Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/243b53-4b94-4244-a8ec-7c549f1ed16c/1/my7LVrmvuUTmdCewMBshcB2SBC0.roa
File: my7LVrmvuUTmdCewMBshcB2SBC0.roa (raw, json)
Hash identifier: yJa5etlHzeEHjhZzLfcj4SzI4pfc7dJfzVQtwhbSywg=
Subject key identifier: 9B:2E:CB:56:B9:AF:B9:44:E6:74:27:B0:30:1B:21:70:1D:92:04:2D
Certificate issuer: /CN=bca0ec59564324237420d506b9b498d752ee2168
Certificate serial: 1C2AF393
Authority key identifier: BC:A0:EC:59:56:43:24:23:74:20:D5:06:B9:B4:98:D7:52:EE:21:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vKDsWVZDJCN0INUGubSY11LuIWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/243b53-4b94-4244-a8ec-7c549f1ed16c/1/my7LVrmvuUTmdCewMBshcB2SBC0.roa
Signing time: Sat 01 Jan 2022 03:02:27 +0000
ROA not before: Sat 01 Jan 2022 03:02:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209453
IP address blocks: 213.167.229.0/24 maxlen: 24
213.167.230.0/24 maxlen: 24
217.70.179.0/24 maxlen: 24
217.70.187.0/24 maxlen: 24
2001:4b98:aaab::/48 maxlen: 48
2001:4b98:abcb::/48 maxlen: 48
2001:4b98:aaaa::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 472576915 (0x1c2af393)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bca0ec59564324237420d506b9b498d752ee2168
Validity
Not Before: Jan 1 03:02:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9b2ecb56b9afb944e67427b0301b21701d92042d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:47:9a:ab:ad:b7:96:33:d6:b7:68:a7:1a:3b:
40:a5:4e:7f:09:6a:04:03:48:1c:56:8e:f6:eb:a7:
31:80:40:18:16:45:84:1a:82:1e:7c:12:ca:4c:15:
8b:52:41:1e:ba:db:6f:09:8e:ba:13:33:93:c0:08:
81:ed:5a:66:34:e7:8a:67:4c:e6:8d:ce:9f:03:ce:
2a:de:99:55:08:b0:e8:3f:91:42:79:8b:44:37:bc:
4e:d4:70:59:bb:fb:48:84:ad:27:b7:b2:e6:0c:0f:
65:2a:f2:f2:34:6f:5c:13:79:03:22:92:fc:1b:da:
d6:11:91:28:c6:70:26:0e:0c:dc:bb:a9:4d:30:94:
29:f5:00:1f:87:f7:17:4a:9d:da:c6:46:7a:bf:b4:
ba:4f:05:4a:e0:94:43:8f:82:ef:5b:cc:64:03:6c:
76:b3:44:2e:76:cf:aa:50:c7:3b:b7:e9:b7:32:30:
a8:2d:54:85:19:2e:87:a3:72:19:a9:27:8b:ed:13:
db:57:6b:f6:09:1e:ee:44:83:4a:51:4d:3e:6d:a9:
b1:17:f9:02:87:c2:52:21:6c:f6:60:6a:8e:44:f3:
1d:4b:9f:43:db:f9:5a:01:2c:be:85:9e:e1:13:ae:
e7:55:cd:cb:8f:21:ff:5a:30:1e:25:e3:9b:bb:0c:
ad:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:2E:CB:56:B9:AF:B9:44:E6:74:27:B0:30:1B:21:70:1D:92:04:2D
X509v3 Authority Key Identifier:
keyid:BC:A0:EC:59:56:43:24:23:74:20:D5:06:B9:B4:98:D7:52:EE:21:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vKDsWVZDJCN0INUGubSY11LuIWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/243b53-4b94-4244-a8ec-7c549f1ed16c/1/my7LVrmvuUTmdCewMBshcB2SBC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/243b53-4b94-4244-a8ec-7c549f1ed16c/1/vKDsWVZDJCN0INUGubSY11LuIWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.167.229.0-213.167.230.255
