Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/1f9bd4-2f6c-4da2-bdd7-1c67d24ae672/1/Br704syL6J3iDUgUKX5m_HTmiic.roa
File: Br704syL6J3iDUgUKX5m_HTmiic.roa (raw, json)
Hash identifier: Gl9sNhDQ8DgDmH163GjTvP5FUkmfbP5JvowHKuAv6Xg=
Subject key identifier: 06:BE:F4:E2:CC:8B:E8:9D:E2:0D:48:14:29:7E:66:FC:74:E6:8A:27
Certificate issuer: /CN=7985c5bc754ca585bd2592e6bf1cfa6f649cd9f4
Certificate serial: 018570396B695D36457D194421152867EC96
Authority key identifier: 79:85:C5:BC:75:4C:A5:85:BD:25:92:E6:BF:1C:FA:6F:64:9C:D9:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eYXFvHVMpYW9JZLmvxz6b2Sc2fQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/1f9bd4-2f6c-4da2-bdd7-1c67d24ae672/1/Br704syL6J3iDUgUKX5m_HTmiic.roa
Signing time: Mon 02 Jan 2023 02:04:49 +0000
ROA not before: Mon 02 Jan 2023 02:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15889
IP address blocks: 193.23.137.0/24 maxlen: 24
91.208.125.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:6b:69:5d:36:45:7d:19:44:21:15:28:67:ec:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7985c5bc754ca585bd2592e6bf1cfa6f649cd9f4
Validity
Not Before: Jan 2 02:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06bef4e2cc8be89de20d4814297e66fc74e68a27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:1a:55:24:be:30:d0:b5:d8:eb:76:cd:b7:69:
a4:ed:f0:7e:9b:5d:34:1d:cb:6c:c4:49:a1:9c:f6:
40:b9:fa:0c:ce:c0:2b:67:1f:3b:4c:ba:a1:d2:9c:
f6:d4:0d:98:cf:f9:ab:c6:2e:73:a1:f1:5e:09:c8:
17:7b:52:63:65:4a:d0:13:1c:3b:5c:a4:dc:df:27:
6c:21:9e:ca:1a:42:b0:21:35:15:4c:e5:0e:ab:ed:
70:7c:57:fb:8b:c1:3b:29:08:67:25:5a:c8:06:b0:
7e:37:12:5b:50:c7:f6:8f:52:1a:ea:18:c8:a1:d2:
2d:7c:52:10:6e:ea:f7:c4:b7:eb:4a:b2:1b:e1:70:
46:35:aa:ae:84:1f:13:df:b8:3e:98:93:15:fe:18:
96:e7:6d:61:6d:82:be:b8:02:da:9d:29:b9:61:b4:
9a:16:d2:02:d1:8c:da:f1:f3:b1:1d:3a:8f:52:e7:
6c:bb:41:0c:95:e9:f9:49:dc:1a:46:79:2e:15:95:
fa:23:c4:c6:ef:39:ae:ce:52:36:1a:c5:70:b4:43:
d0:44:40:12:e8:82:84:09:12:ce:cf:4a:0e:52:b9:
5e:1d:6c:bd:cc:69:2c:9b:8b:28:b6:96:09:2f:bb:
a4:50:5d:bf:b6:8d:0a:f6:9b:ad:bc:dc:5a:b8:19:
49:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:BE:F4:E2:CC:8B:E8:9D:E2:0D:48:14:29:7E:66:FC:74:E6:8A:27
X509v3 Authority Key Identifier:
keyid:79:85:C5:BC:75:4C:A5:85:BD:25:92:E6:BF:1C:FA:6F:64:9C:D9:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eYXFvHVMpYW9JZLmvxz6b2Sc2fQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1f9bd4-2f6c-4da2-bdd7-1c67d24ae672/1/Br704syL6J3iDUgUKX5m_HTmiic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1f9bd4-2f6c-4da2-bdd7-1c67d24ae672/1/eYXFvHVMpYW9JZLmvxz6b2Sc2fQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.125.0/24
