Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/BNBmUdmw4XuffObwi92hH4W0Zbs.roa
File: BNBmUdmw4XuffObwi92hH4W0Zbs.roa (raw, json)
Hash identifier: zL9V94/LG4v4DVKEk5GerlRPKQop+k331xXpY2BH6s4=
Subject key identifier: 04:D0:66:51:D9:B0:E1:7B:9F:7C:E6:F0:8B:DD:A1:1F:85:B4:65:BB
Certificate issuer: /CN=db9d197fbbee2a1dccb4f55722a8210d3105b042
Certificate serial: 018AF476F76EE24C7AE7D82E090AF4B3CD4F
Authority key identifier: DB:9D:19:7F:BB:EE:2A:1D:CC:B4:F5:57:22:A8:21:0D:31:05:B0:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/BNBmUdmw4XuffObwi92hH4W0Zbs.roa
Signing time: Tue 03 Oct 2023 07:35:51 +0000
ROA not before: Tue 03 Oct 2023 07:35:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48943
IP address blocks: 213.235.196.0/24 maxlen: 24
213.235.234.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f4:76:f7:6e:e2:4c:7a:e7:d8:2e:09:0a:f4:b3:cd:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db9d197fbbee2a1dccb4f55722a8210d3105b042
Validity
Not Before: Oct 3 07:35:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=04d06651d9b0e17b9f7ce6f08bdda11f85b465bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:fc:c1:93:c4:56:2f:95:86:b9:e8:6e:d4:80:
f8:70:36:37:8c:bf:8b:a7:60:79:dd:c5:1b:3a:30:
df:29:f7:c2:af:47:fa:2e:6f:06:3c:08:d2:71:a4:
51:95:e8:30:b4:44:6e:1a:91:19:2c:41:63:e6:83:
2f:22:14:9f:a5:cf:c1:d4:72:b4:bd:26:f0:7e:3f:
e7:07:41:f8:bc:72:f8:8d:61:40:1b:ce:45:25:97:
cd:1e:5c:f4:cb:b3:ab:a8:52:b3:ef:3f:a0:81:ae:
9f:8c:4a:05:a4:23:4c:4a:25:0f:7c:9b:e9:ea:b9:
a6:8e:91:fd:63:c4:9f:29:3d:35:5c:80:70:cd:67:
a1:df:68:42:6d:4c:42:95:88:7d:54:d7:07:2e:1c:
22:68:6d:21:ea:16:a4:5c:bc:1d:11:7a:a0:cf:cc:
25:bb:bd:c2:db:c1:f8:f9:04:ff:87:2e:6f:7b:49:
1f:9f:e0:28:4f:7b:55:5b:82:44:0e:f9:3b:95:90:
05:d9:1a:c8:b6:bd:b4:96:a5:38:04:ac:71:47:0d:
61:1b:16:93:46:f9:87:da:27:d3:b4:a6:07:ab:2f:
6f:26:67:b0:6e:28:0a:00:d7:19:6b:a1:47:47:fa:
0a:38:94:4b:98:22:4d:2d:05:ca:bd:56:59:26:28:
8d:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:D0:66:51:D9:B0:E1:7B:9F:7C:E6:F0:8B:DD:A1:1F:85:B4:65:BB
X509v3 Authority Key Identifier:
keyid:DB:9D:19:7F:BB:EE:2A:1D:CC:B4:F5:57:22:A8:21:0D:31:05:B0:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/BNBmUdmw4XuffObwi92hH4W0Zbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/250Zf7vuKh3MtPVXIqghDTEFsEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.235.196.0/24
213.235.234.0/24
Signature Algorithm: sha256WithRSAEncryption
13:54:f0:33:9d:d3:73:d1:b2:da:5e:f0:6a:c2:f4:d1:66:4d:
61:81:72:b7:d8:4b:f9:28:42:82:5a:4d:53:b3:31:3a:5c:5c:
ba:b3:af:ce:b1:93:4f:ea:e1:3e:91:c3:39:37:04:1c:d6:f7:
2a:b9:bc:f2:1b:99:dd:3f:12:85:73:4f:22:4b:c6:5b:fb:bd:
f1:3c:fb:99:1b:25:77:6d:54:b3:1e:a3:3c:99:78:28:79:37:
15:63:53:49:44:a8:fb:a5:5a:7f:e8:56:f4:51:60:4b:5d:0c:
a7:63:1d:f2:56:8e:65:9a:6e:83:77:b9:ae:2f:dd:ba:96:7e:
56:68:9a:89:bb:4e:ad:22:a9:a7:b4:8f:3e:c7:fe:e1:a1:fb:
48:48:f0:6d:0a:f1:97:63:3d:c7:4d:60:9d:62:a1:e2:c5:40:
10:5d:bb:6a:ad:4e:5c:0b:d4:23:1c:a7:60:b9:d6:a9:15:f9:
7a:b3:98:d5:66:db:67:5e:37:cd:b9:c9:cb:68:8b:26:3a:39:
12:d5:95:df:e7:ac:bf:c1:c5:a3:03:d2:8d:ec:38:fd:94:fc:
b2:1a:e0:f1:13:c6:0c:4f:92:1d:af:bf:8a:05:3d:68:86:44:
e3:5e:77:4d:25:26:d0:7b:96:12:e9:99:cc:37:97:60:5c:ec:
5f:ae:a5:95
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYr0dvdu4kx659guCQr0s81PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOWQxOTdmYmJlZTJhMWRjY2I0ZjU1NzIyYTgyMTBkMzEw
NWIwNDIwHhcNMjMxMDAzMDczNTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGQwNjY1MWQ5YjBlMTdiOWY3Y2U2ZjA4YmRkYTExZjg1YjQ2NWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfzBk8RWL5WGuehu1ID4cDY3jL+L
p2B53cUbOjDfKffCr0f6Lm8GPAjScaRRlegwtERuGpEZLEFj5oMvIhSfpc/B1HK0
vSbwfj/nB0H4vHL4jWFAG85FJZfNHlz0y7OrqFKz7z+gga6fjEoFpCNMSiUPfJvp
6rmmjpH9Y8SfKT01XIBwzWeh32hCbUxClYh9VNcHLhwiaG0h6hakXLwdEXqgz8wl
u73C28H4+QT/hy5ve0kfn+AoT3tVW4JEDvk7lZAF2RrItr20lqU4BKxxRw1hGxaT
RvmH2ifTtKYHqy9vJmewbigKANcZa6FHR/oKOJRLmCJNLQXKvVZZJiiNawIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFATQZlHZsOF7n3zm8IvdoR+FtGW7MB8GA1UdIwQY
MBaAFNudGX+77iodzLT1VyKoIQ0xBbBCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjUwWmY3dnVLaDNNdFBWWElxZ2hEVEVGc0VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8wOWQxMzctNDc3Yi00ZWZlLWEzZDMt
NGIyMzk1NmZiZDg2LzEvQk5CbVVkbXc0WHVmZk9id2k5MmhINFcwWmJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8wOWQxMzctNDc3Yi00ZWZlLWEzZDMtNGIyMzk1NmZiZDg2
LzEvMjUwWmY3dnVLaDNNdFBWWElxZ2hEVEVGc0VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1evEAwQA
1evqMA0GCSqGSIb3DQEBCwUAA4IBAQATVPAzndNz0bLaXvBqwvTRZk1hgXK32Ev5
KEKCWk1TszE6XFy6s6/OsZNP6uE+kcM5NwQc1vcqubzyG5ndPxKFc08iS8Zb+73x
PPuZGyV3bVSzHqM8mXgoeTcVY1NJRKj7pVp/6Fb0UWBLXQynYx3yVo5lmm6Dd7mu
L926ln5WaJqJu06tIqmntI8+x/7hoftISPBtCvGXYz3HTWCdYqHixUAQXbtqrU5c
C9QjHKdgudapFfl6s5jVZttnXjfNucnLaIsmOjkS1ZXf56y/wcWjA9KN7Dj9lPyy
GuDxE8YMT5Idr7+KBT1ohkTjXndNJSbQe5YS6ZnMN5dgXOxfrqWV
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:43 2025 by rpki-client