Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/af4407-f98e-4994-9f9e-f6b6c04916a1/1/BTgFLSPYSVNSaiXzYaDNg5u6RfU.roa
File: BTgFLSPYSVNSaiXzYaDNg5u6RfU.roa (raw, json)
Hash identifier: 5IWhYKgZsYsMimdLuNFKra8XOxSTqUwrugYNytbooUs=
Subject key identifier: 05:38:05:2D:23:D8:49:53:52:6A:25:F3:61:A0:CD:83:9B:BA:45:F5
Certificate issuer: /CN=a13042d137fbb03beba6421f33a8525b52a88f7a
Certificate serial: 018571B0D9817330EC65FE27E291C6494513
Authority key identifier: A1:30:42:D1:37:FB:B0:3B:EB:A6:42:1F:33:A8:52:5B:52:A8:8F:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oTBC0Tf7sDvrpkIfM6hSW1Koj3o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/af4407-f98e-4994-9f9e-f6b6c04916a1/1/BTgFLSPYSVNSaiXzYaDNg5u6RfU.roa
Signing time: Mon 02 Jan 2023 08:54:53 +0000
ROA not before: Mon 02 Jan 2023 08:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198249
IP address blocks: 91.199.98.0/24 maxlen: 24
185.17.68.0/22 maxlen: 24
185.169.84.0/22 maxlen: 24
91.234.160.0/24 maxlen: 24
2a04:500::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:d9:81:73:30:ec:65:fe:27:e2:91:c6:49:45:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a13042d137fbb03beba6421f33a8525b52a88f7a
Validity
Not Before: Jan 2 08:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0538052d23d84953526a25f361a0cd839bba45f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:49:7d:90:23:1f:63:99:4b:da:93:97:c3:33:
c4:de:f2:2f:1d:70:11:6c:60:40:97:a0:5c:e8:6b:
af:9e:26:78:b5:d2:cf:73:c6:0f:d9:60:62:a6:11:
06:df:1f:25:a2:47:04:43:6f:6b:58:66:bf:fc:e1:
8b:29:c1:2f:cc:38:10:35:05:15:28:3d:d3:19:b1:
e1:fe:71:6f:20:de:7d:b5:dc:51:a5:ae:06:0b:6a:
5a:d2:02:90:df:c9:cc:28:78:52:a0:df:66:33:ef:
49:68:0f:9a:48:94:3f:8a:2e:4d:75:22:d0:4f:c7:
ee:6e:55:a4:08:be:a1:d6:aa:10:50:b7:57:51:0d:
19:7f:30:13:46:ab:d6:76:a0:bb:3c:a8:d3:21:fb:
31:32:c6:fa:85:b0:c5:bf:77:3e:f6:cf:8a:05:b2:
99:6f:cc:50:10:f4:8f:e7:53:dd:2d:13:d8:13:a9:
fc:20:c3:72:01:aa:f6:c5:37:77:d3:3a:df:41:9a:
40:be:b4:2f:30:92:13:5d:11:30:45:66:1a:68:d9:
88:16:d3:20:6b:a4:85:79:ba:83:53:a8:61:89:ab:
f4:c1:c0:57:ec:a6:73:d4:7e:8d:6b:0f:f9:07:c9:
a0:47:e8:40:b5:34:9a:b4:ab:87:96:56:bf:d7:bd:
82:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:38:05:2D:23:D8:49:53:52:6A:25:F3:61:A0:CD:83:9B:BA:45:F5
X509v3 Authority Key Identifier:
keyid:A1:30:42:D1:37:FB:B0:3B:EB:A6:42:1F:33:A8:52:5B:52:A8:8F:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oTBC0Tf7sDvrpkIfM6hSW1Koj3o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/af4407-f98e-4994-9f9e-f6b6c04916a1/1/BTgFLSPYSVNSaiXzYaDNg5u6RfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/af4407-f98e-4994-9f9e-f6b6c04916a1/1/oTBC0Tf7sDvrpkIfM6hSW1Koj3o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.98.0/24
