Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/f78937-aed3-4b6f-aa2d-c832ed7d5fec/1/BPxgRhBoVK1bZ3lX3beSLWwBg1c.roa
File: BPxgRhBoVK1bZ3lX3beSLWwBg1c.roa (raw, json)
Hash identifier: MhczL/ZIP0Qlnhpm98xXUVULPCBMpNOi0V1ZBUiB4Co=
Subject key identifier: 04:FC:60:46:10:68:54:AD:5B:67:79:57:DD:B7:92:2D:6C:01:83:57
Certificate issuer: /CN=e98e202381c1c88d82f3b70f3be068a1aa372b9d
Certificate serial: 01864B060487A561351E285BE997E08F043A
Authority key identifier: E9:8E:20:23:81:C1:C8:8D:82:F3:B7:0F:3B:E0:68:A1:AA:37:2B:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6Y4gI4HByI2C87cPO-Booao3K50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/f78937-aed3-4b6f-aa2d-c832ed7d5fec/1/BPxgRhBoVK1bZ3lX3beSLWwBg1c.roa
Signing time: Mon 13 Feb 2023 13:45:30 +0000
ROA not before: Mon 13 Feb 2023 13:45:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201076
IP address blocks: 188.64.209.0/24 maxlen: 24
188.64.210.0/24 maxlen: 24
188.64.211.0/24 maxlen: 24
188.64.208.0/24 maxlen: 24
2a07:e7c0:2::/48 maxlen: 48
2a07:e7c0:1000::/48 maxlen: 48
2a07:e7c0::/48 maxlen: 48
2a07:e7c0:3::/48 maxlen: 48
2a07:e7c0:1::/48 maxlen: 48
2a07:e7c0:147::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4b:06:04:87:a5:61:35:1e:28:5b:e9:97:e0:8f:04:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e98e202381c1c88d82f3b70f3be068a1aa372b9d
Validity
Not Before: Feb 13 13:45:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=04fc6046106854ad5b677957ddb7922d6c018357
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:63:88:33:23:ec:fa:4a:1d:7f:4b:65:a2:80:
b5:4b:89:81:93:75:0c:97:e9:d3:1b:15:38:01:f9:
c5:53:be:e9:08:8e:e9:26:94:02:26:15:08:c0:d2:
8c:ed:2c:f8:29:f6:2f:49:98:6f:bf:9a:6b:27:9f:
76:00:51:71:17:85:9c:13:74:e5:ba:52:8c:0c:21:
00:cc:89:e5:4f:69:bf:b5:82:c0:63:8e:12:09:d7:
d6:12:21:7b:cf:ee:f1:26:03:e0:ca:63:3c:1d:3d:
57:b1:ff:30:c3:5b:4a:51:f7:99:d2:49:bd:80:e7:
54:7a:5d:82:a4:93:e5:a3:b1:bf:d5:77:36:0b:13:
7f:69:26:aa:9c:80:5c:d0:8e:3e:cd:e4:e8:53:06:
8b:75:7c:38:36:d0:bd:93:19:f8:3a:11:1f:41:90:
e4:a5:b4:22:7f:e8:d0:e1:65:9b:10:2e:9f:95:fd:
56:55:0f:20:62:a5:d5:aa:ac:0c:40:bb:6b:66:50:
40:a2:73:a3:c5:e6:d6:ac:cd:d1:64:d3:75:bd:27:
e7:b3:9e:bc:c9:1d:0c:02:49:82:5e:06:d6:68:10:
19:99:ba:41:c0:c5:65:71:19:dc:c1:f0:e0:79:29:
2e:7f:ed:f9:88:83:8e:cb:9e:44:ac:3e:dd:63:9e:
b5:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:FC:60:46:10:68:54:AD:5B:67:79:57:DD:B7:92:2D:6C:01:83:57
X509v3 Authority Key Identifier:
keyid:E9:8E:20:23:81:C1:C8:8D:82:F3:B7:0F:3B:E0:68:A1:AA:37:2B:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6Y4gI4HByI2C87cPO-Booao3K50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f78937-aed3-4b6f-aa2d-c832ed7d5fec/1/BPxgRhBoVK1bZ3lX3beSLWwBg1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f78937-aed3-4b6f-aa2d-c832ed7d5fec/1/6Y4gI4HByI2C87cPO-Booao3K50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.64.208.0/22
