Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/bwKKoI-gIZRGxHcURaZ_m1hP7uo.roa
File: bwKKoI-gIZRGxHcURaZ_m1hP7uo.roa (raw, json)
Hash identifier: x7p2xudV/iCk4Bu/SKOwijxB8+wAoQoEq7NVgaYZtIg=
Subject key identifier: 6F:02:8A:A0:8F:A0:21:94:46:C4:77:14:45:A6:7F:9B:58:4F:EE:EA
Certificate issuer: /CN=79d565f99ff5e0ffb5bdf9995ed7a808d41406e5
Certificate serial: 0186451329B5C1F4372BAB4B8FEBC3099174
Authority key identifier: 79:D5:65:F9:9F:F5:E0:FF:B5:BD:F9:99:5E:D7:A8:08:D4:14:06:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/edVl-Z_14P-1vfmZXteoCNQUBuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/bwKKoI-gIZRGxHcURaZ_m1hP7uo.roa
Signing time: Sun 12 Feb 2023 10:02:09 +0000
ROA not before: Sun 12 Feb 2023 10:02:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202468
IP address blocks: 130.185.120.0/22 maxlen: 24
185.235.40.0/22 maxlen: 24
185.204.168.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:45:13:29:b5:c1:f4:37:2b:ab:4b:8f:eb:c3:09:91:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79d565f99ff5e0ffb5bdf9995ed7a808d41406e5
Validity
Not Before: Feb 12 10:02:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f028aa08fa0219446c4771445a67f9b584feeea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ef:64:5a:b3:cd:72:5c:90:a8:fd:3c:a0:f1:
dd:fa:d9:26:0d:12:1a:82:48:24:76:dd:75:e6:5c:
79:57:f5:30:30:b1:e9:68:2a:fc:c8:0c:f2:74:d4:
09:09:7b:f4:2d:45:e5:95:07:9b:38:98:65:b2:46:
08:7b:69:18:e2:49:c8:bc:e2:34:e4:42:17:71:a5:
32:e2:db:c0:65:5c:0b:48:23:74:83:54:56:be:a5:
f8:66:fc:76:da:cd:e1:20:f3:95:11:0b:24:bb:44:
8b:7b:13:d2:7d:09:af:e1:94:dd:12:12:fb:22:ab:
c4:89:45:4b:3a:ee:ad:b4:3d:69:51:6d:d4:7d:6b:
91:c3:6f:de:f2:5c:38:a7:a1:9d:53:e9:8a:b6:7f:
ed:b2:4b:c2:94:78:cf:8f:fc:0d:93:52:d4:7d:01:
cf:f8:f0:0d:1b:0c:2b:28:34:f2:a1:cd:e6:b7:d4:
de:56:18:bb:c4:08:32:12:32:65:e6:05:ab:6a:d4:
8f:ef:c5:25:ec:30:5d:92:af:29:b7:ed:9d:ae:61:
05:e4:43:6e:08:98:0b:58:1b:91:90:74:c4:da:3c:
28:34:b8:19:f2:47:98:de:20:c1:45:73:f0:77:bf:
a8:36:c7:30:e6:35:2b:38:48:c1:21:0f:9e:04:4d:
2a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:02:8A:A0:8F:A0:21:94:46:C4:77:14:45:A6:7F:9B:58:4F:EE:EA
X509v3 Authority Key Identifier:
keyid:79:D5:65:F9:9F:F5:E0:FF:B5:BD:F9:99:5E:D7:A8:08:D4:14:06:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/edVl-Z_14P-1vfmZXteoCNQUBuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/bwKKoI-gIZRGxHcURaZ_m1hP7uo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/edVl-Z_14P-1vfmZXteoCNQUBuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.185.120.0/22
185.204.168.0/22
