Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/fdea7c-a1bc-48a9-acd3-a003c4b61a5f/1/BBo7C1l_3GrAXOqfT-7SwffWZzE.roa
File: BBo7C1l_3GrAXOqfT-7SwffWZzE.roa (raw, json)
Hash identifier: +6TY3zTddVReikkdyuHZJ8u2dJaIsMsNWoTgNlm08Fw=
Subject key identifier: 04:1A:3B:0B:59:7F:DC:6A:C0:5C:EA:9F:4F:EE:D2:C1:F7:D6:67:31
Certificate issuer: /CN=b3aa951722a19971a44e62ca92d1c91284d12e21
Certificate serial: 01856D416DA46F75A4C4E6AAF3163231964A
Authority key identifier: B3:AA:95:17:22:A1:99:71:A4:4E:62:CA:92:D1:C9:12:84:D1:2E:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6qVFyKhmXGkTmLKktHJEoTRLiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/fdea7c-a1bc-48a9-acd3-a003c4b61a5f/1/BBo7C1l_3GrAXOqfT-7SwffWZzE.roa
Signing time: Sun 01 Jan 2023 12:14:42 +0000
ROA not before: Sun 01 Jan 2023 12:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 680
IP address blocks: 141.27.0.0/16 maxlen: 16
132.187.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:6d:a4:6f:75:a4:c4:e6:aa:f3:16:32:31:96:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3aa951722a19971a44e62ca92d1c91284d12e21
Validity
Not Before: Jan 1 12:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=041a3b0b597fdc6ac05cea9f4feed2c1f7d66731
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:d8:0e:b7:c2:21:56:7d:61:67:8c:55:81:89:
c5:da:31:85:be:5c:8a:e6:4e:da:f6:84:ee:9a:cd:
52:bc:be:d9:a5:de:b4:cf:fa:02:ac:69:19:30:9a:
f9:69:3c:8a:1a:1a:ee:45:22:1f:c9:06:b6:e6:5d:
b6:72:23:58:ef:7c:ac:5d:ed:c9:47:24:28:e1:25:
cb:f3:49:1b:0f:22:04:f6:9d:e9:f8:b4:75:f5:dc:
b0:93:09:a9:78:cd:61:dd:6f:d5:96:e1:ef:fb:89:
58:5a:7a:78:a4:c2:c4:89:98:19:c3:87:33:db:fc:
85:1f:92:6a:4e:78:6e:11:1e:84:d7:74:67:20:18:
d1:5d:11:12:6f:cf:b9:2f:3e:64:7a:1b:d2:8e:5f:
8b:3d:1f:ec:cd:b9:0a:47:66:06:f1:4a:0d:5f:39:
7c:14:15:7d:b3:a9:b7:35:cc:14:79:d1:48:35:8d:
a0:9c:f5:86:ae:88:48:71:80:6f:e6:d1:ed:fb:85:
66:c4:70:42:d2:c4:52:cf:d6:35:28:7a:1f:a6:57:
d2:4b:85:86:54:7f:a0:ef:3f:50:67:4a:ac:11:17:
7a:d6:fc:bd:b8:ab:55:68:44:a2:c3:8a:5a:0b:f7:
79:43:bc:b7:2f:12:7e:27:b2:c7:4f:b5:4f:33:e6:
f6:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:1A:3B:0B:59:7F:DC:6A:C0:5C:EA:9F:4F:EE:D2:C1:F7:D6:67:31
X509v3 Authority Key Identifier:
keyid:B3:AA:95:17:22:A1:99:71:A4:4E:62:CA:92:D1:C9:12:84:D1:2E:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6qVFyKhmXGkTmLKktHJEoTRLiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/fdea7c-a1bc-48a9-acd3-a003c4b61a5f/1/BBo7C1l_3GrAXOqfT-7SwffWZzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/fdea7c-a1bc-48a9-acd3-a003c4b61a5f/1/s6qVFyKhmXGkTmLKktHJEoTRLiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
