Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/8b3341-f85b-4c15-a989-510cf26bca65/1/BS515lwnCYwvN900MLYVf3MMk7w.roa
File: BS515lwnCYwvN900MLYVf3MMk7w.roa (raw, json)
Hash identifier: WOoE7iB2hVFWaVCCfAKm/PiMj7/d7GYTw0L8p2o21J8=
Subject key identifier: 05:2E:75:E6:5C:27:09:8C:2F:37:DD:34:30:B6:15:7F:73:0C:93:BC
Certificate issuer: /CN=292d6b805e11ec38034f07789dcd25d1c17fa01e
Certificate serial: 018B6BDFE0D78DF8009A959C6DAF019F5782
Authority key identifier: 29:2D:6B:80:5E:11:EC:38:03:4F:07:78:9D:CD:25:D1:C1:7F:A0:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KS1rgF4R7DgDTwd4nc0l0cF_oB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/8b3341-f85b-4c15-a989-510cf26bca65/1/BS515lwnCYwvN900MLYVf3MMk7w.roa
Signing time: Thu 26 Oct 2023 12:05:15 +0000
ROA not before: Thu 26 Oct 2023 12:05:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209383
IP address blocks: 91.217.30.0/23 maxlen: 23
91.223.140.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6b:df:e0:d7:8d:f8:00:9a:95:9c:6d:af:01:9f:57:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=292d6b805e11ec38034f07789dcd25d1c17fa01e
Validity
Not Before: Oct 26 12:05:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=052e75e65c27098c2f37dd3430b6157f730c93bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:15:57:aa:18:a8:64:61:3b:6e:b4:90:ac:3b:
d3:3d:96:8d:49:17:25:db:65:fc:f4:01:fb:b7:3a:
b7:a7:88:a6:af:00:66:43:f6:0a:ee:76:4a:62:07:
c2:62:12:4a:7f:10:c8:ee:09:29:d0:65:e8:35:ff:
11:82:b6:1d:0e:90:2e:1f:07:76:6e:24:2f:6e:8a:
fe:df:f4:ad:e5:25:f6:ad:97:84:4f:92:3e:c6:e2:
25:6e:43:75:76:32:c9:88:24:e9:25:67:53:8e:86:
3a:3a:22:17:44:60:ce:4e:1a:bc:8b:c3:99:c3:8f:
17:35:38:1c:1a:00:c9:6b:b2:68:5b:36:77:da:d6:
08:20:53:48:6c:8a:b4:d0:d1:fb:07:9c:6e:c5:9a:
4f:9d:fa:c6:28:a0:e2:46:ec:bc:36:c3:dd:7b:ec:
00:30:80:8f:29:4b:00:a7:32:86:60:8d:f7:ce:20:
38:27:6d:18:a9:89:ed:9a:04:e7:21:7c:e9:cd:0c:
9f:b7:78:d7:a0:48:19:6b:bb:29:ae:c9:dd:f1:b6:
a0:2c:b2:75:5b:d9:84:ae:37:a1:bc:4c:79:43:85:
32:85:de:27:3c:30:40:40:c1:39:49:81:c1:69:2a:
3a:3c:47:0a:d0:bc:65:3a:41:a9:59:c5:72:ba:b9:
4c:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:2E:75:E6:5C:27:09:8C:2F:37:DD:34:30:B6:15:7F:73:0C:93:BC
X509v3 Authority Key Identifier:
keyid:29:2D:6B:80:5E:11:EC:38:03:4F:07:78:9D:CD:25:D1:C1:7F:A0:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KS1rgF4R7DgDTwd4nc0l0cF_oB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8b3341-f85b-4c15-a989-510cf26bca65/1/BS515lwnCYwvN900MLYVf3MMk7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8b3341-f85b-4c15-a989-510cf26bca65/1/KS1rgF4R7DgDTwd4nc0l0cF_oB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.30.0/23
