Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/a4141d-8498-42f4-b2f3-1f6409848150/1/gD2yYyNP8rL81DfuiJKmu_7f47Y.roa
File: gD2yYyNP8rL81DfuiJKmu_7f47Y.roa (raw, json)
Hash identifier: dHWKt2ZAfTc9HSj3ITWesTyYQoJ7qvHwFmgE5GzZHBY=
Subject key identifier: 80:3D:B2:63:23:4F:F2:B2:FC:D4:37:EE:88:92:A6:BB:FE:DF:E3:B6
Certificate issuer: /CN=bfb493457b2f02e69b85f718dcc16a9a9ef0fcd1
Certificate serial: 0184A464705E73D0105BDE1C44B4FDB72B70
Authority key identifier: BF:B4:93:45:7B:2F:02:E6:9B:85:F7:18:DC:C1:6A:9A:9E:F0:FC:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v7STRXsvAuabhfcY3MFqmp7w_NE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/a4141d-8498-42f4-b2f3-1f6409848150/1/gD2yYyNP8rL81DfuiJKmu_7f47Y.roa
Signing time: Wed 23 Nov 2022 12:09:16 +0000
ROA not before: Wed 23 Nov 2022 12:09:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34219
IP address blocks: 178.255.16.0/22 maxlen: 22
178.255.22.0/24 maxlen: 24
178.255.20.0/23 maxlen: 23
159.253.116.0/23 maxlen: 23
159.253.118.0/24 maxlen: 24
159.253.119.0/24 maxlen: 24
93.94.4.0/23 maxlen: 23
185.2.56.0/22 maxlen: 22
2a03:1e00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a4:64:70:5e:73:d0:10:5b:de:1c:44:b4:fd:b7:2b:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfb493457b2f02e69b85f718dcc16a9a9ef0fcd1
Validity
Not Before: Nov 23 12:09:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=803db263234ff2b2fcd437ee8892a6bbfedfe3b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:57:38:3f:28:cb:6e:8c:99:8d:47:ec:b3:38:
b5:50:d4:fc:ba:ac:be:fe:7c:c3:dd:df:ec:02:19:
22:2e:6b:38:dc:f2:80:fa:2a:88:ac:a7:6e:b2:8c:
1c:22:6e:fa:0d:00:65:48:80:5c:e9:dd:1b:91:a0:
82:76:65:17:89:16:a0:16:20:37:ab:8e:c0:d1:41:
08:7c:80:0b:9c:45:98:0c:49:b5:dd:2e:14:03:aa:
d9:cb:0d:00:55:cf:f7:ec:49:fe:ed:45:d7:78:ad:
0a:ba:aa:c4:9f:9f:6d:d7:a4:a3:8d:35:d3:b4:68:
09:1d:29:cc:fc:56:b0:84:a0:1e:02:d4:a6:96:94:
a2:68:cb:c9:5a:40:d7:60:cb:9a:c0:af:3f:10:03:
8d:ff:1f:1c:ac:4c:ec:5e:d6:ae:41:5c:8d:75:62:
69:8d:33:ed:04:7a:3c:de:63:5f:c8:f6:6f:38:38:
cc:2a:e8:29:cb:74:ea:fd:00:2e:99:9d:cf:b9:6a:
a3:a9:b3:0a:15:d9:c9:b4:fb:81:da:65:cb:94:3a:
72:ca:3a:8e:40:58:ec:62:a0:eb:82:e3:f2:85:5b:
10:9d:2a:d9:7e:87:9d:83:cf:72:c3:99:b7:45:a9:
ff:10:55:10:99:a2:1a:65:c1:f2:b1:61:5e:96:3d:
01:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:3D:B2:63:23:4F:F2:B2:FC:D4:37:EE:88:92:A6:BB:FE:DF:E3:B6
X509v3 Authority Key Identifier:
keyid:BF:B4:93:45:7B:2F:02:E6:9B:85:F7:18:DC:C1:6A:9A:9E:F0:FC:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v7STRXsvAuabhfcY3MFqmp7w_NE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/a4141d-8498-42f4-b2f3-1f6409848150/1/gD2yYyNP8rL81DfuiJKmu_7f47Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/a4141d-8498-42f4-b2f3-1f6409848150/1/v7STRXsvAuabhfcY3MFqmp7w_NE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.94.4.0/23
