Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/bsvZsOGGGBnGN0KWCb0EyX6W8Q4.roa
File: bsvZsOGGGBnGN0KWCb0EyX6W8Q4.roa (raw, json)
Hash identifier: ubJAvLpSx+qZaqxqeFAOyn/gcEZpe9kRyhlSE1mZr5E=
Subject key identifier: 6E:CB:D9:B0:E1:86:18:19:C6:37:42:96:09:BD:04:C9:7E:96:F1:0E
Certificate issuer: /CN=d50697943676399ac5cac6a3e476545af0df49dd
Certificate serial: 0189F88337150CD8EB9EAC488E1415B30C63
Authority key identifier: D5:06:97:94:36:76:39:9A:C5:CA:C6:A3:E4:76:54:5A:F0:DF:49:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1QaXlDZ2OZrFysaj5HZUWvDfSd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/bsvZsOGGGBnGN0KWCb0EyX6W8Q4.roa
Signing time: Tue 15 Aug 2023 09:24:56 +0000
ROA not before: Tue 15 Aug 2023 09:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 375
IP address blocks: 192.49.173.0/24 maxlen: 24
192.49.174.0/23 maxlen: 23
192.49.176.0/20 maxlen: 20
192.49.192.0/18 maxlen: 18
192.49.20.0/24 maxlen: 24
192.49.19.0/24 maxlen: 24
192.49.22.0/24 maxlen: 24
192.49.36.0/22 maxlen: 22
192.49.40.0/23 maxlen: 23
192.49.52.0/23 maxlen: 23
192.49.55.0/24 maxlen: 24
192.49.56.0/21 maxlen: 21
192.49.64.0/22 maxlen: 22
192.49.0.0/21 maxlen: 21
192.49.9.0/24 maxlen: 24
192.49.10.0/24 maxlen: 24
192.49.124.0/23 maxlen: 23
192.49.119.0/24 maxlen: 24
192.49.120.0/22 maxlen: 22
192.49.126.0/24 maxlen: 24
192.49.131.0/24 maxlen: 24
192.49.134.0/24 maxlen: 24
192.49.136.0/23 maxlen: 23
192.49.139.0/24 maxlen: 24
192.49.140.0/23 maxlen: 23
192.49.144.0/24 maxlen: 24
192.49.152.0/21 maxlen: 21
192.49.146.0/24 maxlen: 24
192.49.148.0/22 maxlen: 22
192.49.160.0/23 maxlen: 23
192.49.164.0/22 maxlen: 22
192.49.163.0/24 maxlen: 24
192.49.168.0/23 maxlen: 23
192.49.170.0/24 maxlen: 24
192.49.68.0/24 maxlen: 24
192.49.70.0/23 maxlen: 23
192.49.72.0/23 maxlen: 23
192.49.86.0/23 maxlen: 23
192.49.91.0/24 maxlen: 24
192.49.96.0/24 maxlen: 24
192.49.98.0/23 maxlen: 23
192.49.92.0/22 maxlen: 22
192.49.100.0/23 maxlen: 23
192.49.103.0/24 maxlen: 24
192.49.104.0/24 maxlen: 24
192.49.106.0/23 maxlen: 23
192.49.108.0/22 maxlen: 22
192.49.112.0/23 maxlen: 23
192.49.114.0/23 maxlen: 23
131.207.0.0/17 maxlen: 17
2a03:9b80::/34 maxlen: 34
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f8:83:37:15:0c:d8:eb:9e:ac:48:8e:14:15:b3:0c:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d50697943676399ac5cac6a3e476545af0df49dd
Validity
