Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/9c5768-e80a-4110-a46d-0ff86ef95e0f/1/BSVHwEpjPVz-63wNtL3onTu-B7A.roa
File: BSVHwEpjPVz-63wNtL3onTu-B7A.roa (raw, json)
Hash identifier: DGfEVftaVE77ZZ+3I8/VbXrsYFfSKwD1hhFm+kTPqR0=
Subject key identifier: 05:25:47:C0:4A:63:3D:5C:FE:EB:7C:0D:B4:BD:E8:9D:3B:BE:07:B0
Certificate issuer: /CN=1cd3c30939b906a4515a1c65c08836829b6a3289
Certificate serial: 01856CC14EB6922295448D2D706639100EBE
Authority key identifier: 1C:D3:C3:09:39:B9:06:A4:51:5A:1C:65:C0:88:36:82:9B:6A:32:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HNPDCTm5BqRRWhxlwIg2gptqMok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/9c5768-e80a-4110-a46d-0ff86ef95e0f/1/BSVHwEpjPVz-63wNtL3onTu-B7A.roa
Signing time: Sun 01 Jan 2023 09:54:45 +0000
ROA not before: Sun 01 Jan 2023 09:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49122
IP address blocks: 94.229.112.0/22 maxlen: 22
94.229.124.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:4e:b6:92:22:95:44:8d:2d:70:66:39:10:0e:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cd3c30939b906a4515a1c65c08836829b6a3289
Validity
Not Before: Jan 1 09:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=052547c04a633d5cfeeb7c0db4bde89d3bbe07b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:18:bb:3b:b8:f6:84:28:59:e5:0a:26:c5:70:
9c:13:30:e7:7c:cf:7b:2d:ba:13:b1:d6:1b:02:c0:
5b:9b:48:7f:22:21:9d:83:10:fd:5c:08:19:0c:18:
c9:0b:bc:65:4a:73:c0:cb:09:38:a1:b7:38:64:9f:
ab:78:5e:6b:53:72:ea:64:f4:89:63:15:f1:f2:db:
dd:50:3b:79:6c:c2:21:d1:eb:1b:a7:7d:57:a5:94:
1d:72:37:f2:89:ae:5b:52:51:0e:1c:ba:ac:ff:72:
77:e2:2c:5e:2b:3c:2a:d3:0b:6f:32:23:96:b9:a5:
be:73:8f:01:71:00:b4:9f:6a:13:68:63:5f:28:49:
c2:9d:09:1a:00:8d:20:33:e3:13:be:81:05:f4:06:
9b:2a:40:bb:a2:d8:cd:46:cb:94:af:08:b5:fc:72:
a9:b9:6c:a9:d4:20:8a:82:0b:0c:f5:38:45:eb:65:
6a:6f:fc:f8:0e:22:d9:a2:f5:6e:10:11:00:0f:3e:
82:44:b1:9b:27:20:76:18:36:be:94:22:f1:37:13:
e8:c4:b7:7f:c7:d5:bd:c3:48:37:0a:90:15:f2:49:
e6:a1:82:cb:90:d1:62:80:93:7a:b6:2e:d1:c8:73:
bd:e0:3b:26:4a:12:73:e0:79:44:4c:0a:1a:7f:55:
ca:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:25:47:C0:4A:63:3D:5C:FE:EB:7C:0D:B4:BD:E8:9D:3B:BE:07:B0
X509v3 Authority Key Identifier:
keyid:1C:D3:C3:09:39:B9:06:A4:51:5A:1C:65:C0:88:36:82:9B:6A:32:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HNPDCTm5BqRRWhxlwIg2gptqMok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9c5768-e80a-4110-a46d-0ff86ef95e0f/1/BSVHwEpjPVz-63wNtL3onTu-B7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9c5768-e80a-4110-a46d-0ff86ef95e0f/1/HNPDCTm5BqRRWhxlwIg2gptqMok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.229.112.0/22
