Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/bpAyH9uUHaZfoThkRE_OmdYaWBg.roa
File: bpAyH9uUHaZfoThkRE_OmdYaWBg.roa (raw, json)
Hash identifier: KItHaKqibwsrBAjBpkNxgsVdsv2Xo2g30eehVyCTRfo=
Subject key identifier: 6E:90:32:1F:DB:94:1D:A6:5F:A1:38:64:44:4F:CE:99:D6:1A:58:18
Certificate issuer: /CN=0e75fb4f52a829d136e29a9a025c636d19ae328e
Certificate serial: 0187232BA82887353E2B0637079629C26900
Authority key identifier: 0E:75:FB:4F:52:A8:29:D1:36:E2:9A:9A:02:5C:63:6D:19:AE:32:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DnX7T1KoKdE24pqaAlxjbRmuMo4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/bpAyH9uUHaZfoThkRE_OmdYaWBg.roa
Signing time: Mon 27 Mar 2023 13:04:36 +0000
ROA not before: Mon 27 Mar 2023 13:04:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33852
IP address blocks: 83.139.2.0/24 maxlen: 24
83.139.0.0/24 maxlen: 24
83.139.1.0/24 maxlen: 24
83.139.11.0/24 maxlen: 24
83.139.10.0/24 maxlen: 24
83.139.17.0/24 maxlen: 24
83.139.16.0/24 maxlen: 24
83.139.14.0/24 maxlen: 24
83.139.15.0/24 maxlen: 24
83.139.12.0/24 maxlen: 24
83.139.13.0/24 maxlen: 24
83.139.18.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:23:2b:a8:28:87:35:3e:2b:06:37:07:96:29:c2:69:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e75fb4f52a829d136e29a9a025c636d19ae328e
Validity
Not Before: Mar 27 13:04:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e90321fdb941da65fa13864444fce99d61a5818
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:3d:eb:af:d2:41:b1:73:df:c0:85:bc:8e:39:
50:99:50:00:e6:e0:1c:03:ab:4a:a1:17:2d:2e:77:
6b:ba:c6:43:64:e0:62:bc:f1:ac:8c:d5:fb:b0:99:
e9:8b:c9:1b:23:8d:46:ed:63:96:f0:d4:27:65:13:
68:cb:0d:fb:37:61:7d:55:88:d5:9e:36:26:53:10:
f8:c5:1d:23:26:e1:51:bf:8f:36:9f:2e:d1:78:10:
c7:d6:52:c9:59:83:dd:5e:90:da:6d:ad:d5:d5:43:
d2:80:12:10:f1:4d:ff:7d:ab:3c:12:32:93:17:62:
3f:96:76:30:8e:3b:d0:cc:e1:2d:0b:d0:33:6d:22:
b1:94:9f:53:97:b1:b9:40:dd:0a:06:01:a9:af:74:
8a:e0:de:56:dd:38:28:9a:57:ad:1f:79:91:f5:51:
fd:c8:79:19:f2:eb:3e:b1:f1:76:16:13:d6:08:c4:
60:b5:63:ac:d2:2c:d6:c9:9e:be:b6:7d:34:81:2a:
c4:14:d6:7a:63:c6:f3:99:48:3b:61:cb:dd:54:8d:
53:db:5d:21:4d:98:ee:ed:45:a5:41:8e:c5:70:10:
16:82:09:86:3c:7f:de:df:66:41:0e:3d:b4:42:70:
f5:a3:1f:19:6f:91:12:75:0a:fe:27:9a:37:df:1d:
96:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:90:32:1F:DB:94:1D:A6:5F:A1:38:64:44:4F:CE:99:D6:1A:58:18
X509v3 Authority Key Identifier:
keyid:0E:75:FB:4F:52:A8:29:D1:36:E2:9A:9A:02:5C:63:6D:19:AE:32:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DnX7T1KoKdE24pqaAlxjbRmuMo4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/bpAyH9uUHaZfoThkRE_OmdYaWBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/DnX7T1KoKdE24pqaAlxjbRmuMo4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.139.0.0-83.139.2.255
