Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/BRj_QQqnouwJVMSI83IedgeGkVA.roa
File: BRj_QQqnouwJVMSI83IedgeGkVA.roa (raw, json)
Hash identifier: 32DVAPydfefjtgybQRwGf0z9Ui3fP7GHozw5vQYIo1E=
Subject key identifier: 05:18:FF:41:0A:A7:A2:EC:09:54:C4:88:F3:72:1E:76:07:86:91:50
Certificate issuer: /CN=b1a89b67c66debf5ded3f2880bb4941d30411257
Certificate serial: 01864F134E0377ECFA7D79CE3F13CC79FCBD
Authority key identifier: B1:A8:9B:67:C6:6D:EB:F5:DE:D3:F2:88:0B:B4:94:1D:30:41:12:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saibZ8Zt6_Xe0_KIC7SUHTBBElc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/BRj_QQqnouwJVMSI83IedgeGkVA.roa
Signing time: Tue 14 Feb 2023 08:38:30 +0000
ROA not before: Tue 14 Feb 2023 08:38:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7155
IP address blocks: 185.15.100.0/24 maxlen: 24
185.15.100.0/22 maxlen: 24
5.8.184.0/21 maxlen: 24
5.8.188.0/24 maxlen: 24
5.8.189.0/24 maxlen: 24
37.1.176.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4f:13:4e:03:77:ec:fa:7d:79:ce:3f:13:cc:79:fc:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a89b67c66debf5ded3f2880bb4941d30411257
Validity
Not Before: Feb 14 08:38:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0518ff410aa7a2ec0954c488f3721e7607869150
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d7:8a:6b:0d:ea:dc:e4:8d:9d:00:a3:d5:91:
1e:16:c1:03:d3:51:51:ee:47:b0:4f:15:c9:03:54:
0c:e3:ee:f1:f8:9b:c9:40:0f:1f:4e:fe:8c:94:78:
b5:4b:60:93:6a:b9:6c:90:09:d7:f6:a4:60:ea:56:
d5:84:e3:11:ce:23:f0:3c:7f:a2:e0:f7:d0:67:d8:
ba:a4:e3:03:2a:f7:e2:66:37:52:13:64:79:77:78:
85:07:01:1a:85:7c:2a:85:13:be:60:8f:68:22:86:
60:0a:16:fc:14:b0:f2:99:65:15:0c:e9:73:68:28:
cb:40:8f:03:51:cf:18:e2:6c:8d:9b:25:19:46:2e:
5a:ce:78:45:30:07:e7:24:3e:67:b4:f9:b3:04:a4:
95:b0:da:69:e9:22:3f:93:26:d7:76:93:cf:40:6b:
62:c8:fd:0e:f3:1c:6d:ea:88:31:6f:a3:62:41:6b:
dd:1e:7c:cc:52:88:b2:ec:38:20:ec:9c:ce:47:bd:
47:7a:66:31:a3:e7:07:81:e7:2f:6d:96:a3:e8:0a:
75:45:7e:b2:5c:9f:f9:f1:60:97:dc:94:71:21:3b:
5b:2a:f2:6f:8e:b9:95:43:dc:2c:70:36:57:90:fe:
46:95:85:ef:a6:68:48:33:14:90:0f:cb:e5:79:fd:
0c:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:18:FF:41:0A:A7:A2:EC:09:54:C4:88:F3:72:1E:76:07:86:91:50
X509v3 Authority Key Identifier:
keyid:B1:A8:9B:67:C6:6D:EB:F5:DE:D3:F2:88:0B:B4:94:1D:30:41:12:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saibZ8Zt6_Xe0_KIC7SUHTBBElc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/BRj_QQqnouwJVMSI83IedgeGkVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/saibZ8Zt6_Xe0_KIC7SUHTBBElc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.184.0/21
