Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/BzRo5mDr5aPuEuP-MO-A64unmW0.roa
File: BzRo5mDr5aPuEuP-MO-A64unmW0.roa (raw, json)
Hash identifier: gKCFibv795/4FBLrP1BDD/ppXo6drULxA+J4I7J88Fk=
Subject key identifier: 07:34:68:E6:60:EB:E5:A3:EE:12:E3:FE:30:EF:80:EB:8B:A7:99:6D
Certificate issuer: /CN=b630b73b51cbc5380dd4adb3d5aaff4d7a334c5e
Certificate serial: 09A3A213
Authority key identifier: B6:30:B7:3B:51:CB:C5:38:0D:D4:AD:B3:D5:AA:FF:4D:7A:33:4C:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tjC3O1HLxTgN1K2z1ar_TXozTF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/BzRo5mDr5aPuEuP-MO-A64unmW0.roa
Signing time: Tue 08 Feb 2022 20:48:26 +0000
ROA not before: Tue 08 Feb 2022 20:48:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47952
IP address blocks: 91.194.52.0/24 maxlen: 24
91.194.54.0/24 maxlen: 24
185.201.213.0/24 maxlen: 24
185.201.212.0/24 maxlen: 24
185.201.214.0/24 maxlen: 24
185.201.215.0/24 maxlen: 24
2a0a:c4c0::/29 maxlen: 64
2a0a:c4c0::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 161718803 (0x9a3a213)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b630b73b51cbc5380dd4adb3d5aaff4d7a334c5e
Validity
Not Before: Feb 8 20:48:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=073468e660ebe5a3ee12e3fe30ef80eb8ba7996d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:71:b5:bb:ff:3d:77:cb:a5:28:c1:64:16:a3:
39:24:fa:e0:cc:b5:a1:56:5c:94:c0:62:6f:35:b8:
fb:16:b8:7f:99:a4:7b:23:00:03:82:cb:49:e7:20:
6e:ca:cf:3a:9c:1e:ba:e6:05:ba:4c:e6:a0:48:29:
39:89:e6:14:1e:bd:52:07:bd:d8:6e:2e:c3:c1:47:
b9:a1:b8:bf:53:f9:d7:a4:e1:50:56:af:34:38:61:
d7:10:44:da:23:23:5f:f1:87:62:20:ef:ba:90:05:
03:04:0d:49:02:d2:7b:49:10:e2:95:88:d8:f9:d3:
cb:79:32:b9:ab:c3:10:a4:91:a3:13:f1:d8:5c:f8:
78:2a:1a:6f:63:95:fd:33:ba:a3:cf:13:af:e6:24:
9e:e6:cb:a0:95:32:50:89:76:9a:97:0d:11:04:ec:
c8:62:a5:50:2b:a5:69:47:7f:4f:7a:6e:21:fc:cd:
6d:5b:2b:c9:65:59:bd:62:ef:49:7e:0e:60:77:67:
1b:1d:cb:e1:86:a5:73:68:f2:5b:d2:82:72:54:4a:
89:02:64:0c:d9:02:91:f6:c0:53:12:fc:de:c1:5d:
69:28:2f:9d:b7:7d:bc:12:64:e5:84:e7:4c:13:06:
d0:bb:61:39:9b:d0:7e:83:ca:7e:6a:8c:64:66:18:
43:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:34:68:E6:60:EB:E5:A3:EE:12:E3:FE:30:EF:80:EB:8B:A7:99:6D
X509v3 Authority Key Identifier:
keyid:B6:30:B7:3B:51:CB:C5:38:0D:D4:AD:B3:D5:AA:FF:4D:7A:33:4C:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tjC3O1HLxTgN1K2z1ar_TXozTF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/BzRo5mDr5aPuEuP-MO-A64unmW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/tjC3O1HLxTgN1K2z1ar_TXozTF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.52.0/24
