Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/a8e04b-0dba-40ec-b126-f457d404ae2f/1/BsUQg0L6Yevj7OxBx5AQEAjPx9U.roa
File: BsUQg0L6Yevj7OxBx5AQEAjPx9U.roa (raw, json)
Hash identifier: WjLy+KqkYv8YVYkhnQ/7e2JlXOlgWUlhek5/SK7FjSQ=
Subject key identifier: 06:C5:10:83:42:FA:61:EB:E3:EC:EC:41:C7:90:10:10:08:CF:C7:D5
Certificate issuer: /CN=2c88db81fdfbeccee75f4a9f698a3c1b3a84626e
Certificate serial: 018BDD0CBD3E54960C46C6179EFDFD4147C4
Authority key identifier: 2C:88:DB:81:FD:FB:EC:CE:E7:5F:4A:9F:69:8A:3C:1B:3A:84:62:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LIjbgf377M7nX0qfaYo8GzqEYm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/a8e04b-0dba-40ec-b126-f457d404ae2f/1/BsUQg0L6Yevj7OxBx5AQEAjPx9U.roa
Signing time: Fri 17 Nov 2023 11:31:21 +0000
ROA not before: Fri 17 Nov 2023 11:31:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58096
IP address blocks: 185.216.192.0/23 maxlen: 32
45.93.4.0/22 maxlen: 22
193.160.204.0/23 maxlen: 32
94.141.124.0/22 maxlen: 24
91.220.69.0/24 maxlen: 24
193.105.114.0/24 maxlen: 32
185.154.72.0/22 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:dd:0c:bd:3e:54:96:0c:46:c6:17:9e:fd:fd:41:47:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c88db81fdfbeccee75f4a9f698a3c1b3a84626e
Validity
Not Before: Nov 17 11:31:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06c5108342fa61ebe3ecec41c790101008cfc7d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:5c:24:40:fd:b2:df:5f:12:26:dd:27:e4:a4:
25:7e:1b:68:d5:00:34:22:e3:4b:b0:08:e9:a8:12:
f4:38:71:66:93:68:eb:6e:ea:e1:0d:81:14:47:a8:
6f:46:d9:ff:08:da:41:f9:7c:71:62:a1:16:b2:e5:
36:46:0b:9d:81:cd:3e:4f:d8:5a:19:46:ba:d9:31:
6e:f1:fa:0d:88:0c:26:e8:56:71:dd:0e:3d:c0:f5:
f0:98:39:ca:04:44:6f:1d:31:4f:90:d1:3d:93:ff:
72:d4:a1:e0:dc:ac:29:d3:66:d1:db:a1:7b:94:df:
46:71:dd:7a:b0:de:79:46:8b:80:af:34:b0:c6:e4:
3f:c2:86:93:74:47:0d:2a:35:18:70:89:70:72:17:
be:2b:f3:52:12:62:e9:c5:aa:10:ee:48:e8:57:a0:
2e:d0:1f:a9:6a:48:f7:2e:fb:11:4b:88:8e:d5:e9:
09:ae:9f:32:22:d9:32:1a:d9:c0:8e:ed:f3:bb:19:
ba:85:fe:c4:51:e9:79:09:22:76:72:bc:71:9b:b1:
8d:35:eb:7d:15:f4:99:63:fd:74:a9:21:24:94:95:
a2:c1:86:47:79:50:cb:64:87:aa:cf:b8:a1:a4:83:
c9:35:12:f7:a6:03:b2:46:5f:24:71:fb:f1:96:12:
c3:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:C5:10:83:42:FA:61:EB:E3:EC:EC:41:C7:90:10:10:08:CF:C7:D5
X509v3 Authority Key Identifier:
keyid:2C:88:DB:81:FD:FB:EC:CE:E7:5F:4A:9F:69:8A:3C:1B:3A:84:62:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LIjbgf377M7nX0qfaYo8GzqEYm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a8e04b-0dba-40ec-b126-f457d404ae2f/1/BsUQg0L6Yevj7OxBx5AQEAjPx9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a8e04b-0dba-40ec-b126-f457d404ae2f/1/LIjbgf377M7nX0qfaYo8GzqEYm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.4.0/22
