Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/eb2361-8d34-4ff4-b3d1-1fb38435af77/1/BvTWPGQQjmFMpr8mxyFd6EeVxD4.roa
File: BvTWPGQQjmFMpr8mxyFd6EeVxD4.roa (raw, json)
Hash identifier: u1HmoTaALXJfB68jZRk2JRQJfkGuHMZbKSl5Up8WQuA=
Subject key identifier: 06:F4:D6:3C:64:10:8E:61:4C:A6:BF:26:C7:21:5D:E8:47:95:C4:3E
Certificate issuer: /CN=cb1d15194278a29aad57ca375f99588b976ef829
Certificate serial: 01856E2F86103AC7D8C918C82275310A5A4A
Authority key identifier: CB:1D:15:19:42:78:A2:9A:AD:57:CA:37:5F:99:58:8B:97:6E:F8:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yx0VGUJ4opqtV8o3X5lYi5du-Ck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/eb2361-8d34-4ff4-b3d1-1fb38435af77/1/BvTWPGQQjmFMpr8mxyFd6EeVxD4.roa
Signing time: Sun 01 Jan 2023 16:34:46 +0000
ROA not before: Sun 01 Jan 2023 16:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1930
IP address blocks: 192.86.138.0/24 maxlen: 24
192.92.142.0/24 maxlen: 24
192.82.127.0/24 maxlen: 24
192.88.17.0/24 maxlen: 24
192.88.251.0/24 maxlen: 24
192.88.252.0/24 maxlen: 24
192.88.253.0/24 maxlen: 24
192.88.250.0/24 maxlen: 24
192.88.254.0/24 maxlen: 24
192.135.187.0/24 maxlen: 24
192.68.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:86:10:3a:c7:d8:c9:18:c8:22:75:31:0a:5a:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb1d15194278a29aad57ca375f99588b976ef829
Validity
Not Before: Jan 1 16:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06f4d63c64108e614ca6bf26c7215de84795c43e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:db:6f:68:9c:c3:af:eb:3e:2f:9a:d6:63:99:
b3:f6:20:ab:fd:e6:46:88:09:3b:e4:0c:06:30:c2:
47:08:f8:4c:10:a9:7f:9f:a3:98:04:12:f8:23:32:
f1:6e:07:ee:7f:64:22:49:5a:39:46:d1:43:28:33:
cf:16:1d:17:17:dd:02:87:d9:f9:2d:94:05:0b:6d:
47:9b:95:b1:9e:0d:ff:7d:bd:37:16:9b:76:d8:9e:
35:1f:ee:c7:35:42:05:3c:f9:fb:bd:08:d9:4d:a9:
23:2f:55:93:4e:43:2b:f2:a2:b8:83:e1:91:82:bc:
05:b1:15:ea:bf:c0:24:bd:84:1e:74:aa:0f:ee:73:
ea:58:a4:00:c3:66:00:e5:e5:51:45:4f:78:9a:fd:
ce:7c:b3:ab:2b:51:ab:de:72:2c:49:33:2d:7e:0e:
61:da:f2:77:5a:0b:8a:58:28:0e:60:b7:81:c5:c0:
2f:d8:bb:e8:31:0f:af:b0:cb:58:15:9f:a6:98:aa:
12:9d:5a:31:6e:87:ae:a3:c7:b0:68:2e:b4:03:01:
36:58:f2:5f:b4:99:3f:71:c7:6e:11:49:d3:3e:b2:
e5:82:e1:e0:79:22:80:c6:0f:5b:64:cf:66:98:f7:
4d:11:8c:eb:a7:96:5d:e4:d5:38:81:2a:fc:79:98:
87:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:F4:D6:3C:64:10:8E:61:4C:A6:BF:26:C7:21:5D:E8:47:95:C4:3E
X509v3 Authority Key Identifier:
keyid:CB:1D:15:19:42:78:A2:9A:AD:57:CA:37:5F:99:58:8B:97:6E:F8:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yx0VGUJ4opqtV8o3X5lYi5du-Ck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/eb2361-8d34-4ff4-b3d1-1fb38435af77/1/BvTWPGQQjmFMpr8mxyFd6EeVxD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/eb2361-8d34-4ff4-b3d1-1fb38435af77/1/yx0VGUJ4opqtV8o3X5lYi5du-Ck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.68.209.0/24
