Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/6efd1b-3e10-4446-92c7-b92cb6113035/1/BhYGX9ib2iosgfU3tCRmD-X-Rls.roa
File: BhYGX9ib2iosgfU3tCRmD-X-Rls.roa (raw, json)
Hash identifier: 73bFk1eKqyup/qFAjr3fAW82G4IdWLY6C51aeDqUAwY=
Subject key identifier: 06:16:06:5F:D8:9B:DA:2A:2C:81:F5:37:B4:24:66:0F:E5:FE:46:5B
Certificate issuer: /CN=aa88fae35b66b4de2e41ca5ee077b5ef0b4ab649
Certificate serial: 01857371902117318B9FA7F930C7F25E6D4C
Authority key identifier: AA:88:FA:E3:5B:66:B4:DE:2E:41:CA:5E:E0:77:B5:EF:0B:4A:B6:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qoj641tmtN4uQcpe4He17wtKtkk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/6efd1b-3e10-4446-92c7-b92cb6113035/1/BhYGX9ib2iosgfU3tCRmD-X-Rls.roa
Signing time: Mon 02 Jan 2023 17:05:00 +0000
ROA not before: Mon 02 Jan 2023 17:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59545
IP address blocks: 185.159.250.0/23 maxlen: 24
185.159.248.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:71:90:21:17:31:8b:9f:a7:f9:30:c7:f2:5e:6d:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa88fae35b66b4de2e41ca5ee077b5ef0b4ab649
Validity
Not Before: Jan 2 17:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0616065fd89bda2a2c81f537b424660fe5fe465b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:14:ac:ef:18:3b:03:9a:fd:a7:c1:80:82:8d:
ca:c2:7c:c8:4a:4e:76:93:fe:23:da:df:47:c5:b8:
14:1a:16:d0:c0:78:00:4d:56:7a:cd:4c:f8:fa:f8:
be:26:c7:b0:0a:ed:61:5f:20:ae:6d:93:06:78:6a:
b7:41:55:17:30:a2:76:1e:dd:3e:41:56:45:e3:8a:
f1:a9:1a:ff:8a:5f:ab:5c:77:0a:f7:7b:79:71:6a:
33:6b:43:42:b4:0b:66:22:45:1a:cb:7e:b0:62:ee:
d6:9a:85:ce:41:ac:60:fa:b0:85:35:d7:ca:89:18:
2d:f5:b7:e4:21:87:6e:9f:c4:d4:f8:1f:3e:b3:4a:
f0:0a:0b:01:d8:f6:4e:dc:14:7b:cf:4f:da:00:d3:
66:4e:28:41:70:30:1a:89:c9:f8:11:ee:38:23:7f:
8c:d0:88:d5:c9:af:98:93:38:58:26:63:98:54:2b:
e6:27:e5:f0:c4:53:2c:6d:25:1b:62:ff:98:81:45:
02:58:48:d6:a8:83:ef:c4:96:ac:b2:f4:d4:bd:8b:
19:99:d7:53:d5:3b:86:c7:7e:eb:d2:d4:85:19:a0:
3f:3b:31:b4:18:18:a2:e5:e7:86:26:c5:2c:bf:f2:
ac:31:ec:ee:b0:c7:6c:ba:28:b1:4b:70:45:41:54:
63:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:16:06:5F:D8:9B:DA:2A:2C:81:F5:37:B4:24:66:0F:E5:FE:46:5B
X509v3 Authority Key Identifier:
keyid:AA:88:FA:E3:5B:66:B4:DE:2E:41:CA:5E:E0:77:B5:EF:0B:4A:B6:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qoj641tmtN4uQcpe4He17wtKtkk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/6efd1b-3e10-4446-92c7-b92cb6113035/1/BhYGX9ib2iosgfU3tCRmD-X-Rls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/6efd1b-3e10-4446-92c7-b92cb6113035/1/qoj641tmtN4uQcpe4He17wtKtkk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.159.248.0/22