91.223.140.0/24
Signature Algorithm: sha256WithRSAEncryption
53:9b:c2:63:9f:46:17:14:e4:c1:ba:f8:f9:e1:75:fd:10:65:
23:7c:08:9c:a5:89:ec:1e:bc:f5:3a:07:6c:d2:c2:c7:78:ec:
39:f5:02:f9:bc:35:6a:5c:16:d9:a5:74:b4:1a:ed:7c:83:2b:
d4:1c:2f:33:b3:3e:f2:4a:32:68:ea:00:75:e8:be:70:e9:47:
3b:6d:13:94:fb:be:3c:b7:1b:e7:7a:9f:bd:49:4f:a6:7a:fc:
ed:4d:9c:69:a9:d4:83:f5:aa:29:e0:83:c1:c0:e8:10:11:43:
b9:e3:de:07:67:27:86:20:4a:70:20:5e:42:61:fb:f9:2c:b6:
ca:4b:4c:a5:30:d8:3e:36:82:f5:7c:35:f4:50:39:64:c7:fc:
c2:d9:28:bb:64:98:4e:9c:1f:1b:3d:05:39:fd:c7:86:3a:06:
8e:0f:be:70:ae:a8:6d:30:e5:13:fe:83:12:dc:dc:6d:d6:82:
1b:d8:a4:0c:92:14:68:0b:68:72:4f:3b:61:ad:8d:ee:8d:f8:
68:7e:81:58:97:f5:91:cc:e8:df:2a:89:e8:f8:10:1c:f5:07:
1b:7d:f8:2d:c0:52:c4:ec:62:2b:3d:64:5b:41:21:54:29:9d:
62:69:88:52:b7:2e:4a:b9:c7:c1:72:7b:a6:0c:1d:80:c2:2e:
bd:57:1f:7e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYtr3+DXjfgAmpWcba8Bn1eCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MmQ2YjgwNWUxMWVjMzgwMzRmMDc3ODlkY2QyNWQxYzE3
ZmEwMWUwHhcNMjMxMDI2MTIwNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTJlNzVlNjVjMjcwOThjMmYzN2RkMzQzMGI2MTU3ZjczMGM5M2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBVXqhioZGE7brSQrDvTPZaNSRcl
22X89AH7tzq3p4imrwBmQ/YK7nZKYgfCYhJKfxDI7gkp0GXoNf8RgrYdDpAuHwd2
biQvbor+3/St5SX2rZeET5I+xuIlbkN1djLJiCTpJWdTjoY6OiIXRGDOThq8i8OZ
w48XNTgcGgDJa7JoWzZ32tYIIFNIbIq00NH7B5xuxZpPnfrGKKDiRuy8NsPde+wA
MICPKUsApzKGYI33ziA4J20YqYntmgTnIXzpzQyft3jXoEgZa7sprsnd8bagLLJ1
W9mErjehvEx5Q4Uyhd4nPDBAQME5SYHBaSo6PEcK0LxlOkGpWcVyurlMmwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAUudeZcJwmMLzfdNDC2FX9zDJO8MB8GA1UdIwQY
MBaAFCkta4BeEew4A08HeJ3NJdHBf6AeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1MxcmdGNFI3RGdEVHdkNG5jMGwwY0Zfb0I0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC84YjMzNDEtZjg1Yi00YzE1LWE5ODkt
NTEwY2YyNmJjYTY1LzEvQlM1MTVsd25DWXd2TjkwME1MWVZmM01Nazd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC84YjMzNDEtZjg1Yi00YzE1LWE5ODktNTEwY2YyNmJjYTY1
LzEvS1MxcmdGNFI3RGdEVHdkNG5jMGwwY0Zfb0I0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW9keAwQA
W9+MMA0GCSqGSIb3DQEBCwUAA4IBAQBTm8Jjn0YXFOTBuvj54XX9EGUjfAicpYns
Hrz1Ogds0sLHeOw59QL5vDVqXBbZpXS0Gu18gyvUHC8zsz7ySjJo6gB16L5w6Uc7
bROU+748txvnep+9SU+mevztTZxpqdSD9aop4IPBwOgQEUO5494HZyeGIEpwIF5C
Yfv5LLbKS0ylMNg+NoL1fDX0UDlkx/zC2Si7ZJhOnB8bPQU5/ceGOgaOD75wrqht
MOUT/oMS3Nxt1oIb2KQMkhRoC2hyTzthrY3ujfhofoFYl/WRzOjfKono+BAc9Qcb
ffgtwFLE7GIrPWRbQSFUKZ1iaYhSty5KucfBcnumDB2Awi69Vx9+
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:53:02 2025 by rpki-client