217.70.179.0/24
217.70.187.0/24
IPv6:
2001:4b98:aaaa::/47
2001:4b98:abcb::/48
Signature Algorithm: sha256WithRSAEncryption
0c:88:c1:82:86:bc:08:b6:37:da:6e:87:39:6a:e9:e8:51:66:
29:7d:8e:5a:51:eb:da:c5:ed:2c:8d:ca:35:46:fe:ca:75:7b:
62:da:9b:c7:82:c8:1a:1c:fc:7b:0d:cc:7f:87:49:c3:e1:4d:
b1:9a:de:db:a9:2b:ea:f4:1b:c4:0d:30:c9:33:f0:fb:8e:b4:
24:77:b5:89:1d:87:44:db:68:46:0c:68:f0:a1:d3:8c:ad:60:
c6:55:9e:c9:35:26:08:ec:69:26:41:33:d2:9d:76:f1:68:e6:
69:ba:ec:83:67:1b:2c:e8:d7:73:89:a0:d1:0a:99:3e:a5:56:
34:2d:bb:28:f6:9a:42:82:ed:92:a4:c5:71:f9:61:87:6c:46:
3a:bf:66:6e:a4:0a:82:03:27:e0:8d:2f:82:11:d7:04:80:c6:
a6:de:42:90:25:83:48:ec:f5:f6:5a:79:05:46:79:ab:3b:6c:
da:a0:33:bf:ff:c9:bd:b9:af:6d:47:94:36:13:11:c6:eb:d9:
3e:8c:5d:c2:dd:63:62:6e:20:57:a4:7d:50:24:d1:e8:50:7b:
24:c3:03:d2:d3:97:ae:47:13:6d:e8:3f:58:9e:38:66:9f:4a:
be:3f:e7:c0:69:10:af:82:a2:ad:36:5b:03:8a:c1:3d:ca:01:
d3:b3:d5:a6
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIEHCrzkzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
Y2EwZWM1OTU2NDMyNDIzNzQyMGQ1MDZiOWI0OThkNzUyZWUyMTY4MB4XDTIyMDEw
MTAzMDIyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWIyZWNiNTZiOWFm
Yjk0NGU2NzQyN2IwMzAxYjIxNzAxZDkyMDQyZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALpHmqutt5Yz1rdopxo7QKVOfwlqBANIHFaO9uunMYBAGBZF
hBqCHnwSykwVi1JBHrrbbwmOuhMzk8AIge1aZjTnimdM5o3OnwPOKt6ZVQiw6D+R
QnmLRDe8TtRwWbv7SIStJ7ey5gwPZSry8jRvXBN5AyKS/Bva1hGRKMZwJg4M3Lup
TTCUKfUAH4f3F0qd2sZGer+0uk8FSuCUQ4+C71vMZANsdrNELnbPqlDHO7fptzIw
qC1UhRkuh6NyGakni+0T21dr9gke7kSDSlFNPm2psRf5AofCUiFs9mBqjkTzHUuf
Q9v5WgEsvoWe4ROu51XNy48h/1owHiXjm7sMrVUCAwEAAaOCAjcwggIzMB0GA1Ud
DgQWBBSbLstWua+5ROZ0J7AwGyFwHZIELTAfBgNVHSMEGDAWgBS8oOxZVkMkI3Qg
1Qa5tJjXUu4haDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZLRHNXVlpESkNOMElOVUd1YlNZMTFMdUlXZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTIvMjQzYjUzLTRiOTQtNDI0NC1hOGVjLTdjNTQ5ZjFlZDE2Yy8x
L215N0xWcm12dVVUbWRDZXdNQnNoY0IyU0JDMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTIv
MjQzYjUzLTRiOTQtNDI0NC1hOGVjLTdjNTQ5ZjFlZDE2Yy8xL3ZLRHNXVlpESkNO
MElOVUd1YlNZMTFMdUlXZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBN
BggrBgEFBQcBBwEB/wQ+MDwwIAQCAAEwGjAMAwQA1aflAwQA1afmAwQA2UazAwQA
2Ua7MBgEAgACMBIDBwEgAUuYqqoDBwAgAUuYq8swDQYJKoZIhvcNAQELBQADggEB
AAyIwYKGvAi2N9puhzlq6ehRZil9jlpR69rF7SyNyjVG/sp1e2Lam8eCyBoc/HsN
zH+HScPhTbGa3tupK+r0G8QNMMkz8PuOtCR3tYkdh0TbaEYMaPCh04ytYMZVnsk1
JgjsaSZBM9KddvFo5mm67INnGyzo13OJoNEKmT6lVjQtuyj2mkKC7ZKkxXH5YYds
Rjq/Zm6kCoIDJ+CNL4IR1wSAxqbeQpAlg0js9fZaeQVGeas7bNqgM7//yb25r21H
lDYTEcbr2T6MXcLdY2JuIFekfVAk0ehQeyTDA9LTl65HE23oP1ieOGafSr4/58Bp
EK+Coq02WwOKwT3KAdOz1aY=
-----END CERTIFICATE-----
Generated at Tue Apr 15 22:31:57 2025 by rpki-client