IPv6:
2a07:e7c0::/46
2a07:e7c0:147::/48
2a07:e7c0:1000::/48
Signature Algorithm: sha256WithRSAEncryption
b5:02:a2:6b:af:b5:ed:e0:56:17:92:6b:f3:32:50:17:f0:df:
ea:8d:c3:d1:d4:7e:55:76:e0:c8:02:45:57:e6:93:86:a5:8a:
29:02:82:44:9b:12:4e:ef:f2:54:59:d5:5d:f9:d9:9b:c1:72:
c0:e2:6f:ef:4f:b4:1e:14:da:1d:73:e8:b6:c7:b8:75:8d:dd:
91:8c:97:f8:e0:dc:2b:40:2a:ca:79:b9:41:2c:51:d6:0e:3d:
50:a3:03:0e:f2:d0:cf:a8:d0:36:03:d1:84:be:55:a6:38:fb:
af:b8:56:35:c5:38:d3:76:96:fd:de:f8:68:47:66:0a:c1:46:
b9:d2:93:0c:7c:c3:72:1b:29:da:ec:ca:53:1f:10:2e:cb:32:
3d:0f:d5:19:b2:0a:ee:7a:96:52:d2:ab:2d:8f:42:d3:75:e7:
a8:3d:59:4c:17:36:99:d3:0b:81:19:7c:ad:6e:23:bf:00:27:
97:b3:db:6c:d0:3c:0a:e7:63:1d:de:89:71:90:a5:be:59:c6:
3f:60:a7:95:c4:1f:a9:5b:8b:2e:fd:ac:f0:0c:fe:0d:1e:66:
c5:d8:15:b4:7a:0f:ea:30:fa:5f:23:86:7f:2e:a1:54:31:77:
1f:5a:d4:c6:3e:72:0f:b7:76:5e:a2:e8:5a:54:cf:a1:08:f1:
75:07:a8:b2
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYZLBgSHpWE1Hihb6ZfgjwQ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5OGUyMDIzODFjMWM4OGQ4MmYzYjcwZjNiZTA2OGExYWEz
NzJiOWQwHhcNMjMwMjEzMTM0NTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGZjNjA0NjEwNjg1NGFkNWI2Nzc5NTdkZGI3OTIyZDZjMDE4MzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2OIMyPs+kodf0tlooC1S4mBk3UM
l+nTGxU4AfnFU77pCI7pJpQCJhUIwNKM7Sz4KfYvSZhvv5prJ592AFFxF4WcE3Tl
ulKMDCEAzInlT2m/tYLAY44SCdfWEiF7z+7xJgPgymM8HT1Xsf8ww1tKUfeZ0km9
gOdUel2CpJPlo7G/1Xc2CxN/aSaqnIBc0I4+zeToUwaLdXw4NtC9kxn4OhEfQZDk
pbQif+jQ4WWbEC6flf1WVQ8gYqXVqqwMQLtrZlBAonOjxebWrM3RZNN1vSfns568
yR0MAkmCXgbWaBAZmbpBwMVlcRncwfDgeSkuf+35iIOOy55ErD7dY561OwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFAT8YEYQaFStW2d5V923ki1sAYNXMB8GA1UdIwQY
MBaAFOmOICOBwciNgvO3DzvgaKGqNyudMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlk0Z0k0SEJ5STJDODdjUE8tQm9vYW8zSzUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9mNzg5MzctYWVkMy00YjZmLWFhMmQt
YzgzMmVkN2Q1ZmVjLzEvQlB4Z1JoQm9WSzFiWjNsWDNiZVNMV3dCZzFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9mNzg5MzctYWVkMy00YjZmLWFhMmQtYzgzMmVkN2Q1ZmVj
LzEvNlk0Z0k0SEJ5STJDODdjUE8tQm9vYW8zSzUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAMBAIAATAGAwQCvEDQMCEE
AgACMBsDBwIqB+fAAAADBwAqB+fAAUcDBwAqB+fAEAAwDQYJKoZIhvcNAQELBQAD
ggEBALUComuvte3gVheSa/MyUBfw3+qNw9HUflV24MgCRVfmk4aliikCgkSbEk7v
8lRZ1V352ZvBcsDib+9PtB4U2h1z6LbHuHWN3ZGMl/jg3CtAKsp5uUEsUdYOPVCj
Aw7y0M+o0DYD0YS+VaY4+6+4VjXFONN2lv3e+GhHZgrBRrnSkwx8w3IbKdrsylMf
EC7LMj0P1RmyCu56llLSqy2PQtN156g9WUwXNpnTC4EZfK1uI78AJ5ez22zQPArn
Yx3eiXGQpb5Zxj9gp5XEH6lbiy79rPAM/g0eZsXYFbR6D+ow+l8jhn8uoVQxdx9a
1MY+cg+3dl6i6FpUz6EI8XUHqLI=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:21:06 2025 by rpki-client