Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/BHLAWjCimeDMtx7yjwh3XYfkA7A.roa
File: BHLAWjCimeDMtx7yjwh3XYfkA7A.roa (raw, json)
Hash identifier: rQFJHWldOt9jGLO2Pwc+EExGwLZevHykmQzjRuHHR6Q=
Subject key identifier: 04:72:C0:5A:30:A2:99:E0:CC:B7:1E:F2:8F:08:77:5D:87:E4:03:B0
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 01856E41D860DF35D89432A0CE7CA14B5665
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/BHLAWjCimeDMtx7yjwh3XYfkA7A.roa
Signing time: Sun 01 Jan 2023 16:54:47 +0000
ROA not before: Sun 01 Jan 2023 16:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41749
IP address blocks: 89.43.54.0/24 maxlen: 24
89.44.125.0/24 maxlen: 24
89.47.42.0/24 maxlen: 24
86.106.134.0/24 maxlen: 24
188.241.188.0/23 maxlen: 23
89.47.88.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:41:d8:60:df:35:d8:94:32:a0:ce:7c:a1:4b:56:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 16:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0472c05a30a299e0ccb71ef28f08775d87e403b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:b3:76:c5:01:8e:94:61:dd:fa:6e:48:91:9d:
08:49:90:2d:06:83:f6:57:41:1e:0f:c0:b0:3b:79:
b0:6a:12:94:e3:96:8a:2f:c6:e9:a5:df:46:ec:74:
98:e7:4a:a5:bd:ee:42:08:2c:93:b0:97:21:57:34:
73:73:3f:33:6f:f5:04:29:69:fe:93:76:a4:dc:c5:
e1:52:11:b2:2e:ce:cd:61:5f:59:84:27:a8:39:d9:
7a:8a:29:a5:65:28:a4:66:ba:01:bb:a4:b6:dd:c1:
1e:f9:29:15:df:bb:e4:da:0a:33:1c:ba:8a:1d:c9:
b1:b5:30:17:13:2c:73:60:ae:68:88:e2:9c:a4:05:
37:04:08:09:52:f0:13:00:82:e4:0f:45:ee:5f:4e:
20:e4:65:38:7f:b2:80:35:95:68:c4:6a:ca:f8:ee:
e4:5d:26:51:d3:6d:03:09:4c:d6:07:f2:56:6d:8a:
dd:b6:53:a9:cd:b9:3d:aa:90:78:c9:b9:91:41:f0:
85:ff:09:ac:71:33:5f:c0:a8:c4:17:34:ec:f6:b7:
d0:a2:ae:83:09:9d:91:be:6e:50:0d:5a:ef:e5:1d:
e7:e1:31:31:d9:9a:7c:c9:f6:88:e0:76:ed:db:ef:
cc:ec:69:2d:5e:8f:f4:d8:17:8c:61:8b:78:e9:98:
61:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:72:C0:5A:30:A2:99:E0:CC:B7:1E:F2:8F:08:77:5D:87:E4:03:B0
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/BHLAWjCimeDMtx7yjwh3XYfkA7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.106.134.0/24
89.43.54.0/24
89.44.125.0/24
89.47.42.0/24
89.47.88.0/24
188.241.188.0/23
Signature Algorithm: sha256WithRSAEncryption
a6:f5:26:4c:ae:0f:1d:00:4c:5e:d4:73:20:6f:ff:81:4c:b1:
51:2d:a1:1b:ae:17:ca:03:38:71:2b:e0:71:a9:58:4b:f6:96:
54:8a:f9:94:9a:35:33:cd:11:31:00:e2:0b:f9:6b:13:12:df:
dd:12:04:83:b4:b1:df:c7:10:fa:85:48:0e:ce:de:d4:e0:9f:
d5:da:0f:20:5d:9f:41:7c:e5:6a:68:bb:07:16:95:6f:13:92:
69:d7:af:f1:59:40:1e:0b:42:10:89:a7:62:96:ad:b4:64:13:
84:a5:7a:33:c9:f9:f1:3a:69:b8:17:73:f1:da:75:03:79:16:
25:c3:56:e8:27:d6:25:3b:d1:8b:d3:38:83:2f:3a:70:12:2b:
15:a0:e4:bf:02:86:2b:0f:fe:0b:9e:b4:2f:47:d7:6b:4f:94:
ce:08:38:ab:24:ad:75:25:2c:5a:18:48:fe:e5:45:46:22:75:
a4:c7:ab:9b:b6:75:95:2e:d8:f4:ae:ad:c2:a1:4b:d1:12:71:
e2:c4:c5:3b:4e:26:d9:56:de:ae:9d:00:9c:b9:84:37:20:38:
16:a2:fa:9d:d6:c6:f7:13:b7:49:3f:fe:11:59:50:2c:59:9a:
69:63:67:80:dd:63:da:73:d8:e3:55:69:e0:f8:05:55:51:43:
c8:7c:8d:4b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVuQdhg3zXYlDKgznyhS1ZlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjMwMTAxMTY1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDcyYzA1YTMwYTI5OWUwY2NiNzFlZjI4ZjA4Nzc1ZDg3ZTQwM2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLN2xQGOlGHd+m5IkZ0ISZAtBoP2
V0EeD8CwO3mwahKU45aKL8bppd9G7HSY50qlve5CCCyTsJchVzRzcz8zb/UEKWn+
k3ak3MXhUhGyLs7NYV9ZhCeoOdl6iimlZSikZroBu6S23cEe+SkV37vk2gozHLqK
HcmxtTAXEyxzYK5oiOKcpAU3BAgJUvATAILkD0XuX04g5GU4f7KANZVoxGrK+O7k
XSZR020DCUzWB/JWbYrdtlOpzbk9qpB4ybmRQfCF/wmscTNfwKjEFzTs9rfQoq6D
CZ2Rvm5QDVrv5R3n4TEx2Zp8yfaI4Hbt2+/M7GktXo/02BeMYYt46ZhhHQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFARywFowopngzLce8o8Id12H5AOwMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvQkhMQVdqQ2ltZURNdHg3eWp3aDNYWWZrQTdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVmqGAwQA
WSs2AwQAWSx9AwQAWS8qAwQAWS9YAwQBvPG8MA0GCSqGSIb3DQEBCwUAA4IBAQCm
9SZMrg8dAExe1HMgb/+BTLFRLaEbrhfKAzhxK+BxqVhL9pZUivmUmjUzzRExAOIL
+WsTEt/dEgSDtLHfxxD6hUgOzt7U4J/V2g8gXZ9BfOVqaLsHFpVvE5Jp16/xWUAe
C0IQiadilq20ZBOEpXozyfnxOmm4F3Px2nUDeRYlw1boJ9YlO9GL0ziDLzpwEisV
oOS/AoYrD/4LnrQvR9drT5TOCDirJK11JSxaGEj+5UVGInWkx6ubtnWVLtj0rq3C
oUvREnHixMU7TibZVt6unQCcuYQ3IDgWovqd1sb3E7dJP/4RWVAsWZppY2eA3WPa
c9jjVWng+AVVUUPIfI1L
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:30:28 2025 by rpki-client