Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/c852b5-acc4-4d70-aeeb-24515a14c456/1/bjY5qXNLif9_BPRCj8-ww79JrNU.roa
File: bjY5qXNLif9_BPRCj8-ww79JrNU.roa (raw, json)
Hash identifier: 6ibgTzKsfU6dRvuzJnwSWdf1SpDQUkjBqvBQaOTNBWI=
Subject key identifier: 6E:36:39:A9:73:4B:89:FF:7F:04:F4:42:8F:CF:B0:C3:BF:49:AC:D5
Certificate issuer: /CN=dac633a14cac7c7a0922ffd980de5f278a3be267
Certificate serial: 01856D0AD398D920085293FCF04AE9E797CF
Authority key identifier: DA:C6:33:A1:4C:AC:7C:7A:09:22:FF:D9:80:DE:5F:27:8A:3B:E2:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2sYzoUysfHoJIv_ZgN5fJ4o74mc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/c852b5-acc4-4d70-aeeb-24515a14c456/1/bjY5qXNLif9_BPRCj8-ww79JrNU.roa
Signing time: Sun 01 Jan 2023 11:15:04 +0000
ROA not before: Sun 01 Jan 2023 11:15:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 213.5.226.0/24 maxlen: 24
91.233.61.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:d3:98:d9:20:08:52:93:fc:f0:4a:e9:e7:97:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dac633a14cac7c7a0922ffd980de5f278a3be267
Validity
Not Before: Jan 1 11:15:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e3639a9734b89ff7f04f4428fcfb0c3bf49acd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:af:d6:8b:50:b5:0a:85:e8:9a:c9:2e:4c:1b:
19:6f:64:1d:3e:b9:01:1b:b6:95:c5:dc:4b:cb:ff:
b2:c6:c6:14:f4:c3:37:b5:31:96:94:ca:b8:91:3c:
bc:63:08:a6:75:36:ad:c8:64:fa:9b:82:e3:c5:e8:
bf:50:fd:04:ef:a8:d2:d6:e1:4b:a5:fa:97:1b:01:
4d:3e:0d:6e:bf:68:95:2a:71:77:9d:c4:dd:ec:bc:
87:2e:0d:fb:38:fd:c8:4d:7a:ac:4e:48:64:73:10:
76:b1:aa:34:14:b3:81:b7:84:51:64:32:64:49:4a:
6d:c9:f7:69:95:df:c5:41:2b:2b:e2:b2:2a:ab:47:
b8:90:de:a0:e1:3e:7d:bf:22:d5:81:62:c9:d0:be:
28:cd:b4:fb:6e:0d:34:eb:8f:80:73:e7:a3:92:28:
f3:6f:9e:90:30:b3:6a:dd:56:e2:6c:7c:d8:b3:6f:
8b:e9:0e:59:97:20:ff:0a:98:54:fd:93:6d:a3:f2:
ff:f8:32:82:bc:ff:44:0b:d0:fa:05:e1:ab:89:fc:
9c:58:08:fb:68:ad:14:11:73:bf:b9:12:63:73:41:
0e:72:13:82:9c:bf:6f:af:42:95:22:c9:a2:b4:b0:
a1:1e:4e:6d:d7:cc:0a:57:a3:15:3d:a4:b9:11:ff:
9d:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:36:39:A9:73:4B:89:FF:7F:04:F4:42:8F:CF:B0:C3:BF:49:AC:D5
X509v3 Authority Key Identifier:
keyid:DA:C6:33:A1:4C:AC:7C:7A:09:22:FF:D9:80:DE:5F:27:8A:3B:E2:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2sYzoUysfHoJIv_ZgN5fJ4o74mc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/c852b5-acc4-4d70-aeeb-24515a14c456/1/bjY5qXNLif9_BPRCj8-ww79JrNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/c852b5-acc4-4d70-aeeb-24515a14c456/1/2sYzoUysfHoJIv_ZgN5fJ4o74mc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.61.0/24
