Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/5d80b0-fc4a-4cde-9c53-b8518909820f/1/bvkdIXl8Yfhmnt5fLaD77-PfWXk.roa
File: bvkdIXl8Yfhmnt5fLaD77-PfWXk.roa (raw, json)
Hash identifier: mDKkWmqGX7R+4Ro5RU+dvOcqD+waFy26if9GVeRD8Hg=
Subject key identifier: 6E:F9:1D:21:79:7C:61:F8:66:9E:DE:5F:2D:A0:FB:EF:E3:DF:59:79
Certificate issuer: /CN=caee41074e35990afe4f50a84e42eb09584a2f19
Certificate serial: 01856D6F72A09AD9E6311B9A253DF9D2F0CC
Authority key identifier: CA:EE:41:07:4E:35:99:0A:FE:4F:50:A8:4E:42:EB:09:58:4A:2F:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yu5BB041mQr-T1CoTkLrCVhKLxk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/5d80b0-fc4a-4cde-9c53-b8518909820f/1/bvkdIXl8Yfhmnt5fLaD77-PfWXk.roa
Signing time: Sun 01 Jan 2023 13:04:58 +0000
ROA not before: Sun 01 Jan 2023 13:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3303
IP address blocks: 195.250.44.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:72:a0:9a:d9:e6:31:1b:9a:25:3d:f9:d2:f0:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=caee41074e35990afe4f50a84e42eb09584a2f19
Validity
Not Before: Jan 1 13:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ef91d21797c61f8669ede5f2da0fbefe3df5979
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:a5:25:5d:16:f7:1d:d1:a2:1d:4c:63:bb:aa:
92:27:0c:d7:48:9e:8a:75:fb:7d:d1:31:ee:b8:73:
93:71:44:8b:13:d7:3e:21:9e:18:8b:c8:ac:28:2d:
df:7c:ab:0a:0b:d1:3b:a2:96:60:eb:2f:62:31:d1:
ea:5f:c6:0b:8f:ad:71:a8:b9:3f:e6:ce:dc:79:c8:
5a:a9:6e:aa:00:e0:da:9c:40:37:54:7d:d5:32:a1:
08:f5:03:d6:a6:b6:00:0d:ce:21:f7:6d:36:ae:a8:
c0:91:51:88:80:eb:34:0d:98:1f:50:79:57:54:ff:
46:52:cc:01:c1:38:b4:9e:a6:ba:5c:f1:b3:aa:c4:
9d:59:5f:c6:22:1b:9a:6c:16:a2:25:01:d6:ae:7d:
7e:8a:9b:03:5d:c4:21:74:1c:ed:61:3f:a7:3d:87:
60:00:fd:c8:90:29:d2:ed:8b:bb:e6:62:f3:61:26:
1b:15:39:b8:51:c1:bc:88:26:f9:60:f6:2c:8e:52:
97:e5:79:41:c3:d3:9f:8d:1e:26:a5:36:a3:41:23:
80:87:f7:1e:c4:d0:2d:16:14:18:3c:c1:a2:ff:66:
75:b5:e8:39:23:d8:33:ef:82:bf:2b:86:5d:af:17:
c5:1e:23:c2:ff:ce:1a:73:cd:0e:69:d6:1b:cc:c2:
46:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:F9:1D:21:79:7C:61:F8:66:9E:DE:5F:2D:A0:FB:EF:E3:DF:59:79
X509v3 Authority Key Identifier:
keyid:CA:EE:41:07:4E:35:99:0A:FE:4F:50:A8:4E:42:EB:09:58:4A:2F:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yu5BB041mQr-T1CoTkLrCVhKLxk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/5d80b0-fc4a-4cde-9c53-b8518909820f/1/bvkdIXl8Yfhmnt5fLaD77-PfWXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/5d80b0-fc4a-4cde-9c53-b8518909820f/1/yu5BB041mQr-T1CoTkLrCVhKLxk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.250.44.0/24
