Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/9b94e2-d21d-4d81-8aea-a5568e0fbb6d/1/bQjgk1tkcYJVw8F-jn-PHBH40SI.roa
File: bQjgk1tkcYJVw8F-jn-PHBH40SI.roa (raw, json)
Hash identifier: WplmlbIu2ORXNxvFjkuAVNitq+j8+DeltVachhXtmgU=
Subject key identifier: 6D:08:E0:93:5B:64:71:82:55:C3:C1:7E:8E:7F:8F:1C:11:F8:D1:22
Certificate issuer: /CN=7ca04cc67ef96d9022f3d0bfc51eadb4a4b63ee6
Certificate serial: 0187DBDA347874496B3ADAB251AE595429AC
Authority key identifier: 7C:A0:4C:C6:7E:F9:6D:90:22:F3:D0:BF:C5:1E:AD:B4:A4:B6:3E:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fKBMxn75bZAi89C_xR6ttKS2PuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/9b94e2-d21d-4d81-8aea-a5568e0fbb6d/1/bQjgk1tkcYJVw8F-jn-PHBH40SI.roa
Signing time: Tue 02 May 2023 09:45:23 +0000
ROA not before: Tue 02 May 2023 09:45:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197792
IP address blocks: 159.255.40.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:db:da:34:78:74:49:6b:3a:da:b2:51:ae:59:54:29:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ca04cc67ef96d9022f3d0bfc51eadb4a4b63ee6
Validity
Not Before: May 2 09:45:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d08e0935b64718255c3c17e8e7f8f1c11f8d122
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:05:16:ee:72:0c:1d:9a:a7:f4:dc:f8:54:1d:
b1:0a:26:0b:c0:21:8a:04:64:92:fe:7e:68:3d:b2:
7e:45:cc:f3:18:07:a0:6f:c1:da:2a:cc:55:e4:c6:
47:01:23:bc:1f:34:51:9e:5c:99:99:4f:06:bb:61:
ea:26:ac:57:65:ed:3c:93:59:3f:d8:3c:e3:32:eb:
b0:54:c8:3e:1c:96:e0:c7:00:cb:bc:29:1f:c1:f3:
6a:e5:d0:b6:dd:17:6e:f3:ab:92:8d:59:53:8e:36:
2a:c8:49:b8:6e:7d:36:be:8f:5a:42:b1:c6:8c:c5:
c6:36:74:70:2d:a4:f7:34:f1:36:f6:20:be:11:9c:
c2:75:39:54:2e:03:8a:5c:44:8b:95:ac:32:62:8a:
4a:2d:b9:7d:7d:a2:9f:fc:5c:b9:59:41:d6:35:09:
48:59:fe:6a:3f:0c:e7:ae:bc:38:1d:b5:64:e7:82:
b4:29:16:a1:0c:46:d4:de:13:43:b3:0b:aa:b9:b3:
ad:ec:2c:d2:d6:42:de:d7:4b:e7:0e:79:e2:c4:15:
92:2d:be:e3:6b:f0:f0:18:08:3f:bd:85:1b:4b:f1:
31:09:e8:f7:fd:2f:e3:dd:af:89:de:2f:d2:0a:a4:
37:9e:86:97:22:42:f7:5e:3d:56:5d:8b:0f:f1:fe:
64:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:08:E0:93:5B:64:71:82:55:C3:C1:7E:8E:7F:8F:1C:11:F8:D1:22
X509v3 Authority Key Identifier:
keyid:7C:A0:4C:C6:7E:F9:6D:90:22:F3:D0:BF:C5:1E:AD:B4:A4:B6:3E:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fKBMxn75bZAi89C_xR6ttKS2PuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/9b94e2-d21d-4d81-8aea-a5568e0fbb6d/1/bQjgk1tkcYJVw8F-jn-PHBH40SI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/9b94e2-d21d-4d81-8aea-a5568e0fbb6d/1/fKBMxn75bZAi89C_xR6ttKS2PuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.255.40.0/21
