Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/41af2d-f3de-45d5-941c-c43ac429e53f/1/B2LH3n_jhs_XUEULPL2xqfvQ10c.roa
File: B2LH3n_jhs_XUEULPL2xqfvQ10c.roa (raw, json)
Hash identifier: czXnUkLEbOzznhNzCTNZx3sov3G/IL8EnvepZ5KY1p0=
Subject key identifier: 07:62:C7:DE:7F:E3:86:CF:D7:50:45:0B:3C:BD:B1:A9:FB:D0:D7:47
Certificate issuer: /CN=90620638ca1d835650e08ddcf363f10789b53057
Certificate serial: 01856D8AB36273974033169A8FA6AD13B6CD
Authority key identifier: 90:62:06:38:CA:1D:83:56:50:E0:8D:DC:F3:63:F1:07:89:B5:30:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kGIGOModg1ZQ4I3c82PxB4m1MFc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/41af2d-f3de-45d5-941c-c43ac429e53f/1/B2LH3n_jhs_XUEULPL2xqfvQ10c.roa
Signing time: Sun 01 Jan 2023 13:34:44 +0000
ROA not before: Sun 01 Jan 2023 13:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397918
IP address blocks: 206.195.48.0/24 maxlen: 24
2a04:5781:3001::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:b3:62:73:97:40:33:16:9a:8f:a6:ad:13:b6:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90620638ca1d835650e08ddcf363f10789b53057
Validity
Not Before: Jan 1 13:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0762c7de7fe386cfd750450b3cbdb1a9fbd0d747
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0c:7b:9d:e8:c8:cb:66:ed:ad:30:50:ec:1c:
83:eb:ab:fb:5e:d0:f5:94:78:c8:66:64:13:d2:24:
c4:10:c6:70:8a:c3:32:11:96:0b:66:cc:84:21:c6:
7b:3e:fa:42:51:af:89:57:75:29:3a:cf:66:76:25:
9a:d5:df:80:7a:8c:52:a2:3d:7e:aa:d8:4b:55:da:
f7:50:e4:7b:0b:73:53:49:23:18:88:51:c8:87:3d:
1f:2c:02:15:8c:0c:74:98:47:54:5a:44:e1:c1:fb:
46:d5:4f:90:af:ae:78:00:86:ca:b7:0b:85:99:1f:
45:13:f0:8f:2c:0a:b6:40:a0:33:48:8f:f4:b2:13:
1b:6a:5a:bf:9b:1d:35:34:b0:e2:d5:82:13:23:df:
c9:34:82:25:71:39:32:99:1d:c0:0b:20:2e:39:03:
76:e5:60:1a:ff:28:bf:a8:4f:67:4f:90:77:88:60:
8a:e6:cd:64:af:7a:a2:5e:f1:cf:a9:c0:24:68:61:
f5:f1:ed:f0:75:bd:da:1b:c3:8e:e9:65:2a:36:a7:
0b:5d:de:b0:ed:09:a7:98:67:fd:15:21:39:c1:2d:
fb:82:d8:e1:c8:93:47:a0:8c:77:3d:26:83:45:65:
7f:48:c8:0a:44:ac:2f:c6:f9:45:9a:93:97:9b:ba:
bb:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:62:C7:DE:7F:E3:86:CF:D7:50:45:0B:3C:BD:B1:A9:FB:D0:D7:47
X509v3 Authority Key Identifier:
keyid:90:62:06:38:CA:1D:83:56:50:E0:8D:DC:F3:63:F1:07:89:B5:30:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kGIGOModg1ZQ4I3c82PxB4m1MFc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/41af2d-f3de-45d5-941c-c43ac429e53f/1/B2LH3n_jhs_XUEULPL2xqfvQ10c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/41af2d-f3de-45d5-941c-c43ac429e53f/1/kGIGOModg1ZQ4I3c82PxB4m1MFc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
