Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/6788f5-4889-4be7-bb19-a9b8de611a96/1/bwNkycJeavVPANMf8OeaXZEmlJA.roa
File: bwNkycJeavVPANMf8OeaXZEmlJA.roa (raw, json)
Hash identifier: sUBXuXpXN/yatlniLNdYPsmcMnbHuBRCfUvuggJDoQY=
Subject key identifier: 6F:03:64:C9:C2:5E:6A:F5:4F:00:D3:1F:F0:E7:9A:5D:91:26:94:90
Certificate issuer: /CN=925069a5d764da255954db2ee9d1243de16b9101
Certificate serial: 01894A4DFC5F78DD7594EE3FC04CE86AECC3
Authority key identifier: 92:50:69:A5:D7:64:DA:25:59:54:DB:2E:E9:D1:24:3D:E1:6B:91:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/klBppddk2iVZVNsu6dEkPeFrkQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/6788f5-4889-4be7-bb19-a9b8de611a96/1/bwNkycJeavVPANMf8OeaXZEmlJA.roa
Signing time: Wed 12 Jul 2023 13:32:52 +0000
ROA not before: Wed 12 Jul 2023 13:32:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39622
IP address blocks: 194.5.248.0/24 maxlen: 24
193.168.140.0/24 maxlen: 24
193.168.143.0/24 maxlen: 24
193.168.142.0/24 maxlen: 24
193.168.141.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:4a:4d:fc:5f:78:dd:75:94:ee:3f:c0:4c:e8:6a:ec:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=925069a5d764da255954db2ee9d1243de16b9101
Validity
Not Before: Jul 12 13:32:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f0364c9c25e6af54f00d31ff0e79a5d91269490
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b4:32:8a:ac:8e:e7:18:d6:9d:51:c5:b6:36:
d1:78:17:f2:72:9f:63:2c:dd:0b:96:7d:e5:29:8c:
8c:7b:56:b9:0a:09:1c:39:93:d6:a1:c2:8d:02:43:
9a:61:00:6f:db:b8:47:32:08:a6:14:f7:b7:0d:f8:
32:4d:8e:83:58:34:2f:1f:79:c3:8b:69:c7:f2:a7:
77:0d:2d:ce:4a:2b:ff:8d:db:2d:5f:5c:09:48:7d:
7e:d7:6c:07:70:4c:9a:5b:49:af:9a:ef:cb:48:bd:
91:6f:ea:02:99:eb:ce:e1:5b:cf:39:2d:ad:1d:74:
46:03:d4:35:21:ac:42:c0:54:38:b8:cc:ed:dc:f9:
cb:ec:33:10:6f:d1:06:e3:b9:ca:1d:85:e3:70:9c:
03:8d:03:a2:e5:a8:91:69:35:98:63:0e:2c:fb:25:
af:3a:93:ed:b3:7e:3b:d9:01:b1:b9:85:f0:16:f2:
2a:39:81:b5:7f:26:3b:49:39:52:fb:c0:bb:32:4a:
c6:07:91:35:63:50:af:ce:f5:82:38:f5:86:9b:42:
a4:0b:95:15:34:32:37:c9:c5:8a:3b:ea:ee:73:37:
ae:63:b0:6d:60:d3:e1:9f:8f:56:fb:60:b7:28:31:
24:ec:06:95:dd:07:57:80:9f:71:a7:1a:1e:6c:d0:
36:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:03:64:C9:C2:5E:6A:F5:4F:00:D3:1F:F0:E7:9A:5D:91:26:94:90
X509v3 Authority Key Identifier:
keyid:92:50:69:A5:D7:64:DA:25:59:54:DB:2E:E9:D1:24:3D:E1:6B:91:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/klBppddk2iVZVNsu6dEkPeFrkQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/6788f5-4889-4be7-bb19-a9b8de611a96/1/bwNkycJeavVPANMf8OeaXZEmlJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/6788f5-4889-4be7-bb19-a9b8de611a96/1/klBppddk2iVZVNsu6dEkPeFrkQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.140.0/22
