Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/b15658-10b6-4041-a3da-8d3a6d165da3/1/byL0jhCxU9XvURzH3GDykSIr4Jc.roa
File: byL0jhCxU9XvURzH3GDykSIr4Jc.roa (raw, json)
Hash identifier: l6Zr2zvAifvBshsnnpXOqb2qeoGAMQ5RHc9kHwLPIEw=
Subject key identifier: 6F:22:F4:8E:10:B1:53:D5:EF:51:1C:C7:DC:60:F2:91:22:2B:E0:97
Certificate issuer: /CN=bfe3542dd63fed250de5cb65f6eca487e7f47847
Certificate serial: 37FA2874
Authority key identifier: BF:E3:54:2D:D6:3F:ED:25:0D:E5:CB:65:F6:EC:A4:87:E7:F4:78:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v-NULdY_7SUN5ctl9uykh-f0eEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/b15658-10b6-4041-a3da-8d3a6d165da3/1/byL0jhCxU9XvURzH3GDykSIr4Jc.roa
Signing time: Sat 01 Jan 2022 03:51:10 +0000
ROA not before: Sat 01 Jan 2022 03:51:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12333
IP address blocks: 193.23.0.0/23 maxlen: 23
94.143.0.0/21 maxlen: 21
5.61.224.0/21 maxlen: 21
193.23.46.0/23 maxlen: 23
195.70.0.0/19 maxlen: 19
2a00:1840::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 939141236 (0x37fa2874)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfe3542dd63fed250de5cb65f6eca487e7f47847
Validity
Not Before: Jan 1 03:51:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6f22f48e10b153d5ef511cc7dc60f291222be097
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:76:20:21:e6:e9:c5:ac:1e:28:3b:50:d9:86:
0e:1c:2b:f1:ba:9d:0c:fd:cd:d8:89:d4:a8:49:d7:
1b:5a:d6:bd:61:6e:b2:d5:cf:0e:45:f1:84:71:c5:
27:cd:d8:ee:c0:ab:3b:44:da:a8:9b:b2:e7:39:c0:
86:07:74:c2:60:8a:0b:80:28:5d:81:f8:d6:94:b3:
92:9d:79:66:a6:2d:17:de:2d:15:31:3d:09:cc:1a:
be:77:f7:2c:b9:7b:e0:ab:e9:4c:fc:41:b3:c3:91:
12:2d:4d:39:13:a1:0b:f0:4b:af:a9:d6:f5:e6:78:
45:e7:31:c9:e5:c5:b3:2b:01:1e:6d:7f:eb:6e:c9:
57:bf:1f:37:fc:44:a0:7b:a2:78:93:2f:6f:8d:2d:
8a:6d:cf:8c:17:6c:c2:b2:2c:88:ae:53:03:8d:e7:
64:54:ad:ed:34:e1:44:00:dd:cd:80:6a:15:34:72:
00:3b:ee:03:7e:75:be:9c:05:1b:3a:ff:fa:56:d5:
29:23:66:82:34:41:d1:85:9a:d8:c5:d4:6f:2e:97:
82:35:f5:bc:7f:75:ca:87:9a:0b:71:f1:db:69:fd:
c7:4d:99:d5:4d:8f:32:43:0a:7a:b6:2c:63:c0:56:
22:a2:bf:b4:d7:e0:91:a9:cf:92:27:b9:b9:f5:a6:
a8:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:22:F4:8E:10:B1:53:D5:EF:51:1C:C7:DC:60:F2:91:22:2B:E0:97
X509v3 Authority Key Identifier:
keyid:BF:E3:54:2D:D6:3F:ED:25:0D:E5:CB:65:F6:EC:A4:87:E7:F4:78:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v-NULdY_7SUN5ctl9uykh-f0eEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/b15658-10b6-4041-a3da-8d3a6d165da3/1/byL0jhCxU9XvURzH3GDykSIr4Jc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/b15658-10b6-4041-a3da-8d3a6d165da3/1/v-NULdY_7SUN5ctl9uykh-f0eEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.224.0/21