206.195.48.0/24
IPv6:
2a04:5781:3001::/48
Signature Algorithm: sha256WithRSAEncryption
2b:d6:ad:4e:b0:89:b5:44:f1:91:6b:6a:fa:6f:3e:79:cb:94:
aa:b7:21:c7:05:30:01:6f:14:a7:31:52:f5:12:51:50:92:ab:
8f:44:3c:16:8d:6d:88:d9:7c:b3:bd:c6:0f:12:34:85:c9:cc:
18:57:15:b6:c3:cf:1c:7c:88:71:3e:ab:c9:f3:f7:28:7f:99:
c9:dd:3d:4e:2b:ee:de:36:95:7c:b4:5c:a2:3a:73:8c:6a:8d:
fd:a8:28:2b:7b:4e:0f:59:b8:34:ce:78:bd:2d:ab:39:a0:a2:
e9:a6:46:50:16:d2:e5:92:d6:4f:b8:d0:51:2a:17:7f:2f:48:
6e:52:36:a0:e5:8e:b5:2e:e2:f1:15:aa:29:8f:c0:0f:c0:d4:
0f:ae:bb:21:92:ed:d2:7b:4d:0a:d4:9e:0f:cb:f9:71:3a:e3:
24:8e:f8:99:04:82:3f:99:b0:b1:6d:db:66:13:46:4c:35:61:
33:54:ef:07:98:94:08:f6:7f:d0:61:c8:4d:3a:52:3d:2a:e8:
89:79:ec:a7:80:d2:fa:e8:e7:7d:77:5a:99:f6:35:97:b5:4b:
6b:8f:73:a0:5b:b0:f0:74:59:06:69:28:5a:e5:09:79:28:2a:
f4:84:f8:82:07:e9:68:f8:a1:f6:ec:28:38:c2:1b:56:34:e6:
55:70:4d:33
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVtirNic5dAMxaaj6atE7bNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwNjIwNjM4Y2ExZDgzNTY1MGUwOGRkY2YzNjNmMTA3ODli
NTMwNTcwHhcNMjMwMTAxMTMzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzYyYzdkZTdmZTM4NmNmZDc1MDQ1MGIzY2JkYjFhOWZiZDBkNzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwx7nejIy2btrTBQ7ByD66v7XtD1
lHjIZmQT0iTEEMZwisMyEZYLZsyEIcZ7PvpCUa+JV3UpOs9mdiWa1d+AeoxSoj1+
qthLVdr3UOR7C3NTSSMYiFHIhz0fLAIVjAx0mEdUWkThwftG1U+Qr654AIbKtwuF
mR9FE/CPLAq2QKAzSI/0shMbalq/mx01NLDi1YITI9/JNIIlcTkymR3ACyAuOQN2
5WAa/yi/qE9nT5B3iGCK5s1kr3qiXvHPqcAkaGH18e3wdb3aG8OO6WUqNqcLXd6w
7QmnmGf9FSE5wS37gtjhyJNHoIx3PSaDRWV/SMgKRKwvxvlFmpOXm7q71wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAdix95/44bP11BFCzy9san70NdHMB8GA1UdIwQY
MBaAFJBiBjjKHYNWUOCN3PNj8QeJtTBXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0dJR09Nb2RnMVpRNEkzYzgyUHhCNG0xTUZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS80MWFmMmQtZjNkZS00NWQ1LTk0MWMt
YzQzYWM0MjllNTNmLzEvQjJMSDNuX2poc19YVUVVTFBMMnhxZnZRMTBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS80MWFmMmQtZjNkZS00NWQ1LTk0MWMtYzQzYWM0MjllNTNm
LzEva0dJR09Nb2RnMVpRNEkzYzgyUHhCNG0xTUZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAzsMwMA8E
AgACMAkDBwAqBFeBMAEwDQYJKoZIhvcNAQELBQADggEBACvWrU6wibVE8ZFravpv
PnnLlKq3IccFMAFvFKcxUvUSUVCSq49EPBaNbYjZfLO9xg8SNIXJzBhXFbbDzxx8
iHE+q8nz9yh/mcndPU4r7t42lXy0XKI6c4xqjf2oKCt7Tg9ZuDTOeL0tqzmgoumm
RlAW0uWS1k+40FEqF38vSG5SNqDljrUu4vEVqimPwA/A1A+uuyGS7dJ7TQrUng/L
+XE64ySO+JkEgj+ZsLFt22YTRkw1YTNU7weYlAj2f9BhyE06Uj0q6Il57KeA0vro
5313Wpn2NZe1S2uPc6BbsPB0WQZpKFrlCXkoKvSE+IIH6Wj4ofbsKDjCG1Y05lVw
TTM=
-----END CERTIFICATE-----
Generated at Fri Apr 18 11:19:45 2025 by rpki-client