Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/BeSnrllwmDeJrWQroOaopJ-B0FY.roa
File: BeSnrllwmDeJrWQroOaopJ-B0FY.roa (raw, json)
Hash identifier: Xfba9MRMHARbg4drah0po/5I6AkwTYWiyknpIFjVTV8=
Subject key identifier: 05:E4:A7:AE:59:70:98:37:89:AD:64:2B:A0:E6:A8:A4:9F:81:D0:56
Certificate issuer: /CN=8d89223c1f335c0cc569359fa2dda349a2236ccb
Certificate serial: 018BF6A52AAD9AC516AD43619EBC50B2D766
Authority key identifier: 8D:89:22:3C:1F:33:5C:0C:C5:69:35:9F:A2:DD:A3:49:A2:23:6C:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jYkiPB8zXAzFaTWfot2jSaIjbMs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/BeSnrllwmDeJrWQroOaopJ-B0FY.roa
Signing time: Wed 22 Nov 2023 10:48:21 +0000
ROA not before: Wed 22 Nov 2023 10:48:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206119
IP address blocks: 194.0.207.0/24 maxlen: 24
185.213.169.0/24 maxlen: 24
185.213.171.0/24 maxlen: 24
185.213.170.0/24 maxlen: 24
2a0b:8b41::/32 maxlen: 32
2a0b:8b46::/32 maxlen: 32
2a0b:8b43::/32 maxlen: 32
2a0b:8b44::/32 maxlen: 32
2a0b:8b47::/32 maxlen: 32
2a0b:8b40::/32 maxlen: 32
2a0b:8b45::/32 maxlen: 32
2a0b:8b42::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f6:a5:2a:ad:9a:c5:16:ad:43:61:9e:bc:50:b2:d7:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d89223c1f335c0cc569359fa2dda349a2236ccb
Validity
Not Before: Nov 22 10:48:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05e4a7ae5970983789ad642ba0e6a8a49f81d056
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:0b:0c:eb:40:a6:a8:5f:e4:18:50:19:be:66:
06:33:36:0e:75:59:d5:a4:99:fb:24:45:14:0e:cf:
5b:37:52:72:58:c2:28:a1:0b:3b:56:8a:8d:70:0c:
d9:f8:86:2f:b5:e5:60:0d:82:82:87:67:b9:86:c8:
0c:2d:8c:94:2e:45:a5:b3:11:61:3d:ae:7e:5a:61:
84:11:3b:56:ff:f4:16:f8:08:4e:df:00:b2:53:1b:
90:8a:66:fc:66:f3:2a:d0:c0:ba:6d:bb:2f:66:9a:
6a:89:a4:eb:cd:84:19:36:d3:3d:8b:d8:22:1c:d6:
4f:3d:a6:ca:b4:af:87:07:fe:94:3f:76:e9:d3:6b:
83:84:fb:e6:07:c8:c6:c1:19:4f:d3:33:1b:1e:3d:
3f:ff:c5:ff:33:2b:0c:ee:50:06:ee:f3:6b:da:2a:
b4:2f:d5:12:ed:46:64:d8:62:58:b0:38:94:0b:8c:
1a:d9:ad:20:4d:1e:fb:1b:18:45:3d:88:9e:06:e1:
ab:a0:ee:0d:5a:8f:9c:23:40:9f:f7:59:cb:47:2b:
64:eb:98:08:fe:8e:b0:2a:f4:37:16:0d:a2:9a:83:
d2:de:fc:53:cc:ac:74:bf:10:af:1d:d6:ef:24:5e:
cc:58:be:b5:02:ec:79:c4:e4:ce:ca:ac:c3:57:bb:
a5:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:E4:A7:AE:59:70:98:37:89:AD:64:2B:A0:E6:A8:A4:9F:81:D0:56
X509v3 Authority Key Identifier:
keyid:8D:89:22:3C:1F:33:5C:0C:C5:69:35:9F:A2:DD:A3:49:A2:23:6C:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jYkiPB8zXAzFaTWfot2jSaIjbMs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/BeSnrllwmDeJrWQroOaopJ-B0FY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/jYkiPB8zXAzFaTWfot2jSaIjbMs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.169.0-185.213.171.255