Signature Algorithm: sha256WithRSAEncryption
5f:a7:18:0f:bc:be:e6:8d:ad:a2:6e:df:03:ca:a5:65:c1:2a:
c8:69:26:d8:d6:98:10:49:e3:ad:38:01:23:a3:68:05:92:f1:
6a:4d:7c:b0:76:52:15:0d:3e:13:5f:b1:f5:76:ab:31:58:8f:
55:2b:f7:1b:69:9d:8e:5c:c7:34:15:be:1a:b5:6b:1f:aa:5b:
2a:8b:69:80:5d:5c:e8:79:1a:c9:e0:0d:24:e4:75:6d:72:21:
8b:11:9a:73:6e:3d:3a:4e:bd:f3:b8:10:ba:48:d9:9a:83:62:
9f:90:b6:1a:14:16:83:cb:94:a9:ab:bb:bf:97:7c:f9:02:a3:
49:83:35:ab:ae:72:23:0b:a9:cb:fc:bc:8d:db:73:21:df:a9:
89:09:eb:fc:12:18:0e:e9:70:22:b2:ef:dc:4c:bb:27:69:24:
a6:e6:df:99:53:ac:be:86:34:ef:93:04:ec:fa:8d:f4:b5:58:
ea:18:f8:18:d5:ce:bb:c1:e3:0e:93:19:2b:0b:a6:87:4f:4b:
b6:fa:df:8d:64:d7:0e:74:ca:5e:24:f4:7c:c7:f9:bb:ab:a7:
ab:6a:f3:00:db:ea:f6:f6:f1:7e:34:d2:a9:70:81:72:21:46:
da:92:59:93:13:ef:8e:c9:52:40:46:3f:3b:a5:4e:81:13:27:
8c:c9:d3:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfb2jR4dElrOtqyUa5ZVCmsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjYTA0Y2M2N2VmOTZkOTAyMmYzZDBiZmM1MWVhZGI0YTRi
NjNlZTYwHhcNMjMwNTAyMDk0NTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDA4ZTA5MzViNjQ3MTgyNTVjM2MxN2U4ZTdmOGYxYzExZjhkMTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAUW7nIMHZqn9Nz4VB2xCiYLwCGK
BGSS/n5oPbJ+RczzGAegb8HaKsxV5MZHASO8HzRRnlyZmU8Gu2HqJqxXZe08k1k/
2DzjMuuwVMg+HJbgxwDLvCkfwfNq5dC23Rdu86uSjVlTjjYqyEm4bn02vo9aQrHG
jMXGNnRwLaT3NPE29iC+EZzCdTlULgOKXESLlawyYopKLbl9faKf/Fy5WUHWNQlI
Wf5qPwznrrw4HbVk54K0KRahDEbU3hNDswuqubOt7CzS1kLe10vnDnnixBWSLb7j
a/DwGAg/vYUbS/ExCej3/S/j3a+J3i/SCqQ3noaXIkL3Xj1WXYsP8f5kdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG0I4JNbZHGCVcPBfo5/jxwR+NEiMB8GA1UdIwQY
MBaAFHygTMZ++W2QIvPQv8UerbSktj7mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZktCTXhuNzViWkFpODlDX3hSNnR0S1MyUHVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi85Yjk0ZTItZDIxZC00ZDgxLThhZWEt
YTU1NjhlMGZiYjZkLzEvYlFqZ2sxdGtjWUpWdzhGLWpuLVBIQkg0MFNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi85Yjk0ZTItZDIxZC00ZDgxLThhZWEtYTU1NjhlMGZiYjZk
LzEvZktCTXhuNzViWkFpODlDX3hSNnR0S1MyUHVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDn/8oMA0G
CSqGSIb3DQEBCwUAA4IBAQBfpxgPvL7mja2ibt8DyqVlwSrIaSbY1pgQSeOtOAEj
o2gFkvFqTXywdlIVDT4TX7H1dqsxWI9VK/cbaZ2OXMc0Fb4atWsfqlsqi2mAXVzo
eRrJ4A0k5HVtciGLEZpzbj06Tr3zuBC6SNmag2KfkLYaFBaDy5Spq7u/l3z5AqNJ
gzWrrnIjC6nL/LyN23Mh36mJCev8EhgO6XAisu/cTLsnaSSm5t+ZU6y+hjTvkwTs
+o30tVjqGPgY1c67weMOkxkrC6aHT0u2+t+NZNcOdMpeJPR8x/m7q6eravMA2+r2
9vF+NNKpcIFyIUbaklmTE++OyVJARj87pU6BEyeMydP2
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:16:41 2025 by rpki-client