Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/bdG-ySMg5jJZkZZ63utbiWoCQ2M.roa
File: bdG-ySMg5jJZkZZ63utbiWoCQ2M.roa (raw, json)
Hash identifier: ADZceSAXMPmH21tScRk1UVz9EQnSh8pyRhuDKElzAdI=
Subject key identifier: 6D:D1:BE:C9:23:20:E6:32:59:91:96:7A:DE:EB:5B:89:6A:02:43:63
Certificate issuer: /CN=b35002ba088d5bd09c1553dced5b0bf3907ff736
Certificate serial: 018B14EB6FF9ADC6E030AC850D47E28BA49A
Authority key identifier: B3:50:02:BA:08:8D:5B:D0:9C:15:53:DC:ED:5B:0B:F3:90:7F:F7:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/bdG-ySMg5jJZkZZ63utbiWoCQ2M.roa
Signing time: Mon 09 Oct 2023 14:50:55 +0000
ROA not before: Mon 09 Oct 2023 14:50:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48108
IP address blocks: 94.247.137.0/24 maxlen: 24
185.235.230.0/24 maxlen: 24
31.222.227.0/24 maxlen: 24
2001:678:e30::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:14:eb:6f:f9:ad:c6:e0:30:ac:85:0d:47:e2:8b:a4:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b35002ba088d5bd09c1553dced5b0bf3907ff736
Validity
Not Before: Oct 9 14:50:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6dd1bec92320e6325991967adeeb5b896a024363
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e3:8b:fc:5c:e2:93:c3:f5:1f:ea:7e:d2:70:
02:8c:7a:18:d8:3e:42:d1:82:80:99:dc:bd:07:df:
6b:1e:d3:ba:4e:d2:b8:c0:12:a7:2a:65:0a:24:8a:
c2:6d:15:0f:bb:c0:f4:66:53:f9:50:34:d8:dc:36:
23:d1:e5:28:77:06:5f:20:73:f4:74:96:8b:56:6b:
7e:65:e8:6e:da:13:ce:d9:53:27:29:2a:7e:63:5f:
09:4e:91:bf:52:d8:e7:f8:7f:6f:22:00:aa:c8:d9:
28:6e:0c:9a:13:52:9f:d8:89:2e:47:22:61:39:aa:
7f:66:3e:dd:fa:97:e4:8b:88:b9:52:a7:96:61:4e:
c5:f4:9d:8c:f6:52:9a:86:1a:3c:ee:68:c3:ec:55:
84:b5:b8:55:53:f2:e6:ce:5e:f3:45:c8:81:d9:9c:
f6:6c:4d:1e:63:dd:e5:47:3d:af:c1:a2:0a:3f:fa:
85:2f:61:05:13:ba:df:df:23:b4:6f:17:38:f9:ce:
c7:ae:c8:9c:28:d0:77:db:b2:2b:a1:cb:bb:69:b3:
dc:d8:8d:a9:12:a7:ea:50:a1:e5:c4:82:2e:d2:5c:
0f:68:1e:f1:9c:d9:8f:ec:1a:1f:7c:8f:8d:82:30:
db:f0:78:f6:45:4e:73:e4:d4:e9:db:f2:07:3e:69:
0d:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:D1:BE:C9:23:20:E6:32:59:91:96:7A:DE:EB:5B:89:6A:02:43:63
X509v3 Authority Key Identifier:
keyid:B3:50:02:BA:08:8D:5B:D0:9C:15:53:DC:ED:5B:0B:F3:90:7F:F7:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/bdG-ySMg5jJZkZZ63utbiWoCQ2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/s1ACugiNW9CcFVPc7VsL85B_9zY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.227.0/24
94.247.137.0/24
185.235.230.0/24
IPv6:
2001:678:e30::/48
Signature Algorithm: sha256WithRSAEncryption