94.229.124.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:3a:76:18:40:59:75:59:c0:74:40:66:5e:9c:e9:5e:ce:2f:
dc:a6:82:15:ed:bb:df:fd:ac:c8:18:27:b4:1f:fa:e1:6e:c8:
ba:6a:b4:f4:96:fd:cd:de:eb:0f:8d:21:cd:a0:3c:6a:7c:c3:
e5:c9:d5:dd:7a:62:c0:fc:4a:6f:a9:57:dd:83:3d:5f:13:f3:
3f:ec:4d:c9:b2:82:25:9f:10:1d:2d:4f:6b:1a:e4:f3:92:3f:
18:75:36:f0:cc:d1:5b:b1:b4:99:80:31:77:44:8f:26:46:26:
b1:c2:f9:37:57:a2:51:b7:b6:72:54:8e:3d:15:46:72:28:7b:
9b:c5:ee:94:35:e1:88:1f:d0:86:99:6f:e9:8f:6a:40:bb:81:
2b:ec:8c:c0:e2:66:cd:5a:57:86:c3:8c:75:2f:06:96:bf:fa:
d1:ae:88:c8:f2:ff:3f:e7:0d:9b:01:eb:67:6c:80:0b:0b:47:
27:ac:08:e9:6c:75:09:fd:49:d8:61:f6:75:e0:dc:40:29:6a:
4f:90:9d:38:9d:4b:7b:d7:b4:2f:23:fb:6a:06:6b:75:76:63:
ec:d2:71:d3:e8:c6:c5:8b:e8:e5:fa:bb:9c:ea:b8:37:99:1d:
db:aa:db:aa:d0:40:3e:bb:75:52:15:d6:34:24:d4:2d:db:1b:
e3:20:fb:bd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVswU62kiKVRI0tcGY5EA6+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZDNjMzA5MzliOTA2YTQ1MTVhMWM2NWMwODgzNjgyOWI2
YTMyODkwHhcNMjMwMTAxMDk1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTI1NDdjMDRhNjMzZDVjZmVlYjdjMGRiNGJkZTg5ZDNiYmUwN2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRi7O7j2hChZ5QomxXCcEzDnfM97
LboTsdYbAsBbm0h/IiGdgxD9XAgZDBjJC7xlSnPAywk4obc4ZJ+reF5rU3LqZPSJ
YxXx8tvdUDt5bMIh0esbp31XpZQdcjfyia5bUlEOHLqs/3J34ixeKzwq0wtvMiOW
uaW+c48BcQC0n2oTaGNfKEnCnQkaAI0gM+MTvoEF9AabKkC7otjNRsuUrwi1/HKp
uWyp1CCKggsM9ThF62Vqb/z4DiLZovVuEBEADz6CRLGbJyB2GDa+lCLxNxPoxLd/
x9W9w0g3CpAV8knmoYLLkNFigJN6ti7RyHO94DsmShJz4HlETAoaf1XKuwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAUlR8BKYz1c/ut8DbS96J07vgewMB8GA1UdIwQY
MBaAFBzTwwk5uQakUVocZcCINoKbajKJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE5QRENUbTVCcVJSV2h4bHdJZzJncHRxTW9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi85YzU3NjgtZTgwYS00MTEwLWE0NmQt
MGZmODZlZjk1ZTBmLzEvQlNWSHdFcGpQVnotNjN3TnRMM29uVHUtQjdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi85YzU3NjgtZTgwYS00MTEwLWE0NmQtMGZmODZlZjk1ZTBm
LzEvSE5QRENUbTVCcVJSV2h4bHdJZzJncHRxTW9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXuVwAwQC
XuV8MA0GCSqGSIb3DQEBCwUAA4IBAQChOnYYQFl1WcB0QGZenOlezi/cpoIV7bvf
/azIGCe0H/rhbsi6arT0lv3N3usPjSHNoDxqfMPlydXdemLA/EpvqVfdgz1fE/M/
7E3JsoIlnxAdLU9rGuTzkj8YdTbwzNFbsbSZgDF3RI8mRiaxwvk3V6JRt7ZyVI49
FUZyKHubxe6UNeGIH9CGmW/pj2pAu4Er7IzA4mbNWleGw4x1LwaWv/rRrojI8v8/
5w2bAetnbIALC0cnrAjpbHUJ/UnYYfZ14NxAKWpPkJ04nUt717QvI/tqBmt1dmPs
0nHT6MbFi+jl+ruc6rg3mR3bqtuq0EA+u3VSFdY0JNQt2xvjIPu9
-----END CERTIFICATE-----
Generated at Sun Apr 20 21:38:47 2025 by rpki-client