Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/bgfXZdO8SDsIYYVeeYqEfYcLW5s.roa
File: bgfXZdO8SDsIYYVeeYqEfYcLW5s.roa (raw, json)
Hash identifier: 5T2rEglu5hNK3l2WUiUcy2teEefMaYYJ/Ab/KuYVEEY=
Subject key identifier: 6E:07:D7:65:D3:BC:48:3B:08:61:85:5E:79:8A:84:7D:87:0B:5B:9B
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018BE180E6E21B70ADDE23525E8A8C1B1E7A
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/bgfXZdO8SDsIYYVeeYqEfYcLW5s.roa
Signing time: Sat 18 Nov 2023 08:16:43 +0000
ROA not before: Sat 18 Nov 2023 08:16:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39543
IP address blocks: 195.28.2.0/23 maxlen: 23
193.19.192.0/22 maxlen: 22
193.19.192.0/24 maxlen: 24
89.34.227.0/24 maxlen: 24
193.19.193.0/24 maxlen: 24
193.19.195.0/24 maxlen: 24
193.19.194.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.47.96.0/24 maxlen: 24
89.47.96.0/20 maxlen: 20
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
89.47.100.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.35.158.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.112.0/20 maxlen: 20
89.47.113.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.114.0/24 maxlen: 24
89.47.118.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
89.34.27.0/24 maxlen: 24
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:e1:80:e6:e2:1b:70:ad:de:23:52:5e:8a:8c:1b:1e:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Nov 18 08:16:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e07d765d3bc483b0861855e798a847d870b5b9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d5:b4:8a:3a:17:31:ca:09:f3:ea:24:73:f2:
03:fe:d3:c1:ac:06:3a:1b:d4:03:d2:39:e4:4b:10:
c1:18:9d:08:4f:fc:db:f7:bd:22:6d:38:c4:60:5f:
ec:56:b0:1e:7a:26:05:63:94:64:96:11:e7:f6:6d:
29:a0:4e:03:79:84:b1:96:5a:d0:85:a1:20:c7:0c:
4c:77:d0:01:dd:f6:a9:96:8a:2c:af:a1:a3:5b:90:
d0:73:b8:0f:bb:8a:17:98:6d:80:ba:b6:85:d4:ec:
58:fe:21:78:11:25:d8:b2:9a:fb:df:72:fd:a3:87:
70:f0:94:f1:b1:4a:c0:b1:4f:2a:27:f0:96:36:b5:
3f:20:a2:94:aa:72:ed:0b:33:59:63:fc:02:97:0f:
43:d6:68:61:4d:5f:0b:cf:2d:88:fc:1b:54:86:dd:
14:3e:36:c5:96:6d:56:d3:d6:6e:af:63:29:5c:a3:
fa:b4:84:8d:14:b8:e0:31:8d:89:6b:b1:3c:4b:ad:
b8:84:16:de:e4:b9:fc:ce:c3:1b:c1:28:ae:f5:8c:
f8:79:c9:47:49:ef:18:31:e4:43:07:21:40:f9:6f:
5d:c2:6c:85:f2:71:28:2e:6d:6b:25:b1:1d:34:07:
08:ad:67:be:4a:f5:ed:f8:70:6e:20:54:cd:29:62:
61:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:07:D7:65:D3:BC:48:3B:08:61:85:5E:79:8A:84:7D:87:0B:5B:9B
