Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/2f98cb-6d94-48a1-8dba-d646767c5f13/1/bu6XD75Vh1B9KIfIvpD1I9Q3v7k.roa
File: bu6XD75Vh1B9KIfIvpD1I9Q3v7k.roa (raw, json)
Hash identifier: zrYYUhSHNPoxdHHh6tQL1fc3l6/mlBh00J7It1+oEsA=
Subject key identifier: 6E:EE:97:0F:BE:55:87:50:7D:28:87:C8:BE:90:F5:23:D4:37:BF:B9
Certificate issuer: /CN=6dfc1438ee0815a9bf8b73f9a7ced094f21ac79e
Certificate serial: 0186B742E8A54E1CCA81F73495212034583B
Authority key identifier: 6D:FC:14:38:EE:08:15:A9:BF:8B:73:F9:A7:CE:D0:94:F2:1A:C7:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bfwUOO4IFam_i3P5p87QlPIax54.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/2f98cb-6d94-48a1-8dba-d646767c5f13/1/bu6XD75Vh1B9KIfIvpD1I9Q3v7k.roa
Signing time: Mon 06 Mar 2023 14:11:00 +0000
ROA not before: Mon 06 Mar 2023 14:11:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43256
IP address blocks: 217.171.91.0/24 maxlen: 24
217.171.90.0/24 maxlen: 24
217.171.89.0/24 maxlen: 24
217.171.88.0/24 maxlen: 24
31.209.130.0/24 maxlen: 24
31.209.129.0/24 maxlen: 24
31.209.133.0/24 maxlen: 24
31.209.135.0/24 maxlen: 24
31.209.134.0/24 maxlen: 24
217.171.93.0/24 maxlen: 24
217.171.92.0/24 maxlen: 24
217.171.94.0/24 maxlen: 24
217.171.95.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b7:42:e8:a5:4e:1c:ca:81:f7:34:95:21:20:34:58:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6dfc1438ee0815a9bf8b73f9a7ced094f21ac79e
Validity
Not Before: Mar 6 14:11:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6eee970fbe5587507d2887c8be90f523d437bfb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:9e:54:e0:e8:59:60:53:f4:d6:3a:a1:dd:8e:
a6:fe:a7:85:d8:bd:64:b0:4a:85:07:b9:22:f5:c7:
2a:4f:88:1b:90:1d:12:eb:bf:85:8a:cf:e6:ec:69:
02:49:22:66:d6:0f:4e:f7:89:17:2c:50:7f:15:aa:
4d:41:8e:09:d4:d7:f4:c2:49:a3:bb:18:cb:3d:ea:
b6:cf:40:55:4c:9a:dc:24:85:12:05:b2:ed:07:23:
17:e7:4b:6d:4f:3c:0d:b8:87:91:95:01:8b:95:52:
8b:7d:6c:e3:91:96:44:96:f3:1a:8f:17:34:f6:b6:
fe:d0:0b:16:9e:ff:53:66:07:e6:1d:29:f4:78:59:
ca:45:26:11:6f:5e:61:b2:51:c6:a1:c7:d8:84:c8:
e2:45:b3:db:22:a7:2d:4d:4d:2c:70:18:bd:8f:d5:
b9:32:7d:95:61:8b:4d:35:cd:f7:93:ab:79:53:a0:
c1:98:b3:8c:dc:74:9f:e5:40:b8:a2:d7:1b:b7:c9:
82:51:8b:88:05:08:a2:13:2e:49:94:cc:91:96:ab:
b9:81:90:63:b4:00:ee:75:15:e9:21:62:92:43:1a:
59:50:df:ad:da:72:a3:87:58:db:04:fe:4d:0f:32:
29:3b:31:af:58:83:4b:50:bc:cc:06:ce:e0:93:7f:
ad:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:EE:97:0F:BE:55:87:50:7D:28:87:C8:BE:90:F5:23:D4:37:BF:B9
X509v3 Authority Key Identifier:
keyid:6D:FC:14:38:EE:08:15:A9:BF:8B:73:F9:A7:CE:D0:94:F2:1A:C7:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bfwUOO4IFam_i3P5p87QlPIax54.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2f98cb-6d94-48a1-8dba-d646767c5f13/1/bu6XD75Vh1B9KIfIvpD1I9Q3v7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2f98cb-6d94-48a1-8dba-d646767c5f13/1/bfwUOO4IFam_i3P5p87QlPIax54.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.209.129.0-31.209.130.255