Not Before: Aug 15 09:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ecbd9b0e1861819c637429609bd04c97e96f10e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:1a:a6:36:52:e8:5a:35:b2:9a:12:16:45:87:
f9:84:da:3e:55:aa:c0:4b:fc:43:b9:29:d9:85:ef:
03:1a:c5:d7:da:0d:c7:d9:f6:f3:52:6b:a8:78:07:
76:54:2d:84:ea:60:2e:ab:68:28:99:71:3f:7d:8d:
6b:4c:af:1a:93:eb:d9:ed:46:3a:68:b6:5c:c5:a2:
2b:9b:41:19:2f:72:af:79:18:33:a2:f8:42:01:42:
a3:07:62:53:2b:06:b7:c3:0d:41:be:97:83:12:44:
7a:27:ee:1d:46:0d:48:3c:35:06:37:4c:66:e2:a9:
8e:45:6b:86:91:32:45:85:93:a0:ed:e6:0e:9a:50:
87:f2:5e:61:94:27:90:11:48:cf:29:a7:61:f0:1d:
c1:ce:9b:14:27:7d:0a:79:f5:61:96:d6:be:5b:32:
da:1c:6c:1e:a2:83:36:63:62:7f:12:d9:8c:6e:c5:
b3:2e:3c:02:9f:cf:4b:b9:6d:59:4d:17:00:58:80:
ef:5e:d6:70:e0:ba:32:4e:ee:2a:55:61:0a:b7:e9:
4e:89:73:ed:be:92:75:c6:66:a9:d3:77:4c:d3:99:
32:d1:e2:ec:97:54:d5:df:7a:24:c0:64:f5:7b:4e:
7a:48:12:a9:7a:4d:c8:b0:b2:c1:08:d1:9e:d8:d0:
bc:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:CB:D9:B0:E1:86:18:19:C6:37:42:96:09:BD:04:C9:7E:96:F1:0E
X509v3 Authority Key Identifier:
keyid:D5:06:97:94:36:76:39:9A:C5:CA:C6:A3:E4:76:54:5A:F0:DF:49:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1QaXlDZ2OZrFysaj5HZUWvDfSd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/bsvZsOGGGBnGN0KWCb0EyX6W8Q4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/1QaXlDZ2OZrFysaj5HZUWvDfSd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.207.0.0/17
192.49.0.0/21
192.49.9.0-192.49.10.255
192.49.19.0-192.49.20.255
192.49.22.0/24
192.49.36.0-192.49.41.255
192.49.52.0/23
192.49.55.0-192.49.68.255
192.49.70.0-192.49.73.255
192.49.86.0/23
192.49.91.0-192.49.96.255
192.49.98.0-192.49.101.255
192.49.103.0-192.49.104.255
192.49.106.0-192.49.115.255
192.49.119.0-192.49.126.255
192.49.131.0/24
192.49.134.0/24
192.49.136.0/23
192.49.139.0-192.49.141.255
192.49.144.0/24
192.49.146.0/24
192.49.148.0-192.49.161.255
192.49.163.0-192.49.170.255
192.49.173.0-192.49.255.255
IPv6:
2a03:9b80::/34
Signature Algorithm: sha256WithRSAEncryption
99:44:e1:cd:fb:03:12:bd:43:96:f8:99:3f:a2:32:ad:72:55:
a3:29:8b:f1:60:46:e9:97:8f:ee:d7:bd:bb:d0:b2:14:08:51:
fd:20:80:5f:1e:9b:f7:35:6e:c0:9f:79:81:0f:d2:02:1e:db:
51:cc:02:6d:f5:53:6e:1e:86:c4:4f:0c:97:d9:b1:f9:99:fe:
8b:35:0b:97:48:ef:46:aa:a6:57:ce:0c:c4:00:c2:10:f5:aa:
ce:0d:8b:77:df:67:e0:8d:9a:9f:02:46:9f:cd:1a:c4:3d:7e:
5f:cf:78:e6:22:d8:73:12:d3:04:64:85:2f:86:13:82:00:cf:
f7:a0:73:00:8d:a0:42:20:7c:b3:20:b9:9e:d4:92:ac:16:f5:
