Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/BHI_CsI9Xd3AozCySYeZc-j0-kg.roa
File: BHI_CsI9Xd3AozCySYeZc-j0-kg.roa (raw, json)
Hash identifier: VRDNi5FAEr52EDd/mMDFVxIrr+DY3iQuIj3p7+K1NQo=
Subject key identifier: 04:72:3F:0A:C2:3D:5D:DD:C0:A3:30:B2:49:87:99:73:E8:F4:FA:48
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 075D9E88
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/BHI_CsI9Xd3AozCySYeZc-j0-kg.roa
Signing time: Thu 30 Jun 2022 18:37:25 +0000
ROA not before: Thu 30 Jun 2022 18:37:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210636
IP address blocks: 93.152.222.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 123575944 (0x75d9e88)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jun 30 18:37:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=04723f0ac23d5dddc0a330b249879973e8f4fa48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7a:6c:79:09:d0:08:02:0b:71:2a:52:bc:0c:
17:f6:d7:73:2c:dd:5a:fa:51:04:60:73:f7:b6:f3:
31:53:ed:42:1d:3a:4f:31:8f:3a:fd:fe:f0:d7:12:
c6:cd:24:98:57:05:04:bb:82:e3:a7:d3:3a:a2:33:
30:49:25:3d:28:b5:dc:62:9b:03:16:5c:41:75:27:
d3:4d:83:db:12:5d:de:ef:f7:5d:eb:c2:e3:bf:ac:
17:9f:b2:f3:c9:05:97:79:7d:68:04:8a:06:59:6c:
83:cd:a7:8d:ec:e3:d5:23:3d:fe:3e:d2:fe:1f:ce:
0a:c3:5f:1b:bb:27:09:5c:f3:9c:9d:67:a6:3e:e7:
f2:bd:fb:1b:4d:52:22:40:1e:24:e6:80:fa:1f:78:
af:01:12:23:af:0b:3d:b3:8a:ef:ca:c2:7e:ee:a3:
ad:45:42:a9:ff:e6:62:51:25:63:d1:35:c8:02:00:
de:d1:67:e1:24:97:21:f5:1b:50:63:cd:b2:f3:9c:
9b:dc:38:84:7e:d4:6a:b1:ee:bc:1f:1c:8c:ad:15:
db:df:11:c9:0c:07:bf:ce:97:e1:d0:42:c3:53:53:
b0:50:9f:62:eb:44:4b:f5:9b:8a:be:e3:18:f6:8d:
e0:ab:53:72:30:c3:31:c6:55:fe:89:42:3c:41:92:
d3:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:72:3F:0A:C2:3D:5D:DD:C0:A3:30:B2:49:87:99:73:E8:F4:FA:48
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/BHI_CsI9Xd3AozCySYeZc-j0-kg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.152.222.0/24
Signature Algorithm: sha256WithRSAEncryption
17:30:52:a5:f5:cb:1a:4e:aa:e2:b8:8d:f0:bf:ec:04:fe:90:
a2:7c:f6:96:0c:a6:ed:59:4e:c9:6d:1c:d8:25:42:f5:09:26:
29:78:e1:9b:6d:17:f5:9b:2c:9d:ca:de:3d:c5:28:26:b1:7c:
ea:ab:29:29:1e:40:73:d7:68:99:ab:98:21:f1:55:ef:92:21:
1d:1a:1d:42:1e:00:34:3e:9c:f2:d8:19:c1:49:26:42:4b:05:
72:ed:11:8e:dd:11:c5:92:52:c5:f3:30:27:e1:f4:e8:b7:0a:
c2:1f:01:b3:fb:ca:1a:b9:96:86:db:3a:ad:9f:22:30:3a:26:
ed:00:45:32:c2:4e:dc:74:1d:d6:29:4f:72:47:34:86:1b:ab:
0d:05:0e:ee:92:8a:1d:cc:f2:2d:be:c2:81:a4:6a:91:9b:af:
ea:b7:53:0f:5b:6d:86:4b:0d:52:7e:12:56:00:8e:10:a9:ef:
f7:05:d5:de:4a:53:a0:f6:40:2e:d7:f5:8e:a3:eb:fd:5c:e3:
58:b0:d1:e0:4e:d0:cc:e6:85:f2:3e:39:ec:2a:d3:52:70:8d:
82:34:01:62:91:4f:d1:2e:96:0e:03:a6:da:5e:10:2f:46:82:
8e:15:f9:2a:97:4b:89:21:21:93:af:4f:a5:bc:ae:f4:79:bd:
af:33:28:9a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB12eiDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZDFjYWE2OTM1OGY4Yzk4ZjdhNzE5ZjI1OTdkNWRhZGRiZDAwMThjMB4XDTIyMDYz
MDE4MzcyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDQ3MjNmMGFjMjNk
NWRkZGMwYTMzMGIyNDk4Nzk5NzNlOGY0ZmE0ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK56bHkJ0AgCC3EqUrwMF/bXcyzdWvpRBGBz97bzMVPtQh06
TzGPOv3+8NcSxs0kmFcFBLuC46fTOqIzMEklPSi13GKbAxZcQXUn002D2xJd3u/3
XevC47+sF5+y88kFl3l9aASKBllsg82njezj1SM9/j7S/h/OCsNfG7snCVzznJ1n
pj7n8r37G01SIkAeJOaA+h94rwESI68LPbOK78rCfu6jrUVCqf/mYlElY9E1yAIA
3tFn4SSXIfUbUGPNsvOcm9w4hH7UarHuvB8cjK0V298RyQwHv86X4dBCw1NTsFCf
YutES/Wbir7jGPaN4KtTcjDDMcZV/olCPEGS07cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQEcj8Kwj1d3cCjMLJJh5lz6PT6SDAfBgNVHSMEGDAWgBQtHKppNY+MmPen
GfJZfV2t29ABjDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xSeXFhVFdQakpqM3B4bnlXWDFkcmR2UUFZdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvYTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8x
L0JISV9Dc0k5WGQzQW96Q3lTWWVaYy1qMC1rZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
YTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8xL0xSeXFhVFdQakpq
M3B4bnlXWDFkcmR2UUFZdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAF2Y3jANBgkqhkiG9w0BAQsFAAOC
AQEAFzBSpfXLGk6q4riN8L/sBP6Qonz2lgym7VlOyW0c2CVC9QkmKXjhm20X9Zss
ncrePcUoJrF86qspKR5Ac9domauYIfFV75IhHRodQh4AND6c8tgZwUkmQksFcu0R
jt0RxZJSxfMwJ+H06LcKwh8Bs/vKGrmWhts6rZ8iMDom7QBFMsJO3HQd1ilPckc0
hhurDQUO7pKKHczyLb7CgaRqkZuv6rdTD1tthksNUn4SVgCOEKnv9wXV3kpToPZA
Ltf1jqPr/VzjWLDR4E7QzOaF8j457CrTUnCNgjQBYpFP0S6WDgOm2l4QL0aCjhX5
KpdLiSEhk69Ppbyu9Hm9rzMomg==
-----END CERTIFICATE-----
Generated at Wed Apr 9 00:06:19 2025 by rpki-client