Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/bCbjmFS0o38NKpJpYmnDJs9IzNY.roa
File: bCbjmFS0o38NKpJpYmnDJs9IzNY.roa (raw, json)
Hash identifier: fXjgT7euhhFgSwiNhcNeSWlooNWQOoLJhboBUVEcWoY=
Subject key identifier: 6C:26:E3:98:54:B4:A3:7F:0D:2A:92:69:62:69:C3:26:CF:48:CC:D6
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 018A3665DB780AF9B4717DC643688F5FD58C
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/bCbjmFS0o38NKpJpYmnDJs9IzNY.roa
Signing time: Sun 27 Aug 2023 09:49:19 +0000
ROA not before: Sun 27 Aug 2023 09:49:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48147
IP address blocks: 78.39.47.0/24 maxlen: 24
2.189.254.0/23 maxlen: 23
2.189.58.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:36:65:db:78:0a:f9:b4:71:7d:c6:43:68:8f:5f:d5:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Aug 27 09:49:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c26e39854b4a37f0d2a92696269c326cf48ccd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:97:37:f1:b3:de:a1:a6:33:a4:db:69:ed:81:
70:59:ae:67:74:c0:ef:02:09:42:98:8f:c2:8a:e0:
83:e6:19:28:aa:28:b4:33:cf:2b:80:cb:6b:82:d9:
45:99:8b:5f:9a:a4:a1:f8:4d:ee:90:b2:5d:3b:68:
5c:f4:bb:3b:9d:7b:c8:b3:b2:80:0c:a7:3a:00:49:
a8:e1:3c:83:75:23:ca:4d:70:69:fc:03:a7:34:a0:
a1:a5:27:5b:c9:ff:b5:11:56:a7:f4:9b:d6:d7:a9:
a4:db:52:af:27:7d:19:96:b3:04:20:fd:da:6e:38:
22:bc:05:2d:ad:a0:5b:1e:b9:d5:01:8c:ea:4b:43:
6c:be:b9:7d:87:40:9b:f4:cb:21:00:7b:44:1c:09:
a5:ca:1b:91:4f:a9:7e:68:aa:35:72:65:77:25:f2:
8c:b2:2a:7b:42:e2:ae:8f:e5:5c:24:58:2a:a0:53:
81:a4:d0:77:68:65:77:8a:dc:39:99:22:38:4f:d5:
85:0a:6b:90:37:25:98:ad:cd:22:62:b2:c7:c6:c3:
2a:a7:1e:33:fd:e3:53:e3:e1:df:14:1d:47:70:f2:
50:f5:17:48:d7:1b:7e:88:18:50:76:5e:a2:b5:89:
ae:e3:d9:9c:c2:f1:27:49:de:12:c6:e3:be:8e:ab:
6d:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:26:E3:98:54:B4:A3:7F:0D:2A:92:69:62:69:C3:26:CF:48:CC:D6
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/bCbjmFS0o38NKpJpYmnDJs9IzNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.189.58.0/24
2.189.254.0/23
78.39.47.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:1c:bd:bc:d3:3c:5e:1c:90:77:79:61:d5:e3:a0:44:24:05:
5e:b4:ff:bd:61:66:8a:31:1a:76:94:1f:14:78:8e:bd:ad:81:
f3:09:3a:45:c6:da:f7:38:13:b2:50:e5:af:7c:87:9c:70:01:
ba:71:c2:2d:fe:51:87:52:de:89:5e:ee:6c:72:3d:aa:56:8a:
27:70:d0:e6:83:09:02:10:0f:79:8f:f5:f3:9d:0e:af:ce:3a:
aa:55:ce:db:9c:5a:21:35:c4:ce:2a:bc:07:5d:6d:70:59:73:
b6:ef:3e:9d:8f:ad:b7:81:3d:0b:0d:0c:cc:52:8f:6c:0f:d3:
db:0d:99:a5:36:30:ef:e8:07:5a:df:67:71:96:f6:85:bd:a8:
59:bb:f8:da:82:91:7f:91:1e:57:91:79:73:a2:e7:29:5a:e7:
6a:a0:ee:0d:c5:c3:cc:52:51:53:9b:d0:85:ca:12:a3:6c:2b:
69:21:c5:ad:66:13:fa:79:71:7c:54:89:60:d6:58:4c:70:a3:
c8:18:8f:42:3a:53:01:3e:7a:ac:be:36:49:47:ba:24:6f:f3:
1b:70:f6:e5:ed:6b:c6:8a:d5:ef:14:1e:5c:8c:76:5b:ab:ee:
04:9a:95:7f:de:2a:bb:5a:a1:97:2d:c5:5d:91:9f:d8:76:15:
6a:8a:43:60
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYo2Zdt4Cvm0cX3GQ2iPX9WMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwODI3MDk0OTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzI2ZTM5ODU0YjRhMzdmMGQyYTkyNjk2MjY5YzMyNmNmNDhjY2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspc38bPeoaYzpNtp7YFwWa5ndMDv
AglCmI/CiuCD5hkoqii0M88rgMtrgtlFmYtfmqSh+E3ukLJdO2hc9Ls7nXvIs7KA
DKc6AEmo4TyDdSPKTXBp/AOnNKChpSdbyf+1EVan9JvW16mk21KvJ30ZlrMEIP3a
bjgivAUtraBbHrnVAYzqS0Nsvrl9h0Cb9MshAHtEHAmlyhuRT6l+aKo1cmV3JfKM
sip7QuKuj+VcJFgqoFOBpNB3aGV3itw5mSI4T9WFCmuQNyWYrc0iYrLHxsMqpx4z
/eNT4+HfFB1HcPJQ9RdI1xt+iBhQdl6itYmu49mcwvEnSd4SxuO+jqttaQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGwm45hUtKN/DSqSaWJpwybPSMzWMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvYkNiam1GUzBvMzhOS3BKcFltbkRKczlJek5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAr06AwQB
Ar3+AwQATicvMA0GCSqGSIb3DQEBCwUAA4IBAQCMHL280zxeHJB3eWHV46BEJAVe
tP+9YWaKMRp2lB8UeI69rYHzCTpFxtr3OBOyUOWvfIeccAG6ccIt/lGHUt6JXu5s
cj2qVooncNDmgwkCEA95j/XznQ6vzjqqVc7bnFohNcTOKrwHXW1wWXO27z6dj623
gT0LDQzMUo9sD9PbDZmlNjDv6Ada32dxlvaFvahZu/jagpF/kR5XkXlzoucpWudq
oO4NxcPMUlFTm9CFyhKjbCtpIcWtZhP6eXF8VIlg1lhMcKPIGI9COlMBPnqsvjZJ
R7okb/MbcPbl7WvGitXvFB5cjHZbq+4EmpV/3iq7WqGXLcVdkZ/YdhVqikNg
-----END CERTIFICATE-----
Generated at Wed Apr 30 23:57:03 2025 by rpki-client