Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/d83576-c685-4624-9d88-9911fa984e2e/1/bsLuzlTm5bky7tlAj4348jsqcw0.roa
File: bsLuzlTm5bky7tlAj4348jsqcw0.roa (raw, json)
Hash identifier: wYAfeLuyGxR7H5QeRadvd3uxIxlNJUw2HcJvC93uSc0=
Subject key identifier: 6E:C2:EE:CE:54:E6:E5:B9:32:EE:D9:40:8F:8D:F8:F2:3B:2A:73:0D
Certificate issuer: /CN=e8cf15bf6b1f2690f20901d1896e2d880fe8886e
Certificate serial: 01856F5DBE9FA5EB78D8F4FF235F46A6EE7D
Authority key identifier: E8:CF:15:BF:6B:1F:26:90:F2:09:01:D1:89:6E:2D:88:0F:E8:88:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6M8Vv2sfJpDyCQHRiW4tiA_oiG4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/d83576-c685-4624-9d88-9911fa984e2e/1/bsLuzlTm5bky7tlAj4348jsqcw0.roa
Signing time: Sun 01 Jan 2023 22:04:52 +0000
ROA not before: Sun 01 Jan 2023 22:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205753
IP address blocks: 193.169.135.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:be:9f:a5:eb:78:d8:f4:ff:23:5f:46:a6:ee:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8cf15bf6b1f2690f20901d1896e2d880fe8886e
Validity
Not Before: Jan 1 22:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ec2eece54e6e5b932eed9408f8df8f23b2a730d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:72:a8:0f:0a:59:c3:4b:cc:e2:d4:b0:d2:ea:
c6:29:0a:8d:a8:2f:11:0e:d0:b4:2a:b0:6a:dd:da:
3f:b8:cd:eb:12:a4:72:12:c5:41:0a:dd:f1:99:48:
9d:95:1d:a9:b1:74:a1:4b:d9:1c:86:b9:d3:bb:07:
ec:16:9b:05:4d:60:81:2d:47:0c:a6:c7:48:ef:71:
05:d3:3b:61:5f:69:9e:fa:1b:8a:5d:78:36:7e:c5:
24:36:34:2b:5c:8a:9a:7a:a9:46:d2:b1:00:2f:5c:
9c:8e:fb:21:35:4a:26:70:b1:67:e3:32:2a:2a:50:
f7:ca:94:f3:97:17:40:c5:69:93:fc:2c:d8:a6:79:
8c:14:98:a7:bd:47:2f:25:a7:e8:23:57:6e:30:7a:
e4:ae:af:02:02:ca:97:b5:38:65:1d:6a:43:e4:de:
ab:ff:b9:9e:c9:4e:a0:eb:8c:21:48:55:5b:5e:bf:
03:de:07:d5:d8:f0:ba:de:1d:ec:76:47:26:16:2d:
f4:b3:4b:9a:01:22:9b:1a:7c:59:98:b3:39:e8:65:
25:ed:04:0b:21:1f:b7:09:99:84:13:a7:68:59:28:
a9:d5:53:9c:89:af:fe:79:71:0a:0a:34:6b:a9:fc:
78:d7:fd:3d:83:9e:92:d9:7e:d8:4b:b9:ce:48:97:
ac:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:C2:EE:CE:54:E6:E5:B9:32:EE:D9:40:8F:8D:F8:F2:3B:2A:73:0D
X509v3 Authority Key Identifier:
keyid:E8:CF:15:BF:6B:1F:26:90:F2:09:01:D1:89:6E:2D:88:0F:E8:88:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6M8Vv2sfJpDyCQHRiW4tiA_oiG4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/d83576-c685-4624-9d88-9911fa984e2e/1/bsLuzlTm5bky7tlAj4348jsqcw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/d83576-c685-4624-9d88-9911fa984e2e/1/6M8Vv2sfJpDyCQHRiW4tiA_oiG4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.169.135.0/24
