Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/d47909-a560-409c-b839-c5e7821579f1/1/bsjDneQGS5Ge5n3Oivw03Ma6sbQ.roa
File: bsjDneQGS5Ge5n3Oivw03Ma6sbQ.roa (raw, json)
Hash identifier: NleRF+8DZaU3lKc5GMquH+V2KQq47Bu6bVNz5RB0tp0=
Subject key identifier: 6E:C8:C3:9D:E4:06:4B:91:9E:E6:7D:CE:8A:FC:34:DC:C6:BA:B1:B4
Certificate issuer: /CN=90ae538e2a91346f0402598b0ff2fb9a95c07c39
Certificate serial: 018BAF5F419DC914284BD25A496FAB1CBD21
Authority key identifier: 90:AE:53:8E:2A:91:34:6F:04:02:59:8B:0F:F2:FB:9A:95:C0:7C:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kK5TjiqRNG8EAlmLD_L7mpXAfDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/d47909-a560-409c-b839-c5e7821579f1/1/bsjDneQGS5Ge5n3Oivw03Ma6sbQ.roa
Signing time: Wed 08 Nov 2023 14:38:57 +0000
ROA not before: Wed 08 Nov 2023 14:38:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57129
IP address blocks: 185.202.200.0/22 maxlen: 24
2a06:cd00::/29 maxlen: 48
2a0d:5900::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:af:5f:41:9d:c9:14:28:4b:d2:5a:49:6f:ab:1c:bd:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90ae538e2a91346f0402598b0ff2fb9a95c07c39
Validity
Not Before: Nov 8 14:38:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ec8c39de4064b919ee67dce8afc34dcc6bab1b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:39:33:75:13:ba:be:e3:18:6e:26:40:23:1b:
dd:66:bc:66:af:ed:5e:9b:3a:5a:33:31:a6:88:b0:
5c:84:2b:7f:3d:5f:f4:23:0e:8e:53:97:a7:30:c2:
f6:64:d1:8d:2b:65:66:78:b6:d1:cc:ed:df:0b:51:
38:7b:8f:90:d4:04:6f:81:96:98:b1:0f:1b:c6:ed:
8a:25:c2:c9:7a:df:1a:1f:34:1d:be:df:8a:5c:8c:
13:29:bc:c9:bc:c6:b8:3b:cc:cf:7d:86:92:e4:cc:
b5:23:11:a5:04:c4:37:ce:fc:fb:00:ff:f7:e8:82:
0b:14:c6:35:c7:eb:f4:22:01:fe:80:e6:93:6a:ae:
c7:5a:6f:59:7e:d5:b6:b7:e1:60:14:41:65:4c:0d:
64:58:68:e6:b5:ff:00:60:10:6b:6e:22:f9:ed:eb:
37:53:7e:a2:f2:fd:4d:6a:c6:be:1c:57:39:67:e3:
6c:55:96:02:98:59:cc:49:73:66:4e:2e:62:ab:a7:
24:c4:01:3d:69:7d:d3:b9:fb:d6:07:68:d0:15:8f:
c8:41:5e:30:d2:f1:ed:7d:a5:55:59:aa:95:69:99:
74:53:78:ab:76:ac:e6:e0:0b:fa:d5:56:02:a1:a0:
42:b3:d0:99:cb:13:e8:77:44:e8:4d:e0:36:27:5d:
3b:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:C8:C3:9D:E4:06:4B:91:9E:E6:7D:CE:8A:FC:34:DC:C6:BA:B1:B4
X509v3 Authority Key Identifier:
keyid:90:AE:53:8E:2A:91:34:6F:04:02:59:8B:0F:F2:FB:9A:95:C0:7C:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kK5TjiqRNG8EAlmLD_L7mpXAfDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/d47909-a560-409c-b839-c5e7821579f1/1/bsjDneQGS5Ge5n3Oivw03Ma6sbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/d47909-a560-409c-b839-c5e7821579f1/1/kK5TjiqRNG8EAlmLD_L7mpXAfDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.200.0/22
