Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/ec3284-3576-4ee4-93b8-1847cb88e83a/1/bbacTj10N5O4AuURZbAICyj96Wg.roa
File: bbacTj10N5O4AuURZbAICyj96Wg.roa (raw, json)
Hash identifier: wgf+sF5nAe0Fai99DCdA05YjJ3PAK3nR+M2Dl31FVmM=
Subject key identifier: 6D:B6:9C:4E:3D:74:37:93:B8:02:E5:11:65:B0:08:0B:28:FD:E9:68
Certificate issuer: /CN=c2afc14dce450b05ec86c7c53070cd6bb6dbc7ee
Certificate serial: 01856F4B6193CBE762A65EB1580CA813BE6B
Authority key identifier: C2:AF:C1:4D:CE:45:0B:05:EC:86:C7:C5:30:70:CD:6B:B6:DB:C7:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wq_BTc5FCwXshsfFMHDNa7bbx-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/ec3284-3576-4ee4-93b8-1847cb88e83a/1/bbacTj10N5O4AuURZbAICyj96Wg.roa
Signing time: Sun 01 Jan 2023 21:44:49 +0000
ROA not before: Sun 01 Jan 2023 21:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204818
IP address blocks: 217.16.0.0/24 maxlen: 24
217.16.1.0/24 maxlen: 24
217.16.2.0/24 maxlen: 24
217.16.0.0/20 maxlen: 20
217.16.3.0/24 maxlen: 24
217.16.4.0/24 maxlen: 24
217.16.6.0/24 maxlen: 24
217.16.7.0/24 maxlen: 24
217.16.8.0/24 maxlen: 24
217.16.9.0/24 maxlen: 24
217.16.10.0/24 maxlen: 24
217.16.11.0/24 maxlen: 24
217.16.5.0/24 maxlen: 24
217.16.13.0/24 maxlen: 24
217.16.14.0/24 maxlen: 24
217.16.15.0/24 maxlen: 24
217.16.12.0/24 maxlen: 24
46.182.4.0/22 maxlen: 22
46.182.4.0/24 maxlen: 24
2a05:36c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:61:93:cb:e7:62:a6:5e:b1:58:0c:a8:13:be:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2afc14dce450b05ec86c7c53070cd6bb6dbc7ee
Validity
Not Before: Jan 1 21:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6db69c4e3d743793b802e51165b0080b28fde968
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:eb:69:66:aa:af:d3:f7:d9:25:01:5a:af:f8:
a2:e1:05:7e:5a:58:a9:46:a2:35:5d:b7:6c:29:1b:
1d:8a:36:3f:66:ec:80:f8:06:70:e7:cd:30:c5:63:
8c:0a:ee:59:5a:33:de:a4:49:86:e3:ea:9e:1c:92:
89:57:9d:f6:b1:5a:0a:79:9a:df:41:03:da:2b:b3:
7a:df:5b:37:9e:14:6b:e3:d4:57:bc:eb:56:35:99:
13:07:93:c3:e8:aa:3f:6b:03:9e:2e:0f:8b:7d:d1:
6a:82:26:80:aa:6b:61:a0:f1:1f:c5:c8:03:55:b3:
17:69:4c:23:cd:78:a2:ad:d2:70:9c:80:a5:11:c9:
0a:ef:50:dd:c3:4e:db:e6:de:b7:2d:ea:91:51:cd:
b1:eb:57:9e:0c:a6:7d:4e:e1:b6:8a:37:16:d4:58:
47:55:c8:ee:c4:21:3c:82:a0:16:9e:8b:47:98:13:
3f:2c:13:ed:f5:50:df:c8:ab:97:da:44:42:40:a6:
b5:6b:10:cd:43:9f:50:7b:09:5f:eb:a1:27:a2:8a:
6b:20:88:0c:bf:6f:65:48:02:e0:3e:bd:8d:dd:44:
73:50:e3:c0:e0:c8:7c:1b:40:8b:a7:41:19:45:93:
5c:4c:1d:c6:7f:a1:f1:d5:b7:47:94:f2:6d:17:ad:
84:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:B6:9C:4E:3D:74:37:93:B8:02:E5:11:65:B0:08:0B:28:FD:E9:68
X509v3 Authority Key Identifier:
