Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/23b5f9-8880-4b54-ad08-731ddb1c07ed/1/bxAyYYWF-HHbB7l7DgIudYIzk0M.roa
File: bxAyYYWF-HHbB7l7DgIudYIzk0M.roa (raw, json)
Hash identifier: 9jiyJ14Qq5UvD2wv8NbiglL8t3IS5/JVsgym0mjoNmc=
Subject key identifier: 6F:10:32:61:85:85:F8:71:DB:07:B9:7B:0E:02:2E:75:82:33:93:43
Certificate issuer: /CN=5a1b1acf226f3c2ffc31c1eb2b6a5194b50b52f4
Certificate serial: 0E7CA1F3
Authority key identifier: 5A:1B:1A:CF:22:6F:3C:2F:FC:31:C1:EB:2B:6A:51:94:B5:0B:52:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WhsazyJvPC_8McHrK2pRlLULUvQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/23b5f9-8880-4b54-ad08-731ddb1c07ed/1/bxAyYYWF-HHbB7l7DgIudYIzk0M.roa
Signing time: Sat 01 Jan 2022 05:03:02 +0000
ROA not before: Sat 01 Jan 2022 05:03:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3303
IP address blocks: 193.239.22.0/23 maxlen: 23
193.239.20.0/22 maxlen: 22
193.239.20.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 243048947 (0xe7ca1f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a1b1acf226f3c2ffc31c1eb2b6a5194b50b52f4
Validity
Not Before: Jan 1 05:03:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6f1032618585f871db07b97b0e022e7582339343
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:df:29:45:65:c2:e5:85:ff:07:75:2e:43:ff:
07:c8:47:b9:42:b9:ae:18:8c:02:e9:ff:7f:e6:2a:
5f:e3:0d:aa:c3:1e:db:da:c4:e9:4b:de:85:66:54:
0c:ae:be:03:5e:09:16:94:bb:eb:81:1e:71:36:fe:
ad:81:35:cb:81:b6:9e:85:6a:6b:f4:70:25:d5:28:
7b:9e:c9:a5:7d:81:c7:ea:8f:2b:a6:82:67:ee:d2:
32:5b:8e:26:88:51:e1:b3:9d:a8:71:1e:aa:ca:8b:
c3:fc:87:0f:df:c0:52:78:c3:83:e1:d3:63:9c:b9:
5b:d6:5d:e0:f0:f8:2b:a0:e3:23:ab:01:95:83:62:
e1:cc:56:09:7d:c5:85:85:ed:b8:ad:1a:59:d7:1e:
08:2e:7a:6c:c8:2e:01:a5:1d:c9:5f:ab:d9:db:23:
50:19:cf:fc:b2:eb:72:5b:97:d5:d8:70:f2:12:b0:
a8:67:f7:f0:e3:8e:99:07:fb:67:a1:34:45:cf:79:
81:23:45:7e:cf:e6:29:f4:31:25:93:29:80:74:f9:
ed:c3:04:e3:8c:20:d5:51:ff:72:74:2a:fe:ba:58:
73:1f:8b:59:f6:31:ed:48:d6:6d:32:5e:aa:69:ae:
6e:e5:a0:dc:bc:87:0c:7a:16:33:62:6a:ac:83:b1:
e0:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:10:32:61:85:85:F8:71:DB:07:B9:7B:0E:02:2E:75:82:33:93:43
X509v3 Authority Key Identifier:
keyid:5A:1B:1A:CF:22:6F:3C:2F:FC:31:C1:EB:2B:6A:51:94:B5:0B:52:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WhsazyJvPC_8McHrK2pRlLULUvQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/23b5f9-8880-4b54-ad08-731ddb1c07ed/1/bxAyYYWF-HHbB7l7DgIudYIzk0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/23b5f9-8880-4b54-ad08-731ddb1c07ed/1/WhsazyJvPC_8McHrK2pRlLULUvQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.239.20.0/22