194.5.248.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:89:57:d1:af:ea:d9:e4:4d:7f:14:eb:01:df:ed:5d:fd:86:
9a:5c:1e:47:4b:81:ef:c4:2d:c8:62:38:e1:29:f6:de:57:8e:
36:b8:5b:f5:a7:15:5c:37:4e:6a:06:65:19:48:cf:0c:7e:26:
18:ed:86:14:ed:6d:78:b3:a5:2e:72:95:fe:24:a7:b3:0f:65:
6d:8a:ae:29:a5:5c:27:cf:f3:4a:43:a7:b9:36:fc:87:b4:39:
b7:b7:dc:55:4f:2d:7d:3e:8f:21:8b:a8:e5:db:89:0e:ef:80:
1c:16:f0:e0:65:08:30:37:cd:7f:90:47:c7:1f:38:51:87:48:
fe:c3:f9:c4:d9:d8:2d:c8:74:9d:c0:ff:e4:6b:a1:1f:c6:d3:
c5:ae:b0:04:2b:6b:01:68:fd:a3:25:42:1d:a5:e0:be:ab:39:
5e:fe:cc:86:55:51:0f:72:8e:f8:f7:c6:8b:51:d5:de:23:e5:
d9:eb:75:9a:da:a0:0c:ee:9d:43:ff:37:76:a0:ff:7f:63:b0:
dd:30:3e:a8:c4:ac:aa:b0:3a:1d:10:f0:90:57:91:61:d4:57:
21:82:b0:76:8c:1b:ba:f0:10:29:5e:60:10:53:6f:f8:08:24:
93:01:c1:43:04:03:e6:18:f0:59:88:81:29:f6:97:ae:3d:5e:
d1:b3:0e:14
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYlKTfxfeN11lO4/wEzoauzDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNTA2OWE1ZDc2NGRhMjU1OTU0ZGIyZWU5ZDEyNDNkZTE2
YjkxMDEwHhcNMjMwNzEyMTMzMjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjAzNjRjOWMyNWU2YWY1NGYwMGQzMWZmMGU3OWE1ZDkxMjY5NDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7QyiqyO5xjWnVHFtjbReBfycp9j
LN0Lln3lKYyMe1a5CgkcOZPWocKNAkOaYQBv27hHMgimFPe3DfgyTY6DWDQvH3nD
i2nH8qd3DS3OSiv/jdstX1wJSH1+12wHcEyaW0mvmu/LSL2Rb+oCmevO4VvPOS2t
HXRGA9Q1IaxCwFQ4uMzt3PnL7DMQb9EG47nKHYXjcJwDjQOi5aiRaTWYYw4s+yWv
OpPts3472QGxuYXwFvIqOYG1fyY7STlS+8C7MkrGB5E1Y1CvzvWCOPWGm0KkC5UV
NDI3ycWKO+ruczeuY7BtYNPhn49W+2C3KDEk7AaV3QdXgJ9xpxoebNA2VQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG8DZMnCXmr1TwDTH/Dnml2RJpSQMB8GA1UdIwQY
MBaAFJJQaaXXZNolWVTbLunRJD3ha5EBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2xCcHBkZGsyaVZaVk5zdTZkRWtQZUZya1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS82Nzg4ZjUtNDg4OS00YmU3LWJiMTkt
YTliOGRlNjExYTk2LzEvYndOa3ljSmVhdlZQQU5NZjhPZWFYWkVtbEpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS82Nzg4ZjUtNDg4OS00YmU3LWJiMTktYTliOGRlNjExYTk2
LzEva2xCcHBkZGsyaVZaVk5zdTZkRWtQZUZya1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwaiMAwQA
wgX4MA0GCSqGSIb3DQEBCwUAA4IBAQAviVfRr+rZ5E1/FOsB3+1d/YaaXB5HS4Hv
xC3IYjjhKfbeV442uFv1pxVcN05qBmUZSM8MfiYY7YYU7W14s6UucpX+JKezD2Vt
iq4ppVwnz/NKQ6e5NvyHtDm3t9xVTy19Po8hi6jl24kO74AcFvDgZQgwN81/kEfH
HzhRh0j+w/nE2dgtyHSdwP/ka6EfxtPFrrAEK2sBaP2jJUIdpeC+qzle/syGVVEP
co7498aLUdXeI+XZ63Wa2qAM7p1D/zd2oP9/Y7DdMD6oxKyqsDodEPCQV5Fh1Fch
grB2jBu68BApXmAQU2/4CCSTAcFDBAPmGPBZiIEp9peuPV7Rsw4U
-----END CERTIFICATE-----
Generated at Sun May 11 21:18:36 2025 by rpki-client