Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/3e72ed-1d65-4982-ad9a-9c37478a593f/1/Baqc8lwOqEER4jzOErt0o6Ct334.roa
File: Baqc8lwOqEER4jzOErt0o6Ct334.roa (raw, json)
Hash identifier: bh99l8PzJMgaeUk5YUfFdvLrXQ2fAv+VLg4JcYuvRFU=
Subject key identifier: 05:AA:9C:F2:5C:0E:A8:41:11:E2:3C:CE:12:BB:74:A3:A0:AD:DF:7E
Certificate issuer: /CN=5ceb0ebd878b77d42f2ca9dd08f70c323c5d03db
Certificate serial: BA4407
Authority key identifier: 5C:EB:0E:BD:87:8B:77:D4:2F:2C:A9:DD:08:F7:0C:32:3C:5D:03:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XOsOvYeLd9QvLKndCPcMMjxdA9s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/3e72ed-1d65-4982-ad9a-9c37478a593f/1/Baqc8lwOqEER4jzOErt0o6Ct334.roa
Signing time: Sat 01 Jan 2022 13:02:14 +0000
ROA not before: Sat 01 Jan 2022 13:02:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44180
IP address blocks: 93.89.8.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12207111 (0xba4407)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ceb0ebd878b77d42f2ca9dd08f70c323c5d03db
Validity
Not Before: Jan 1 13:02:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=05aa9cf25c0ea84111e23cce12bb74a3a0addf7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:b0:73:19:ed:43:43:98:56:65:0b:00:36:bb:
d6:c3:9c:a4:6f:9f:0e:e2:70:b1:e4:88:31:b4:bb:
0b:38:8b:38:04:f9:e4:9d:a5:dc:7d:03:42:ef:af:
5e:8a:47:be:69:03:d5:9a:c6:f2:7e:01:62:3c:ad:
15:ab:7f:61:94:32:dc:f4:b9:98:da:6d:22:75:07:
b4:5e:20:c9:db:0b:da:e1:be:30:41:8d:c2:7e:6d:
c4:80:73:81:8b:71:c1:c0:5b:fe:36:1e:91:5c:96:
30:fd:62:e2:a9:ac:b0:bd:17:0d:2f:6a:69:f8:b3:
22:a1:35:2e:ea:6b:b4:6e:30:ca:68:35:98:ef:69:
d1:c5:a3:4f:00:c1:6b:24:9e:a1:6c:dd:8e:d6:58:
c1:eb:f9:1e:4b:8c:f6:41:ab:0d:34:d0:e8:9e:47:
32:33:f5:27:75:40:14:5c:4e:04:67:17:7f:1f:6a:
7e:60:47:23:d5:ed:ab:64:ab:bd:49:98:0c:3b:6a:
10:5f:4d:24:4c:97:66:c9:40:01:54:d6:a0:30:5a:
2c:24:54:a4:20:ea:03:48:4c:3f:70:20:09:3a:ff:
5b:1d:52:fa:63:7a:2a:29:e1:47:db:e0:48:29:f2:
f1:27:c2:f6:87:fb:06:05:1b:cd:7e:93:bc:34:73:
50:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:AA:9C:F2:5C:0E:A8:41:11:E2:3C:CE:12:BB:74:A3:A0:AD:DF:7E
X509v3 Authority Key Identifier:
keyid:5C:EB:0E:BD:87:8B:77:D4:2F:2C:A9:DD:08:F7:0C:32:3C:5D:03:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XOsOvYeLd9QvLKndCPcMMjxdA9s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3e72ed-1d65-4982-ad9a-9c37478a593f/1/Baqc8lwOqEER4jzOErt0o6Ct334.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3e72ed-1d65-4982-ad9a-9c37478a593f/1/XOsOvYeLd9QvLKndCPcMMjxdA9s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.89.8.0/22