94.143.0.0/21
193.23.0.0/23
193.23.46.0/23
195.70.0.0/19
IPv6:
2a00:1840::/32
Signature Algorithm: sha256WithRSAEncryption
04:8e:7d:3a:7d:8e:52:b7:3f:e3:50:25:ac:f7:5f:29:ea:31:
85:b6:f9:cc:9e:2e:f1:fb:f6:bf:12:d2:52:ff:1c:64:c7:97:
f0:ed:f7:db:c6:0a:17:bd:17:5e:98:01:2b:1a:a5:0e:6a:18:
2d:65:e4:56:b6:0c:81:95:71:e3:94:b9:29:34:82:e0:2e:ac:
af:13:59:1c:73:5b:ff:73:d5:3e:cf:c4:86:27:fb:c4:5e:06:
8b:f6:f3:d0:74:9d:32:d7:73:13:5c:d7:5d:ec:87:ef:10:91:
ef:17:59:ad:7b:01:65:ee:2e:df:ac:91:d5:c8:10:53:36:ae:
bd:70:4b:23:e4:18:a0:62:66:cc:b2:7e:c9:a3:ae:f6:4c:de:
be:bc:ab:3d:28:9c:51:77:d0:42:00:b0:3d:4a:7f:9d:1e:6c:
b6:2d:cc:7e:d3:30:26:f3:ba:8c:f8:81:d7:18:f2:14:d6:e5:
db:80:81:e4:4a:d7:5e:df:ee:e4:7d:66:df:17:2a:29:95:49:
42:4b:a4:31:7c:8c:79:8e:3f:65:d5:b3:eb:1a:1a:9e:42:5b:
d2:48:dd:81:26:cc:62:d8:0f:0d:3a:04:52:d4:6b:98:c4:09:
6f:9d:ef:8c:59:f7:a3:00:3d:58:92:75:62:f5:80:9d:86:e0:
e5:27:0e:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEN/oodDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZmUzNTQyZGQ2M2ZlZDI1MGRlNWNiNjVmNmVjYTQ4N2U3ZjQ3ODQ3MB4XDTIyMDEw
MTAzNTExMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmYyMmY0OGUxMGIx
NTNkNWVmNTExY2M3ZGM2MGYyOTEyMjJiZTA5NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKR2ICHm6cWsHig7UNmGDhwr8bqdDP3N2InUqEnXG1rWvWFu
stXPDkXxhHHFJ83Y7sCrO0TaqJuy5znAhgd0wmCKC4AoXYH41pSzkp15ZqYtF94t
FTE9Ccwavnf3LLl74KvpTPxBs8OREi1NOROhC/BLr6nW9eZ4RecxyeXFsysBHm1/
627JV78fN/xEoHuieJMvb40tim3PjBdswrIsiK5TA43nZFSt7TThRADdzYBqFTRy
ADvuA351vpwFGzr/+lbVKSNmgjRB0YWa2MXUby6XgjX1vH91yoeaC3Hx22n9x02Z
1U2PMkMKerYsY8BWIqK/tNfgkanPkie5ufWmqLMCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBRvIvSOELFT1e9RHMfcYPKRIivglzAfBgNVHSMEGDAWgBS/41Qt1j/tJQ3l
y2X27KSH5/R4RzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3YtTlVMZFlfN1NVTjVjdGw5dXlraC1mMGVFYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzIvYjE1NjU4LTEwYjYtNDA0MS1hM2RhLThkM2E2ZDE2NWRhMy8x
L2J5TDBqaEN4VTlYdlVSekgzR0R5a1NJcjRKYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzIv
YjE1NjU4LTEwYjYtNDA0MS1hM2RhLThkM2E2ZDE2NWRhMy8xL3YtTlVMZFlfN1NV
TjVjdGw5dXlraC1mMGVFYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAwU94AMEA16PAAMEAcEXAAMEAcEX
LgMEBcNGADANBAIAAjAHAwUAKgAYQDANBgkqhkiG9w0BAQsFAAOCAQEABI59On2O
Urc/41AlrPdfKeoxhbb5zJ4u8fv2vxLSUv8cZMeX8O3328YKF70XXpgBKxqlDmoY
LWXkVrYMgZVx45S5KTSC4C6srxNZHHNb/3PVPs/Ehif7xF4Gi/bz0HSdMtdzE1zX
XeyH7xCR7xdZrXsBZe4u36yR1cgQUzauvXBLI+QYoGJmzLJ+yaOu9kzevryrPSic
UXfQQgCwPUp/nR5sti3MftMwJvO6jPiB1xjyFNbl24CB5ErXXt/u5H1m3xcqKZVJ
QkukMXyMeY4/ZdWz6xoankJb0kjdgSbMYtgPDToEUtRrmMQJb53vjFn3owA9WJJ1
YvWAnYbg5ScOKA==
-----END CERTIFICATE-----
Generated at Tue Apr 22 16:05:13 2025 by rpki-client