Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/BY8b-b5Rlv0RQJifOEKZmJkXdxk.roa
File: BY8b-b5Rlv0RQJifOEKZmJkXdxk.roa (raw, json)
Hash identifier: 0OfgCY60CSk47cPKJKHAGIxgzgdjZIf4XTXv+5zg1lI=
Subject key identifier: 05:8F:1B:F9:BE:51:96:FD:11:40:98:9F:38:42:99:98:99:17:77:19
Certificate issuer: /CN=dd640339e59addc75fd978101b40082b5d2b8796
Certificate serial: 018424EEA8214B467CCAF3F1FEFD05D8D6D5
Authority key identifier: DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/BY8b-b5Rlv0RQJifOEKZmJkXdxk.roa
Signing time: Sat 29 Oct 2022 18:08:51 +0000
ROA not before: Sat 29 Oct 2022 18:08:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211585
IP address blocks: 185.191.146.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:24:ee:a8:21:4b:46:7c:ca:f3:f1:fe:fd:05:d8:d6:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd640339e59addc75fd978101b40082b5d2b8796
Validity
Not Before: Oct 29 18:08:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=058f1bf9be5196fd1140989f3842999899177719
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2d:9c:f3:39:c8:d1:6e:7a:6a:e9:66:15:44:
e5:fb:20:e7:58:a0:cf:bf:d3:6b:fe:67:c4:8d:1f:
ae:d1:c9:87:e1:59:67:4e:72:68:8c:7e:e2:37:c2:
45:35:8a:a6:4d:c5:5f:f5:1e:01:73:5e:56:5c:44:
a5:10:9a:96:2b:6d:3c:57:e5:f6:0d:43:a5:55:75:
99:01:34:16:a5:c2:d9:07:e3:dc:68:61:cc:1e:37:
87:39:60:22:97:50:b1:37:a8:2c:24:eb:76:a6:65:
53:15:1f:01:30:f9:e6:80:1d:c8:ec:97:b2:8d:a8:
4f:ed:e4:c1:fb:13:1f:16:d0:79:1e:6e:d0:a5:de:
7e:a7:47:62:88:a3:c5:1d:0b:98:ca:42:ae:b6:45:
a0:01:5e:53:76:b0:10:d4:a9:16:43:57:60:28:ca:
81:0a:53:ba:64:9b:e6:af:0b:8e:8a:ec:37:84:2f:
de:92:7a:05:11:fe:46:a9:b6:4e:5c:59:be:6f:5d:
fa:41:ae:f7:20:1c:2f:24:7c:e1:5f:59:a4:7d:cd:
c5:6e:00:c2:66:f9:fc:3a:9a:57:0e:55:26:95:44:
df:1f:65:b2:6c:dc:cc:b8:e7:86:b4:5d:03:59:f5:
e4:dc:de:56:d6:75:06:56:1b:51:c3:01:70:50:bf:
ba:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:8F:1B:F9:BE:51:96:FD:11:40:98:9F:38:42:99:98:99:17:77:19
X509v3 Authority Key Identifier:
keyid:DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/BY8b-b5Rlv0RQJifOEKZmJkXdxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.146.0/24
Signature Algorithm: sha256WithRSAEncryption
d3:9a:59:37:90:64:42:ba:ab:8f:bb:39:5c:ba:26:31:9c:54:
5c:e6:2c:14:f5:2b:b8:b2:21:7e:71:75:21:fb:21:c3:6e:fa:
09:75:7b:c0:f8:ff:0d:3e:67:82:a0:d2:b6:31:38:67:bb:fb:
bb:fd:57:e2:04:3a:0d:19:98:64:f6:1d:1d:e8:49:a1:1c:d1:
6e:89:5f:0b:8b:c8:26:ee:40:97:72:58:8e:43:45:48:81:52:
3f:8d:d6:02:73:f2:76:51:9f:25:db:36:e9:ad:ee:d2:e0:68:
88:6d:85:f7:0a:ca:6b:91:a3:56:e5:77:d2:8e:30:c8:bc:08:
97:3d:00:b7:b2:b5:24:64:e6:c9:4d:7d:23:8b:e8:47:09:ab:
9d:15:71:2b:70:1a:9e:37:21:3e:f4:a6:15:08:fc:38:a3:8c:
ed:df:58:ea:0c:9d:3b:7b:eb:7b:54:a7:48:38:85:c0:14:34:
14:17:a7:f2:59:66:92:4d:44:c4:21:d5:3f:b6:6e:14:f5:25:
d0:91:b2:57:69:b2:46:e6:16:5f:13:0b:b5:54:42:52:5d:91:
8b:50:25:51:6f:00:d8:8f:d0:cc:ea:0b:ef:19:bf:a2:59:0f:
a2:0a:1f:8e:27:f8:a8:9a:31:3f:51:be:0b:53:6f:ab:53:c8:
f0:e3:27:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQk7qghS0Z8yvPx/v0F2NbVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNjQwMzM5ZTU5YWRkYzc1ZmQ5NzgxMDFiNDAwODJiNWQy
Yjg3OTYwHhcNMjIxMDI5MTgwODUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNThmMWJmOWJlNTE5NmZkMTE0MDk4OWYzODQyOTk5ODk5MTc3NzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsi2c8znI0W56aulmFUTl+yDnWKDP
v9Nr/mfEjR+u0cmH4VlnTnJojH7iN8JFNYqmTcVf9R4Bc15WXESlEJqWK208V+X2
DUOlVXWZATQWpcLZB+PcaGHMHjeHOWAil1CxN6gsJOt2pmVTFR8BMPnmgB3I7Jey
jahP7eTB+xMfFtB5Hm7Qpd5+p0diiKPFHQuYykKutkWgAV5TdrAQ1KkWQ1dgKMqB
ClO6ZJvmrwuOiuw3hC/eknoFEf5GqbZOXFm+b136Qa73IBwvJHzhX1mkfc3FbgDC
Zvn8OppXDlUmlUTfH2WybNzMuOeGtF0DWfXk3N5W1nUGVhtRwwFwUL+6pwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAWPG/m+UZb9EUCYnzhCmZiZF3cZMB8GA1UdIwQY
MBaAFN1kAznlmt3HX9l4EBtACCtdK4eWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAt
NjFiNzMzNTRhYmRiLzEvQlk4Yi1iNVJsdjBSUUppZk9FS1ptSmtYZHhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAtNjFiNzMzNTRhYmRi
LzEvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub+SMA0G
CSqGSIb3DQEBCwUAA4IBAQDTmlk3kGRCuquPuzlcuiYxnFRc5iwU9Su4siF+cXUh
+yHDbvoJdXvA+P8NPmeCoNK2MThnu/u7/VfiBDoNGZhk9h0d6EmhHNFuiV8Li8gm
7kCXcliOQ0VIgVI/jdYCc/J2UZ8l2zbpre7S4GiIbYX3CsprkaNW5XfSjjDIvAiX
PQC3srUkZObJTX0ji+hHCaudFXErcBqeNyE+9KYVCPw4o4zt31jqDJ07e+t7VKdI
OIXAFDQUF6fyWWaSTUTEIdU/tm4U9SXQkbJXabJG5hZfEwu1VEJSXZGLUCVRbwDY
j9DM6gvvGb+iWQ+iCh+OJ/iomjE/Ub4LU2+rU8jw4ydS
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:07:22 2025 by rpki-client