Signature Algorithm: sha256WithRSAEncryption
84:2f:7a:54:97:ad:86:62:c6:a6:1c:7f:4f:c9:6f:fd:d2:aa:
e7:3c:65:22:6e:d2:52:1c:f8:42:5a:e2:6e:4c:2a:f5:ca:31:
91:ee:7b:53:2a:bf:59:f9:5c:2f:8f:89:70:fb:94:4a:47:a5:
f7:e4:38:a7:a3:62:1c:88:59:9f:ab:1e:4a:17:f2:7f:6d:f8:
e9:1f:ff:91:eb:28:c3:42:4d:7c:42:25:d9:3a:96:05:ed:04:
52:5a:86:70:6b:d1:84:66:94:dc:86:05:65:f1:f1:25:db:6d:
44:5a:c8:1b:38:e4:5d:67:3a:9d:b3:ae:88:f9:e8:8d:d6:17:
ee:54:ca:b9:b8:44:10:7f:cf:9d:c5:40:6d:96:f1:8a:cd:82:
86:0f:79:c0:d9:e5:2c:ad:a6:3d:0a:6d:bf:8f:0d:c0:93:f6:
e1:b1:b1:c5:3f:bb:c2:64:e8:1c:55:64:e4:b4:74:c7:a4:cf:
2d:c9:32:77:9e:a7:16:e6:ac:57:ca:90:44:57:f4:ae:06:b8:
fe:dc:95:7f:98:76:72:9e:09:a7:8d:e5:f3:f4:ec:4d:d9:46:
16:44:6d:eb:d9:91:83:4b:f5:9d:5f:03:8b:4a:7c:c5:eb:bd:
c5:a9:ba:06:43:0f:5a:a3:49:9f:32:81:a9:5c:b6:e6:1a:80:
02:3b:71:ea
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEALpEBzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
Y2ViMGViZDg3OGI3N2Q0MmYyY2E5ZGQwOGY3MGMzMjNjNWQwM2RiMB4XDTIyMDEw
MTEzMDIxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDVhYTljZjI1YzBl
YTg0MTExZTIzY2NlMTJiYjc0YTNhMGFkZGY3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO+wcxntQ0OYVmULADa71sOcpG+fDuJwseSIMbS7CziLOAT5
5J2l3H0DQu+vXopHvmkD1ZrG8n4BYjytFat/YZQy3PS5mNptInUHtF4gydsL2uG+
MEGNwn5txIBzgYtxwcBb/jYekVyWMP1i4qmssL0XDS9qafizIqE1LuprtG4wymg1
mO9p0cWjTwDBaySeoWzdjtZYwev5HkuM9kGrDTTQ6J5HMjP1J3VAFFxOBGcXfx9q
fmBHI9Xtq2SrvUmYDDtqEF9NJEyXZslAAVTWoDBaLCRUpCDqA0hMP3AgCTr/Wx1S
+mN6KinhR9vgSCny8SfC9of7BgUbzX6TvDRzUMcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQFqpzyXA6oQRHiPM4Su3SjoK3ffjAfBgNVHSMEGDAWgBRc6w69h4t31C8s
qd0I9wwyPF0D2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hPc092WWVMZDlRdkxLbmRDUGNNTWp4ZEE5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGEvM2U3MmVkLTFkNjUtNDk4Mi1hZDlhLTljMzc0NzhhNTkzZi8x
L0JhcWM4bHdPcUVFUjRqek9FcnQwbzZDdDMzNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGEv
M2U3MmVkLTFkNjUtNDk4Mi1hZDlhLTljMzc0NzhhNTkzZi8xL1hPc092WWVMZDlR
dkxLbmRDUGNNTWp4ZEE5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAl1ZCDANBgkqhkiG9w0BAQsFAAOC
AQEAhC96VJethmLGphx/T8lv/dKq5zxlIm7SUhz4Qlribkwq9coxke57Uyq/Wflc
L4+JcPuUSkel9+Q4p6NiHIhZn6seShfyf2346R//kesow0JNfEIl2TqWBe0EUlqG
cGvRhGaU3IYFZfHxJdttRFrIGzjkXWc6nbOuiPnojdYX7lTKubhEEH/PncVAbZbx
is2Chg95wNnlLK2mPQptv48NwJP24bGxxT+7wmToHFVk5LR0x6TPLckyd56nFuas
V8qQRFf0rga4/tyVf5h2cp4Jp43l8/TsTdlGFkRt69mRg0v1nV8Di0p8xeu9xam6
BkMPWqNJnzKBqVy25hqAAjtx6g==
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:02:51 2025 by rpki-client