83.139.10.0-83.139.18.255
Signature Algorithm: sha256WithRSAEncryption
36:92:a1:a0:a0:81:a2:b2:95:5d:d8:4f:e0:be:25:ba:8d:1b:
80:ec:92:45:7e:18:42:a8:9d:0d:6a:34:cd:fa:9a:b3:f1:4c:
78:97:a7:ea:dd:c4:0a:66:a0:13:28:30:70:cc:13:ba:3b:e0:
e9:0f:0f:d7:90:e9:dd:52:21:b4:1e:d2:8b:0d:be:3d:0e:ab:
c4:e7:75:aa:40:2b:d3:56:77:c6:51:65:c7:d4:5f:bc:59:14:
60:b5:74:85:be:d9:1c:34:f3:c3:46:28:bf:7d:b2:4f:34:60:
97:86:ff:f3:bf:82:57:02:cc:b5:14:07:81:f2:d4:07:d9:ab:
1f:65:28:73:e2:07:f4:a5:d4:0c:5b:21:5a:3a:c2:33:44:f8:
8c:15:ba:70:8d:a9:91:b3:f7:4b:d5:4e:5f:8d:1a:c5:e5:1c:
d4:fe:d1:8f:a6:43:18:cb:3f:52:79:6d:21:e9:e0:6b:70:a3:
b2:7f:b6:46:e7:1c:6f:55:18:21:eb:ef:65:dc:7c:42:6d:6f:
78:6d:bf:6f:dd:5b:ee:a6:66:83:a9:77:f4:e4:0c:48:da:65:
7f:ed:92:e2:26:4a:c1:d2:e2:85:21:2c:46:2f:65:2a:1f:f3:
36:ae:72:80:13:f9:bc:cc:66:1d:54:6b:ad:f3:3c:8f:c2:f0:
a9:0d:ef:0f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYcjK6gohzU+KwY3B5YpwmkAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNzVmYjRmNTJhODI5ZDEzNmUyOWE5YTAyNWM2MzZkMTlh
ZTMyOGUwHhcNMjMwMzI3MTMwNDM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTkwMzIxZmRiOTQxZGE2NWZhMTM4NjQ0NDRmY2U5OWQ2MWE1ODE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkD3rr9JBsXPfwIW8jjlQmVAA5uAc
A6tKoRctLndrusZDZOBivPGsjNX7sJnpi8kbI41G7WOW8NQnZRNoyw37N2F9VYjV
njYmUxD4xR0jJuFRv482ny7ReBDH1lLJWYPdXpDaba3V1UPSgBIQ8U3/fas8EjKT
F2I/lnYwjjvQzOEtC9AzbSKxlJ9Tl7G5QN0KBgGpr3SK4N5W3TgomletH3mR9VH9
yHkZ8us+sfF2FhPWCMRgtWOs0izWyZ6+tn00gSrEFNZ6Y8bzmUg7YcvdVI1T210h
TZju7UWlQY7FcBAWggmGPH/e32ZBDj20QnD1ox8Zb5ESdQr+J5o33x2WhQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFG6QMh/blB2mX6E4ZERPzpnWGlgYMB8GA1UdIwQY
MBaAFA51+09SqCnRNuKamgJcY20ZrjKOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG5YN1QxS29LZEUyNHBxYUFseGpiUm11TW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC81NzU5ZjYtOTNlMi00MDI5LWE0OWYt
MzViYTI2N2RlZDNiLzEvYnBBeUg5dVVIYVpmb1Roa1JFX09tZFlhV0JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC81NzU5ZjYtOTNlMi00MDI5LWE0OWYtMzViYTI2N2RlZDNi
LzEvRG5YN1QxS29LZEUyNHBxYUFseGpiUm11TW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAATAbMAsDAwBTiwME
AFOLAjAMAwQBU4sKAwQAU4sSMA0GCSqGSIb3DQEBCwUAA4IBAQA2kqGgoIGispVd
2E/gviW6jRuA7JJFfhhCqJ0NajTN+pqz8Ux4l6fq3cQKZqATKDBwzBO6O+DpDw/X
kOndUiG0HtKLDb49DqvE53WqQCvTVnfGUWXH1F+8WRRgtXSFvtkcNPPDRii/fbJP
NGCXhv/zv4JXAsy1FAeB8tQH2asfZShz4gf0pdQMWyFaOsIzRPiMFbpwjamRs/dL
1U5fjRrF5RzU/tGPpkMYyz9SeW0h6eBrcKOyf7ZG5xxvVRgh6+9l3HxCbW94bb9v
3VvupmaDqXf05AxI2mV/7ZLiJkrB0uKFISxGL2UqH/M2rnKAE/m8zGYdVGut8zyP
wvCpDe8P
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:48 2025 by rpki-client