Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/686d4b-f15b-4530-b91b-e0c406b64672/1/bzNPgqFwMUrTuYVvZyGy2W9f1vI.roa
File: bzNPgqFwMUrTuYVvZyGy2W9f1vI.roa (raw, json)
Hash identifier: OQkKLd7IEU1wNOUwKSy+H4tRk6HkpY7tt8E44OO9G+0=
Subject key identifier: 6F:33:4F:82:A1:70:31:4A:D3:B9:85:6F:67:21:B2:D9:6F:5F:D6:F2
Certificate issuer: /CN=4ed4d36e633724a1b17949bc422476964e75f065
Certificate serial: 01856CEF1D749F449C1BED4D4F364F1D379D
Authority key identifier: 4E:D4:D3:6E:63:37:24:A1:B1:79:49:BC:42:24:76:96:4E:75:F0:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TtTTbmM3JKGxeUm8QiR2lk518GU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/686d4b-f15b-4530-b91b-e0c406b64672/1/bzNPgqFwMUrTuYVvZyGy2W9f1vI.roa
Signing time: Sun 01 Jan 2023 10:44:47 +0000
ROA not before: Sun 01 Jan 2023 10:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60941
IP address blocks: 185.21.56.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:1d:74:9f:44:9c:1b:ed:4d:4f:36:4f:1d:37:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ed4d36e633724a1b17949bc422476964e75f065
Validity
Not Before: Jan 1 10:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f334f82a170314ad3b9856f6721b2d96f5fd6f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:7e:df:3d:9b:60:6a:7c:ae:9c:cb:31:a7:ed:
68:e1:a1:98:55:6a:18:b4:cf:4a:0d:3b:a6:cb:09:
45:68:5f:83:e4:47:12:50:ab:54:78:61:74:6e:46:
99:ff:f1:47:af:44:b1:f0:f8:b6:c5:70:5e:c3:31:
98:5c:cc:0e:e5:bd:8a:fc:4b:c1:bb:00:8c:fd:dd:
44:98:41:28:6f:4e:46:51:77:5f:f4:3f:9b:6b:83:
59:6c:ff:c4:7b:f9:eb:6d:60:e7:83:ff:44:51:a4:
c6:ba:e8:ce:04:d2:31:34:29:9c:82:17:27:7b:6a:
c3:cf:fb:3e:2c:34:a3:a1:80:81:98:5d:60:04:4f:
c0:20:28:64:d5:53:1d:56:b1:4f:07:70:39:dd:28:
d8:61:7a:3a:0e:7f:dd:93:81:ac:35:7e:7e:89:fc:
46:23:bb:cd:22:11:66:dc:27:f3:20:b6:0c:3b:b0:
ad:12:3c:a6:a6:62:a9:be:f0:a5:55:8c:d0:36:45:
90:61:a2:b5:4b:84:5b:1a:4b:9c:6e:d7:2f:04:9e:
d1:b0:20:e1:fd:53:4a:bf:38:bc:c5:dd:2c:64:33:
7f:6f:8a:8d:47:cd:b0:87:fa:a6:d4:f8:bb:8f:ce:
24:47:68:11:5e:43:2d:02:cc:07:60:42:b1:46:e6:
40:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:33:4F:82:A1:70:31:4A:D3:B9:85:6F:67:21:B2:D9:6F:5F:D6:F2
X509v3 Authority Key Identifier:
keyid:4E:D4:D3:6E:63:37:24:A1:B1:79:49:BC:42:24:76:96:4E:75:F0:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TtTTbmM3JKGxeUm8QiR2lk518GU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/686d4b-f15b-4530-b91b-e0c406b64672/1/bzNPgqFwMUrTuYVvZyGy2W9f1vI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/686d4b-f15b-4530-b91b-e0c406b64672/1/TtTTbmM3JKGxeUm8QiR2lk518GU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.56.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:88:c0:cd:07:6c:75:37:dc:06:ac:a9:e1:83:25:1c:44:88:
c3:a6:3d:c9:42:41:66:41:45:9e:dd:cf:6d:8d:09:52:ad:54:
b6:80:fd:3e:61:6c:9e:8e:97:38:6b:63:3e:f2:b2:1a:04:cc:
1d:c4:c1:8f:f4:0f:38:8e:da:dd:df:34:b8:4b:d6:cf:ec:4e:
54:1a:13:c0:3e:44:c0:bb:6d:50:db:ca:98:9c:d1:bc:a0:ed:
1f:5f:50:11:56:10:db:1c:c7:16:2a:01:02:10:d7:06:cc:d3:
65:24:89:67:30:77:07:d9:6e:0c:6a:31:9f:68:f1:a0:22:8f:
59:01:e2:32:8e:e8:15:6d:5f:55:ea:f5:ba:33:b9:e9:0b:51:
e1:41:76:ed:bf:07:1d:4a:53:07:a1:0b:a2:a2:74:77:4f:11:
aa:b8:26:64:15:f6:8a:f5:21:8b:ae:bd:28:44:9e:83:4f:3a:
58:46:ca:6b:5a:26:ce:47:b2:b5:fb:0c:d1:c4:e8:95:ea:4e:
0a:4f:ea:e8:86:f9:75:67:39:30:b7:4a:cb:58:16:b7:37:c0:
18:05:4c:5a:37:33:70:9d:42:f9:3c:2b:44:33:41:b5:67:e0:
6b:8b:fe:55:3b:b7:cb:3c:07:a1:87:20:e1:63:5c:60:03:cb:
ce:2e:06:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs7x10n0ScG+1NTzZPHTedMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZDRkMzZlNjMzNzI0YTFiMTc5NDliYzQyMjQ3Njk2NGU3
NWYwNjUwHhcNMjMwMTAxMTA0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjMzNGY4MmExNzAzMTRhZDNiOTg1NmY2NzIxYjJkOTZmNWZkNmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx37fPZtganyunMsxp+1o4aGYVWoY
tM9KDTumywlFaF+D5EcSUKtUeGF0bkaZ//FHr0Sx8Pi2xXBewzGYXMwO5b2K/EvB
uwCM/d1EmEEob05GUXdf9D+ba4NZbP/Ee/nrbWDng/9EUaTGuujOBNIxNCmcghcn
e2rDz/s+LDSjoYCBmF1gBE/AIChk1VMdVrFPB3A53SjYYXo6Dn/dk4GsNX5+ifxG
I7vNIhFm3CfzILYMO7CtEjympmKpvvClVYzQNkWQYaK1S4RbGkucbtcvBJ7RsCDh
/VNKvzi8xd0sZDN/b4qNR82wh/qm1Pi7j84kR2gRXkMtAswHYEKxRuZAgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG8zT4KhcDFK07mFb2chstlvX9byMB8GA1UdIwQY
MBaAFE7U025jNyShsXlJvEIkdpZOdfBlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHRUVGJtTTNKS0d4ZVVtOFFpUjJsazUxOEdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy82ODZkNGItZjE1Yi00NTMwLWI5MWIt
ZTBjNDA2YjY0NjcyLzEvYnpOUGdxRndNVXJUdVlWdlp5R3kyVzlmMXZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy82ODZkNGItZjE1Yi00NTMwLWI5MWItZTBjNDA2YjY0Njcy
LzEvVHRUVGJtTTNKS0d4ZVVtOFFpUjJsazUxOEdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRU4MA0G
CSqGSIb3DQEBCwUAA4IBAQCPiMDNB2x1N9wGrKnhgyUcRIjDpj3JQkFmQUWe3c9t
jQlSrVS2gP0+YWyejpc4a2M+8rIaBMwdxMGP9A84jtrd3zS4S9bP7E5UGhPAPkTA
u21Q28qYnNG8oO0fX1ARVhDbHMcWKgECENcGzNNlJIlnMHcH2W4MajGfaPGgIo9Z
AeIyjugVbV9V6vW6M7npC1HhQXbtvwcdSlMHoQuionR3TxGquCZkFfaK9SGLrr0o
RJ6DTzpYRsprWibOR7K1+wzRxOiV6k4KT+rohvl1Zzkwt0rLWBa3N8AYBUxaNzNw
nUL5PCtEM0G1Z+Bri/5VO7fLPAehhyDhY1xgA8vOLgbj
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:14:41 2025 by rpki-client