Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/BHayuI26gWOtd4tVTcyWUtL_KsI.roa
File: BHayuI26gWOtd4tVTcyWUtL_KsI.roa (raw, json)
Hash identifier: mM7A7KdCPW/N1gVjO1cSoeeoCT1fhuIdOyU/L+wSUl8=
Subject key identifier: 04:76:B2:B8:8D:BA:81:63:AD:77:8B:55:4D:CC:96:52:D2:FF:2A:C2
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018793E9BC09BD53AF426B00CD3C23FBDBDE
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/BHayuI26gWOtd4tVTcyWUtL_KsI.roa
Signing time: Tue 18 Apr 2023 10:29:41 +0000
ROA not before: Tue 18 Apr 2023 10:29:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.90.17.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.240.123.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
176.125.248.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.108.204.0/24 maxlen: 24
185.108.205.0/24 maxlen: 24
194.5.64.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:93:e9:bc:09:bd:53:af:42:6b:00:cd:3c:23:fb:db:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Apr 18 10:29:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0476b2b88dba8163ad778b554dcc9652d2ff2ac2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:7c:df:c7:f0:67:67:ce:56:24:8a:65:ed:2c:
e1:55:19:e4:6d:e2:de:8c:a1:06:a0:4b:5d:ac:25:
61:ae:b9:74:9c:5b:a2:a7:da:3c:78:35:20:d4:ff:
6f:1a:c6:54:ec:b4:bf:0d:bf:62:33:85:8c:5c:29:
d9:82:28:50:4f:a4:e1:f3:97:3e:08:57:fb:bc:21:
70:33:97:2b:3c:b6:5e:7a:c6:eb:43:1e:aa:08:81:
48:8c:f8:17:0c:cc:9c:04:59:e8:fe:14:d2:26:18:
1f:24:bf:ac:0a:7e:30:ca:3b:5c:0c:f1:5b:23:fd:
97:03:b2:fa:24:43:31:b8:50:bd:3e:ca:a2:30:86:
b4:0c:de:55:dc:90:e0:77:17:3f:6d:b1:6f:25:4d:
19:67:bf:03:b5:0e:b8:9f:b7:b9:66:cf:96:c1:db:
fe:2b:56:f1:cc:04:ad:35:11:c8:de:2c:0a:67:10:
11:0d:65:c5:55:62:c9:63:36:37:96:1f:53:1f:56:
61:51:3d:4e:9d:45:93:4b:b9:05:55:93:41:8c:90:
a2:4b:2b:2b:77:28:0e:52:1f:3d:1f:9d:fe:1d:b1:
29:a8:73:09:af:06:bd:cc:d7:fb:41:eb:45:2d:7f:
0f:e4:25:b8:9c:71:9a:58:5f:0b:c4:15:8d:0f:f8:
11:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:76:B2:B8:8D:BA:81:63:AD:77:8B:55:4D:CC:96:52:D2:FF:2A:C2
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/BHayuI26gWOtd4tVTcyWUtL_KsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.17.0/24
45.147.224.0/24
176.125.248.0/24
185.108.204.0/23
185.126.82.0/24
185.218.20.0/24
185.225.0.0/23
185.240.123.0/24
194.5.64.0/24
Signature Algorithm: sha256WithRSAEncryption
55:a7:9d:91:bf:45:1c:03:11:e0:ba:66:1b:77:d3:37:17:6d:
8f:d5:b1:06:03:f4:52:aa:0e:d8:8a:ab:4c:a5:b2:bf:e6:27:
43:e9:03:9d:10:08:bc:10:df:14:99:10:a6:49:4c:22:ab:90:
a7:10:06:15:0c:a2:da:6a:fb:58:ce:16:c1:0b:f1:d0:b6:88:
3a:0b:a8:db:48:79:a1:87:1f:78:9b:15:fb:09:a0:6b:53:9e:
94:47:48:84:e3:1e:4d:78:8c:55:6f:f7:7d:e6:a0:11:cf:16:
47:e1:08:9b:4b:f6:4e:1f:e8:99:76:a3:8a:77:9b:3c:56:89:
64:1d:13:6d:c0:31:dd:5b:51:fd:2f:65:92:9b:bb:fe:c1:01:
81:45:af:4e:6a:81:97:97:8f:67:bd:10:eb:a2:e4:8d:f4:bb:
3c:e2:5e:82:e5:37:9f:f0:1f:56:34:38:ac:bd:63:c6:12:e7:
36:61:6a:d5:81:6c:ff:72:e5:aa:df:9f:39:55:34:39:20:e6:
fd:6f:36:38:c1:3d:c4:79:37:2e:13:18:95:ae:cd:b0:fa:e2:
b0:9a:fd:8c:f5:51:c0:37:ee:84:f6:4d:b7:0f:c3:6d:49:e4:
63:f8:a3:f2:49:06:f3:17:7f:0d:56:b4:dc:05:c2:13:42:5f:
a4:e1:ce:20
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYeT6bwJvVOvQmsAzTwj+9veMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNDE4MTAyOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDc2YjJiODhkYmE4MTYzYWQ3NzhiNTU0ZGNjOTY1MmQyZmYyYWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3zfx/BnZ85WJIpl7SzhVRnkbeLe
jKEGoEtdrCVhrrl0nFuip9o8eDUg1P9vGsZU7LS/Db9iM4WMXCnZgihQT6Th85c+
CFf7vCFwM5crPLZeesbrQx6qCIFIjPgXDMycBFno/hTSJhgfJL+sCn4wyjtcDPFb
I/2XA7L6JEMxuFC9PsqiMIa0DN5V3JDgdxc/bbFvJU0ZZ78DtQ64n7e5Zs+Wwdv+
K1bxzAStNRHI3iwKZxARDWXFVWLJYzY3lh9TH1ZhUT1OnUWTS7kFVZNBjJCiSysr
dygOUh89H53+HbEpqHMJrwa9zNf7QetFLX8P5CW4nHGaWF8LxBWND/gRRwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFAR2sriNuoFjrXeLVU3MllLS/yrCMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvQkhheXVJMjZnV090ZDR0VlRjeVdVdExfS3NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALVoRAwQA
LZPgAwQAsH34AwQBuWzMAwQAuX5SAwQAudoUAwQBueEAAwQAufB7AwQAwgVAMA0G
CSqGSIb3DQEBCwUAA4IBAQBVp52Rv0UcAxHgumYbd9M3F22P1bEGA/RSqg7YiqtM
pbK/5idD6QOdEAi8EN8UmRCmSUwiq5CnEAYVDKLaavtYzhbBC/HQtog6C6jbSHmh
hx94mxX7CaBrU56UR0iE4x5NeIxVb/d95qARzxZH4QibS/ZOH+iZdqOKd5s8Volk
HRNtwDHdW1H9L2WSm7v+wQGBRa9OaoGXl49nvRDrouSN9Ls84l6C5Tef8B9WNDis
vWPGEuc2YWrVgWz/cuWq3585VTQ5IOb9bzY4wT3EeTcuExiVrs2w+uKwmv2M9VHA
N+6E9k23D8NtSeRj+KPySQbzF38NVrTcBcITQl+k4c4g
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:36:23 2025 by rpki-client