Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/BdidjoB9yhvVvnA-EVt57mzMgxI.roa
File: BdidjoB9yhvVvnA-EVt57mzMgxI.roa (raw, json)
Hash identifier: tDWIxugDupAtvehREc1oBPhYDiV9QXVE9ot7gKvAErs=
Subject key identifier: 05:D8:9D:8E:80:7D:CA:1B:D5:BE:70:3E:11:5B:79:EE:6C:CC:83:12
Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df
Certificate serial: 01856F54A7935443EA73D8CCE344CA171C8B
Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/BdidjoB9yhvVvnA-EVt57mzMgxI.roa
Signing time: Sun 01 Jan 2023 21:54:56 +0000
ROA not before: Sun 01 Jan 2023 21:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9063
IP address blocks: 153.96.57.0/24 maxlen: 24
153.96.183.0/24 maxlen: 24
153.96.139.0/24 maxlen: 24
153.96.137.0/24 maxlen: 24
153.96.136.0/24 maxlen: 24
153.96.138.0/24 maxlen: 24
129.233.211.0/24 maxlen: 24
153.96.50.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:a7:93:54:43:ea:73:d8:cc:e3:44:ca:17:1c:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df
Validity
Not Before: Jan 1 21:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05d89d8e807dca1bd5be703e115b79ee6ccc8312
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:4a:56:51:1c:7a:c3:af:32:1c:69:fc:88:fb:
46:d4:4a:f8:07:cc:7b:1d:94:0d:94:ac:c4:cf:5d:
f4:04:ed:c6:23:82:c3:86:a4:f9:72:80:6a:15:f5:
5a:28:81:cb:03:b7:d1:ea:df:ec:93:92:61:a3:17:
69:af:2a:3a:94:f0:f4:b0:39:e1:4e:e4:4e:9d:c9:
c7:25:9c:6f:bb:08:51:b2:b3:e1:52:58:79:e8:61:
6e:4c:62:94:55:b5:34:88:5c:8a:41:92:ac:5a:e7:
91:5a:e3:22:cc:19:e6:17:33:90:74:90:64:73:f5:
56:93:70:59:7a:a9:f6:d2:bb:2b:69:6d:7f:c5:99:
65:8f:52:17:4a:e7:c6:5e:72:80:f1:1f:c8:f7:22:
80:28:c8:8b:b2:1e:61:9b:7d:a2:81:af:2b:3f:60:
4a:11:93:83:88:cf:aa:7a:ee:65:dc:a7:dd:6f:56:
a0:3a:f8:15:08:bd:2d:f6:95:01:07:c0:ff:fd:dc:
a0:d7:05:7f:56:38:6a:a0:e4:54:fc:4d:39:00:a4:
f2:8b:35:e7:b7:b1:c8:b9:49:c3:e4:6f:58:59:be:
f2:19:24:2e:e8:8c:3e:bd:07:20:45:be:63:17:b6:
94:50:31:09:73:d5:a3:d8:c5:27:bc:ae:dc:3e:fa:
e9:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:D8:9D:8E:80:7D:CA:1B:D5:BE:70:3E:11:5B:79:EE:6C:CC:83:12
X509v3 Authority Key Identifier:
keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/BdidjoB9yhvVvnA-EVt57mzMgxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.233.211.0/24
153.96.50.0/24
153.96.57.0/24
153.96.136.0/22
153.96.183.0/24
Signature Algorithm: sha256WithRSAEncryption
