Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/c931fc-df1e-4bb1-9de9-d74a12959ad7/1/BLdMVB6uu57BQPacZpu8HAg3iGY.roa
File: BLdMVB6uu57BQPacZpu8HAg3iGY.roa (raw, json)
Hash identifier: Y7HRYrjeQwph1gasKcswKfwuUEQR7kf8FZYZ9j3fb3k=
Subject key identifier: 04:B7:4C:54:1E:AE:BB:9E:C1:40:F6:9C:66:9B:BC:1C:08:37:88:66
Certificate issuer: /CN=5bd6cbdaa794a97a7d8266702cb054f1b249d4bf
Certificate serial: 01857079971B5A43FEB1E3ECA75137C26C24
Authority key identifier: 5B:D6:CB:DA:A7:94:A9:7A:7D:82:66:70:2C:B0:54:F1:B2:49:D4:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W9bL2qeUqXp9gmZwLLBU8bJJ1L8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/c931fc-df1e-4bb1-9de9-d74a12959ad7/1/BLdMVB6uu57BQPacZpu8HAg3iGY.roa
Signing time: Mon 02 Jan 2023 03:14:54 +0000
ROA not before: Mon 02 Jan 2023 03:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2200
IP address blocks: 192.33.156.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:97:1b:5a:43:fe:b1:e3:ec:a7:51:37:c2:6c:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bd6cbdaa794a97a7d8266702cb054f1b249d4bf
Validity
Not Before: Jan 2 03:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=04b74c541eaebb9ec140f69c669bbc1c08378866
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:bf:1e:d0:74:6e:87:75:80:bf:ad:bc:f3:58:
c6:a8:fa:17:b6:d4:b1:66:dc:d9:53:51:4b:9f:fe:
8a:25:ef:82:2b:18:34:28:7e:c3:ba:00:38:11:8a:
6c:43:b1:98:6a:88:45:5a:de:72:8e:15:03:eb:b0:
26:49:78:5e:19:9f:f3:07:db:72:6f:26:76:98:1e:
3d:b0:98:46:76:5e:39:4d:21:a8:9d:f0:e4:9f:ac:
d3:8d:c6:66:7c:04:1b:28:88:4b:be:d6:7d:58:c2:
90:16:b6:60:46:f8:d5:a8:7b:ed:61:7f:ce:4b:16:
67:dd:e5:57:5c:2f:bd:41:09:d8:ce:2c:d8:fd:05:
a7:59:3d:a5:90:f6:ef:0a:8a:f8:af:97:c8:6c:0b:
2b:b3:49:24:d8:92:88:e5:f7:da:33:76:6b:18:a3:
65:70:b5:bf:82:52:60:5b:91:f0:1f:b3:de:2a:2e:
34:df:ce:8e:19:1d:9b:4b:e4:93:51:3b:c3:1b:23:
7d:57:1c:11:f8:93:de:3f:a3:c5:0c:4b:df:a0:b6:
53:53:90:4d:8a:f3:d4:68:42:33:8f:71:82:5b:ce:
65:30:50:a3:69:5e:fe:dd:00:2c:29:73:61:64:6e:
a7:a0:7a:46:d6:ba:cc:fb:fc:8a:30:1f:25:36:7a:
03:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:B7:4C:54:1E:AE:BB:9E:C1:40:F6:9C:66:9B:BC:1C:08:37:88:66
X509v3 Authority Key Identifier:
keyid:5B:D6:CB:DA:A7:94:A9:7A:7D:82:66:70:2C:B0:54:F1:B2:49:D4:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W9bL2qeUqXp9gmZwLLBU8bJJ1L8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/c931fc-df1e-4bb1-9de9-d74a12959ad7/1/BLdMVB6uu57BQPacZpu8HAg3iGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/c931fc-df1e-4bb1-9de9-d74a12959ad7/1/W9bL2qeUqXp9gmZwLLBU8bJJ1L8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.33.156.0/24
