Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Bb0uC_k3RCbw-ReU2cah2QIyp7I.roa
File: Bb0uC_k3RCbw-ReU2cah2QIyp7I.roa (raw, json)
Hash identifier: ocpFb9f2g15lz0wBQ7NNQGpjY6yggJrqYSgy1e/R42M=
Subject key identifier: 05:BD:2E:0B:F9:37:44:26:F0:F9:17:94:D9:C6:A1:D9:02:32:A7:B2
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 427EB333
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Bb0uC_k3RCbw-ReU2cah2QIyp7I.roa
Signing time: Sat 01 Jan 2022 14:03:22 +0000
ROA not before: Sat 01 Jan 2022 14:03:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197595
IP address blocks: 192.165.178.0/23 maxlen: 23
194.132.9.0/24 maxlen: 24
194.71.216.0/23 maxlen: 23
194.71.217.0/24 maxlen: 24
194.71.216.0/24 maxlen: 24
193.180.23.0/24 maxlen: 24
193.183.116.0/24 maxlen: 24
193.180.164.0/23 maxlen: 23
194.68.170.0/24 maxlen: 24
194.68.170.0/23 maxlen: 23
194.68.171.0/24 maxlen: 24
192.36.208.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1115599667 (0x427eb333)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 14:03:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=05bd2e0bf9374426f0f91794d9c6a1d90232a7b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0e:29:e7:7b:01:c3:c4:67:85:c7:ad:b1:56:
92:be:4b:d7:58:0f:89:57:c5:20:74:48:ec:d3:68:
d3:ae:f0:b1:9f:b6:46:21:e6:d7:52:82:47:50:45:
70:b6:24:de:dd:11:4b:dd:c7:9b:44:ee:80:78:47:
65:fe:2e:2f:13:2b:f8:a4:97:08:b2:f7:8e:9e:8e:
8d:95:14:f7:3d:ea:34:db:57:ef:ce:34:b6:b7:dc:
30:db:34:f4:9c:8a:e0:1a:fd:54:f5:9c:e4:25:ce:
ec:96:60:13:92:6a:8d:51:9b:bc:74:f8:04:46:57:
71:5e:87:39:03:3b:a7:78:68:4f:eb:80:86:b5:d6:
09:38:b5:6d:3d:e1:a9:77:b6:a4:b7:02:60:f1:b8:
61:e0:6e:73:66:33:68:27:e2:2f:e4:fc:94:00:40:
cf:88:6c:c5:67:28:ab:83:b8:1f:a8:78:29:91:63:
91:2e:a5:fa:28:5b:6b:b2:f6:92:42:a2:a1:2a:92:
46:00:7c:bf:56:84:8f:01:6d:4d:b4:f9:bd:af:44:
e4:11:69:f4:2d:72:4a:52:92:7d:8e:6c:d3:b0:21:
d8:c3:1a:ed:95:47:4c:3e:84:5c:b6:68:7d:a0:61:
14:f8:fc:13:ef:67:bf:10:9b:dd:08:4f:9f:b5:c9:
c4:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:BD:2E:0B:F9:37:44:26:F0:F9:17:94:D9:C6:A1:D9:02:32:A7:B2
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Bb0uC_k3RCbw-ReU2cah2QIyp7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.208.0/24
192.165.178.0/23
193.180.23.0/24
193.180.164.0/23
193.183.116.0/24
194.68.170.0/23
194.71.216.0/23
194.132.9.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:67:b4:05:73:e1:dd:22:5e:3e:2b:e0:b6:e4:72:90:f5:02:
58:7b:1d:f3:ef:26:ae:64:eb:1c:2f:7a:70:32:cb:2e:20:68:
fe:b2:67:47:e9:ac:9b:f4:30:3f:22:8e:b7:93:13:c0:21:a3:
4c:de:8b:4f:92:ad:b0:7c:f8:5c:dc:7b:ac:e7:2c:a1:d1:16:
27:68:0d:9e:d5:0f:36:3b:63:c9:88:c5:e5:35:45:3e:e7:ce:
b4:0c:ef:4d:2c:4d:51:48:53:c5:de:5c:20:e1:5d:12:6b:a6:
25:fd:93:fc:7f:a7:77:96:16:10:46:de:bc:63:50:6e:df:37:
56:07:a8:c2:97:3c:27:db:c2:06:43:6d:f2:bc:ad:ea:ef:82:
31:2a:9c:2d:4f:48:59:d3:d7:02:4b:43:88:cd:ab:86:5f:02:
d6:db:b9:2b:fe:13:72:7d:bb:df:aa:75:c8:60:1b:d3:2b:8e:
73:ba:80:b9:66:75:be:cd:9f:1f:cf:f6:67:ea:21:97:7a:22:
aa:fb:17:46:fe:3f:d0:5e:e0:f3:a5:99:ca:2f:d0:3c:da:45:
13:2d:e7:68:ff:75:be:00:1c:28:7e:50:9d:32:1c:96:07:79:
f0:dd:36:a0:3b:1f:7c:f3:ee:18:6f:f2:c7:f4:d1:23:bd:8e:
34:31:09:8d
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEQn6zMzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTM1YzdmNTcxZWVmZWI2NzQwNGFiNmM0NWZkNDc1NTUxYWRhZjFiMB4XDTIyMDEw
MTE0MDMyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDViZDJlMGJmOTM3
NDQyNmYwZjkxNzk0ZDljNmExZDkwMjMyYTdiMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMAOKed7AcPEZ4XHrbFWkr5L11gPiVfFIHRI7NNo067wsZ+2
RiHm11KCR1BFcLYk3t0RS93Hm0TugHhHZf4uLxMr+KSXCLL3jp6OjZUU9z3qNNtX
7840trfcMNs09JyK4Br9VPWc5CXO7JZgE5JqjVGbvHT4BEZXcV6HOQM7p3hoT+uA
hrXWCTi1bT3hqXe2pLcCYPG4YeBuc2YzaCfiL+T8lABAz4hsxWcoq4O4H6h4KZFj
kS6l+ihba7L2kkKioSqSRgB8v1aEjwFtTbT5va9E5BFp9C1ySlKSfY5s07Ah2MMa
7ZVHTD6EXLZofaBhFPj8E+9nvxCb3QhPn7XJxNMCAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBQFvS4L+TdEJvD5F5TZxqHZAjKnsjAfBgNVHSMEGDAWgBQhNcf1ce7+tnQE
q2xF/UdVUa2vGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lUWEg5WEh1X3JaMEJLdHNSZjFIVlZHdHJ4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8x
L0JiMHVDX2szUkNidy1SZVUyY2FoMlFJeXA3SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
NjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8xL0lUWEg5WEh1X3Ja
MEJLdHNSZjFIVlZHdHJ4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAMAk0AMEAcClsgMEAMG0FwMEAcG0
pAMEAMG3dAMEAcJEqgMEAcJH2AMEAMKECTANBgkqhkiG9w0BAQsFAAOCAQEAime0
BXPh3SJePivgtuRykPUCWHsd8+8mrmTrHC96cDLLLiBo/rJnR+msm/QwPyKOt5MT
wCGjTN6LT5KtsHz4XNx7rOcsodEWJ2gNntUPNjtjyYjF5TVFPufOtAzvTSxNUUhT
xd5cIOFdEmumJf2T/H+nd5YWEEbevGNQbt83Vgeowpc8J9vCBkNt8ryt6u+CMSqc
LU9IWdPXAktDiM2rhl8C1tu5K/4Tcn2736p1yGAb0yuOc7qAuWZ1vs2fH8/2Z+oh
l3oiqvsXRv4/0F7g86WZyi/QPNpFEy3naP91vgAcKH5QnTIclgd58N02oDsffPPu
GG/yx/TRI72ONDEJjQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:01 2025 by rpki-client