IPv6:
2a06:cd00::/29
2a0d:5900::/29
Signature Algorithm: sha256WithRSAEncryption
24:41:98:81:d8:d5:47:9c:e3:f7:ef:d5:13:a2:cd:31:42:50:
fa:29:4d:1b:cb:03:b2:33:80:b2:33:ef:6e:59:92:13:cd:3e:
09:db:9a:ca:d3:30:92:a7:ae:f8:66:8d:79:2d:4c:19:c1:08:
aa:a3:50:c2:2e:78:d7:ab:f7:81:dc:5d:48:5a:01:3c:66:a2:
5c:ef:62:18:b1:02:3d:79:62:64:5f:30:a1:41:55:67:4d:28:
16:2b:72:7c:3f:12:8e:eb:ed:c3:36:86:a8:01:25:c9:d8:fe:
43:c4:c4:0f:0e:e2:ff:de:1a:51:98:26:0c:57:f8:47:07:3e:
2b:65:90:35:67:86:ff:bc:72:4d:f2:ed:b1:15:60:f4:6f:6a:
55:a4:c7:7f:1b:7a:60:26:c6:3c:6b:7f:11:c4:60:2a:d3:1a:
1a:73:4d:b2:fa:5c:34:24:d0:e3:e1:0e:b3:66:2b:31:39:89:
5c:c9:52:ba:6b:bd:e5:03:25:81:ca:cb:77:31:7b:45:0d:d2:
17:61:f2:7d:1f:0c:c3:20:6c:8f:b5:8f:da:88:6a:02:48:37:
35:11:41:41:65:fb:18:a6:12:cb:28:3f:59:1c:99:78:e4:25:
64:0b:c7:31:5a:92:40:0b:92:e8:84:80:62:51:81:f9:ee:80:
76:9d:0f:c6
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYuvX0GdyRQoS9JaSW+rHL0hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwYWU1MzhlMmE5MTM0NmYwNDAyNTk4YjBmZjJmYjlhOTVj
MDdjMzkwHhcNMjMxMTA4MTQzODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWM4YzM5ZGU0MDY0YjkxOWVlNjdkY2U4YWZjMzRkY2M2YmFiMWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTkzdRO6vuMYbiZAIxvdZrxmr+1e
mzpaMzGmiLBchCt/PV/0Iw6OU5enMML2ZNGNK2VmeLbRzO3fC1E4e4+Q1ARvgZaY
sQ8bxu2KJcLJet8aHzQdvt+KXIwTKbzJvMa4O8zPfYaS5My1IxGlBMQ3zvz7AP/3
6IILFMY1x+v0IgH+gOaTaq7HWm9ZftW2t+FgFEFlTA1kWGjmtf8AYBBrbiL57es3
U36i8v1Nasa+HFc5Z+NsVZYCmFnMSXNmTi5iq6ckxAE9aX3TufvWB2jQFY/IQV4w
0vHtfaVVWaqVaZl0U3irdqzm4Av61VYCoaBCs9CZyxPod0ToTeA2J107swIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFG7Iw53kBkuRnuZ9zor8NNzGurG0MB8GA1UdIwQY
MBaAFJCuU44qkTRvBAJZiw/y+5qVwHw5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0s1VGppcVJORzhFQWxtTERfTDdtcFhBZkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kNDc5MDktYTU2MC00MDljLWI4Mzkt
YzVlNzgyMTU3OWYxLzEvYnNqRG5lUUdTNUdlNW4zT2l2dzAzTWE2c2JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kNDc5MDktYTU2MC00MDljLWI4MzktYzVlNzgyMTU3OWYx
LzEva0s1VGppcVJORzhFQWxtTERfTDdtcFhBZkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCucrIMBQE
AgACMA4DBQMqBs0AAwUDKg1ZADANBgkqhkiG9w0BAQsFAAOCAQEAJEGYgdjVR5zj
9+/VE6LNMUJQ+ilNG8sDsjOAsjPvblmSE80+CduaytMwkqeu+GaNeS1MGcEIqqNQ
wi5416v3gdxdSFoBPGaiXO9iGLECPXliZF8woUFVZ00oFityfD8SjuvtwzaGqAEl
ydj+Q8TEDw7i/94aUZgmDFf4Rwc+K2WQNWeG/7xyTfLtsRVg9G9qVaTHfxt6YCbG
PGt/EcRgKtMaGnNNsvpcNCTQ4+EOs2YrMTmJXMlSumu95QMlgcrLdzF7RQ3SF2Hy
fR8MwyBsj7WP2ohqAkg3NRFBQWX7GKYSyyg/WRyZeOQlZAvHMVqSQAuS6ISAYlGB
+e6Adp0Pxg==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:43:54 2025 by rpki-client