Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/BcMv9_6zv7VZQbr0nBOKcoMstpI.roa
File: BcMv9_6zv7VZQbr0nBOKcoMstpI.roa (raw, json)
Hash identifier: NXyQ8RMGe1QNC7qZ6jiNVzWvg+N85LPCpzzdXSc30bs=
Subject key identifier: 05:C3:2F:F7:FE:B3:BF:B5:59:41:BA:F4:9C:13:8A:72:83:2C:B6:92
Certificate issuer: /CN=b9481119afe1bff229facd4ef9c8c61b0fabeaf2
Certificate serial: 0187A4FC75E2338C5032E3A16BC468A6BE17
Authority key identifier: B9:48:11:19:AF:E1:BF:F2:29:FA:CD:4E:F9:C8:C6:1B:0F:AB:EA:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/BcMv9_6zv7VZQbr0nBOKcoMstpI.roa
Signing time: Fri 21 Apr 2023 18:03:41 +0000
ROA not before: Fri 21 Apr 2023 18:03:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212043
IP address blocks: 5.59.240.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a4:fc:75:e2:33:8c:50:32:e3:a1:6b:c4:68:a6:be:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9481119afe1bff229facd4ef9c8c61b0fabeaf2
Validity
Not Before: Apr 21 18:03:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05c32ff7feb3bfb55941baf49c138a72832cb692
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:5e:63:7d:04:44:4b:51:b5:fe:d5:51:46:42:
47:64:4b:4b:b6:d2:45:23:b1:d5:36:34:66:e9:63:
81:47:38:cc:91:30:9a:5b:bf:d9:7e:7d:2f:9f:b8:
e2:b1:39:7d:e7:4c:4e:2b:7d:16:35:85:e0:fd:15:
ce:48:89:8a:14:82:da:1b:30:ea:90:57:15:3c:ac:
37:f0:2a:38:03:e9:90:1d:de:1c:d4:41:e9:11:2a:
4f:d3:b4:46:95:0d:0a:a3:df:9f:ef:33:da:1a:28:
3a:02:d7:09:c9:09:5a:a6:95:e2:73:10:0a:8a:99:
3e:d1:45:d5:db:0d:e9:2b:fd:bc:e3:3c:22:a4:1f:
52:ab:85:6e:36:18:9f:78:47:ae:b0:01:be:0b:e0:
25:46:c3:70:22:49:82:2f:a3:38:c8:11:b4:73:49:
f0:c8:a7:8f:8c:09:a5:7e:a4:f4:14:4b:21:36:22:
c8:8b:c7:6f:3d:98:5f:49:bd:93:79:7b:76:30:15:
b2:86:18:a9:85:8b:4d:36:8c:3d:6a:3b:e3:f8:7d:
83:5c:e3:41:88:19:15:c7:dc:6f:31:00:40:4c:41:
b6:fa:a9:1f:93:69:6e:41:ab:e7:b4:18:25:4d:20:
74:de:8d:00:e2:3b:e1:40:df:de:c2:67:9e:fd:ce:
61:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:C3:2F:F7:FE:B3:BF:B5:59:41:BA:F4:9C:13:8A:72:83:2C:B6:92
X509v3 Authority Key Identifier:
keyid:B9:48:11:19:AF:E1:BF:F2:29:FA:CD:4E:F9:C8:C6:1B:0F:AB:EA:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/BcMv9_6zv7VZQbr0nBOKcoMstpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.59.240.0/24
Signature Algorithm: sha256WithRSAEncryption
83:0e:ca:9d:14:11:98:71:79:98:d6:f7:9c:68:5d:54:bc:73:
41:f9:00:ac:39:f9:13:f3:89:15:30:dc:c1:5c:6a:c7:ba:89:
d4:47:88:89:35:ab:34:b7:f3:04:d1:7f:3a:aa:f3:2b:79:b4:
32:22:5b:de:ad:b5:43:5c:9d:21:cf:47:c7:ff:0a:0e:e9:63:
75:f2:86:c1:2c:de:40:d6:28:47:63:49:f5:e4:9b:95:5e:b0:
f9:e0:d6:b8:09:22:48:a7:bb:18:88:9b:76:dc:e7:bf:af:32:
11:7b:49:c1:c3:f2:e3:4d:18:46:f5:b0:20:41:10:28:c2:e8:
20:9c:bd:5b:89:54:bd:d2:3f:af:37:68:59:6b:67:42:05:2b:
d3:31:af:f6:d6:a4:78:f7:cc:7c:e2:de:f8:36:f4:78:a8:8d:
2d:97:b3:38:15:db:9e:7e:aa:05:c2:78:e4:e1:0c:e8:86:82:
8d:78:58:f3:8c:a8:72:88:55:f9:da:9d:9c:36:1b:32:9a:50:
98:86:d9:67:de:21:58:f7:21:18:cf:ac:03:9a:2b:37:ed:73:
30:5b:16:6a:fc:5e:95:dc:da:e2:55:11:bf:b4:86:11:ec:bd:
b0:0c:10:06:34:71:b1:f2:70:2f:95:b5:aa:cf:45:a9:12:e4:
bc:02:e5:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYek/HXiM4xQMuOha8Ropr4XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NDgxMTE5YWZlMWJmZjIyOWZhY2Q0ZWY5YzhjNjFiMGZh
YmVhZjIwHhcNMjMwNDIxMTgwMzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWMzMmZmN2ZlYjNiZmI1NTk0MWJhZjQ5YzEzOGE3MjgzMmNiNjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkl5jfQRES1G1/tVRRkJHZEtLttJF
I7HVNjRm6WOBRzjMkTCaW7/Zfn0vn7jisTl950xOK30WNYXg/RXOSImKFILaGzDq
kFcVPKw38Co4A+mQHd4c1EHpESpP07RGlQ0Ko9+f7zPaGig6AtcJyQlappXicxAK
ipk+0UXV2w3pK/284zwipB9Sq4VuNhifeEeusAG+C+AlRsNwIkmCL6M4yBG0c0nw
yKePjAmlfqT0FEshNiLIi8dvPZhfSb2TeXt2MBWyhhiphYtNNow9ajvj+H2DXONB
iBkVx9xvMQBATEG2+qkfk2luQavntBglTSB03o0A4jvhQN/ewmee/c5h6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAXDL/f+s7+1WUG69JwTinKDLLaSMB8GA1UdIwQY
MBaAFLlIERmv4b/yKfrNTvnIxhsPq+ryMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVVnUkdhX2h2X0lwLXMxTy1jakdHdy1yNnZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9jYjAwMDctM2VhOS00NzU5LThkNzAt
OWI5YmNlMTVlMGM2LzEvQmNNdjlfNnp2N1ZaUWJyMG5CT0tjb01zdHBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9jYjAwMDctM2VhOS00NzU5LThkNzAtOWI5YmNlMTVlMGM2
LzEvdVVnUkdhX2h2X0lwLXMxTy1jakdHdy1yNnZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABTvwMA0G
CSqGSIb3DQEBCwUAA4IBAQCDDsqdFBGYcXmY1vecaF1UvHNB+QCsOfkT84kVMNzB
XGrHuonUR4iJNas0t/ME0X86qvMrebQyIlverbVDXJ0hz0fH/woO6WN18obBLN5A
1ihHY0n15JuVXrD54Na4CSJIp7sYiJt23Oe/rzIRe0nBw/LjTRhG9bAgQRAowugg
nL1biVS90j+vN2hZa2dCBSvTMa/21qR498x84t74NvR4qI0tl7M4FduefqoFwnjk
4QzohoKNeFjzjKhyiFX52p2cNhsymlCYhtln3iFY9yEYz6wDmis37XMwWxZq/F6V
3NriVRG/tIYR7L2wDBAGNHGx8nAvlbWqz0WpEuS8AuVv
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:00 2025 by rpki-client