194.0.207.0/24
IPv6:
2a0b:8b40::/29
Signature Algorithm: sha256WithRSAEncryption
0d:bd:64:e5:fd:24:a1:3f:97:a7:85:7f:7e:b7:86:35:45:79:
88:be:3c:ee:48:0e:c1:5b:61:12:e6:85:24:bd:5a:d1:b5:44:
5c:f4:b7:7d:33:ad:88:0a:e8:92:21:f0:30:c0:00:ee:73:8d:
60:fc:b5:7b:6a:35:a8:44:a1:81:36:cf:92:d5:44:08:ba:0a:
00:45:0c:fb:4a:58:9f:9f:be:25:9c:07:f3:b5:83:56:f5:bb:
06:05:56:19:9e:61:26:8b:5d:18:dd:ca:82:26:19:73:4e:49:
e4:74:69:89:18:e9:4e:db:3e:39:96:e1:5a:24:26:09:b1:cb:
a8:2b:77:05:4e:47:c1:8a:78:d1:84:c5:28:f4:ac:a4:4a:b2:
c5:94:c5:50:7b:ec:e5:e9:2a:5d:29:fa:6e:0a:ae:19:fb:b9:
4a:ba:e2:a3:de:36:fc:84:47:58:98:f6:fa:38:a8:30:e2:72:
4f:22:ae:e9:be:8d:6a:a9:4c:e8:49:a1:63:88:3c:29:f6:6d:
84:d8:ae:74:4c:bc:ab:80:33:90:9a:6b:e3:00:dd:4a:a6:e7:
44:de:bf:bc:e3:23:04:e8:50:86:d1:8c:ec:0d:b7:0c:1b:00:
97:5f:6c:b5:2b:7c:64:07:83:88:3c:1b:a2:df:e8:3f:ea:a3:
c0:a1:3d:1e
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYv2pSqtmsUWrUNhnrxQstdmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkODkyMjNjMWYzMzVjMGNjNTY5MzU5ZmEyZGRhMzQ5YTIy
MzZjY2IwHhcNMjMxMTIyMTA0ODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWU0YTdhZTU5NzA5ODM3ODlhZDY0MmJhMGU2YThhNDlmODFkMDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhAsM60CmqF/kGFAZvmYGMzYOdVnV
pJn7JEUUDs9bN1JyWMIooQs7VoqNcAzZ+IYvteVgDYKCh2e5hsgMLYyULkWlsxFh
Pa5+WmGEETtW//QW+AhO3wCyUxuQimb8ZvMq0MC6bbsvZppqiaTrzYQZNtM9i9gi
HNZPPabKtK+HB/6UP3bp02uDhPvmB8jGwRlP0zMbHj0//8X/MysM7lAG7vNr2iq0
L9US7UZk2GJYsDiUC4wa2a0gTR77GxhFPYieBuGroO4NWo+cI0Cf91nLRytk65gI
/o6wKvQ3Fg2imoPS3vxTzKx0vxCvHdbvJF7MWL61Aux5xOTOyqzDV7ulYwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFAXkp65ZcJg3ia1kK6DmqKSfgdBWMB8GA1UdIwQY
MBaAFI2JIjwfM1wMxWk1n6Ldo0miI2zLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvallraVBCOHpYQXpGYVRXZm90MmpTYUlqYk1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81MmExMGQtZDg1MS00MGFlLWE4YjAt
YTEwMjhlZGE2MzgzLzEvQmVTbnJsbHdtRGVKcldRcm9PYW9wSi1CMEZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy81MmExMGQtZDg1MS00MGFlLWE4YjAtYTEwMjhlZGE2Mzgz
LzEvallraVBCOHpYQXpGYVRXZm90MmpTYUlqYk1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAC51akD
BAK51agDBADCAM8wDQQCAAIwBwMFAyoLi0AwDQYJKoZIhvcNAQELBQADggEBAA29
ZOX9JKE/l6eFf363hjVFeYi+PO5IDsFbYRLmhSS9WtG1RFz0t30zrYgK6JIh8DDA
AO5zjWD8tXtqNahEoYE2z5LVRAi6CgBFDPtKWJ+fviWcB/O1g1b1uwYFVhmeYSaL
XRjdyoImGXNOSeR0aYkY6U7bPjmW4VokJgmxy6grdwVOR8GKeNGExSj0rKRKssWU
xVB77OXpKl0p+m4Krhn7uUq64qPeNvyER1iY9vo4qDDick8irum+jWqpTOhJoWOI
PCn2bYTYrnRMvKuAM5Caa+MA3Uqm50Tev7zjIwToUIbRjOwNtwwbAJdfbLUrfGQH
g4g8G6Lf6D/qo8ChPR4=
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:27:04 2025 by rpki-client