Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/16865b-0e70-4160-a48d-7f01972186a3/1/BX4yuaVn2X8jAO3RSjHyFyCzh7A.roa
File: BX4yuaVn2X8jAO3RSjHyFyCzh7A.roa (raw, json)
Hash identifier: seSy21BqAIj8t/Ip3XDN1Kcwt0eTAPcS53c075DuXnw=
Subject key identifier: 05:7E:32:B9:A5:67:D9:7F:23:00:ED:D1:4A:31:F2:17:20:B3:87:B0
Certificate issuer: /CN=19bbc28498eb169590b069a005414c41a179b240
Certificate serial: 23921DA1
Authority key identifier: 19:BB:C2:84:98:EB:16:95:90:B0:69:A0:05:41:4C:41:A1:79:B2:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GbvChJjrFpWQsGmgBUFMQaF5skA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/16865b-0e70-4160-a48d-7f01972186a3/1/BX4yuaVn2X8jAO3RSjHyFyCzh7A.roa
Signing time: Sat 01 Jan 2022 06:05:31 +0000
ROA not before: Sat 01 Jan 2022 06:05:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44292
IP address blocks: 92.42.169.0/24 maxlen: 24
92.42.172.0/24 maxlen: 24
92.42.170.0/24 maxlen: 24
92.42.171.0/24 maxlen: 24
92.42.168.0/24 maxlen: 24
92.42.173.0/24 maxlen: 24
92.42.174.0/24 maxlen: 24
92.42.175.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 596778401 (0x23921da1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19bbc28498eb169590b069a005414c41a179b240
Validity
Not Before: Jan 1 06:05:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=057e32b9a567d97f2300edd14a31f21720b387b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b2:93:5b:f5:34:9a:eb:8d:ee:a4:50:2b:e8:
d2:c3:32:60:30:4a:38:84:42:75:8d:8c:2f:80:8f:
5c:a3:bc:29:ce:ed:77:16:8e:43:05:27:32:66:c8:
53:25:05:ed:7a:5c:82:8b:17:34:ba:ce:e7:23:b1:
05:3b:a2:82:a3:82:aa:27:02:06:cd:ed:4c:e7:25:
f3:06:51:c3:f2:a2:73:e1:0f:0e:23:8a:26:83:de:
01:89:9c:ef:4c:a0:5a:a0:fc:7b:2d:4e:e3:41:55:
39:1c:cb:b3:fd:57:0a:9b:56:09:d4:f2:97:5d:31:
8d:00:c9:1b:06:32:5c:15:2e:95:d5:cd:49:36:59:
1b:21:d7:e0:86:47:f6:0d:25:f3:b2:3a:3f:53:80:
c1:5f:63:4b:a3:db:5c:5d:31:99:63:67:2a:3d:1c:
94:43:57:58:43:78:21:16:dd:9e:16:e5:89:29:7a:
89:db:3e:db:8d:85:2e:e0:38:fa:e1:5e:a5:2f:52:
a5:cc:ec:08:9e:3a:f1:e0:59:b2:fa:1d:1b:0a:7a:
b5:b3:24:b3:1b:5b:da:c7:04:a5:8f:b6:1b:d6:55:
d6:9f:a7:d6:57:1d:78:a2:e6:b2:8e:5f:cc:cd:a2:
51:89:e8:7a:f6:5f:24:f7:00:71:07:b4:79:2b:14:
bf:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:7E:32:B9:A5:67:D9:7F:23:00:ED:D1:4A:31:F2:17:20:B3:87:B0
X509v3 Authority Key Identifier:
keyid:19:BB:C2:84:98:EB:16:95:90:B0:69:A0:05:41:4C:41:A1:79:B2:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GbvChJjrFpWQsGmgBUFMQaF5skA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/16865b-0e70-4160-a48d-7f01972186a3/1/BX4yuaVn2X8jAO3RSjHyFyCzh7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/16865b-0e70-4160-a48d-7f01972186a3/1/GbvChJjrFpWQsGmgBUFMQaF5skA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.42.168.0/21
