Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/R-BHA90ePd22ervj07CtVJ_LBPo.roa
File: R-BHA90ePd22ervj07CtVJ_LBPo.roa (raw, json)
Hash identifier: rTuVKsBgzE0P8xGnZuLBrAOk4NfGFYq0k4BoncuBAxw=
Subject key identifier: 47:E0:47:03:DD:1E:3D:DD:B6:7A:BB:E3:D3:B0:AD:54:9F:CB:04:FA
Certificate issuer: /CN=9c1ee4d39cfaa1b3ac799c17f7882b8ce4e28120
Certificate serial: 0187C1E68021C4E93EEA56C90AA8D74D18A8
Authority key identifier: 9C:1E:E4:D3:9C:FA:A1:B3:AC:79:9C:17:F7:88:2B:8C:E4:E2:81:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nB7k05z6obOseZwX94grjOTigSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/R-BHA90ePd22ervj07CtVJ_LBPo.roa
Signing time: Thu 27 Apr 2023 08:48:41 +0000
ROA not before: Thu 27 Apr 2023 08:48:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208770
IP address blocks: 45.85.196.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c1:e6:80:21:c4:e9:3e:ea:56:c9:0a:a8:d7:4d:18:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c1ee4d39cfaa1b3ac799c17f7882b8ce4e28120
Validity
Not Before: Apr 27 08:48:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=47e04703dd1e3dddb67abbe3d3b0ad549fcb04fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:92:99:04:a5:d9:20:c7:e0:32:84:68:86:8c:
d3:a8:14:35:25:b3:2d:4b:39:fa:a4:87:0b:4c:36:
a6:b5:8d:b4:d6:d4:e8:c0:27:a4:cf:2c:29:27:26:
6a:9c:28:d7:df:57:b5:6c:9f:52:a7:ad:04:c2:40:
a3:cd:93:3e:46:fa:f1:a7:72:b9:9a:5b:41:12:99:
0f:81:7e:e4:e2:3d:83:f9:13:49:d2:81:84:69:5f:
ae:de:ca:e1:e6:93:cd:69:da:a8:a2:a7:b4:25:b2:
4e:96:97:06:95:33:0f:54:9d:b9:8a:e7:e4:56:1f:
33:c5:6b:83:a3:a8:7a:da:3b:ab:49:2e:20:83:93:
32:ed:be:ec:b0:11:13:08:da:e7:39:ff:d0:a4:23:
95:48:98:0f:d0:b0:d9:5a:e7:12:66:d6:e1:b0:0e:
87:48:77:dd:35:1c:d2:a8:da:4d:10:86:61:d4:58:
f4:56:03:d4:43:cd:9d:b7:bd:24:e1:95:e1:f1:42:
58:93:12:2e:27:fb:1c:1e:17:bd:43:e8:f8:fa:50:
0e:58:af:bf:36:20:5d:4b:60:35:96:79:cc:47:06:
c2:f5:0d:f8:e6:b3:14:5d:75:9b:3a:38:c9:f1:66:
d1:07:52:ef:2a:59:28:60:40:76:4c:5d:4f:c7:53:
5a:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:E0:47:03:DD:1E:3D:DD:B6:7A:BB:E3:D3:B0:AD:54:9F:CB:04:FA
X509v3 Authority Key Identifier:
keyid:9C:1E:E4:D3:9C:FA:A1:B3:AC:79:9C:17:F7:88:2B:8C:E4:E2:81:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nB7k05z6obOseZwX94grjOTigSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/R-BHA90ePd22ervj07CtVJ_LBPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/bb97d9-7b81-449f-9060-bd465ce711bb/1/nB7k05z6obOseZwX94grjOTigSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.196.0/22