25:3f:9c:a2:e2:c4:c2:2b:fc:1e:0f:9c:04:6c:ef:dd:04:20:
b4:83:ae:bf:17:86:b7:e2:26:a9:77:84:de:18:b5:de:28:38:
12:ca:04:6f:5f:df:43:79:f3:c9:56:41:a7:36:3f:4f:34:c2:
e7:43:db:9d:8a:d4:6f:35:58:74:93:ff:1b:b1:76:af:1b:04:
e3:7e:24:57:c9:b9:e3:c0:38:a4:71:12:8c:c1:64:cf:9e:70:
ba:14:4d:ec:66:e0:30:02:25:e5:2c:d4:68:1a:04:88:bf:99:
a0:63:88:a5:95:cc:3e:8f:bd:de:d5:cb:c6:b3:e7:c1:6f:df:
20:32:a7:99:17:38:ed:61:d1:74:d1:5b:67:ab:10:e2:21:ca:
4a:73:fc:d4:51:58:cf:33:0c:c3:1f:d7:35:e0:89:a1:78:7a:
e3:95:45:9f:87:f2:a5:f6:e7:fb:bb:43:45:95:93:a4:47:2f:
3b:3b:2e:11:79:75:f4:f9:ba:c7:98:8d:1b:6f:c5:84:1f:27:
6d:dd:e6:d6:8f:cd:90:5b:5b:5c:a3:27:66:4c:a3:61:a1:2f:
40:24:49:d9:34:e5:84:6f:90:df:eb:e7:df:e6:45:bd:c7:00:
83:2d:6f:3d:bb:d3:e6:ab:91:05:4b:7d:33:6c:45:48:fa:e0:
44:02:cc:6c
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYsU62/5rcbgMKyFDUfii6SaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNTAwMmJhMDg4ZDViZDA5YzE1NTNkY2VkNWIwYmYzOTA3
ZmY3MzYwHhcNMjMxMDA5MTQ1MDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGQxYmVjOTIzMjBlNjMyNTk5MTk2N2FkZWViNWI4OTZhMDI0MzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOOL/Fzik8P1H+p+0nACjHoY2D5C
0YKAmdy9B99rHtO6TtK4wBKnKmUKJIrCbRUPu8D0ZlP5UDTY3DYj0eUodwZfIHP0
dJaLVmt+Zehu2hPO2VMnKSp+Y18JTpG/Utjn+H9vIgCqyNkobgyaE1Kf2IkuRyJh
Oap/Zj7d+pfki4i5UqeWYU7F9J2M9lKahho87mjD7FWEtbhVU/Lmzl7zRciB2Zz2
bE0eY93lRz2vwaIKP/qFL2EFE7rf3yO0bxc4+c7HrsicKNB327Irocu7abPc2I2p
EqfqUKHlxIIu0lwPaB7xnNmP7BoffI+NgjDb8Hj2RU5z5NTp2/IHPmkNwQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFG3RvskjIOYyWZGWet7rW4lqAkNjMB8GA1UdIwQY
MBaAFLNQAroIjVvQnBVT3O1bC/OQf/c2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczFBQ3VnaU5XOUNjRlZQYzdWc0w4NUJfOXpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9mZTRiMDYtZmMyZS00YmNiLTg3N2Ut
YWYxZWYxZDdhZmI4LzEvYmRHLXlTTWc1akpaa1paNjN1dGJpV29DUTJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9mZTRiMDYtZmMyZS00YmNiLTg3N2UtYWYxZWYxZDdhZmI4
LzEvczFBQ3VnaU5XOUNjRlZQYzdWc0w4NUJfOXpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAH97jAwQA
XveJAwQAuevmMA8EAgACMAkDBwAgAQZ4DjAwDQYJKoZIhvcNAQELBQADggEBACU/
nKLixMIr/B4PnARs790EILSDrr8XhrfiJql3hN4Ytd4oOBLKBG9f30N588lWQac2
P080wudD252K1G81WHST/xuxdq8bBON+JFfJuePAOKRxEozBZM+ecLoUTexm4DAC
JeUs1GgaBIi/maBjiKWVzD6Pvd7Vy8az58Fv3yAyp5kXOO1h0XTRW2erEOIhykpz
/NRRWM8zDMMf1zXgiaF4euOVRZ+H8qX25/u7Q0WVk6RHLzs7LhF5dfT5useYjRtv
xYQfJ23d5taPzZBbW1yjJ2ZMo2GhL0AkSdk05YRvkN/r59/mRb3HAIMtbz270+ar
kQVLfTNsRUj64EQCzGw=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:48:38 2025 by rpki-client