keyid:C2:AF:C1:4D:CE:45:0B:05:EC:86:C7:C5:30:70:CD:6B:B6:DB:C7:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wq_BTc5FCwXshsfFMHDNa7bbx-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ec3284-3576-4ee4-93b8-1847cb88e83a/1/bbacTj10N5O4AuURZbAICyj96Wg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ec3284-3576-4ee4-93b8-1847cb88e83a/1/wq_BTc5FCwXshsfFMHDNa7bbx-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.182.4.0/22
217.16.0.0/20
IPv6:
2a05:36c0::/29
Signature Algorithm: sha256WithRSAEncryption
24:be:51:c8:88:49:6c:2f:1f:26:44:bf:d0:a3:c4:56:9d:72:
12:2a:b8:9f:f9:12:6f:5e:03:87:e4:e3:05:04:f6:11:84:aa:
8c:e1:4c:7a:df:90:4f:57:c0:b7:4f:39:47:e0:c5:30:19:b0:
4b:65:ab:85:85:0b:9c:2f:44:09:bb:60:e6:11:e5:99:54:b4:
62:31:05:04:55:b1:04:36:79:84:4b:fd:4e:94:ae:10:c1:c2:
c7:50:5e:aa:94:66:0f:10:a7:98:92:0e:62:ac:4d:c7:3e:e1:
e9:99:c3:4d:73:c7:4a:94:0c:23:55:16:4e:b3:56:db:96:d7:
b7:f9:0e:9e:67:5a:2b:c3:e4:5c:09:e2:c3:a4:94:2c:93:72:
1d:9f:14:32:ed:56:ef:32:33:11:95:f3:a6:87:95:ed:24:29:
d3:cc:ba:ae:9f:49:9c:e9:c0:54:e9:5a:07:80:9a:01:df:bc:
e9:5e:41:85:57:7e:23:e2:db:7d:e1:5c:55:65:b3:a1:68:b8:
bd:25:d6:b2:4c:7a:b4:52:ac:22:0c:e3:7f:fc:a5:b3:88:aa:
3c:41:91:4a:4d:93:f8:b0:fe:61:87:c0:88:27:e3:1a:fb:0d:
02:4b:06:8f:51:f5:62:cd:54:91:10:05:fb:89:dc:b4:16:c6:
e1:a8:3b:e1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvS2GTy+dipl6xWAyoE75rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyYWZjMTRkY2U0NTBiMDVlYzg2YzdjNTMwNzBjZDZiYjZk
YmM3ZWUwHhcNMjMwMTAxMjE0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGI2OWM0ZTNkNzQzNzkzYjgwMmU1MTE2NWIwMDgwYjI4ZmRlOTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoutpZqqv0/fZJQFar/ii4QV+Wlip
RqI1XbdsKRsdijY/ZuyA+AZw580wxWOMCu5ZWjPepEmG4+qeHJKJV532sVoKeZrf
QQPaK7N631s3nhRr49RXvOtWNZkTB5PD6Ko/awOeLg+LfdFqgiaAqmthoPEfxcgD
VbMXaUwjzXiirdJwnIClEckK71Ddw07b5t63LeqRUc2x61eeDKZ9TuG2ijcW1FhH
VcjuxCE8gqAWnotHmBM/LBPt9VDfyKuX2kRCQKa1axDNQ59Qewlf66EnooprIIgM
v29lSALgPr2N3URzUOPA4Mh8G0CLp0EZRZNcTB3Gf6Hx1bdHlPJtF62EHQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFG22nE49dDeTuALlEWWwCAso/eloMB8GA1UdIwQY
MBaAFMKvwU3ORQsF7IbHxTBwzWu228fuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3FfQlRjNUZDd1hzaHNmRk1IRE5hN2JieC00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9lYzMyODQtMzU3Ni00ZWU0LTkzYjgt
MTg0N2NiODhlODNhLzEvYmJhY1RqMTBONU80QXVVUlpiQUlDeWo5NldnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9lYzMyODQtMzU3Ni00ZWU0LTkzYjgtMTg0N2NiODhlODNh
LzEvd3FfQlRjNUZDd1hzaHNmRk1IRE5hN2JieC00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLrYEAwQE
2RAAMA0EAgACMAcDBQMqBTbAMA0GCSqGSIb3DQEBCwUAA4IBAQAkvlHIiElsLx8m
RL/Qo8RWnXISKrif+RJvXgOH5OMFBPYRhKqM4Ux635BPV8C3TzlH4MUwGbBLZauF
hQucL0QJu2DmEeWZVLRiMQUEVbEENnmES/1OlK4QwcLHUF6qlGYPEKeYkg5irE3H
PuHpmcNNc8dKlAwjVRZOs1bblte3+Q6eZ1orw+RcCeLDpJQsk3IdnxQy7VbvMjMR
lfOmh5XtJCnTzLqun0mc6cBU6VoHgJoB37zpXkGFV34j4tt94VxVZbOhaLi9Jday
THq0UqwiDON//KWziKo8QZFKTZP4sP5hh8CIJ+Ma+w0CSwaPUfVizVSREAX7idy0
FsbhqDvh
-----END CERTIFICATE-----
Generated at Mon May 12 03:51:14 2025 by rpki-client