Signature Algorithm: sha256WithRSAEncryption
68:c5:06:0c:78:65:cf:03:3d:3f:65:39:18:45:d3:2f:bd:b2:
09:79:35:eb:4c:3f:46:87:3f:7f:dd:92:90:84:a4:f7:84:71:
c9:2d:d4:1d:40:50:ee:97:cb:8e:d5:a4:14:76:a4:cf:c5:22:
c2:6e:4a:2d:a4:d2:ae:1b:2c:57:de:49:d1:1e:a6:39:65:bf:
fb:99:cd:22:59:e1:e1:5a:5a:01:1d:d1:73:9b:49:a7:a3:17:
be:73:f6:f0:eb:e9:f3:6f:53:92:16:64:d5:58:66:5d:e8:bc:
af:82:d0:ff:20:18:c7:3a:97:7e:ff:31:7e:ba:9f:6e:5c:ae:
c3:3f:54:bc:70:8b:db:4e:57:19:4d:74:e9:1a:f8:5d:b6:62:
d3:67:77:75:df:c5:a2:19:f0:53:1a:f1:75:a6:b4:b7:ef:11:
a9:e3:bd:d3:84:dc:77:63:d0:81:87:c7:1f:2b:9f:ab:98:1e:
1b:4a:8e:e4:f3:21:b8:c6:20:9f:d6:35:29:07:a0:7b:82:0f:
f0:08:3e:49:11:a6:f4:0a:37:8c:00:21:08:5f:ec:ff:5b:9d:
79:f9:4b:ea:51:cf:5b:64:f3:2f:35:ea:8a:42:75:9e:c0:60:
ac:cd:a0:7e:96:4d:5f:95:ac:7b:8c:e9:77:69:61:3c:16:e9:
fe:2f:17:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtb3KgmtnmMRuaJT350vDMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZWU0MTA3NGUzNTk5MGFmZTRmNTBhODRlNDJlYjA5NTg0
YTJmMTkwHhcNMjMwMTAxMTMwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWY5MWQyMTc5N2M2MWY4NjY5ZWRlNWYyZGEwZmJlZmUzZGY1OTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgaUlXRb3HdGiHUxju6qSJwzXSJ6K
dft90THuuHOTcUSLE9c+IZ4Yi8isKC3ffKsKC9E7opZg6y9iMdHqX8YLj61xqLk/
5s7cechaqW6qAODanEA3VH3VMqEI9QPWprYADc4h9202rqjAkVGIgOs0DZgfUHlX
VP9GUswBwTi0nqa6XPGzqsSdWV/GIhuabBaiJQHWrn1+ipsDXcQhdBztYT+nPYdg
AP3IkCnS7Yu75mLzYSYbFTm4UcG8iCb5YPYsjlKX5XlBw9OfjR4mpTajQSOAh/ce
xNAtFhQYPMGi/2Z1teg5I9gz74K/K4ZdrxfFHiPC/84ac80OadYbzMJGFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG75HSF5fGH4Zp7eXy2g++/j31l5MB8GA1UdIwQY
MBaAFMruQQdONZkK/k9QqE5C6wlYSi8ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXU1QkIwNDFtUXItVDFDb1RrTHJDVmhLTHhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC81ZDgwYjAtZmM0YS00Y2RlLTljNTMt
Yjg1MTg5MDk4MjBmLzEvYnZrZElYbDhZZmhtbnQ1ZkxhRDc3LVBmV1hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC81ZDgwYjAtZmM0YS00Y2RlLTljNTMtYjg1MTg5MDk4MjBm
LzEveXU1QkIwNDFtUXItVDFDb1RrTHJDVmhLTHhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw/osMA0G
CSqGSIb3DQEBCwUAA4IBAQBoxQYMeGXPAz0/ZTkYRdMvvbIJeTXrTD9Ghz9/3ZKQ
hKT3hHHJLdQdQFDul8uO1aQUdqTPxSLCbkotpNKuGyxX3knRHqY5Zb/7mc0iWeHh
WloBHdFzm0mnoxe+c/bw6+nzb1OSFmTVWGZd6LyvgtD/IBjHOpd+/zF+up9uXK7D
P1S8cIvbTlcZTXTpGvhdtmLTZ3d138WiGfBTGvF1prS37xGp473ThNx3Y9CBh8cf
K5+rmB4bSo7k8yG4xiCf1jUpB6B7gg/wCD5JEab0CjeMACEIX+z/W515+UvqUc9b
ZPMvNeqKQnWewGCszaB+lk1flax7jOl3aWE8Fun+Lxce
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:07:37 2025 by rpki-client