Signature Algorithm: sha256WithRSAEncryption
84:cb:b6:db:cb:4b:08:d2:8f:65:c0:1d:2f:5c:25:dc:65:a5:
8c:e4:d5:53:c9:9f:92:09:a4:ce:56:b1:ae:5a:53:24:15:9e:
22:d8:d1:59:51:0c:08:6f:c1:3f:1c:c0:48:93:d5:e4:c0:e7:
56:de:b1:90:b7:a1:20:69:fe:70:be:44:26:b9:ee:34:41:2a:
86:22:4d:85:f7:69:d3:84:0e:c1:23:32:95:a2:a4:39:4a:fe:
bc:3a:c6:34:0c:37:4b:d4:19:8d:19:59:ee:01:12:20:92:9f:
1c:15:50:e1:c4:1f:62:96:8f:86:a1:bf:4d:c2:8a:c0:36:2d:
c8:bc:13:ac:25:eb:5c:b0:ec:92:ea:ad:68:82:d0:46:f4:73:
18:7b:c1:8a:21:f9:cc:40:a3:e7:9a:39:f5:af:80:87:81:40:
6b:25:b4:4a:87:14:1a:63:3a:8b:7c:3e:38:22:c3:84:81:f7:
a9:32:ac:a4:0c:8a:ec:a7:6b:0a:25:23:0f:c8:be:06:1c:66:
0e:61:96:d3:20:7b:16:90:44:a0:5e:fb:c9:11:c0:3b:d7:79:
21:b3:86:f6:99:0d:fc:dd:b2:ba:5b:07:14:e0:fa:77:c0:13:
a7:d0:a0:11:01:24:da:56:39:90:90:69:75:41:07:1d:1e:f5:
32:5b:66:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzcZAhFzGLn6f5MMfyXm1MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhODhmYWUzNWI2NmI0ZGUyZTQxY2E1ZWUwNzdiNWVmMGI0
YWI2NDkwHhcNMjMwMTAyMTcwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjE2MDY1ZmQ4OWJkYTJhMmM4MWY1MzdiNDI0NjYwZmU1ZmU0NjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBSs7xg7A5r9p8GAgo3KwnzISk52
k/4j2t9HxbgUGhbQwHgATVZ6zUz4+vi+JsewCu1hXyCubZMGeGq3QVUXMKJ2Ht0+
QVZF44rxqRr/il+rXHcK93t5cWoza0NCtAtmIkUay36wYu7WmoXOQaxg+rCFNdfK
iRgt9bfkIYdun8TU+B8+s0rwCgsB2PZO3BR7z0/aANNmTihBcDAaicn4Ee44I3+M
0IjVya+YkzhYJmOYVCvmJ+XwxFMsbSUbYv+YgUUCWEjWqIPvxJassvTUvYsZmddT
1TuGx37r0tSFGaA/OzG0GBii5eeGJsUsv/KsMezusMdsuiixS3BFQVRjqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAYWBl/Ym9oqLIH1N7QkZg/l/kZbMB8GA1UdIwQY
MBaAFKqI+uNbZrTeLkHKXuB3te8LSrZJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW9qNjQxdG10TjR1UWNwZTRIZTE3d3RLdGtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS82ZWZkMWItM2UxMC00NDQ2LTkyYzct
YjkyY2I2MTEzMDM1LzEvQmhZR1g5aWIyaW9zZ2ZVM3RDUm1ELVgtUmxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS82ZWZkMWItM2UxMC00NDQ2LTkyYzctYjkyY2I2MTEzMDM1
LzEvcW9qNjQxdG10TjR1UWNwZTRIZTE3d3RLdGtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZ/4MA0G
CSqGSIb3DQEBCwUAA4IBAQCEy7bby0sI0o9lwB0vXCXcZaWM5NVTyZ+SCaTOVrGu
WlMkFZ4i2NFZUQwIb8E/HMBIk9XkwOdW3rGQt6Egaf5wvkQmue40QSqGIk2F92nT
hA7BIzKVoqQ5Sv68OsY0DDdL1BmNGVnuARIgkp8cFVDhxB9ilo+Gob9NworANi3I
vBOsJetcsOyS6q1ogtBG9HMYe8GKIfnMQKPnmjn1r4CHgUBrJbRKhxQaYzqLfD44
IsOEgfepMqykDIrsp2sKJSMPyL4GHGYOYZbTIHsWkESgXvvJEcA713khs4b2mQ38
3bK6WwcU4Pp3wBOn0KARASTaVjmQkGl1QQcdHvUyW2a2
-----END CERTIFICATE-----
Generated at Mon May 12 04:17:40 2025 by rpki-client