7d:d4:97:55:72:00:fe:6c:cf:f2:97:8b:65:69:96:12:23:9a:
91:86:73:db:be:5f:d6:56:a1:b2:6f:d6:d3:05:11:59:ce:bb:
25:bb:bd:4b:78:fb:7d:46:78:5b:46:e2:1a:8c:d9:d8:6e:cb:
a6:29:7d:59:56:ac:de:52:7e:28:6e:e9:ff:b6:67:e1:dc:95:
f5:a0:41:fd:36:db:aa:34:5c:1c:0f:8a:a8:1a:ec:66:e0:cf:
c1:ee:dd:93:4a:46:e5:54:c0:fd:60:34:5b:31:d4:3e:f2:d9:
b8:5a:2a:04
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgISAYn4gzcVDNjrnqxIjhQVswxjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MDY5Nzk0MzY3NjM5OWFjNWNhYzZhM2U0NzY1NDVhZjBk
ZjQ5ZGQwHhcNMjMwODE1MDkyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWNiZDliMGUxODYxODE5YzYzNzQyOTYwOWJkMDRjOTdlOTZmMTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxqmNlLoWjWymhIWRYf5hNo+VarA
S/xDuSnZhe8DGsXX2g3H2fbzUmuoeAd2VC2E6mAuq2gomXE/fY1rTK8ak+vZ7UY6
aLZcxaIrm0EZL3KveRgzovhCAUKjB2JTKwa3ww1BvpeDEkR6J+4dRg1IPDUGN0xm
4qmORWuGkTJFhZOg7eYOmlCH8l5hlCeQEUjPKadh8B3BzpsUJ30KefVhlta+WzLa
HGweooM2Y2J/EtmMbsWzLjwCn89LuW1ZTRcAWIDvXtZw4LoyTu4qVWEKt+lOiXPt
vpJ1xmap03dM05ky0eLsl1TV33okwGT1e056SBKpek3IsLLBCNGe2NC8+wIDAQAB
o4IDGzCCAxcwHQYDVR0OBBYEFG7L2bDhhhgZxjdClgm9BMl+lvEOMB8GA1UdIwQY
MBaAFNUGl5Q2djmaxcrGo+R2VFrw30ndMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVFhWGxEWjJPWnJGeXNhajVIWlVXdkRmU2QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS81ZjZhZmYtMTNiYi00ZGI4LTk1N2Yt
OGQyM2FjNWNiNTAyLzEvYnN2WnNPR0dHQm5HTjBLV0NiMEV5WDZXOFE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS81ZjZhZmYtMTNiYi00ZGI4LTk1N2YtOGQyM2FjNWNiNTAy
LzEvMVFhWGxEWjJPWnJGeXNhajVIWlVXdkRmU2QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLwYIKwYBBQUHAQcBAf8EggEeMIIBGjCCAQYEAgABMIH/
AwQHg88AAwQDwDEAMAwDBADAMQkDBADAMQowDAMEAMAxEwMEAMAxFAMEAMAxFjAM
AwQCwDEkAwQBwDEoAwQBwDE0MAwDBADAMTcDBADAMUQwDAMEAcAxRgMEAcAxSAME
AcAxVjAMAwQAwDFbAwQAwDFgMAwDBAHAMWIDBAHAMWQwDAMEAMAxZwMEAMAxaDAM
AwQBwDFqAwQCwDFwMAwDBADAMXcDBADAMX4DBADAMYMDBADAMYYDBAHAMYgwDAME
AMAxiwMEAcAxjAMEAMAxkAMEAMAxkjAMAwQCwDGUAwQBwDGgMAwDBADAMaMDBADA
MaowCwMEAMAxrQMDAcAwMA4EAgACMAgDBgYqA5uAADANBgkqhkiG9w0BAQsFAAOC
AQEAmUThzfsDEr1DlviZP6IyrXJVoymL8WBG6ZeP7te9u9CyFAhR/SCAXx6b9zVu
wJ95gQ/SAh7bUcwCbfVTbh6GxE8Ml9mx+Zn+izULl0jvRqqmV84MxADCEPWqzg2L
d99n4I2anwJGn80axD1+X8945iLYcxLTBGSFL4YTggDP96BzAI2gQiB8syC5ntSS
rBb1fdSXVXIA/mzP8peLZWmWEiOakYZz275f1lahsm/W0wURWc67Jbu9S3j7fUZ4
W0biGozZ2G7Lpil9WVas3lJ+KG7p/7Zn4dyV9aBB/TbbqjRcHA+KqBrsZuDPwe7d
k0pG5VTA/WA0WzHUPvLZuFoqBA==
-----END CERTIFICATE-----
Generated at Sun Jun 15 03:15:32 2025 by rpki-client