91.220.69.0/24
94.141.124.0/22
185.154.72.0/22
185.216.192.0/23
193.105.114.0/24
193.160.204.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:be:8b:4d:6d:47:e1:53:4e:b9:d9:a0:b8:6b:00:48:2b:47:
4a:3e:f4:08:46:5c:5c:4f:7a:d4:a4:76:fc:30:e6:bb:b4:79:
2a:48:cc:f0:8b:01:85:08:aa:5f:f0:ba:b5:4d:9e:4d:ed:db:
4d:da:ec:34:27:b4:25:ba:36:ed:d6:7b:0f:8f:7e:7b:eb:06:
17:78:28:1c:e7:b8:a0:8f:93:09:b7:9d:47:55:af:e3:c2:36:
4b:e4:91:e9:02:a9:05:99:c8:a2:2f:ce:c6:75:77:23:cd:8e:
87:da:ff:6b:8e:73:cd:1d:2c:af:29:e3:c3:02:7b:29:02:c2:
33:42:d2:92:bc:85:5f:e6:f8:7a:44:44:e9:f3:1e:75:ec:67:
3c:35:8a:48:8e:bd:f6:d1:e0:bb:37:8a:fc:f9:d4:81:78:e8:
32:33:70:57:df:60:ae:e3:d0:0c:ef:60:4e:db:5d:fb:06:ba:
e4:f9:a8:10:e5:1f:df:c2:8d:47:29:11:35:ce:e9:0c:01:ae:
1c:e9:1a:1e:45:ca:69:d8:f3:ad:4e:48:51:52:35:95:ee:3d:
c0:33:a1:98:78:a9:3f:84:f3:cd:97:87:d1:4f:30:af:68:ce:
48:09:ac:01:82:48:88:1e:ac:61:3c:e1:cc:ef:a6:b8:26:a9:
ef:9b:76:19
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYvdDL0+VJYMRsYXnv39QUfEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjODhkYjgxZmRmYmVjY2VlNzVmNGE5ZjY5OGEzYzFiM2E4
NDYyNmUwHhcNMjMxMTE3MTEzMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmM1MTA4MzQyZmE2MWViZTNlY2VjNDFjNzkwMTAxMDA4Y2ZjN2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1wkQP2y318SJt0n5KQlfhto1QA0
IuNLsAjpqBL0OHFmk2jrburhDYEUR6hvRtn/CNpB+XxxYqEWsuU2Rgudgc0+T9ha
GUa62TFu8foNiAwm6FZx3Q49wPXwmDnKBERvHTFPkNE9k/9y1KHg3Kwp02bR26F7
lN9Gcd16sN55RouArzSwxuQ/woaTdEcNKjUYcIlwche+K/NSEmLpxaoQ7kjoV6Au
0B+pakj3LvsRS4iO1ekJrp8yItkyGtnAju3zuxm6hf7EUel5CSJ2crxxm7GNNet9
FfSZY/10qSEklJWiwYZHeVDLZIeqz7ihpIPJNRL3pgOyRl8kcfvxlhLDgwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAbFEINC+mHr4+zsQceQEBAIz8fVMB8GA1UdIwQY
MBaAFCyI24H9++zO519Kn2mKPBs6hGJuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTElqYmdmMzc3TTduWDBxZmFZbzhHenFFWW00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9hOGUwNGItMGRiYS00MGVjLWIxMjYt
ZjQ1N2Q0MDRhZTJmLzEvQnNVUWcwTDZZZXZqN094Qng1QVFFQWpQeDlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9hOGUwNGItMGRiYS00MGVjLWIxMjYtZjQ1N2Q0MDRhZTJm
LzEvTElqYmdmMzc3TTduWDBxZmFZbzhHenFFWW00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCLV0EAwQA
W9xFAwQCXo18AwQCuZpIAwQBudjAAwQAwWlyAwQBwaDMMA0GCSqGSIb3DQEBCwUA
A4IBAQCavotNbUfhU0652aC4awBIK0dKPvQIRlxcT3rUpHb8MOa7tHkqSMzwiwGF
CKpf8Lq1TZ5N7dtN2uw0J7Qlujbt1nsPj3576wYXeCgc57igj5MJt51HVa/jwjZL
5JHpAqkFmciiL87GdXcjzY6H2v9rjnPNHSyvKePDAnspAsIzQtKSvIVf5vh6RETp
8x517Gc8NYpIjr320eC7N4r8+dSBeOgyM3BX32Cu49AM72BO2137Brrk+agQ5R/f
wo1HKRE1zukMAa4c6RoeRcpp2POtTkhRUjWV7j3AM6GYeKk/hPPNl4fRTzCvaM5I
CawBgkiIHqxhPOHM76a4Jqnvm3YZ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:23 2025 by rpki-client