Signature Algorithm: sha256WithRSAEncryption
93:a8:ed:8f:0c:a5:04:f2:69:27:a2:ed:3b:ed:d8:6e:a8:bd:
38:06:8d:cf:da:d2:a8:5f:60:6f:73:11:27:76:cd:05:7a:33:
b5:d0:3d:d0:2a:95:3e:b2:90:19:6e:13:81:0c:cc:2b:e2:f0:
3f:67:7b:61:9c:10:e2:60:b2:10:a6:d0:bf:cb:d4:7d:66:1f:
e5:e5:ff:c0:a0:47:84:21:31:dd:a9:db:bb:31:0e:cb:63:28:
e0:7d:ed:8d:86:6f:7b:83:f8:a5:66:bc:ff:3c:85:56:2f:4c:
b0:ab:20:d8:46:3d:d1:8a:82:c6:ed:ad:2d:85:a4:cf:15:25:
a2:78:79:fc:1e:36:19:9f:6b:ee:89:08:3c:5a:4a:d6:6f:86:
bb:6a:91:84:f6:b7:c6:c7:95:02:1c:35:5d:b8:55:fa:2b:cc:
ee:86:e5:3a:e5:20:53:cc:63:32:ff:64:9a:dd:11:83:c5:b5:
61:df:1d:1a:df:ab:aa:86:dc:91:c8:75:c4:55:bb:97:ed:0f:
d9:6f:f3:1f:40:3f:11:4a:99:98:fb:34:22:dc:a0:a9:e0:cb:
31:97:7a:01:19:68:79:c0:01:17:f9:ac:24:1c:76:69:4b:e1:
7e:9b:1c:01:c0:ee:7c:46:e7:b8:f3:7d:b8:97:91:de:c1:f8:
b3:2b:5c:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfB5oAhxOk+6lbJCqjXTRioMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMWVlNGQzOWNmYWExYjNhYzc5OWMxN2Y3ODgyYjhjZTRl
MjgxMjAwHhcNMjMwNDI3MDg0ODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2UwNDcwM2RkMWUzZGRkYjY3YWJiZTNkM2IwYWQ1NDlmY2IwNGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZKZBKXZIMfgMoRohozTqBQ1JbMt
Szn6pIcLTDamtY201tTowCekzywpJyZqnCjX31e1bJ9Sp60EwkCjzZM+Rvrxp3K5
mltBEpkPgX7k4j2D+RNJ0oGEaV+u3srh5pPNadqooqe0JbJOlpcGlTMPVJ25iufk
Vh8zxWuDo6h62jurSS4gg5My7b7ssBETCNrnOf/QpCOVSJgP0LDZWucSZtbhsA6H
SHfdNRzSqNpNEIZh1Fj0VgPUQ82dt70k4ZXh8UJYkxIuJ/scHhe9Q+j4+lAOWK+/
NiBdS2A1lnnMRwbC9Q345rMUXXWbOjjJ8WbRB1LvKlkoYEB2TF1Px1NavwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEfgRwPdHj3dtnq749OwrVSfywT6MB8GA1UdIwQY
MBaAFJwe5NOc+qGzrHmcF/eIK4zk4oEgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkI3azA1ejZvYk9zZVp3WDk0Z3JqT1RpZ1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9iYjk3ZDktN2I4MS00NDlmLTkwNjAt
YmQ0NjVjZTcxMWJiLzEvUi1CSEE5MGVQZDIyZXJ2ajA3Q3RWSl9MQlBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9iYjk3ZDktN2I4MS00NDlmLTkwNjAtYmQ0NjVjZTcxMWJi
LzEvbkI3azA1ejZvYk9zZVp3WDk0Z3JqT1RpZ1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVXEMA0G
CSqGSIb3DQEBCwUAA4IBAQCTqO2PDKUE8mknou077dhuqL04Bo3P2tKoX2BvcxEn
ds0FejO10D3QKpU+spAZbhOBDMwr4vA/Z3thnBDiYLIQptC/y9R9Zh/l5f/AoEeE
ITHdqdu7MQ7LYyjgfe2Nhm97g/ilZrz/PIVWL0ywqyDYRj3RioLG7a0thaTPFSWi
eHn8HjYZn2vuiQg8WkrWb4a7apGE9rfGx5UCHDVduFX6K8zuhuU65SBTzGMy/2Sa
3RGDxbVh3x0a36uqhtyRyHXEVbuX7Q/Zb/MfQD8RSpmY+zQi3KCp4Msxl3oBGWh5
wAEX+awkHHZpS+F+mxwBwO58Rue48324l5HewfizK1z8
-----END CERTIFICATE-----
Generated at Mon Apr 7 22:28:44 2025 by rpki-client