Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/BWddsN8BvvZU7pbceWq3sl7blr8.roa
File: BWddsN8BvvZU7pbceWq3sl7blr8.roa (raw, json)
Hash identifier: 1Wr0tk7vPFLULv2i5OlXOwV0JPe0Ux5Qww1V2mGvWz4=
Subject key identifier: 05:67:5D:B0:DF:01:BE:F6:54:EE:96:DC:79:6A:B7:B2:5E:DB:96:BF
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 01885C7DBEEEB7B18D32CBF737370655AA96
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/BWddsN8BvvZU7pbceWq3sl7blr8.roa
Signing time: Sat 27 May 2023 09:15:24 +0000
ROA not before: Sat 27 May 2023 09:15:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202492
IP address blocks: 164.215.100.0/24 maxlen: 24
46.23.104.0/22 maxlen: 22
85.158.148.0/22 maxlen: 22
85.158.147.0/24 maxlen: 24
37.128.200.0/22 maxlen: 22
5.10.240.0/22 maxlen: 22
5.10.252.0/22 maxlen: 22
185.81.218.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:5c:7d:be:ee:b7:b1:8d:32:cb:f7:37:37:06:55:aa:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: May 27 09:15:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05675db0df01bef654ee96dc796ab7b25edb96bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:0f:11:75:b1:3e:b5:0d:c8:88:65:16:a4:20:
67:aa:90:89:00:2f:7d:69:c4:63:ba:31:5d:c9:23:
92:28:dd:b9:17:10:cc:d0:ed:0c:5a:df:e4:06:9c:
d6:22:82:db:39:c6:86:cf:56:95:65:56:28:58:a9:
41:41:e0:93:a0:bd:c3:ef:7c:41:6f:e3:89:06:28:
ef:ee:c0:8a:01:77:7d:92:b8:87:f6:30:70:36:c3:
fb:15:cb:43:7b:b3:85:6e:c9:a5:72:28:6e:8f:03:
f8:b3:92:ed:b3:6d:cc:ba:d5:5a:d6:5f:cb:4c:57:
28:6a:ca:81:3d:f1:b6:ce:49:17:6b:10:cc:16:ba:
79:67:92:b2:a4:ab:1a:ae:fe:1d:2f:1d:27:17:28:
ec:4a:85:d7:db:66:ea:e8:91:64:6a:de:12:fb:f4:
c2:3f:f5:69:81:75:41:04:48:a3:30:d3:0e:63:8e:
c1:ab:ce:43:80:d4:44:e8:40:28:49:05:6a:1a:d7:
a8:db:53:64:e2:e8:b5:f1:1a:1a:0a:28:2e:37:ce:
88:a8:22:85:6e:46:e1:cd:92:f6:e0:6a:99:30:41:
67:07:c1:e8:14:89:3d:19:c4:03:52:d9:19:06:94:
07:89:32:91:7e:fe:69:b3:d2:cb:32:b2:cf:0e:eb:
a8:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:67:5D:B0:DF:01:BE:F6:54:EE:96:DC:79:6A:B7:B2:5E:DB:96:BF
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/BWddsN8BvvZU7pbceWq3sl7blr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.240.0/22
5.10.252.0/22
37.128.200.0/22
46.23.104.0/22
85.158.147.0-85.158.151.255
164.215.100.0/24
185.81.218.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:d6:09:02:21:8d:a1:0a:35:2f:bf:4b:1d:39:cd:8a:24:96:
8a:05:ca:25:ce:ed:b0:46:16:de:91:e8:d6:e5:3b:3a:aa:8b:
75:df:85:3e:7d:0f:07:d3:4b:b4:0a:e9:26:87:e4:a0:4c:2b:
a7:0a:38:76:2c:28:43:80:86:10:dc:2d:1c:a8:c9:d4:2b:d7:
ad:23:d5:da:4f:93:b4:ef:55:46:1a:7e:13:24:3d:50:62:a1:
8b:63:85:47:71:90:04:dd:9d:bb:84:26:2c:52:46:71:55:61:
6d:e0:c0:e7:b6:3c:5a:d2:aa:07:ab:bc:43:3f:7d:f8:07:c7:
50:c8:88:ac:e4:85:17:6a:43:41:7f:f5:be:f3:d9:b0:8c:60:
e8:21:58:2e:b4:33:5d:ef:fb:6d:63:0f:15:91:3d:dc:7a:64:
14:68:23:04:09:e6:e8:c8:f5:0b:09:89:6b:6d:41:56:7a:de:
ce:fe:d0:a9:b5:5c:e0:7e:1c:b1:1e:b9:6c:16:5b:22:85:86:
73:b2:32:b7:7e:40:54:96:df:55:fc:04:ea:9f:df:8e:15:a5:
f6:fd:9b:39:27:9d:ac:c7:93:b9:d4:82:ec:4f:56:e1:dd:a2:
67:0a:bf:14:42:8c:94:33:55:35:8e:9a:c3:cb:69:48:c1:6b:
aa:fa:c5:99
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYhcfb7ut7GNMsv3NzcGVaqWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjMwNTI3MDkxNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTY3NWRiMGRmMDFiZWY2NTRlZTk2ZGM3OTZhYjdiMjVlZGI5NmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQ8RdbE+tQ3IiGUWpCBnqpCJAC99
acRjujFdySOSKN25FxDM0O0MWt/kBpzWIoLbOcaGz1aVZVYoWKlBQeCToL3D73xB
b+OJBijv7sCKAXd9kriH9jBwNsP7FctDe7OFbsmlcihujwP4s5Lts23MutVa1l/L
TFcoasqBPfG2zkkXaxDMFrp5Z5KypKsarv4dLx0nFyjsSoXX22bq6JFkat4S+/TC
P/VpgXVBBEijMNMOY47Bq85DgNRE6EAoSQVqGteo21Nk4ui18RoaCiguN86IqCKF
bkbhzZL24GqZMEFnB8HoFIk9GcQDUtkZBpQHiTKRfv5ps9LLMrLPDuuoOQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFAVnXbDfAb72VO6W3Hlqt7Je25a/MB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvQldkZHNOOEJ2dlpVN3BiY2VXcTNzbDdibHI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQCBQrwAwQC
BQr8AwQCJYDIAwQCLhdoMAwDBABVnpMDBANVnpADBACk12QDBAC5UdowDQYJKoZI
hvcNAQELBQADggEBALjWCQIhjaEKNS+/Sx05zYoklooFyiXO7bBGFt6R6NblOzqq
i3XfhT59DwfTS7QK6SaH5KBMK6cKOHYsKEOAhhDcLRyoydQr160j1dpPk7TvVUYa
fhMkPVBioYtjhUdxkATdnbuEJixSRnFVYW3gwOe2PFrSqgervEM/ffgHx1DIiKzk
hRdqQ0F/9b7z2bCMYOghWC60M13v+21jDxWRPdx6ZBRoIwQJ5ujI9QsJiWttQVZ6
3s7+0Km1XOB+HLEeuWwWWyKFhnOyMrd+QFSW31X8BOqf344Vpfb9mzknnazHk7nU
guxPVuHdomcKvxRCjJQzVTWOmsPLaUjBa6r6xZk=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:04 2025 by rpki-client