Signature Algorithm: sha256WithRSAEncryption
53:44:f5:45:4b:fb:c6:33:30:89:2f:c3:99:ef:2e:b6:4b:c5:
bd:f8:10:e4:a9:86:a1:14:e3:6a:c8:22:e1:3a:c0:55:15:de:
eb:cc:c1:fd:80:0f:96:81:fa:bb:4e:35:a1:cc:e0:9e:c3:a5:
59:1b:77:37:05:84:c3:5c:22:7f:2d:d1:2a:fc:c1:a4:13:05:
31:4e:f6:90:6b:c0:78:a6:63:68:46:bc:da:14:f0:6f:8e:aa:
15:82:b1:8e:3c:7e:3e:dd:38:de:ea:47:ee:98:bd:68:59:20:
e4:61:8a:13:b4:36:b7:6c:55:9a:c5:1c:dc:fe:8b:d6:68:f7:
16:ee:37:1f:d6:cd:73:49:fa:b9:33:fd:b0:28:20:fb:7b:d6:
2a:a9:80:8d:ab:e4:41:b2:eb:b3:00:f4:dd:92:63:a9:33:77:
29:05:3c:f5:03:34:96:ba:99:38:df:82:09:e1:5f:a6:f9:1d:
9f:a2:c6:6d:e0:13:2c:2a:7b:67:79:c4:7b:a2:51:35:b4:a7:
13:09:d4:2a:b2:0a:16:cf:d5:41:5d:56:4d:a2:2b:75:1f:8b:
37:30:39:02:fe:58:45:7c:67:a9:a6:b9:2e:57:ad:4b:6e:9f:
be:84:a7:62:2f:b5:e5:73:ad:a3:91:cd:42:46:3e:77:05:16:
10:26:02:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvXb6fpet42PT/I19Gpu59MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4Y2YxNWJmNmIxZjI2OTBmMjA5MDFkMTg5NmUyZDg4MGZl
ODg4NmUwHhcNMjMwMTAxMjIwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWMyZWVjZTU0ZTZlNWI5MzJlZWQ5NDA4ZjhkZjhmMjNiMmE3MzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2HKoDwpZw0vM4tSw0urGKQqNqC8R
DtC0KrBq3do/uM3rEqRyEsVBCt3xmUidlR2psXShS9kchrnTuwfsFpsFTWCBLUcM
psdI73EF0zthX2me+huKXXg2fsUkNjQrXIqaeqlG0rEAL1ycjvshNUomcLFn4zIq
KlD3ypTzlxdAxWmT/CzYpnmMFJinvUcvJafoI1duMHrkrq8CAsqXtThlHWpD5N6r
/7meyU6g64whSFVbXr8D3gfV2PC63h3sdkcmFi30s0uaASKbGnxZmLM56GUl7QQL
IR+3CZmEE6doWSip1VOcia/+eXEKCjRrqfx41/09g56S2X7YS7nOSJesVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG7C7s5U5uW5Mu7ZQI+N+PI7KnMNMB8GA1UdIwQY
MBaAFOjPFb9rHyaQ8gkB0YluLYgP6IhuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNk04VnYyc2ZKcER5Q1FIUmlXNHRpQV9vaUc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9kODM1NzYtYzY4NS00NjI0LTlkODgt
OTkxMWZhOTg0ZTJlLzEvYnNMdXpsVG01Ymt5N3RsQWo0MzQ4anNxY3cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9kODM1NzYtYzY4NS00NjI0LTlkODgtOTkxMWZhOTg0ZTJl
LzEvNk04VnYyc2ZKcER5Q1FIUmlXNHRpQV9vaUc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwamHMA0G
CSqGSIb3DQEBCwUAA4IBAQBTRPVFS/vGMzCJL8OZ7y62S8W9+BDkqYahFONqyCLh
OsBVFd7rzMH9gA+Wgfq7TjWhzOCew6VZG3c3BYTDXCJ/LdEq/MGkEwUxTvaQa8B4
pmNoRrzaFPBvjqoVgrGOPH4+3Tje6kfumL1oWSDkYYoTtDa3bFWaxRzc/ovWaPcW
7jcf1s1zSfq5M/2wKCD7e9YqqYCNq+RBsuuzAPTdkmOpM3cpBTz1AzSWupk434IJ
4V+m+R2fosZt4BMsKntnecR7olE1tKcTCdQqsgoWz9VBXVZNoit1H4s3MDkC/lhF
fGepprkuV61Lbp++hKdiL7Xlc62jkc1CRj53BRYQJgJI
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:21 2025 by rpki-client