91.234.160.0/24
185.17.68.0/22
185.169.84.0/22
IPv6:
2a04:500::/29
Signature Algorithm: sha256WithRSAEncryption
c5:ce:eb:51:7c:37:c0:e6:58:6f:84:72:7b:a3:8c:5b:71:38:
d2:3e:00:1e:55:69:7a:8e:ba:9f:9f:49:46:5f:e4:72:87:24:
01:74:82:38:77:32:fd:44:56:28:82:ae:57:fe:59:10:f3:1a:
8a:8f:d3:11:fe:95:94:eb:8d:8c:f7:d9:ac:f8:d3:1f:f7:f5:
96:a9:4d:d4:a5:9f:06:27:15:e6:a1:c5:e6:39:fc:06:a1:a2:
27:9f:47:e3:5e:75:35:c4:ad:74:c8:4b:f3:8f:51:e3:fe:3c:
61:24:78:47:d2:65:29:0a:76:3d:25:e9:65:44:56:f9:af:a4:
07:26:fa:56:cf:99:74:8a:12:e7:62:d2:d0:19:02:0e:ff:3b:
4f:9e:03:f1:ee:48:ce:0b:3a:c0:fb:58:86:ae:0c:0a:a0:e4:
48:5e:64:25:e0:95:ac:ae:0e:8c:bf:52:be:77:f2:24:6a:c5:
17:99:fb:5c:24:c6:7f:1c:50:01:cd:92:ed:fc:3b:11:09:78:
8c:03:e6:20:8b:c3:a5:07:c3:de:73:49:e2:69:f1:df:46:25:
fa:8d:3c:b8:9c:1c:3d:9a:db:ec:88:f3:37:25:b3:d2:27:4f:
34:92:c3:9f:ed:cb:53:b8:51:57:41:9e:97:0d:c1:c0:1f:a7:
93:74:a7:1e
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVxsNmBczDsZf4n4pHGSUUTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMzA0MmQxMzdmYmIwM2JlYmE2NDIxZjMzYTg1MjViNTJh
ODhmN2EwHhcNMjMwMTAyMDg1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTM4MDUyZDIzZDg0OTUzNTI2YTI1ZjM2MWEwY2Q4MzliYmE0NWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0l9kCMfY5lL2pOXwzPE3vIvHXAR
bGBAl6Bc6GuvniZ4tdLPc8YP2WBiphEG3x8lokcEQ29rWGa//OGLKcEvzDgQNQUV
KD3TGbHh/nFvIN59tdxRpa4GC2pa0gKQ38nMKHhSoN9mM+9JaA+aSJQ/ii5NdSLQ
T8fublWkCL6h1qoQULdXUQ0ZfzATRqvWdqC7PKjTIfsxMsb6hbDFv3c+9s+KBbKZ
b8xQEPSP51PdLRPYE6n8IMNyAar2xTd30zrfQZpAvrQvMJITXREwRWYaaNmIFtMg
a6SFebqDU6hhiav0wcBX7KZz1H6Naw/5B8mgR+hAtTSatKuHlla/172CfQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFAU4BS0j2ElTUmol82GgzYObukX1MB8GA1UdIwQY
MBaAFKEwQtE3+7A766ZCHzOoUltSqI96MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1RCQzBUZjdzRHZycGtJZk02aFNXMUtvajNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9hZjQ0MDctZjk4ZS00OTk0LTlmOWUt
ZjZiNmMwNDkxNmExLzEvQlRnRkxTUFlTVk5TYWlYellhRE5nNXU2UmZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9hZjQ0MDctZjk4ZS00OTk0LTlmOWUtZjZiNmMwNDkxNmEx
LzEvb1RCQzBUZjdzRHZycGtJZk02aFNXMUtvajNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW8diAwQA
W+qgAwQCuRFEAwQCualUMA0EAgACMAcDBQMqBAUAMA0GCSqGSIb3DQEBCwUAA4IB
AQDFzutRfDfA5lhvhHJ7o4xbcTjSPgAeVWl6jrqfn0lGX+RyhyQBdII4dzL9RFYo
gq5X/lkQ8xqKj9MR/pWU642M99ms+NMf9/WWqU3UpZ8GJxXmocXmOfwGoaInn0fj
XnU1xK10yEvzj1Hj/jxhJHhH0mUpCnY9JellRFb5r6QHJvpWz5l0ihLnYtLQGQIO
/ztPngPx7kjOCzrA+1iGrgwKoORIXmQl4JWsrg6Mv1K+d/IkasUXmftcJMZ/HFAB
zZLt/DsRCXiMA+Ygi8OlB8Pec0niafHfRiX6jTy4nBw9mtvsiPM3JbPSJ080ksOf
7ctTuFFXQZ6XDcHAH6eTdKce
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:40 2025 by rpki-client