213.5.226.0/24
Signature Algorithm: sha256WithRSAEncryption
57:05:4b:9d:ca:9c:6c:22:64:0f:e3:7e:15:4b:48:92:fe:0b:
a0:43:f4:47:19:c7:c8:03:f1:2d:b2:94:61:41:7f:5c:0b:96:
88:70:12:2d:79:00:20:10:bc:58:ce:85:62:c6:35:f3:31:be:
58:dc:9d:ae:0d:4f:2b:4a:db:7e:30:64:0f:f3:97:65:12:ff:
fa:69:a3:4e:37:4a:32:7d:25:5e:7e:23:9b:8d:e1:61:30:8d:
a3:34:8a:57:22:30:28:a8:16:32:5c:37:26:f0:1b:39:82:0b:
e5:98:0a:52:1f:5e:e8:9c:30:25:75:d2:6b:38:70:6f:af:68:
76:e4:bf:61:3c:58:d6:c5:10:cd:ef:c7:81:6c:a0:84:e0:e2:
ed:51:82:e4:f3:35:0c:2b:a6:d7:4d:43:39:5e:75:a9:c6:44:
b4:fe:7b:79:fd:eb:6f:6e:c9:1a:27:20:52:ac:9b:ed:f4:b0:
d9:aa:50:2f:97:c5:a5:f6:01:be:b1:74:71:18:d5:f0:16:a7:
3e:58:04:9f:0e:d9:3a:40:6f:56:a7:30:77:90:80:e5:70:cf:
39:91:fb:46:71:8e:aa:29:ce:ca:f4:9c:94:51:9a:df:60:c1:
32:c8:2f:81:c5:e0:9e:ba:2f:e3:39:bd:69:af:f6:ed:ca:84:
56:4d:4a:42
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtCtOY2SAIUpP88Erp55fPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYzYzM2ExNGNhYzdjN2EwOTIyZmZkOTgwZGU1ZjI3OGEz
YmUyNjcwHhcNMjMwMTAxMTExNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTM2MzlhOTczNGI4OWZmN2YwNGY0NDI4ZmNmYjBjM2JmNDlhY2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6/Wi1C1CoXomskuTBsZb2QdPrkB
G7aVxdxLy/+yxsYU9MM3tTGWlMq4kTy8YwimdTatyGT6m4Ljxei/UP0E76jS1uFL
pfqXGwFNPg1uv2iVKnF3ncTd7LyHLg37OP3ITXqsTkhkcxB2sao0FLOBt4RRZDJk
SUptyfdpld/FQSsr4rIqq0e4kN6g4T59vyLVgWLJ0L4ozbT7bg0064+Ac+ejkijz
b56QMLNq3VbibHzYs2+L6Q5ZlyD/CphU/ZNto/L/+DKCvP9EC9D6BeGrifycWAj7
aK0UEXO/uRJjc0EOchOCnL9vr0KVIsmitLChHk5t18wKV6MVPaS5Ef+dVQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG42OalzS4n/fwT0Qo/PsMO/SazVMB8GA1UdIwQY
MBaAFNrGM6FMrHx6CSL/2YDeXyeKO+JnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnNZem9VeXNmSG9KSXZfWmdONWZKNG83NG1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9jODUyYjUtYWNjNC00ZDcwLWFlZWIt
MjQ1MTVhMTRjNDU2LzEvYmpZNXFYTkxpZjlfQlBSQ2o4LXd3NzlKck5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9jODUyYjUtYWNjNC00ZDcwLWFlZWItMjQ1MTVhMTRjNDU2
LzEvMnNZem9VeXNmSG9KSXZfWmdONWZKNG83NG1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+k9AwQA
1QXiMA0GCSqGSIb3DQEBCwUAA4IBAQBXBUudypxsImQP434VS0iS/gugQ/RHGcfI
A/EtspRhQX9cC5aIcBIteQAgELxYzoVixjXzMb5Y3J2uDU8rStt+MGQP85dlEv/6
aaNON0oyfSVefiObjeFhMI2jNIpXIjAoqBYyXDcm8Bs5ggvlmApSH17onDAlddJr
OHBvr2h25L9hPFjWxRDN78eBbKCE4OLtUYLk8zUMK6bXTUM5XnWpxkS0/nt5/etv
bskaJyBSrJvt9LDZqlAvl8Wl9gG+sXRxGNXwFqc+WASfDtk6QG9WpzB3kIDlcM85
kftGcY6qKc7K9JyUUZrfYMEyyC+BxeCeui/jOb1pr/btyoRWTUpC
-----END CERTIFICATE-----
Generated at Wed Mar 12 13:13:20 2025 by rpki-client