Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/46d903-afda-421b-8a61-07ee242e136d/1/BmxiKU3UllNS9M7Sf7mrjC576UQ.roa
File: BmxiKU3UllNS9M7Sf7mrjC576UQ.roa (raw, json)
Hash identifier: soq78Nm7uPDrsJCwp/PZdu8X5CtIitoKBLySTccOo40=
Subject key identifier: 06:6C:62:29:4D:D4:96:53:52:F4:CE:D2:7F:B9:AB:8C:2E:7B:E9:44
Certificate issuer: /CN=965135dd42519fdda3dd3fdaa9db3357815fad75
Certificate serial: 01856F4B50DAB7CFBC47DD5DDDCD11FC310F
Authority key identifier: 96:51:35:DD:42:51:9F:DD:A3:DD:3F:DA:A9:DB:33:57:81:5F:AD:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/llE13UJRn92j3T_aqdszV4FfrXU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/46d903-afda-421b-8a61-07ee242e136d/1/BmxiKU3UllNS9M7Sf7mrjC576UQ.roa
Signing time: Sun 01 Jan 2023 21:44:44 +0000
ROA not before: Sun 01 Jan 2023 21:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212549
IP address blocks: 185.203.89.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:50:da:b7:cf:bc:47:dd:5d:dd:cd:11:fc:31:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=965135dd42519fdda3dd3fdaa9db3357815fad75
Validity
Not Before: Jan 1 21:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=066c62294dd4965352f4ced27fb9ab8c2e7be944
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ed:c6:c8:1b:3b:9a:0e:71:00:2d:9e:47:07:
69:8d:5b:3b:2e:0b:32:61:53:7f:dd:4b:3f:a7:31:
e9:fd:14:ce:07:ad:8b:5f:8c:d4:56:f3:d1:12:0e:
eb:18:94:75:15:4d:93:76:8d:1c:46:36:8d:ec:b7:
72:62:91:eb:a9:85:69:0b:10:44:7a:29:83:e8:03:
b6:13:01:62:39:0c:fe:46:a4:8d:57:bf:8f:ee:e9:
2a:fb:54:82:e6:ce:2e:1f:fe:1d:79:84:d4:e6:45:
5f:73:99:8b:4e:99:8d:4d:5b:9c:03:56:7d:40:1e:
f1:b4:71:a1:75:91:27:b6:15:99:c4:e5:34:f4:18:
b8:d7:71:a5:7a:40:f3:1d:52:22:56:69:32:97:24:
d2:3b:7e:49:f7:d8:7e:c3:c7:92:2c:21:dc:fe:fb:
4d:0b:c2:2b:ae:11:2f:68:64:41:c6:6f:d4:00:3b:
b8:c2:c6:32:2d:d8:f2:a6:6e:b1:c8:9d:cc:2f:ae:
56:59:54:36:c3:13:2a:a8:b6:8d:7e:17:f8:25:d4:
0b:65:1f:aa:25:ca:90:3e:a5:0b:8f:fe:76:58:0d:
83:90:74:9f:0d:0c:76:9e:78:30:04:1e:bf:78:0b:
48:46:a8:fe:32:ba:e3:94:e9:0a:79:44:00:9a:92:
cb:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:6C:62:29:4D:D4:96:53:52:F4:CE:D2:7F:B9:AB:8C:2E:7B:E9:44
X509v3 Authority Key Identifier:
keyid:96:51:35:DD:42:51:9F:DD:A3:DD:3F:DA:A9:DB:33:57:81:5F:AD:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/llE13UJRn92j3T_aqdszV4FfrXU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/46d903-afda-421b-8a61-07ee242e136d/1/BmxiKU3UllNS9M7Sf7mrjC576UQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/46d903-afda-421b-8a61-07ee242e136d/1/llE13UJRn92j3T_aqdszV4FfrXU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.203.89.0/24