37.1.176.0/21
185.15.100.0/22
Signature Algorithm: sha256WithRSAEncryption
d0:68:e4:4b:53:7f:ed:44:94:a5:86:6b:c5:04:08:27:9d:32:
c7:06:11:b7:eb:d8:66:69:c4:fd:3d:9b:17:78:fb:26:85:7e:
ff:aa:fe:0b:af:cd:bc:1a:e7:a9:10:56:a8:84:6c:d9:3a:e1:
d5:c7:04:9a:e0:45:06:e2:e0:2e:ec:a6:76:bd:87:e5:c0:3f:
2d:89:c7:07:37:e4:27:12:a7:be:7d:ad:5f:a1:0a:b2:71:c0:
5e:57:5b:61:b3:0d:36:ab:66:54:c3:6b:bd:2e:a2:18:2d:8e:
42:1a:fb:68:17:3c:db:83:0a:53:ff:b5:38:f6:ab:fc:4e:8b:
73:af:f9:1e:64:af:70:c0:3b:f6:8f:9b:fc:7b:de:6a:78:c1:
e8:2c:57:a8:30:32:70:f7:12:36:db:66:a4:c3:a8:b1:12:d0:
8f:29:d5:2b:df:de:08:53:46:88:ba:3d:c3:e1:c2:1f:f8:88:
27:85:02:92:0e:33:78:2e:f6:73:93:67:2b:28:1e:6f:54:53:
58:78:f4:19:b9:fd:97:2a:7c:38:1c:fb:4e:8d:91:dd:a8:95:
51:98:f9:fd:4b:94:13:36:d1:6e:f1:91:38:9e:5a:e6:de:d9:
e8:af:94:56:ba:03:b4:fa:2d:c7:6d:c1:7d:26:f0:40:76:6e:
1d:3c:0b:97
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZPE04Dd+z6fXnOPxPMefy9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTg5YjY3YzY2ZGViZjVkZWQzZjI4ODBiYjQ5NDFkMzA0
MTEyNTcwHhcNMjMwMjE0MDgzODMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTE4ZmY0MTBhYTdhMmVjMDk1NGM0ODhmMzcyMWU3NjA3ODY5MTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NeKaw3q3OSNnQCj1ZEeFsED01FR
7kewTxXJA1QM4+7x+JvJQA8fTv6MlHi1S2CTarlskAnX9qRg6lbVhOMRziPwPH+i
4PfQZ9i6pOMDKvfiZjdSE2R5d3iFBwEahXwqhRO+YI9oIoZgChb8FLDymWUVDOlz
aCjLQI8DUc8Y4myNmyUZRi5aznhFMAfnJD5ntPmzBKSVsNpp6SI/kybXdpPPQGti
yP0O8xxt6ogxb6NiQWvdHnzMUoiy7Dgg7JzOR71HemYxo+cHgecvbZaj6Ap1RX6y
XJ/58WCX3JRxITtbKvJvjrmVQ9wscDZXkP5GlYXvpmhIMxSQD8vlef0M8wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAUY/0EKp6LsCVTEiPNyHnYHhpFQMB8GA1UdIwQY
MBaAFLGom2fGbev13tPyiAu0lB0wQRJXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FpYlo4WnQ2X1hlMF9LSUM3U1VIVEJCRWxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9iYzRkN2ItM2NiNy00ZjMzLTg5ZTct
MjEwMGJmMGYxNDBhLzEvQlJqX1FRcW5vdXdKVk1TSTgzSWVkZ2VHa1ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9iYzRkN2ItM2NiNy00ZjMzLTg5ZTctMjEwMGJmMGYxNDBh
LzEvc2FpYlo4WnQ2X1hlMF9LSUM3U1VIVEJCRWxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDBQi4AwQD
JQGwAwQCuQ9kMA0GCSqGSIb3DQEBCwUAA4IBAQDQaORLU3/tRJSlhmvFBAgnnTLH
BhG369hmacT9PZsXePsmhX7/qv4Lr828GuepEFaohGzZOuHVxwSa4EUG4uAu7KZ2
vYflwD8ticcHN+QnEqe+fa1foQqyccBeV1thsw02q2ZUw2u9LqIYLY5CGvtoFzzb
gwpT/7U49qv8Totzr/keZK9wwDv2j5v8e95qeMHoLFeoMDJw9xI222akw6ixEtCP
KdUr394IU0aIuj3D4cIf+IgnhQKSDjN4LvZzk2crKB5vVFNYePQZuf2XKnw4HPtO
jZHdqJVRmPn9S5QTNtFu8ZE4nlrm3tnor5RWugO0+i3HbcF9JvBAdm4dPAuX
-----END CERTIFICATE-----
Generated at Wed Apr 30 08:21:21 2025 by rpki-client