Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/81719d-467c-4af7-a824-46a0df774fe1/1/bo1V-KUYBCm00f1lu8ROCDdAlNs.roa
File: bo1V-KUYBCm00f1lu8ROCDdAlNs.roa (raw, json)
Hash identifier: e6i9uDWOgyfVyZLr0KEMBAOd/TVLL9yHxrXUWxhpUIk=
Subject key identifier: 6E:8D:55:F8:A5:18:04:29:B4:D1:FD:65:BB:C4:4E:08:37:40:94:DB
Certificate issuer: /CN=89b332d57ce14fab1ebd746817dd701062c74a88
Certificate serial: 0EB9B7A3
Authority key identifier: 89:B3:32:D5:7C:E1:4F:AB:1E:BD:74:68:17:DD:70:10:62:C7:4A:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ibMy1XzhT6sevXRoF91wEGLHSog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/81719d-467c-4af7-a824-46a0df774fe1/1/bo1V-KUYBCm00f1lu8ROCDdAlNs.roa
Signing time: Fri 27 May 2022 06:42:13 +0000
ROA not before: Fri 27 May 2022 06:42:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34572
IP address blocks: 83.173.72.0/21 maxlen: 21
83.173.88.0/21 maxlen: 24
83.173.96.0/21 maxlen: 21
83.173.112.0/22 maxlen: 24
185.170.151.0/24 maxlen: 24
83.173.64.0/19 maxlen: 19
83.173.64.0/21 maxlen: 21
2a02:6100::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 247052195 (0xeb9b7a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89b332d57ce14fab1ebd746817dd701062c74a88
Validity
Not Before: May 27 06:42:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6e8d55f8a5180429b4d1fd65bbc44e08374094db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e1:92:d8:61:c8:51:65:46:54:e5:48:34:a6:
f1:53:8e:c5:b9:22:ea:6d:af:1a:1c:95:68:d4:47:
09:5f:2c:72:6d:c8:3c:52:f4:b2:eb:4f:33:5d:de:
a0:f1:e4:42:58:0e:ef:af:c8:c3:0f:97:a9:b5:26:
e0:67:91:d9:f4:28:3d:86:81:34:85:8d:9a:74:76:
14:2a:59:21:85:7b:29:dd:60:4b:1b:44:f5:90:d0:
49:8f:f1:5f:cc:1b:4c:70:52:7d:df:77:de:12:b0:
66:20:58:f2:6f:af:b0:fc:b7:69:08:d6:df:0e:ab:
55:f9:47:77:92:17:03:71:00:d9:60:73:87:da:05:
39:70:2b:9e:0e:6a:72:f5:4d:19:29:e3:7d:67:c1:
66:f5:ce:87:f4:98:e4:a4:03:19:2b:52:fd:d8:09:
68:a0:08:34:18:93:4f:4d:71:23:01:3a:ea:6c:e0:
98:5d:66:81:33:ed:1e:91:75:db:5d:6e:49:c4:ed:
a5:47:6e:12:0c:0c:1e:4b:2f:c7:6b:d3:1e:d5:73:
a8:43:0c:63:8a:4e:58:88:c7:b6:7d:02:fa:a3:4b:
c8:7c:03:15:a9:cf:81:81:14:4d:58:ea:2c:48:16:
48:9b:e8:ac:5f:29:cb:09:d2:49:35:bb:69:a8:d9:
30:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:8D:55:F8:A5:18:04:29:B4:D1:FD:65:BB:C4:4E:08:37:40:94:DB
X509v3 Authority Key Identifier:
keyid:89:B3:32:D5:7C:E1:4F:AB:1E:BD:74:68:17:DD:70:10:62:C7:4A:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ibMy1XzhT6sevXRoF91wEGLHSog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/81719d-467c-4af7-a824-46a0df774fe1/1/bo1V-KUYBCm00f1lu8ROCDdAlNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/81719d-467c-4af7-a824-46a0df774fe1/1/ibMy1XzhT6sevXRoF91wEGLHSog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.173.64.0-83.173.103.255
