:6b:71:06:b6:1c:b6:c8:d7:37:2b:f4:
e8:14:de:a6:79:fe:0a:6e:5b:47:bf:40:ad:8f:28:
ec:bf:46:de:52:05:dd:33:89:f3:b0:c2:33:69:94:
83:e9:db:95:f1:b0:64:d5:3d:76:74:13:76:97:91:
0c:c3:c4:df:ed:be:a1:95:de:70:7d:3e:63:e1:e4:
5d:e5:e3:a4:5f:32:0d:f4:da:a6:9a:ff:a4:75:75:
38:e8:b5:8a:cc:71:90:a6:4e:79:e8:cd:cc:1d:4a:
76:3b:2c:75:a6:cb:d1:a2:3c:59:af:02:b6:8e:a4:
d9:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:19:EF:11:81:FC:E3:11:EC:66:8E:75:D2:D2:8B:B5:56:37:01:4B
X509v3 Authority Key Identifier:
keyid:BF:E3:54:2D:D6:3F:ED:25:0D:E5:CB:65:F6:EC:A4:87:E7:F4:78:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v-NULdY_7SUN5ctl9uykh-f0eEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/b15658-10b6-4041-a3da-8d3a6d165da3/1/4xnvEYH84xHsZo510tKLtVY3AUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/b15658-10b6-4041-a3da-8d3a6d165da3/1/v-NULdY_7SUN5ctl9uykh-f0eEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.224.0/21
94.143.0.0/21
193.23.0.0/23
193.23.46.0/23
195.70.0.0/19
IPv6:
2a00:1840::/32
Signature Algorithm: sha256WithRSAEncryption
3c:39:07:e0:f1:a5:21:29:ac:55:be:3c:54:ea:03:1e:53:6a:
b1:27:d8:38:35:b0:65:ea:5a:92:27:1d:a3:89:63:bc:85:58:
05:ae:d5:ed:ca:53:5f:8e:13:a7:41:33:65:30:f5:4b:ea:ad:
18:26:c7:62:0b:eb:68:d7:54:f5:6e:11:e2:3f:a9:5a:cb:f5:
d0:f0:c9:86:f8:34:fd:03:07:72:a7:a2:12:6e:ff:a3:57:59:
be:12:dc:5d:b1:2e:9e:1d:d1:ba:9b:ff:ef:37:8f:a1:56:05:
26:2b:54:a4:60:12:96:23:59:80:b8:86:2d:0e:c8:08:38:46:
46:b8:c4:bc:92:76:20:a7:78:b6:ad:c9:b7:14:1c:bf:8d:8e:
c2:ea:46:9c:04:de:7e:e0:24:2a:f6:92:9b:27:24:d6:9b:b6:
0c:53:8d:27:23:94:3c:47:cd:26:98:6d:02:a0:0a:de:c2:6e:
d1:c1:50:4a:16:7f:f9:93:6d:29:8d:98:71:ab:b9:c2:76:af:
e6:04:db:c2:a7:5d:36:88:94:4d:1d:33:f2:d2:d1:b9:26:11:
3b:0b:2b:5d:95:1e:d5:81:d1:d8:76:19:57:3d:bb:35:b6:ff:
7c:b9:cd:d1:a7:41:e4:0f:e3:7b:c3:87:79:d6:55:09:1d:a4:
7a:f1:2c:4f
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVu9DL5aO/Kqgo4aR7aseD7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZTM1NDJkZDYzZmVkMjUwZGU1Y2I2NWY2ZWNhNDg3ZTdm
NDc4NDcwHhcNMjMwMTAxMjAwOTM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzE5ZWYxMTgxZmNlMzExZWM2NjhlNzVkMmQyOGJiNTU2MzcwMTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqZxyT2pZPfY4F3TT7WP4sEbjCtQ
7o4NUKLwpxivX1kjOyKZFr2i+PnmhdELGr1cbmHglJZ32epjhgd5amiG4tEvB5Iy
ENMJd6HeZjLy/5JoHWq9opOsij+FYHR1pvY2zbZXtqtxzfgTaLSRNafv3hoJoBdm
b0Os6AjHPz0uCK4hbeVghw3y49AVa3EGthy2yNc3K/ToFN6mef4KbltHv0Ctjyjs
v0beUgXdM4nzsMIzaZSD6duV8bBk1T12dBN2l5EMw8Tf7b6hld5wfT5j4eRd5eOk
XzIN9Nqmmv+kdXU46LWKzHGQpk556M3MHUp2Oyx1psvRojxZrwK2jqTZxQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFOMZ7xGB/OMR7GaOddLSi7VWNwFLMB8GA1UdIwQY
MBaAFL/jVC3WP+0lDeXLZfbspIfn9HhHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdi1OVUxkWV83U1VONWN0bDl1eWtoLWYwZUVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9iMTU2NTgtMTBiNi00MDQxLWEzZGEt
OGQzYTZkMTY1ZGEzLzEvNHhudkVZSDg0eEhzWm81MTB0S0x0VlkzQVVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9iMTU2NTgtMTBiNi00MDQxLWEzZGEtOGQzYTZkMTY1ZGEz
LzEvdi1OVUxkWV83U1VONWN0bDl1eWtoLWYwZUVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDBT3gAwQD
Xo8AAwQBwRcAAwQBwRcuAwQFw0YAMA0EAgACMAcDBQAqABhAMA0GCSqGSIb3DQEB
CwUAA4IBAQA8OQfg8aUhKaxVvjxU6gMeU2qxJ9g4NbBl6lqSJx2jiWO8hVgFrtXt
ylNfjhOnQTNlMPVL6q0YJsdiC+to11T1bhHiP6lay/XQ8MmG+DT9Awdyp6ISbv+j
V1m+EtxdsS6eHdG6m//vN4+hVgUmK1SkYBKWI1mAuIYtDsgIOEZGuMS8knYgp3i2
rcm3FBy/jY7C6kacBN5+4CQq9pKbJyTWm7YMU40nI5Q8R80mmG0CoArewm7RwVBK
Fn/5k20pjZhxq7nCdq/mBNvCp102iJRNHTPy0tG5JhE7CytdlR7VgdHYdhlXPbs1
tv98uc3Rp0HkD+N7w4d51lUJHaR68SxP
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:37:39 2025 by rpki-client