Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/BuKJCWhPd74yurB7308WCutOESg.roa
File: BuKJCWhPd74yurB7308WCutOESg.roa (raw, json)
Hash identifier: VHl87M7PhU8EMO8HwA10UFc4RG2vt5IC/3RSXGvyrHo=
Subject key identifier: 06:E2:89:09:68:4F:77:BE:32:BA:B0:7B:DF:4F:16:0A:EB:4E:11:28
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01856CCB0DEBC1F620A6D21A9ED2D7BC783C
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/BuKJCWhPd74yurB7308WCutOESg.roa
Signing time: Sun 01 Jan 2023 10:05:24 +0000
ROA not before: Sun 01 Jan 2023 10:05:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208610
IP address blocks: 192.36.247.0/24 maxlen: 24
193.234.120.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:cb:0d:eb:c1:f6:20:a6:d2:1a:9e:d2:d7:bc:78:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 10:05:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06e28909684f77be32bab07bdf4f160aeb4e1128
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:01:05:dc:8d:15:f1:5b:8f:c9:d3:3b:bb:1f:
dc:8c:a1:07:0a:f3:7c:bc:96:58:cf:10:24:51:71:
00:33:69:5e:4a:60:99:2f:d4:5e:a6:06:09:81:43:
c0:06:17:7f:1d:fd:4e:a9:42:3d:64:93:c1:b8:08:
29:d5:18:0d:fa:ed:24:be:de:fc:d6:43:d6:25:37:
e3:37:9f:40:b6:74:10:e4:d5:70:59:fd:34:62:82:
71:23:32:36:e3:ec:98:0d:a5:68:7b:f4:81:e0:27:
41:0c:66:5c:6d:f0:4b:97:7e:1a:7f:4b:16:0b:f4:
3e:51:97:fd:5d:98:d2:26:c0:e5:ce:e8:cb:06:0d:
46:09:d1:0e:c4:81:32:2c:94:6c:60:90:13:40:4c:
86:59:82:f5:d1:61:b8:90:c2:5d:9e:8c:19:5a:ac:
82:04:0d:1c:2e:77:1d:6b:15:ce:0e:ff:d6:84:27:
99:74:9a:bd:27:f9:8f:e9:4e:73:db:07:5a:53:84:
35:7a:ab:55:98:f3:34:e9:64:88:87:09:9e:ca:13:
8a:99:f9:ee:75:38:54:1d:e7:11:6e:4c:3d:99:0f:
14:cf:44:a1:73:8a:2e:b8:32:7c:da:b7:05:eb:f9:
0b:0f:41:c4:5e:d9:25:3e:f2:be:86:21:b7:19:e4:
87:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:E2:89:09:68:4F:77:BE:32:BA:B0:7B:DF:4F:16:0A:EB:4E:11:28
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/BuKJCWhPd74yurB7308WCutOESg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.247.0/24
193.234.120.0/22
Signature Algorithm: sha256WithRSAEncryption
41:ad:6f:6e:6b:06:d5:c4:41:52:c1:a2:b8:61:c8:48:53:8c:
68:0b:7e:e2:88:7d:c7:48:18:72:de:ef:8f:a6:83:d9:d8:4b:
b4:d2:00:5f:eb:1d:04:23:ff:40:27:82:1a:c8:3e:ed:3c:82:
d9:9e:be:cb:d6:81:e1:01:fc:38:b3:f8:06:6c:a1:e4:30:fd:
45:b7:ac:3b:cb:5b:9c:50:60:1a:8e:2f:22:e0:e5:9d:b8:92:
6f:38:15:bd:98:9b:f3:c7:5d:98:62:75:4d:63:bb:f0:8f:86:
26:22:fb:29:f2:15:e3:a3:8a:ef:a3:df:54:e1:f2:77:32:9a:
f0:6b:bc:15:a2:91:f8:3d:a0:71:64:e2:77:70:e1:4d:62:c2:
95:b8:7f:3e:fa:0e:c6:5e:68:c7:0c:fa:ba:87:ef:95:6f:c2:
6f:b4:a5:ef:70:d3:b6:3f:c6:f0:61:e0:28:f3:20:82:91:62:
87:b6:d4:3c:4a:1f:c9:f8:ac:e7:61:9e:b4:38:df:12:0f:82:
d5:03:7e:48:53:8a:38:cb:a6:d0:67:11:12:41:03:d1:48:b6:
c3:e0:75:98:e2:bd:52:12:1d:7b:37:52:fc:64:8c:67:cc:69:
96:dd:e8:e7:45:89:f4:4f:1f:31:de:3b:e9:5c:f8:d1:b7:d2:
55:0a:78:e7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsyw3rwfYgptIantLXvHg8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMTAxMTAwNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmUyODkwOTY4NGY3N2JlMzJiYWIwN2JkZjRmMTYwYWViNGUxMTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQEF3I0V8VuPydM7ux/cjKEHCvN8
vJZYzxAkUXEAM2leSmCZL9RepgYJgUPABhd/Hf1OqUI9ZJPBuAgp1RgN+u0kvt78
1kPWJTfjN59AtnQQ5NVwWf00YoJxIzI24+yYDaVoe/SB4CdBDGZcbfBLl34af0sW
C/Q+UZf9XZjSJsDlzujLBg1GCdEOxIEyLJRsYJATQEyGWYL10WG4kMJdnowZWqyC
BA0cLncdaxXODv/WhCeZdJq9J/mP6U5z2wdaU4Q1eqtVmPM06WSIhwmeyhOKmfnu
dThUHecRbkw9mQ8Uz0Shc4ouuDJ82rcF6/kLD0HEXtklPvK+hiG3GeSHWwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAbiiQloT3e+Mrqwe99PFgrrThEoMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvQnVLSkNXaFBkNzR5dXJCNzMwOFdDdXRPRVNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwCT3AwQC
wep4MA0GCSqGSIb3DQEBCwUAA4IBAQBBrW9uawbVxEFSwaK4YchIU4xoC37iiH3H
SBhy3u+PpoPZ2Eu00gBf6x0EI/9AJ4IayD7tPILZnr7L1oHhAfw4s/gGbKHkMP1F
t6w7y1ucUGAaji8i4OWduJJvOBW9mJvzx12YYnVNY7vwj4YmIvsp8hXjo4rvo99U
4fJ3Mprwa7wVopH4PaBxZOJ3cOFNYsKVuH8++g7GXmjHDPq6h++Vb8JvtKXvcNO2
P8bwYeAo8yCCkWKHttQ8Sh/J+KznYZ60ON8SD4LVA35IU4o4y6bQZxESQQPRSLbD
4HWY4r1SEh17N1L8ZIxnzGmW3ejnRYn0Tx8x3jvpXPjRt9JVCnjn
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:06 2025 by rpki-client