Signature Algorithm: sha256WithRSAEncryption
11:82:7b:52:c7:c4:7c:d0:f9:05:b2:94:4b:c0:9e:16:d0:6c:
db:2f:2d:9f:8c:1a:db:9b:72:e9:68:b1:c3:9c:a6:25:8e:b5:
a9:4e:46:75:cd:9e:19:ba:f8:51:51:31:3f:07:d3:1d:71:8f:
07:1c:7a:7f:d9:5c:0d:1c:8a:b1:9f:a5:a0:4f:88:67:59:e4:
03:a7:4b:8c:09:d0:17:4b:5d:89:bb:7d:9c:1b:d7:3e:5a:74:
b8:ee:27:6d:ea:6f:88:2f:d1:a2:0d:14:39:91:83:a0:15:f0:
28:87:b1:8c:4a:78:7d:d7:32:1d:1f:46:a5:63:bf:dc:aa:08:
d2:ff:ff:64:81:e3:5e:f7:8a:a8:02:c3:a5:6a:5d:1b:73:e3:
7b:bb:69:92:ff:9c:fc:46:27:37:46:a6:3b:f7:7a:f2:37:66:
8f:b6:02:94:fc:8c:83:7b:4d:74:40:34:5b:6f:49:f3:ee:24:
66:78:80:45:f3:7b:b7:dd:a5:90:2a:3f:b6:26:02:68:73:64:
59:b1:b0:b0:11:94:ab:a7:bd:af:d7:11:52:06:7f:eb:b4:14:
47:0d:fe:ff:eb:01:07:ea:63:87:8c:73:2c:9b:64:c4:1c:57:
2d:f7:b9:8a:3a:f2:b3:e5:ec:2e:a2:9c:00:98:5b:63:62:ce:
d1:e1:32:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVweZcbWkP+sePsp1E3wmwkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZDZjYmRhYTc5NGE5N2E3ZDgyNjY3MDJjYjA1NGYxYjI0
OWQ0YmYwHhcNMjMwMTAyMDMxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGI3NGM1NDFlYWViYjllYzE0MGY2OWM2NjliYmMxYzA4Mzc4ODY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArr8e0HRuh3WAv62881jGqPoXttSx
ZtzZU1FLn/6KJe+CKxg0KH7DugA4EYpsQ7GYaohFWt5yjhUD67AmSXheGZ/zB9ty
byZ2mB49sJhGdl45TSGonfDkn6zTjcZmfAQbKIhLvtZ9WMKQFrZgRvjVqHvtYX/O
SxZn3eVXXC+9QQnYzizY/QWnWT2lkPbvCor4r5fIbAsrs0kk2JKI5ffaM3ZrGKNl
cLW/glJgW5HwH7PeKi40386OGR2bS+STUTvDGyN9VxwR+JPeP6PFDEvfoLZTU5BN
ivPUaEIzj3GCW85lMFCjaV7+3QAsKXNhZG6noHpG1rrM+/yKMB8lNnoDgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAS3TFQerruewUD2nGabvBwIN4hmMB8GA1UdIwQY
MBaAFFvWy9qnlKl6fYJmcCywVPGySdS/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzliTDJxZVVxWHA5Z21ad0xMQlU4YkpKMUw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9jOTMxZmMtZGYxZS00YmIxLTlkZTkt
ZDc0YTEyOTU5YWQ3LzEvQkxkTVZCNnV1NTdCUVBhY1pwdThIQWczaUdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9jOTMxZmMtZGYxZS00YmIxLTlkZTktZDc0YTEyOTU5YWQ3
LzEvVzliTDJxZVVxWHA5Z21ad0xMQlU4YkpKMUw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwCGcMA0G
CSqGSIb3DQEBCwUAA4IBAQARgntSx8R80PkFspRLwJ4W0GzbLy2fjBrbm3LpaLHD
nKYljrWpTkZ1zZ4ZuvhRUTE/B9MdcY8HHHp/2VwNHIqxn6WgT4hnWeQDp0uMCdAX
S12Ju32cG9c+WnS47idt6m+IL9GiDRQ5kYOgFfAoh7GMSnh91zIdH0alY7/cqgjS
//9kgeNe94qoAsOlal0bc+N7u2mS/5z8Ric3RqY793ryN2aPtgKU/IyDe010QDRb
b0nz7iRmeIBF83u33aWQKj+2JgJoc2RZsbCwEZSrp72v1xFSBn/rtBRHDf7/6wEH
6mOHjHMsm2TEHFct97mKOvKz5ewuopwAmFtjYs7R4TKR
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:10 2025 by rpki-client