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/bgfXZdO8SDsIYYVeeYqEfYcLW5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.27.0/24
89.34.227.0/24
89.35.158.0/24
89.39.111.0/24
89.40.67.0/24
89.45.164.0/24
89.47.96.0/19
93.113.204.0/24
93.114.79.0/24
93.114.194.0/24
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
1d:7b:b5:81:6e:32:99:4e:f7:0e:06:a0:56:a8:8a:d1:d5:c0:
c5:4f:b0:57:10:16:8c:e2:49:98:02:34:85:32:fd:85:41:4b:
c2:55:5e:dd:7d:44:3d:2c:74:77:54:1f:66:ea:f5:9f:2d:a5:
25:e1:33:9d:82:7b:91:9e:a7:d7:80:13:d3:36:77:cc:1e:c5:
5c:2e:22:ee:d7:a5:a1:4e:88:fc:88:7d:bd:14:8d:ec:31:3b:
8e:a1:d9:18:1e:30:34:1d:b0:64:37:65:d1:b1:35:5d:ef:c9:
b5:02:a3:c0:2e:46:ee:af:29:24:ea:b9:17:90:95:07:50:87:
3a:af:d1:3f:c4:88:70:5b:0d:71:a4:07:93:78:37:94:c3:07:
da:b3:fb:5f:78:bb:31:d8:dd:81:d3:92:09:b3:a1:70:5b:e1:
8c:28:77:98:2f:3e:4a:b8:47:00:52:c7:bd:cd:49:58:e0:91:
8a:14:91:63:1a:ef:4b:d9:c8:78:07:d2:cd:cf:14:b5:81:cc:
f9:ab:74:86:f8:7e:44:63:9d:c4:7d:e3:b5:2b:1e:2a:e6:24:
b6:36:d6:1a:e7:1a:25:16:3e:05:0f:55:f8:e4:81:f4:57:94:
10:6b:98:57:62:e9:31:f9:01:60:6b:7a:be:dc:d8:d3:2b:b4:
cd:e1:7d:98
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYvhgObiG3Ct3iNSXoqMGx56MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMTE4MDgxNjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTA3ZDc2NWQzYmM0ODNiMDg2MTg1NWU3OThhODQ3ZDg3MGI1YjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9W0ijoXMcoJ8+okc/ID/tPBrAY6
G9QD0jnkSxDBGJ0IT/zb970ibTjEYF/sVrAeeiYFY5RklhHn9m0poE4DeYSxllrQ
haEgxwxMd9AB3faploosr6GjW5DQc7gPu4oXmG2AuraF1OxY/iF4ESXYspr733L9
o4dw8JTxsUrAsU8qJ/CWNrU/IKKUqnLtCzNZY/wClw9D1mhhTV8Lzy2I/BtUht0U
PjbFlm1W09Zur2MpXKP6tISNFLjgMY2Ja7E8S624hBbe5Ln8zsMbwSiu9Yz4eclH
Se8YMeRDByFA+W9dwmyF8nEoLm1rJbEdNAcIrWe+SvXt+HBuIFTNKWJhnwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFG4H12XTvEg7CGGFXnmKhH2HC1ubMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvYmdmWFpkTzhTRHNJWVlWZWVZcUVmWWNMVzVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQAWSIbAwQA
WSLjAwQAWSOeAwQAWSdvAwQAWShDAwQAWS2kAwQFWS9gAwQAXXHMAwQAXXJPAwQA
XXLCAwQCwRPAAwQBwxwCMA0EAgACMAcDBQAgAU0YMA0GCSqGSIb3DQEBCwUAA4IB
AQAde7WBbjKZTvcOBqBWqIrR1cDFT7BXEBaM4kmYAjSFMv2FQUvCVV7dfUQ9LHR3
VB9m6vWfLaUl4TOdgnuRnqfXgBPTNnfMHsVcLiLu16WhToj8iH29FI3sMTuOodkY
HjA0HbBkN2XRsTVd78m1AqPALkburykk6rkXkJUHUIc6r9E/xIhwWw1xpAeTeDeU
wwfas/tfeLsx2N2B05IJs6FwW+GMKHeYLz5KuEcAUse9zUlY4JGKFJFjGu9L2ch4
B9LNzxS1gcz5q3SG+H5EY53EfeO1Kx4q5iS2NtYa5xolFj4FD1X45IH0V5QQa5hX
Yukx+QFga3q+3NjTK7TN4X2Y
-----END CERTIFICATE-----
Generated at Mon Apr 28 03:47:16 2025 by rpki-client