193.23.137.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:08:3f:3c:fd:9b:0f:d9:c6:70:22:31:62:3f:9c:7a:bc:99:
bf:ed:2d:10:9e:da:91:cb:39:4c:35:dc:3c:c5:f5:0a:d5:2e:
fd:03:37:ab:24:de:5b:a3:0c:55:7c:c5:66:a9:2d:d1:40:31:
32:dc:63:9c:08:5a:d6:26:54:9e:d9:b5:82:77:4f:ca:82:86:
23:0a:5c:64:78:03:09:07:29:80:1c:5b:bb:27:7f:1e:55:12:
cf:05:ce:d3:2d:81:a4:47:19:b6:21:fe:3b:64:6a:62:69:43:
dd:af:74:8d:2f:d3:0a:0b:36:e4:0c:5f:0d:c2:2b:7c:5c:58:
00:0a:14:42:78:ca:49:9e:11:0a:68:3f:31:d8:a9:f9:95:0d:
fc:95:27:5e:c0:27:2d:ba:5c:f9:84:10:e0:da:a9:37:ab:28:
af:01:a5:d5:e2:26:ed:74:82:45:55:fa:ec:5f:b1:74:d3:82:
d8:16:3b:77:b4:47:fb:49:fa:10:c3:9e:77:73:92:0c:c5:ad:
64:c8:cd:1e:2a:52:e4:5d:d3:b5:ae:42:47:b9:c2:c3:21:02:
1a:6f:9c:d4:c0:17:d9:4e:95:97:1d:3c:10:bd:e8:6d:d3:03:
a9:61:66:84:6c:af:71:c3:ab:f2:9f:bf:8a:1e:f5:6e:e9:39:
de:26:bf:1f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwOWtpXTZFfRlEIRUoZ+yWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ODVjNWJjNzU0Y2E1ODViZDI1OTJlNmJmMWNmYTZmNjQ5
Y2Q5ZjQwHhcNMjMwMTAyMDIwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmJlZjRlMmNjOGJlODlkZTIwZDQ4MTQyOTdlNjZmYzc0ZTY4YTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhpVJL4w0LXY63bNt2mk7fB+m100
HctsxEmhnPZAufoMzsArZx87TLqh0pz21A2Yz/mrxi5zofFeCcgXe1JjZUrQExw7
XKTc3ydsIZ7KGkKwITUVTOUOq+1wfFf7i8E7KQhnJVrIBrB+NxJbUMf2j1Ia6hjI
odItfFIQbur3xLfrSrIb4XBGNaquhB8T37g+mJMV/hiW521hbYK+uALanSm5YbSa
FtIC0Yza8fOxHTqPUudsu0EMlen5SdwaRnkuFZX6I8TG7zmuzlI2GsVwtEPQREAS
6IKECRLOz0oOUrleHWy9zGksm4sotpYJL7ukUF2/to0K9putvNxauBlJ/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAa+9OLMi+id4g1IFCl+Zvx05oonMB8GA1UdIwQY
MBaAFHmFxbx1TKWFvSWS5r8c+m9knNn0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVlYRnZIVk1wWVc5SlpMbXZ4ejZiMlNjMmZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8xZjliZDQtMmY2Yy00ZGEyLWJkZDct
MWM2N2QyNGFlNjcyLzEvQnI3MDRzeUw2SjNpRFVnVUtYNW1fSFRtaWljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8xZjliZDQtMmY2Yy00ZGEyLWJkZDctMWM2N2QyNGFlNjcy
LzEvZVlYRnZIVk1wWVc5SlpMbXZ4ejZiMlNjMmZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9B9AwQA
wReJMA0GCSqGSIb3DQEBCwUAA4IBAQBbCD88/ZsP2cZwIjFiP5x6vJm/7S0QntqR
yzlMNdw8xfUK1S79AzerJN5bowxVfMVmqS3RQDEy3GOcCFrWJlSe2bWCd0/KgoYj
ClxkeAMJBymAHFu7J38eVRLPBc7TLYGkRxm2If47ZGpiaUPdr3SNL9MKCzbkDF8N
wit8XFgAChRCeMpJnhEKaD8x2Kn5lQ38lSdewCctulz5hBDg2qk3qyivAaXV4ibt
dIJFVfrsX7F004LYFjt3tEf7SfoQw553c5IMxa1kyM0eKlLkXdO1rkJHucLDIQIa
b5zUwBfZTpWXHTwQveht0wOpYWaEbK9xw6vyn7+KHvVu6TneJr8f
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:34:31 2025 by rpki-client