Signature Algorithm: sha256WithRSAEncryption
36:25:59:9c:28:2f:79:70:0d:e4:21:ea:0e:c4:ab:41:fb:bd:
3f:6f:83:38:83:b7:9f:96:0e:89:4a:bc:5c:72:6f:df:e3:9d:
da:01:26:ef:4a:93:3d:c1:b1:29:6c:cb:d7:34:d5:9c:16:5f:
08:48:3c:7a:5e:cd:ed:5b:9c:2b:59:a5:29:79:47:19:4a:d7:
4c:e0:f3:c6:eb:6f:77:da:97:21:86:bf:18:bb:dd:7a:06:ac:
3d:e0:b8:6e:b8:b3:e7:8c:b7:45:e7:27:1b:bb:d8:0b:aa:d8:
20:b8:52:aa:87:bf:2a:6b:eb:49:20:48:e4:31:0a:24:fd:d7:
15:d9:78:5d:31:8f:a4:7c:28:65:36:41:9f:59:78:25:26:d2:
7f:5f:9e:7a:f4:f0:10:55:4d:77:c0:8e:de:51:86:4e:f7:e7:
5c:cb:6f:3a:40:6c:f4:ae:3d:77:63:7f:71:21:09:f6:ad:68:
2a:21:b5:f8:6b:51:44:ee:89:e9:47:30:b0:5b:7b:70:ff:d6:
c7:91:ee:24:9b:85:95:7e:92:69:e8:0c:be:7a:ed:9c:74:fa:
42:be:50:ca:dd:a6:f1:f1:61:41:64:cd:4f:82:b2:71:28:ad:
0b:28:c0:77:7d:48:21:d2:cd:67:d0:5f:f5:86:22:d9:7c:73:
a1:2a:3a:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvS1Dat8+8R91d3c0R/DEPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2NTEzNWRkNDI1MTlmZGRhM2RkM2ZkYWE5ZGIzMzU3ODE1
ZmFkNzUwHhcNMjMwMTAxMjE0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjZjNjIyOTRkZDQ5NjUzNTJmNGNlZDI3ZmI5YWI4YzJlN2JlOTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAju3GyBs7mg5xAC2eRwdpjVs7Lgsy
YVN/3Us/pzHp/RTOB62LX4zUVvPREg7rGJR1FU2Tdo0cRjaN7LdyYpHrqYVpCxBE
eimD6AO2EwFiOQz+RqSNV7+P7ukq+1SC5s4uH/4deYTU5kVfc5mLTpmNTVucA1Z9
QB7xtHGhdZEnthWZxOU09Bi413GlekDzHVIiVmkylyTSO35J99h+w8eSLCHc/vtN
C8IrrhEvaGRBxm/UADu4wsYyLdjypm6xyJ3ML65WWVQ2wxMqqLaNfhf4JdQLZR+q
JcqQPqULj/52WA2DkHSfDQx2nngwBB6/eAtIRqj+MrrjlOkKeUQAmpLL/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAZsYilN1JZTUvTO0n+5q4wue+lEMB8GA1UdIwQY
MBaAFJZRNd1CUZ/do90/2qnbM1eBX611MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGxFMTNVSlJuOTJqM1RfYXFkc3pWNEZmclhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS80NmQ5MDMtYWZkYS00MjFiLThhNjEt
MDdlZTI0MmUxMzZkLzEvQm14aUtVM1VsbE5TOU03U2Y3bXJqQzU3NlVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS80NmQ5MDMtYWZkYS00MjFiLThhNjEtMDdlZTI0MmUxMzZk
LzEvbGxFMTNVSlJuOTJqM1RfYXFkc3pWNEZmclhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuctZMA0G
CSqGSIb3DQEBCwUAA4IBAQA2JVmcKC95cA3kIeoOxKtB+70/b4M4g7eflg6JSrxc
cm/f453aASbvSpM9wbEpbMvXNNWcFl8ISDx6Xs3tW5wrWaUpeUcZStdM4PPG6293
2pchhr8Yu916Bqw94LhuuLPnjLdF5ycbu9gLqtgguFKqh78qa+tJIEjkMQok/dcV
2XhdMY+kfChlNkGfWXglJtJ/X5569PAQVU13wI7eUYZO9+dcy286QGz0rj13Y39x
IQn2rWgqIbX4a1FE7onpRzCwW3tw/9bHke4km4WVfpJp6Ay+eu2cdPpCvlDK3abx
8WFBZM1PgrJxKK0LKMB3fUgh0s1n0F/1hiLZfHOhKjqP
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:07:22 2025 by rpki-client