Signature Algorithm: sha256WithRSAEncryption
2f:83:38:6c:e3:f7:91:3e:42:07:e1:1b:8a:ca:0d:d3:ad:be:
77:1d:88:a9:e1:1e:70:e8:47:d9:fb:3d:e1:81:63:9d:5b:b2:
1f:29:a0:f6:a5:de:6d:fe:79:5f:26:a9:b8:93:78:ef:1e:fe:
f8:5b:5b:89:24:e0:d5:5f:6a:0c:58:f1:de:51:4c:2c:d9:d9:
cd:7b:cd:aa:07:83:f6:8e:64:70:fe:32:b9:4f:39:81:6d:d8:
05:27:42:1c:c7:9e:9e:ee:01:7d:b6:ac:b8:39:5e:b6:47:8f:
c7:6f:2d:be:28:24:fe:48:9e:ec:3d:3c:db:aa:74:9e:12:b3:
36:0a:84:4c:94:9a:1d:8e:4d:16:76:f3:b9:f6:4d:e6:39:0b:
68:26:12:b6:cd:18:79:7b:1f:8b:11:88:22:f4:c1:cf:85:26:
0a:17:81:b3:e9:2b:c8:88:fa:ef:d1:f3:39:22:8a:fa:83:bc:
96:de:35:9c:34:16:52:76:ff:63:85:d3:64:3f:15:d7:d5:0b:
41:9a:de:74:13:bc:ba:fd:d4:80:ee:0c:81:f2:16:47:6b:06:
2f:74:26:0d:6b:e3:77:1d:e4:39:e3:4b:71:7b:3f:8c:6c:a6:
6a:f8:65:cc:69:99:ca:32:40:11:9c:31:80:80:03:ff:9d:35:
a9:5a:66:92
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEI5IdoTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
OWJiYzI4NDk4ZWIxNjk1OTBiMDY5YTAwNTQxNGM0MWExNzliMjQwMB4XDTIyMDEw
MTA2MDUzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDU3ZTMyYjlhNTY3
ZDk3ZjIzMDBlZGQxNGEzMWYyMTcyMGIzODdiMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM2yk1v1NJrrje6kUCvo0sMyYDBKOIRCdY2ML4CPXKO8Kc7t
dxaOQwUnMmbIUyUF7XpcgosXNLrO5yOxBTuigqOCqicCBs3tTOcl8wZRw/Kic+EP
DiOKJoPeAYmc70ygWqD8ey1O40FVORzLs/1XCptWCdTyl10xjQDJGwYyXBUuldXN
STZZGyHX4IZH9g0l87I6P1OAwV9jS6PbXF0xmWNnKj0clENXWEN4IRbdnhbliSl6
ids+242FLuA4+uFepS9SpczsCJ468eBZsvodGwp6tbMksxtb2scEpY+2G9ZV1p+n
1lcdeKLmso5fzM2iUYnoevZfJPcAcQe0eSsUvx8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQFfjK5pWfZfyMA7dFKMfIXILOHsDAfBgNVHSMEGDAWgBQZu8KEmOsWlZCw
aaAFQUxBoXmyQDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0didkNoSmpyRnBXUXNHbWdCVUZNUWFGNXNrQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODcvMTY4NjViLTBlNzAtNDE2MC1hNDhkLTdmMDE5NzIxODZhMy8x
L0JYNHl1YVZuMlg4akFPM1JTakh5RnlDemg3QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcv
MTY4NjViLTBlNzAtNDE2MC1hNDhkLTdmMDE5NzIxODZhMy8xL0didkNoSmpyRnBX
UXNHbWdCVUZNUWFGNXNrQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA1wqqDANBgkqhkiG9w0BAQsFAAOC
AQEAL4M4bOP3kT5CB+EbisoN062+dx2IqeEecOhH2fs94YFjnVuyHymg9qXebf55
XyapuJN47x7++FtbiSTg1V9qDFjx3lFMLNnZzXvNqgeD9o5kcP4yuU85gW3YBSdC
HMeenu4BfbasuDletkePx28tvigk/kie7D0826p0nhKzNgqETJSaHY5NFnbzufZN
5jkLaCYSts0YeXsfixGIIvTBz4UmCheBs+kryIj679HzOSKK+oO8lt41nDQWUnb/
Y4XTZD8V19ULQZredBO8uv3UgO4MgfIWR2sGL3QmDWvjdx3kOeNLcXs/jGymavhl
zGmZyjJAEZwxgIAD/501qVpmkg==
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:15:48 2025 by rpki-client