Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/bH5VZ0bevZoWrx2JD9fP5qGmY5U.roa
File: bH5VZ0bevZoWrx2JD9fP5qGmY5U.roa (raw, json)
Hash identifier: KqGGPaMGpujEHKHzBFBqDCKYIaBHHuuUURQrEoMFbAo=
Subject key identifier: 6C:7E:55:67:46:DE:BD:9A:16:AF:1D:89:0F:D7:CF:E6:A1:A6:63:95
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 4188F30D
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/bH5VZ0bevZoWrx2JD9fP5qGmY5U.roa
Signing time: Sat 01 Jan 2022 10:05:57 +0000
ROA not before: Sat 01 Jan 2022 10:05:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9050
IP address blocks: 94.176.164.0/23 maxlen: 24
94.177.107.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1099494157 (0x4188f30d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 1 10:05:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6c7e556746debd9a16af1d890fd7cfe6a1a66395
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e4:21:3f:b6:b1:7b:59:f8:ba:9a:d9:01:ac:
bd:b6:2d:46:7b:b1:c0:68:2c:d9:74:17:73:37:c4:
ab:16:86:d0:ad:5f:d0:df:1f:55:c5:a2:ea:0e:f0:
ae:76:3d:1a:c1:4c:70:e9:04:55:6f:c2:06:67:7b:
95:45:8b:22:e1:f4:84:de:e1:cc:be:e3:1f:c3:f7:
fb:83:ed:d2:f4:3a:62:ca:33:dc:eb:7c:19:fe:9b:
ca:64:e9:da:2a:fd:b7:18:51:2e:e9:97:fd:0b:6a:
06:d8:19:db:62:41:b4:0b:82:86:35:15:7d:f5:55:
87:61:4a:dd:75:2f:49:b6:29:fc:80:4f:5b:4f:0c:
c4:79:b3:38:6f:75:cb:da:71:5e:10:7b:dd:60:c3:
98:56:5b:76:ac:ac:4d:93:dd:2a:4a:d1:15:90:bb:
2f:0b:b6:2e:b1:e6:fd:79:97:e3:85:f3:a0:81:3d:
d7:12:6b:88:15:6b:31:a3:93:6b:e7:0a:cf:c7:1c:
7e:12:64:2b:c0:dd:b7:c9:42:8e:73:05:b6:45:1a:
68:3b:28:b4:9f:86:d0:0f:46:9d:42:92:b2:4c:01:
42:87:85:b0:5d:99:c0:b3:6d:0b:3b:6e:29:a0:a2:
0c:5c:ba:6a:c4:ca:0f:e2:90:f5:e4:66:f1:33:47:
19:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:7E:55:67:46:DE:BD:9A:16:AF:1D:89:0F:D7:CF:E6:A1:A6:63:95
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/bH5VZ0bevZoWrx2JD9fP5qGmY5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.176.164.0/23
94.177.107.0/24
Signature Algorithm: sha256WithRSAEncryption
41:ed:4d:c8:65:60:20:7d:0b:5f:f4:70:19:d7:62:e3:ab:86:
f5:bb:b5:56:56:59:30:91:6c:60:82:79:02:ca:ee:4b:17:7e:
83:41:fd:3c:26:30:e4:46:7f:69:c4:fe:8d:4b:2c:ae:a0:6f:
a1:2b:51:1c:d5:28:e0:c5:df:94:10:b5:31:ff:bc:b3:7d:70:
3e:aa:72:cd:a1:27:0e:91:23:68:1a:10:7a:ec:0f:7e:f5:9c:
22:61:33:9b:2b:61:15:2e:6e:c9:3f:fe:fa:d4:42:61:25:03:
d7:dd:af:1c:72:07:11:8f:f8:7e:70:76:47:1b:f6:65:de:9c:
ea:28:df:b4:19:66:e3:13:f6:32:51:b7:0c:e8:67:ff:72:58:
74:6e:51:ab:25:6e:b0:77:ae:30:07:83:3f:1e:5b:b0:f9:b4:
d0:05:56:c0:85:47:8e:fb:78:ca:d6:30:f5:be:e2:a0:e9:88:
1c:80:13:c0:91:60:8a:02:a4:81:b9:e3:95:27:02:ee:9e:d0:
0f:81:f0:08:17:d9:c9:40:5e:84:9a:bd:4d:f5:be:33:67:c0:
22:5e:84:f1:b3:26:70:68:44:08:88:ce:0a:41:13:f2:de:d8:
39:c4:50:d0:e8:e1:da:9d:7d:80:8d:4f:f1:5a:f0:26:1b:c7:
c2:c3:32:af
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEQYjzDTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OGU2MjYzNGUxYmQ1MTMzYTlkZTQ1MTJhZTk4Y2FkMWIyMjE5YjU5MB4XDTIyMDEw
MTEwMDU1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmM3ZTU1Njc0NmRl
YmQ5YTE2YWYxZDg5MGZkN2NmZTZhMWE2NjM5NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKTkIT+2sXtZ+Lqa2QGsvbYtRnuxwGgs2XQXczfEqxaG0K1f
0N8fVcWi6g7wrnY9GsFMcOkEVW/CBmd7lUWLIuH0hN7hzL7jH8P3+4Pt0vQ6Ysoz
3Ot8Gf6bymTp2ir9txhRLumX/QtqBtgZ22JBtAuChjUVffVVh2FK3XUvSbYp/IBP
W08MxHmzOG91y9pxXhB73WDDmFZbdqysTZPdKkrRFZC7Lwu2LrHm/XmX44XzoIE9
1xJriBVrMaOTa+cKz8ccfhJkK8Ddt8lCjnMFtkUaaDsotJ+G0A9GnUKSskwBQoeF
sF2ZwLNtCztuKaCiDFy6asTKD+KQ9eRm8TNHGWUCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBRsflVnRt69mhavHYkP18/moaZjlTAfBgNVHSMEGDAWgBT45iY04b1RM6ne
RRKumMrRsiGbWTAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzc4L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEv
MS9iSDVWWjBiZXZab1dyeDJKRDlmUDVxR21ZNVUucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc4
L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYzMzEvMS8xLU9ZbU5PRzlV
VE9wM2tVU3JwakswYklobTFrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBXrCkAwQAXrFrMA0GCSqGSIb3
DQEBCwUAA4IBAQBB7U3IZWAgfQtf9HAZ12Ljq4b1u7VWVlkwkWxggnkCyu5LF36D
Qf08JjDkRn9pxP6NSyyuoG+hK1Ec1Sjgxd+UELUx/7yzfXA+qnLNoScOkSNoGhB6
7A9+9ZwiYTObK2EVLm7JP/761EJhJQPX3a8ccgcRj/h+cHZHG/Zl3pzqKN+0GWbj
E/YyUbcM6Gf/clh0blGrJW6wd64wB4M/Hluw+bTQBVbAhUeO+3jK1jD1vuKg6Ygc
gBPAkWCKAqSBueOVJwLuntAPgfAIF9nJQF6Emr1N9b4zZ8AiXoTxsyZwaEQIiM4K
QRPy3tg5xFDQ6OHanX2AjU/xWvAmG8fCwzKv
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:02 2025 by rpki-client