83.173.112.0/22
185.170.151.0/24
IPv6:
2a02:6100::/32
Signature Algorithm: sha256WithRSAEncryption
4b:a8:d3:e8:eb:48:ad:3f:ed:ba:7b:02:d3:af:17:c5:f5:b7:
5b:0a:f0:5a:c0:cc:6e:eb:e4:dd:b1:f9:a8:ca:3b:d1:00:c5:
c4:2e:ef:93:7c:0c:61:51:5a:b7:18:0f:ba:a4:72:59:e8:16:
00:1a:bc:c7:b5:19:9d:14:45:00:b1:db:9b:67:27:c3:0e:b9:
bd:6f:72:1b:a6:29:d6:5c:ac:08:c7:44:72:50:e7:d4:5c:aa:
0a:f7:9a:e0:bc:1a:2f:bd:64:e1:5b:91:0e:8c:66:9f:85:05:
c8:ea:d3:e2:a1:f9:49:b8:61:15:02:8f:6c:8c:cf:a6:00:6b:
a1:9e:ba:d8:56:6d:1f:c6:ed:9e:bf:09:eb:14:98:34:cc:82:
16:9b:7b:fe:18:60:66:05:76:b8:c7:2b:e0:1c:f3:75:a0:14:
76:87:5e:2d:0e:92:c8:24:af:a2:7f:fa:7c:48:b8:a6:51:b2:
a6:fe:93:40:5b:3f:b1:0c:72:6f:2d:7a:7b:d2:f2:ae:01:c8:
7f:4c:66:3f:ae:cf:fd:a4:a0:af:36:4d:ff:96:d5:84:c8:62:
c5:81:11:45:ce:03:e2:bc:2f:28:03:dc:73:ef:1b:c2:2e:8b:
9a:f8:3d:9b:5f:9a:b8:5d:e9:aa:75:16:fb:78:ef:b1:3d:0e:
ea:c6:45:df
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEDrm3ozANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
OWIzMzJkNTdjZTE0ZmFiMWViZDc0NjgxN2RkNzAxMDYyYzc0YTg4MB4XDTIyMDUy
NzA2NDIxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmU4ZDU1ZjhhNTE4
MDQyOWI0ZDFmZDY1YmJjNDRlMDgzNzQwOTRkYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKPhkthhyFFlRlTlSDSm8VOOxbki6m2vGhyVaNRHCV8scm3I
PFL0sutPM13eoPHkQlgO76/Iww+XqbUm4GeR2fQoPYaBNIWNmnR2FCpZIYV7Kd1g
SxtE9ZDQSY/xX8wbTHBSfd933hKwZiBY8m+vsPy3aQjW3w6rVflHd5IXA3EA2WBz
h9oFOXArng5qcvVNGSnjfWfBZvXOh/SY5KQDGStS/dgJaKAINBiTT01xIwE66mzg
mF1mgTPtHpF1211uScTtpUduEgwMHksvx2vTHtVzqEMMY4pOWIjHtn0C+qNLyHwD
FanPgYEUTVjqLEgWSJvorF8pywnSSTW7aajZMBcCAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBRujVX4pRgEKbTR/WW7xE4IN0CU2zAfBgNVHSMEGDAWgBSJszLVfOFPqx69
dGgX3XAQYsdKiDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2liTXkxWHpoVDZzZXZYUm9GOTF3RUdMSFNvZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTAvODE3MTlkLTQ2N2MtNGFmNy1hODI0LTQ2YTBkZjc3NGZlMS8x
L2JvMVYtS1VZQkNtMDBmMWx1OFJPQ0RkQWxOcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTAv
ODE3MTlkLTQ2N2MtNGFmNy1hODI0LTQ2YTBkZjc3NGZlMS8xL2liTXkxWHpoVDZz
ZXZYUm9GOTF3RUdMSFNvZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwIAQCAAEwGjAMAwQGU61AAwQDU61gAwQCU61wAwQA
uaqXMA0EAgACMAcDBQAqAmEAMA0GCSqGSIb3DQEBCwUAA4IBAQBLqNPo60itP+26
ewLTrxfF9bdbCvBawMxu6+TdsfmoyjvRAMXELu+TfAxhUVq3GA+6pHJZ6BYAGrzH
tRmdFEUAsdubZyfDDrm9b3IbpinWXKwIx0RyUOfUXKoK95rgvBovvWThW5EOjGaf
hQXI6tPioflJuGEVAo9sjM+mAGuhnrrYVm0fxu2evwnrFJg0zIIWm3v+GGBmBXa4
xyvgHPN1oBR2h14tDpLIJK+if/p8SLimUbKm/pNAWz+xDHJvLXp70vKuAch/TGY/
rs/9pKCvNk3/ltWEyGLFgRFFzgPivC8oA9xz7xvCLoua+D2bX5q4XemqdRb7eO+x
PQ7qxkXf
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:10 2025 by rpki-client