192.82.127.0/24
192.86.138.0/24
192.88.17.0/24
192.88.250.0-192.88.254.255
192.92.142.0/24
192.135.187.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:be:6b:83:e3:6c:f0:9d:fa:7d:e9:d7:8c:a1:9d:6c:28:53:
11:0d:23:a0:79:26:b5:9a:f0:c9:0e:68:cd:e2:e3:8e:78:65:
39:62:dd:d7:68:1e:60:d1:88:0b:16:75:61:8e:27:7b:52:2f:
d0:74:f7:29:5e:fd:9a:44:a1:ab:3d:39:8b:e2:5e:67:5b:65:
7c:39:83:fd:cc:ce:39:25:c2:18:35:11:2d:a0:a6:20:d6:c8:
34:68:ee:0d:35:f4:76:27:04:b3:66:c4:b7:c0:90:8f:84:be:
7f:c0:78:64:2e:54:3d:4d:e4:21:4e:53:41:e1:93:db:9f:81:
d7:d1:6e:6d:01:7c:58:4a:47:e7:06:78:6b:c8:b6:56:2f:95:
75:46:81:60:91:92:eb:9c:53:87:30:11:62:29:9e:c4:cb:ff:
28:26:4f:22:5c:15:59:8c:6d:9c:1a:38:b2:53:4c:cc:ca:6a:
55:8e:49:c1:73:bd:d0:90:fa:af:3d:45:83:4a:84:45:ee:58:
e1:1d:59:43:58:91:13:7e:15:78:81:2c:3c:80:17:ee:e8:f2:
7e:39:6e:a4:66:95:5a:fe:a0:0b:4d:54:88:37:e1:6b:29:dc:
bb:21:da:e6:fb:36:3c:a5:75:a1:ca:29:df:33:0e:a4:f5:d5:
dc:f6:c8:2f
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYVuL4YQOsfYyRjIInUxClpKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMWQxNTE5NDI3OGEyOWFhZDU3Y2EzNzVmOTk1ODhiOTc2
ZWY4MjkwHhcNMjMwMTAxMTYzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmY0ZDYzYzY0MTA4ZTYxNGNhNmJmMjZjNzIxNWRlODQ3OTVjNDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldtvaJzDr+s+L5rWY5mz9iCr/eZG
iAk75AwGMMJHCPhMEKl/n6OYBBL4IzLxbgfuf2QiSVo5RtFDKDPPFh0XF90Ch9n5
LZQFC21Hm5Wxng3/fb03Fpt22J41H+7HNUIFPPn7vQjZTakjL1WTTkMr8qK4g+GR
grwFsRXqv8AkvYQedKoP7nPqWKQAw2YA5eVRRU94mv3OfLOrK1Gr3nIsSTMtfg5h
2vJ3WguKWCgOYLeBxcAv2LvoMQ+vsMtYFZ+mmKoSnVoxboeuo8ewaC60AwE2WPJf
tJk/ccduEUnTPrLlguHgeSKAxg9bZM9mmPdNEYzrp5Zd5NU4gSr8eZiHiwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFAb01jxkEI5hTKa/JschXehHlcQ+MB8GA1UdIwQY
MBaAFMsdFRlCeKKarVfKN1+ZWIuXbvgpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXgwVkdVSjRvcHF0VjhvM1g1bFlpNWR1LUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9lYjIzNjEtOGQzNC00ZmY0LWIzZDEt
MWZiMzg0MzVhZjc3LzEvQnZUV1BHUVFqbUZNcHI4bXh5RmQ2RWVWeEQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9lYjIzNjEtOGQzNC00ZmY0LWIzZDEtMWZiMzg0MzVhZjc3
LzEveXgwVkdVSjRvcHF0VjhvM1g1bFlpNWR1LUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAwETRAwQA
wFJ/AwQAwFaKAwQAwFgRMAwDBAHAWPoDBADAWP4DBADAXI4DBADAh7swDQYJKoZI
hvcNAQELBQADggEBAI++a4PjbPCd+n3p14yhnWwoUxENI6B5JrWa8MkOaM3i4454
ZTli3ddoHmDRiAsWdWGOJ3tSL9B09yle/ZpEoas9OYviXmdbZXw5g/3Mzjklwhg1
ES2gpiDWyDRo7g019HYnBLNmxLfAkI+Evn/AeGQuVD1N5CFOU0Hhk9ufgdfRbm0B
fFhKR+cGeGvItlYvlXVGgWCRkuucU4cwEWIpnsTL/ygmTyJcFVmMbZwaOLJTTMzK
alWOScFzvdCQ+q89RYNKhEXuWOEdWUNYkRN+FXiBLDyAF+7o8n45bqRmlVr+oAtN
VIg34Wsp3Lsh2ub7NjyldaHKKd8zDqT11dz2yC8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:43 2025 by rpki-client