91.194.54.0/24
185.201.212.0/22
IPv6:
2a0a:c4c0::/29
Signature Algorithm: sha256WithRSAEncryption
39:c2:89:94:7f:bd:ee:18:e6:fa:b5:a5:0c:94:54:dd:f1:9d:
18:63:39:96:b4:ae:dd:a8:ab:20:2f:05:a9:68:1e:f9:a4:16:
54:34:75:55:83:d6:d4:2c:63:28:f8:e1:6d:bb:cf:f3:f4:36:
98:1a:b9:da:af:84:d4:3e:6f:ad:67:89:ee:96:28:70:69:ce:
18:86:eb:e9:fe:5f:45:a0:83:cb:32:97:2e:f3:2a:72:68:f3:
4a:f7:62:2a:b3:b9:ee:1f:b8:d3:1a:61:a0:d9:6a:21:bc:11:
1e:ae:8d:33:3b:2b:66:fb:8c:b3:0d:68:74:89:18:f6:b0:3b:
84:d4:17:75:d9:c0:ef:14:68:24:52:04:52:12:bc:9f:3f:2a:
05:6c:8f:aa:1e:28:1c:33:d8:bb:56:3f:29:5b:5e:5f:69:72:
65:0b:9e:01:94:03:92:9c:bc:83:9e:d1:09:23:c4:48:9a:9d:
ad:cd:25:4b:db:32:c4:2e:d6:e7:1a:49:3d:1c:7f:88:b9:66:
72:39:61:65:74:27:fa:c4:f1:f0:b5:6b:75:c0:ef:2f:32:d5:
4c:11:27:5c:aa:2b:4d:20:36:b6:1d:da:22:3f:52:e7:58:ef:
d1:34:f6:6c:89:50:fd:1f:21:b5:6d:55:71:6e:79:c8:3c:b6:
99:e7:57:4c
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIECaOiEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NjMwYjczYjUxY2JjNTM4MGRkNGFkYjNkNWFhZmY0ZDdhMzM0YzVlMB4XDTIyMDIw
ODIwNDgyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDczNDY4ZTY2MGVi
ZTVhM2VlMTJlM2ZlMzBlZjgwZWI4YmE3OTk2ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL1xtbv/PXfLpSjBZBajOST64My1oVZclMBibzW4+xa4f5mk
eyMAA4LLSecgbsrPOpweuuYFukzmoEgpOYnmFB69Uge92G4uw8FHuaG4v1P516Th
UFavNDhh1xBE2iMjX/GHYiDvupAFAwQNSQLSe0kQ4pWI2PnTy3kyuavDEKSRoxPx
2Fz4eCoab2OV/TO6o88Tr+YknubLoJUyUIl2mpcNEQTsyGKlUCulaUd/T3puIfzN
bVsryWVZvWLvSX4OYHdnGx3L4Yalc2jyW9KCclRKiQJkDNkCkfbAUxL83sFdaSgv
nbd9vBJk5YTnTBMG0LthOZvQfoPKfmqMZGYYQzcCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBQHNGjmYOvlo+4S4/4w74Dri6eZbTAfBgNVHSMEGDAWgBS2MLc7UcvFOA3U
rbPVqv9NejNMXjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RqQzNPMUhMeFRnTjFLMnoxYXJfVFhvelRGNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2QvNDc0OGM3LWNkOWUtNDAxZS1hOGE0LTBkNDhlNjg5NWYxMi8x
L0J6Um81bURyNWFQdUV1UC1NTy1BNjR1bm1XMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Qv
NDc0OGM3LWNkOWUtNDAxZS1hOGE0LTBkNDhlNjg5NWYxMi8xL3RqQzNPMUhMeFRn
TjFLMnoxYXJfVFhvelRGNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAFvCNAMEAFvCNgMEArnJ1DANBAIA
AjAHAwUDKgrEwDANBgkqhkiG9w0BAQsFAAOCAQEAOcKJlH+97hjm+rWlDJRU3fGd
GGM5lrSu3airIC8FqWge+aQWVDR1VYPW1CxjKPjhbbvP8/Q2mBq52q+E1D5vrWeJ
7pYocGnOGIbr6f5fRaCDyzKXLvMqcmjzSvdiKrO57h+40xphoNlqIbwRHq6NMzsr
ZvuMsw1odIkY9rA7hNQXddnA7xRoJFIEUhK8nz8qBWyPqh4oHDPYu1Y/KVteX2ly
ZQueAZQDkpy8g57RCSPESJqdrc0lS9syxC7W5xpJPRx/iLlmcjlhZXQn+sTx8LVr
dcDvLzLVTBEnXKorTSA2th3aIj9S51jv0TT2bIlQ/R8htW1VcW55yDy2medXTA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 07:24:29 2025 by rpki-client