31.209.133.0-31.209.135.255
217.171.88.0/21
Signature Algorithm: sha256WithRSAEncryption
8b:29:64:a8:6d:dd:ab:3e:56:44:fb:59:00:e5:69:48:8e:1f:
12:cc:ac:48:c7:69:1b:d3:72:b0:77:79:f1:49:e0:33:55:97:
cf:7d:9c:b6:70:44:1a:16:93:0c:17:3e:29:cb:76:b0:d2:f1:
78:9f:19:04:42:24:92:e5:af:93:ca:44:5e:52:f7:64:7f:57:
51:84:59:05:ef:93:cb:eb:f6:ee:2e:67:4f:e2:8a:06:7c:d8:
46:6b:30:12:73:a2:9f:05:82:ca:5e:6a:74:bb:d8:d8:b2:0b:
3a:7c:f4:e1:97:52:1d:0b:66:eb:8a:cb:06:f6:a1:5b:60:c8:
c2:78:cd:2e:f9:7e:0e:06:73:11:63:af:35:0e:c8:b1:59:02:
b9:a4:1c:9f:31:5d:e3:94:d0:ee:69:d3:67:b3:f0:23:d1:dd:
99:b0:4c:a6:4a:1d:6c:12:fd:a5:7a:27:d5:7f:d5:50:e0:01:
4f:59:a0:17:31:a4:d5:d4:c4:99:98:be:87:eb:f7:37:db:07:
07:73:a3:ca:28:e7:74:32:f2:f0:59:7c:b6:57:74:03:10:dc:
35:dc:4e:6b:20:02:43:3f:64:12:de:e4:22:5f:13:b8:40:1b:
39:b6:b9:68:dc:0a:c7:06:44:de:05:77:45:ea:5f:37:90:8d:
10:82:2e:70
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYa3QuilThzKgfc0lSEgNFg7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZmMxNDM4ZWUwODE1YTliZjhiNzNmOWE3Y2VkMDk0ZjIx
YWM3OWUwHhcNMjMwMzA2MTQxMTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWVlOTcwZmJlNTU4NzUwN2QyODg3YzhiZTkwZjUyM2Q0MzdiZmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJ5U4OhZYFP01jqh3Y6m/qeF2L1k
sEqFB7ki9ccqT4gbkB0S67+Fis/m7GkCSSJm1g9O94kXLFB/FapNQY4J1Nf0wkmj
uxjLPeq2z0BVTJrcJIUSBbLtByMX50ttTzwNuIeRlQGLlVKLfWzjkZZElvMajxc0
9rb+0AsWnv9TZgfmHSn0eFnKRSYRb15hslHGocfYhMjiRbPbIqctTU0scBi9j9W5
Mn2VYYtNNc33k6t5U6DBmLOM3HSf5UC4otcbt8mCUYuIBQiiEy5JlMyRlqu5gZBj
tADudRXpIWKSQxpZUN+t2nKjh1jbBP5NDzIpOzGvWINLULzMBs7gk3+tIQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFG7ulw++VYdQfSiHyL6Q9SPUN7+5MB8GA1UdIwQY
MBaAFG38FDjuCBWpv4tz+afO0JTyGseeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmZ3VU9PNElGYW1faTNQNXA4N1FsUElheDU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8yZjk4Y2ItNmQ5NC00OGExLThkYmEt
ZDY0Njc2N2M1ZjEzLzEvYnU2WEQ3NVZoMUI5S0lmSXZwRDFJOVEzdjdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8yZjk4Y2ItNmQ5NC00OGExLThkYmEtZDY0Njc2N2M1ZjEz
LzEvYmZ3VU9PNElGYW1faTNQNXA4N1FsUElheDU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAAf0YED
BAAf0YIwDAMEAB/RhQMEAx/RgAMEA9mrWDANBgkqhkiG9w0BAQsFAAOCAQEAiylk
qG3dqz5WRPtZAOVpSI4fEsysSMdpG9NysHd58UngM1WXz32ctnBEGhaTDBc+Kct2
sNLxeJ8ZBEIkkuWvk8pEXlL3ZH9XUYRZBe+Ty+v27i5nT+KKBnzYRmswEnOinwWC
yl5qdLvY2LILOnz04ZdSHQtm64rLBvahW2DIwnjNLvl+DgZzEWOvNQ7IsVkCuaQc
nzFd45TQ7mnTZ7PwI9HdmbBMpkodbBL9pXon1X/VUOABT1mgFzGk1dTEmZi+h+v3
N9sHB3OjyijndDLy8Fl8tld0AxDcNdxOayACQz9kEt7kIl8TuEAbOba5aNwKxwZE
3gV3RepfN5CNEIIucA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:21 2025 by rpki-client