47:e2:fd:c7:fe:2e:d1:83:ee:21:13:a6:76:e8:d5:9f:6f:49:
b7:1b:52:64:a0:4d:c8:1f:1e:02:a6:26:8f:0a:0d:55:c5:97:
64:d0:bd:5e:69:6c:bb:ac:c2:3d:84:17:f8:72:3c:7a:6d:ae:
34:8b:17:ac:34:68:f2:93:7a:19:ee:dc:52:92:5b:1c:7f:59:
ea:ea:6a:a4:d0:87:42:0a:c4:bb:3b:5a:d5:73:3a:c9:d2:46:
09:8e:2b:fd:f0:dd:09:8f:4b:1c:75:7d:b4:bd:3d:f0:13:8d:
40:43:f2:52:24:1a:7b:3d:b8:be:d0:68:07:bf:5d:7e:e6:fe:
87:60:a0:27:4d:1d:3e:7b:ab:7e:40:aa:1f:c5:3a:35:69:1f:
ac:42:2b:b8:ce:e5:b2:fc:a5:e0:cb:e1:e2:6d:fe:d0:d4:52:
43:c3:1a:c5:e6:c4:3e:6c:73:8a:e6:2d:df:cf:c6:69:d4:e1:
2a:51:b5:ff:4a:59:56:38:a5:7a:02:42:46:14:1b:b2:6a:54:
6c:aa:f4:86:05:8c:86:6a:df:54:ea:0d:82:a6:f9:f9:ea:81:
32:86:10:aa:6c:71:92:3a:a1:2c:56:51:a9:7e:18:26:28:13:
f1:8e:cb:5f:8b:23:31:8e:5d:bf:31:8f:46:2c:bb:46:bb:17:
63:69:7a:e0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVvVKeTVEPqc9jM40TKFxyLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTc1ODI2ZTk5MTIyNWE0MjlmZjhhMWU3ZmZkYzgwNDY2
NDIwZGYwHhcNMjMwMTAxMjE1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWQ4OWQ4ZTgwN2RjYTFiZDViZTcwM2UxMTViNzllZTZjY2M4MzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEpWURx6w68yHGn8iPtG1Er4B8x7
HZQNlKzEz130BO3GI4LDhqT5coBqFfVaKIHLA7fR6t/sk5Jhoxdpryo6lPD0sDnh
TuROncnHJZxvuwhRsrPhUlh56GFuTGKUVbU0iFyKQZKsWueRWuMizBnmFzOQdJBk
c/VWk3BZeqn20rsraW1/xZllj1IXSufGXnKA8R/I9yKAKMiLsh5hm32iga8rP2BK
EZODiM+qeu5l3Kfdb1agOvgVCL0t9pUBB8D//dyg1wV/VjhqoORU/E05AKTyizXn
t7HIuUnD5G9YWb7yGSQu6Iw+vQcgRb5jF7aUUDEJc9Wj2MUnvK7cPvrpKwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAXYnY6Afcob1b5wPhFbee5szIMSMB8GA1UdIwQY
MBaAFHanWCbpkSJaQp/4oef/3IBGZCDfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTct
YWQ4ZmJlYWE4ZGQ5LzEvQmRpZGpvQjl5aHZWdm5BLUVWdDU3bXpNZ3hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTctYWQ4ZmJlYWE4ZGQ5
LzEvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAgenTAwQA
mWAyAwQAmWA5AwQCmWCIAwQAmWC3MA0GCSqGSIb3DQEBCwUAA4IBAQBH4v3H/i7R
g+4hE6Z26NWfb0m3G1JkoE3IHx4CpiaPCg1VxZdk0L1eaWy7rMI9hBf4cjx6ba40
ixesNGjyk3oZ7txSklscf1nq6mqk0IdCCsS7O1rVczrJ0kYJjiv98N0Jj0scdX20
vT3wE41AQ/JSJBp7Pbi+0GgHv11+5v6HYKAnTR0+e6t+QKofxTo1aR+sQiu4zuWy
/KXgy+Hibf7Q1FJDwxrF5sQ+bHOK5i3fz8Zp1OEqUbX/SllWOKV6AkJGFBuyalRs
qvSGBYyGat9U6g2Cpvn56oEyhhCqbHGSOqEsVlGpfhgmKBPxjstfiyMxjl2/MY9G
LLtGuxdjaXrg
-----END CERTIFICATE-----
Generated at Sat May 10 13:28:09 2025 by rpki-client