159.253.116.0/22
178.255.16.0-178.255.22.255
185.2.56.0/22
IPv6:
2a03:1e00::/32
Signature Algorithm: sha256WithRSAEncryption
29:74:e8:f6:b2:b8:71:f7:f4:3a:21:f8:3f:d1:f8:bb:30:df:
7f:c6:b1:73:76:19:ec:c5:4e:c3:25:b9:71:d7:31:04:d6:d2:
83:1a:64:94:f5:0c:0f:86:3a:52:19:b6:58:bb:1d:78:ff:46:
8e:03:c8:f2:d7:12:11:89:1a:db:6d:fe:fe:af:0f:1d:9d:32:
b2:b9:5f:09:64:3d:0f:fe:ec:53:94:ec:2b:80:9b:1d:41:f8:
62:11:2e:69:6b:ad:fb:ca:89:f9:22:3e:dc:9f:e3:7b:d3:be:
06:ff:94:03:fb:16:66:f8:ca:31:92:45:88:c2:42:30:3b:ed:
a9:0b:db:df:dc:d3:cc:2b:7b:c6:da:b6:3d:e5:e7:08:8d:49:
a1:53:22:5b:9d:86:31:db:57:06:67:85:cd:81:f1:e6:bb:78:
95:61:62:e5:e2:24:59:db:0e:67:27:53:cb:67:48:e8:46:04:
5b:3a:5d:9f:cf:7a:9d:3a:7a:a7:02:c1:b4:95:ad:5b:04:76:
07:a7:f9:ae:cc:12:d0:e2:72:d1:5e:dd:a3:28:11:56:52:2e:
8f:9f:d3:f2:0b:ca:b4:93:7d:59:99:68:b6:a5:54:2a:68:d1:
fc:4c:38:5f:e7:e6:03:3a:cb:1a:e7:93:9d:91:b6:45:ec:24:
85:cc:76:3a
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYSkZHBec9AQW94cRLT9tytwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYjQ5MzQ1N2IyZjAyZTY5Yjg1ZjcxOGRjYzE2YTlhOWVm
MGZjZDEwHhcNMjIxMTIzMTIwOTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDNkYjI2MzIzNGZmMmIyZmNkNDM3ZWU4ODkyYTZiYmZlZGZlM2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklc4PyjLboyZjUfsszi1UNT8uqy+
/nzD3d/sAhkiLms43PKA+iqIrKdusowcIm76DQBlSIBc6d0bkaCCdmUXiRagFiA3
q47A0UEIfIALnEWYDEm13S4UA6rZyw0AVc/37En+7UXXeK0KuqrEn59t16SjjTXT
tGgJHSnM/FawhKAeAtSmlpSiaMvJWkDXYMuawK8/EAON/x8crEzsXtauQVyNdWJp
jTPtBHo83mNfyPZvODjMKugpy3Tq/QAumZ3PuWqjqbMKFdnJtPuB2mXLlDpyyjqO
QFjsYqDrguPyhVsQnSrZfoedg89yw5m3Ran/EFUQmaIaZcHysWFelj0BdQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFIA9smMjT/Ky/NQ37oiSprv+3+O2MB8GA1UdIwQY
MBaAFL+0k0V7LwLmm4X3GNzBapqe8PzRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjdTVFJYc3ZBdWFiaGZjWTNNRnFtcDd3X05FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9hNDE0MWQtODQ5OC00MmY0LWIyZjMt
MWY2NDA5ODQ4MTUwLzEvZ0QyeVl5TlA4ckw4MURmdWlKS211XzdmNDdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9hNDE0MWQtODQ5OC00MmY0LWIyZjMtMWY2NDA5ODQ4MTUw
LzEvdjdTVFJYc3ZBdWFiaGZjWTNNRnFtcDd3X05FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQBXV4EAwQC
n/10MAwDBASy/xADBACy/xYDBAK5AjgwDQQCAAIwBwMFACoDHgAwDQYJKoZIhvcN
AQELBQADggEBACl06PayuHH39Doh+D/R+Lsw33/GsXN2GezFTsMluXHXMQTW0oMa
ZJT1DA+GOlIZtli7HXj/Ro4DyPLXEhGJGttt/v6vDx2dMrK5XwlkPQ/+7FOU7CuA
mx1B+GIRLmlrrfvKifkiPtyf43vTvgb/lAP7Fmb4yjGSRYjCQjA77akL29/c08wr
e8batj3l5wiNSaFTIludhjHbVwZnhc2B8ea7eJVhYuXiJFnbDmcnU8tnSOhGBFs6
XZ/Pep06eqcCwbSVrVsEdgen+a7MEtDictFe3aMoEVZSLo+f0/ILyrSTfVmZaLal
VCpo0fxMOF/n5gM6yxrnk52RtkXsJIXMdjo=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:45 2025 by rpki-client