132.187.0.0/16
141.27.0.0/16
Signature Algorithm: sha256WithRSAEncryption
80:5a:10:01:4c:65:16:2a:96:7c:50:e3:24:cf:43:fa:80:d6:
fa:cf:62:5c:e2:6a:6e:28:7f:9b:60:51:a1:de:e5:dd:84:a3:
a6:78:bf:19:01:41:74:dc:98:15:04:84:3a:28:3a:86:14:3f:
b1:d4:96:8b:22:38:5d:e3:33:92:73:d9:52:a2:64:eb:e4:e0:
0e:c1:fc:27:09:a9:be:db:10:c0:16:ec:44:90:d8:e6:ac:c1:
f8:ef:35:1e:24:4e:2a:02:42:44:b7:5a:33:22:3e:42:fb:ba:
e1:84:e4:6f:85:78:c0:f2:63:48:d7:57:dd:b6:c2:70:79:5d:
7e:13:5a:d9:25:ee:a0:37:78:f9:ac:fb:fe:e4:02:e4:34:89:
65:4a:1b:46:33:61:e4:a5:3a:2d:9d:0e:49:20:1f:62:36:d3:
20:66:4c:a6:3e:a6:88:85:b8:55:9d:87:e1:bc:71:ed:8e:f2:
96:e2:f2:34:69:50:64:ee:0c:d1:d1:bb:43:6f:1b:be:65:c1:
d4:47:c8:7b:eb:f9:bb:1c:9e:63:70:71:fc:72:72:0b:4a:d8:
ef:a6:4a:e3:d2:9d:e7:d4:72:99:fb:73:62:76:40:25:74:cf:
49:77:19:69:b3:14:64:4b:e7:24:23:ce:a8:f3:65:eb:6b:9d:
5a:4c:24:95
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAYVtQW2kb3WkxOaq8xYyMZZKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYWE5NTE3MjJhMTk5NzFhNDRlNjJjYTkyZDFjOTEyODRk
MTJlMjEwHhcNMjMwMTAxMTIxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDFhM2IwYjU5N2ZkYzZhYzA1Y2VhOWY0ZmVlZDJjMWY3ZDY2NzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9gOt8IhVn1hZ4xVgYnF2jGFvlyK
5k7a9oTums1SvL7Zpd60z/oCrGkZMJr5aTyKGhruRSIfyQa25l22ciNY73ysXe3J
RyQo4SXL80kbDyIE9p3p+LR19dywkwmpeM1h3W/VluHv+4lYWnp4pMLEiZgZw4cz
2/yFH5JqTnhuER6E13RnIBjRXRESb8+5Lz5kehvSjl+LPR/szbkKR2YG8UoNXzl8
FBV9s6m3NcwUedFINY2gnPWGrohIcYBv5tHt+4VmxHBC0sRSz9Y1KHofplfSS4WG
VH+g7z9QZ0qsERd61vy9uKtVaESiw4paC/d5Q7y3LxJ+J7LHT7VPM+b2vQIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFAQaOwtZf9xqwFzqn0/u0sH31mcxMB8GA1UdIwQY
MBaAFLOqlRcioZlxpE5iypLRyRKE0S4hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZxVkZ5S2htWEdrVG1MS2t0SEpFb1RSTGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9mZGVhN2MtYTFiYy00OGE5LWFjZDMt
YTAwM2M0YjYxYTVmLzEvQkJvN0MxbF8zR3JBWE9xZlQtN1N3ZmZXWnpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9mZGVhN2MtYTFiYy00OGE5LWFjZDMtYTAwM2M0YjYxYTVm
LzEvczZxVkZ5S2htWEdrVG1MS2t0SEpFb1RSTGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCMGCCsGAQUFBwEHAQH/BBQwEjAQBAIAATAKAwMAhLsDAwCN
GzANBgkqhkiG9w0BAQsFAAOCAQEAgFoQAUxlFiqWfFDjJM9D+oDW+s9iXOJqbih/
m2BRod7l3YSjpni/GQFBdNyYFQSEOig6hhQ/sdSWiyI4XeMzknPZUqJk6+TgDsH8
JwmpvtsQwBbsRJDY5qzB+O81HiROKgJCRLdaMyI+Qvu64YTkb4V4wPJjSNdX3bbC
cHldfhNa2SXuoDd4+az7/uQC5DSJZUobRjNh5KU6LZ0OSSAfYjbTIGZMpj6miIW4
VZ2H4bxx7Y7yluLyNGlQZO4M0dG7Q28bvmXB1EfIe+v5uxyeY3Bx/HJyC0rY76ZK
49Kd59RymftzYnZAJXTPSXcZabMUZEvnJCPOqPNl62udWkwklQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:15:45 2025 by rpki-client