Signature Algorithm: sha256WithRSAEncryption
13:5f:a7:77:53:b4:0e:3b:50:a9:25:bc:47:0c:bf:4d:c0:aa:
fe:4d:99:41:a4:f0:e7:1a:4f:fe:45:5a:f7:80:d6:e2:ae:3e:
1f:db:95:b6:16:d6:2f:d2:a4:51:ca:59:1c:15:1e:4c:b1:76:
1f:ca:d4:4c:c0:e1:e0:c9:78:18:b3:59:eb:ce:05:46:f6:aa:
90:06:ed:7a:93:04:90:39:51:6c:73:bd:9c:07:1a:8a:74:3e:
2b:d9:29:cc:00:7c:81:8e:90:42:a3:a1:e2:74:d2:19:3f:2b:
f8:52:9d:cf:22:d0:fe:7e:45:e9:a4:3b:df:00:ca:ee:5f:f3:
b9:5c:20:08:ee:b9:08:c8:43:1c:39:1b:e3:a6:d7:c0:07:88:
2d:35:82:3d:d8:3c:5c:46:03:1e:94:a6:91:9e:11:17:27:2c:
3c:6d:82:be:c3:43:d8:4a:58:c1:ab:2b:9e:bb:4f:90:9a:8f:
83:cf:fb:9a:66:4b:e4:73:e4:b1:45:f9:de:a2:a6:ea:14:5c:
31:33:3b:78:20:7e:4c:26:37:91:35:b0:5c:1b:bf:be:b4:99:
3d:1b:12:a8:19:fe:db:8e:ba:81:19:f7:49:8b:e0:fe:ba:ae:
24:09:2d:a6:8e:f4:8b:9c:8b:6a:0e:e1:19:44:a6:66:3d:21:
bc:90:a8:35
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDnyh8zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YTFiMWFjZjIyNmYzYzJmZmMzMWMxZWIyYjZhNTE5NGI1MGI1MmY0MB4XDTIyMDEw
MTA1MDMwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmYxMDMyNjE4NTg1
Zjg3MWRiMDdiOTdiMGUwMjJlNzU4MjMzOTM0MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL3fKUVlwuWF/wd1LkP/B8hHuUK5rhiMAun/f+YqX+MNqsMe
29rE6UvehWZUDK6+A14JFpS764EecTb+rYE1y4G2noVqa/RwJdUoe57JpX2Bx+qP
K6aCZ+7SMluOJohR4bOdqHEeqsqLw/yHD9/AUnjDg+HTY5y5W9Zd4PD4K6DjI6sB
lYNi4cxWCX3FhYXtuK0aWdceCC56bMguAaUdyV+r2dsjUBnP/LLrcluX1dhw8hKw
qGf38OOOmQf7Z6E0Rc95gSNFfs/mKfQxJZMpgHT57cME44wg1VH/cnQq/rpYcx+L
WfYx7UjWbTJeqmmubuWg3LyHDHoWM2JqrIOx4GkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRvEDJhhYX4cdsHuXsOAi51gjOTQzAfBgNVHSMEGDAWgBRaGxrPIm88L/wx
wesralGUtQtS9DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1doc2F6eUp2UENfOE1jSHJLMnBSbExVTFV2US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmEvMjNiNWY5LTg4ODAtNGI1NC1hZDA4LTczMWRkYjFjMDdlZC8x
L2J4QXlZWVdGLUhIYkI3bDdEZ0l1ZFlJemswTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEv
MjNiNWY5LTg4ODAtNGI1NC1hZDA4LTczMWRkYjFjMDdlZC8xL1doc2F6eUp2UENf
OE1jSHJLMnBSbExVTFV2US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsHvFDANBgkqhkiG9w0BAQsFAAOC
AQEAE1+nd1O0DjtQqSW8Rwy/TcCq/k2ZQaTw5xpP/kVa94DW4q4+H9uVthbWL9Kk
UcpZHBUeTLF2H8rUTMDh4Ml4GLNZ684FRvaqkAbtepMEkDlRbHO9nAcainQ+K9kp
zAB8gY6QQqOh4nTSGT8r+FKdzyLQ/n5F6aQ73wDK7l/zuVwgCO65CMhDHDkb46bX
wAeILTWCPdg8XEYDHpSmkZ4RFycsPG2CvsND2EpYwasrnrtPkJqPg8/7mmZL5HPk
sUX53qKm6hRcMTM7eCB+TCY3kTWwXBu/vrSZPRsSqBn+2466gRn3SYvg/rquJAkt
po70i5yLag7hGUSmZj0hvJCoNQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:22 2025 by rpki-client