Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/BLYVLyQlgP50I9IIChe9suxeLgM.roa
File: BLYVLyQlgP50I9IIChe9suxeLgM.roa (raw, json)
Hash identifier: wZwZnIbGCPMY6aXWmLq11WaD0uMV93d9eBumP49G4IM=
Subject key identifier: 04:B6:15:2F:24:25:80:FE:74:23:D2:08:0A:17:BD:B2:EC:5E:2E:03
Certificate issuer: /CN=e56076f27e13d1800e77d16e4b60b23b6f58c820
Certificate serial: 018C83D0760F582902F8C5E48AF0E43A1AA9
Authority key identifier: E5:60:76:F2:7E:13:D1:80:0E:77:D1:6E:4B:60:B2:3B:6F:58:C8:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5WB28n4T0YAOd9FuS2CyO29YyCA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/BLYVLyQlgP50I9IIChe9suxeLgM.roa
Signing time: Tue 19 Dec 2023 20:42:06 +0000
ROA not before: Tue 19 Dec 2023 20:42:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39855
IP address blocks: 45.86.85.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:83:d0:76:0f:58:29:02:f8:c5:e4:8a:f0:e4:3a:1a:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e56076f27e13d1800e77d16e4b60b23b6f58c820
Validity
Not Before: Dec 19 20:42:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=04b6152f242580fe7423d2080a17bdb2ec5e2e03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:47:eb:10:02:32:e6:89:86:d6:35:51:01:b5:
b3:5b:cb:53:b3:42:1d:80:fe:6a:88:f3:74:76:ba:
a3:22:84:9a:16:ff:fa:a4:16:db:69:55:9b:09:6c:
61:53:68:78:ab:4b:0b:1a:25:ad:1f:a5:fa:12:7d:
6e:ba:2d:ab:cc:b3:88:ff:ab:0f:a1:06:70:a6:d1:
68:12:86:93:18:55:5f:38:3b:f4:ac:bb:ee:75:83:
7a:72:99:1d:ca:a3:4a:33:9b:fb:30:9b:d0:a6:6b:
5c:c5:05:9b:96:40:22:d7:6a:c1:66:99:75:b7:65:
25:29:2e:66:46:1d:80:db:94:e5:2a:56:28:d6:0c:
0a:1c:4c:f8:73:6d:92:8a:eb:26:21:69:fa:20:09:
b7:06:b1:6c:77:e8:5d:d6:66:91:ad:ef:ea:12:65:
0e:b9:cd:5b:62:af:55:54:70:23:d0:13:17:7c:66:
e5:71:35:c1:d1:1b:19:3b:7e:09:1c:7a:ff:51:9f:
e5:6e:25:ef:46:7e:a5:aa:e0:0b:3d:2a:24:d8:17:
77:b9:9c:dc:51:61:63:5c:ff:3c:0c:bb:9e:74:32:
7d:42:04:bf:76:4c:f5:66:32:63:9b:5d:ac:a9:ee:
74:13:b3:24:5e:95:07:2d:cf:c3:8c:66:5d:fa:80:
64:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:B6:15:2F:24:25:80:FE:74:23:D2:08:0A:17:BD:B2:EC:5E:2E:03
X509v3 Authority Key Identifier:
keyid:E5:60:76:F2:7E:13:D1:80:0E:77:D1:6E:4B:60:B2:3B:6F:58:C8:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5WB28n4T0YAOd9FuS2CyO29YyCA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/BLYVLyQlgP50I9IIChe9suxeLgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/5WB28n4T0YAOd9FuS2CyO29YyCA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.85.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:e8:1d:a6:8b:ac:56:c9:f8:a7:73:14:38:71:ef:91:db:95:
3f:34:7a:ca:bb:65:82:8a:d0:78:03:0a:21:48:3c:04:36:f3:
44:e4:e7:87:1a:52:6a:20:9e:86:2c:60:8a:bd:e2:78:ee:ac:
0b:7a:a1:2c:af:c2:60:56:6b:49:fd:51:3c:46:9a:05:7c:1f:
16:5d:85:d7:57:36:0c:5c:8b:a9:37:88:1d:a4:6e:c4:9f:95:
5e:16:87:ff:ff:8a:df:26:32:a2:e4:85:c0:58:5e:dd:9d:96:
8f:6f:d3:d7:5f:37:14:b1:97:ed:bc:00:57:91:d4:f6:d6:1f:
09:e5:a9:22:34:fd:a3:15:1f:40:94:f6:8d:26:12:62:de:ae:
4d:b6:31:17:92:6e:c8:08:de:8f:76:c0:dc:6b:6b:67:bf:6d:
7e:d6:0f:13:f2:de:9e:08:ba:e4:41:32:d5:7a:60:68:dc:df:
ad:68:2d:8d:55:2e:b3:f0:cb:ca:e0:a0:df:d1:9d:f4:e8:e9:
15:0b:9b:00:ce:b0:50:07:75:00:04:42:37:82:bd:8a:e6:46:
0f:ba:7b:f6:ac:00:75:ac:5d:12:1f:58:3d:e0:6e:e4:35:f9:
e4:fe:19:96:83:fc:a1:ec:46:14:f0:fd:91:53:fe:d0:1c:56:
88:ee:e5:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyD0HYPWCkC+MXkivDkOhqpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NjA3NmYyN2UxM2QxODAwZTc3ZDE2ZTRiNjBiMjNiNmY1
OGM4MjAwHhcNMjMxMjE5MjA0MjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGI2MTUyZjI0MjU4MGZlNzQyM2QyMDgwYTE3YmRiMmVjNWUyZTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskfrEAIy5omG1jVRAbWzW8tTs0Id
gP5qiPN0drqjIoSaFv/6pBbbaVWbCWxhU2h4q0sLGiWtH6X6En1uui2rzLOI/6sP
oQZwptFoEoaTGFVfODv0rLvudYN6cpkdyqNKM5v7MJvQpmtcxQWblkAi12rBZpl1
t2UlKS5mRh2A25TlKlYo1gwKHEz4c22SiusmIWn6IAm3BrFsd+hd1maRre/qEmUO
uc1bYq9VVHAj0BMXfGblcTXB0RsZO34JHHr/UZ/lbiXvRn6lquALPSok2Bd3uZzc
UWFjXP88DLuedDJ9QgS/dkz1ZjJjm12sqe50E7MkXpUHLc/DjGZd+oBkrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAS2FS8kJYD+dCPSCAoXvbLsXi4DMB8GA1UdIwQY
MBaAFOVgdvJ+E9GADnfRbktgsjtvWMggMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVdCMjhuNFQwWUFPZDlGdVMyQ3lPMjlZeUNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8wYWM0NGQtYjNiZS00Mjc3LTgwZjgt
NThjZjg5ODg4ZTJhLzEvQkxZVkx5UWxnUDUwSTlJSUNoZTlzdXhlTGdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8wYWM0NGQtYjNiZS00Mjc3LTgwZjgtNThjZjg5ODg4ZTJh
LzEvNVdCMjhuNFQwWUFPZDlGdVMyQ3lPMjlZeUNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVZVMA0G
CSqGSIb3DQEBCwUAA4IBAQCP6B2mi6xWyfincxQ4ce+R25U/NHrKu2WCitB4Awoh
SDwENvNE5OeHGlJqIJ6GLGCKveJ47qwLeqEsr8JgVmtJ/VE8RpoFfB8WXYXXVzYM
XIupN4gdpG7En5VeFof//4rfJjKi5IXAWF7dnZaPb9PXXzcUsZftvABXkdT21h8J
5akiNP2jFR9AlPaNJhJi3q5NtjEXkm7ICN6PdsDca2tnv21+1g8T8t6eCLrkQTLV
emBo3N+taC2NVS6z8MvK4KDf0Z306OkVC5sAzrBQB3UABEI3gr2K5kYPunv2rAB1
rF0SH1g94G7kNfnk/hmWg/yh7EYU8P2RU/7QHFaI7uUd
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:22:27 2025 by rpki-client