185.235.40.0/22
Signature Algorithm: sha256WithRSAEncryption
da:46:f7:1d:4e:62:1f:be:c8:a9:37:17:0a:80:0f:a5:4b:62:
d4:32:17:bb:aa:6c:17:75:95:fc:99:c6:ff:b9:b1:11:12:25:
14:c7:5c:00:61:11:78:a1:f7:77:d6:45:b2:5d:60:3b:20:d7:
3f:f6:cd:24:78:e5:a3:a8:c0:0b:e7:b8:d5:fe:b5:d0:81:f8:
a7:53:99:d9:f8:b1:ca:52:b2:bf:d4:67:f1:23:e2:d6:18:0e:
85:d3:70:b3:5a:1f:15:98:c8:22:f1:dc:2d:b3:cc:ac:ad:80:
cc:2a:7c:0e:45:b9:94:b8:24:be:ce:97:0e:b8:1f:8b:10:fb:
84:23:71:fb:b6:48:8d:73:11:f4:f0:92:4e:a4:c4:da:c3:0a:
85:c7:00:c9:c8:4f:f8:b4:b6:40:0d:ae:a2:8e:26:b6:75:59:
ca:b7:e7:db:76:f6:74:21:85:d8:9f:29:98:dc:09:a0:24:58:
47:c9:94:51:c3:9d:ef:64:f9:02:95:21:0b:bb:9a:a2:3a:8c:
ab:f6:71:5b:9c:b6:50:0a:40:74:bc:3e:31:ee:2a:25:9d:f1:
b2:31:a4:3f:25:8c:17:f0:fd:45:a9:64:be:aa:b3:83:fe:20:
dd:97:73:88:2c:d3:34:30:88:ad:16:ee:24:34:c4:e9:a7:e1:
b6:1b:e3:59
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZFEym1wfQ3K6tLj+vDCZF0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ZDU2NWY5OWZmNWUwZmZiNWJkZjk5OTVlZDdhODA4ZDQx
NDA2ZTUwHhcNMjMwMjEyMTAwMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjAyOGFhMDhmYTAyMTk0NDZjNDc3MTQ0NWE2N2Y5YjU4NGZlZWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAru9kWrPNclyQqP08oPHd+tkmDRIa
gkgkdt115lx5V/UwMLHpaCr8yAzydNQJCXv0LUXllQebOJhlskYIe2kY4knIvOI0
5EIXcaUy4tvAZVwLSCN0g1RWvqX4Zvx22s3hIPOVEQsku0SLexPSfQmv4ZTdEhL7
IqvEiUVLOu6ttD1pUW3UfWuRw2/e8lw4p6GdU+mKtn/tskvClHjPj/wNk1LUfQHP
+PANGwwrKDTyoc3mt9TeVhi7xAgyEjJl5gWratSP78Ul7DBdkq8pt+2drmEF5ENu
CJgLWBuRkHTE2jwoNLgZ8keY3iDBRXPwd7+oNscw5jUrOEjBIQ+eBE0qzQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG8CiqCPoCGURsR3FEWmf5tYT+7qMB8GA1UdIwQY
MBaAFHnVZfmf9eD/tb35mV7XqAjUFAblMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWRWbC1aXzE0UC0xdmZtWlh0ZW9DTlFVQnVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9lZTVjZDctYjMwZS00NjZiLWFhYWQt
NmMzYjg3NDQzZTA2LzEvYndLS29JLWdJWlJHeEhjVVJhWl9tMWhQN3VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9lZTVjZDctYjMwZS00NjZiLWFhYWQtNmMzYjg3NDQzZTA2
LzEvZWRWbC1aXzE0UC0xdmZtWlh0ZW9DTlFVQnVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCgrl4AwQC
ucyoAwQCuesoMA0GCSqGSIb3DQEBCwUAA4IBAQDaRvcdTmIfvsipNxcKgA+lS2LU
Mhe7qmwXdZX8mcb/ubEREiUUx1wAYRF4ofd31kWyXWA7INc/9s0keOWjqMAL57jV
/rXQgfinU5nZ+LHKUrK/1GfxI+LWGA6F03CzWh8VmMgi8dwts8ysrYDMKnwORbmU
uCS+zpcOuB+LEPuEI3H7tkiNcxH08JJOpMTawwqFxwDJyE/4tLZADa6ijia2dVnK
t+fbdvZ0IYXYnymY3AmgJFhHyZRRw53vZPkClSELu5qiOoyr9nFbnLZQCkB0vD4x
7iolnfGyMaQ/JYwX8P1FqWS+qrOD/iDdl3OILNM0MIitFu4kNMTpp+G2G+NZ
-----END CERTIFICATE-----
Generated at Sat May 10 19:43:25 2025 by rpki-client