Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/2ce520-ec07-45ef-b587-a2abdadf5f90/1/O_BFbZJVgq9JH2mleT8TCRHVSCY.roa
File: O_BFbZJVgq9JH2mleT8TCRHVSCY.roa (raw, json)
Hash identifier: YMnbRZC79uge3QkWK/1FP+q4DKQgDedBv/aaqv56fk8=
Subject key identifier: 3B:F0:45:6D:92:55:82:AF:49:1F:69:A5:79:3F:13:09:11:D5:48:26
Certificate issuer: /CN=d25b90b8981b591d75a7e935e1304a74075602fd
Certificate serial: 018934F35C2B4BDF090C860D452D408253C1
Authority key identifier: D2:5B:90:B8:98:1B:59:1D:75:A7:E9:35:E1:30:4A:74:07:56:02:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0luQuJgbWR11p-k14TBKdAdWAv0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/2ce520-ec07-45ef-b587-a2abdadf5f90/1/O_BFbZJVgq9JH2mleT8TCRHVSCY.roa
Signing time: Sat 08 Jul 2023 10:01:51 +0000
ROA not before: Sat 08 Jul 2023 10:01:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205798
IP address blocks: 193.141.109.0/24 maxlen: 24
193.141.121.0/24 maxlen: 24
193.142.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:34:f3:5c:2b:4b:df:09:0c:86:0d:45:2d:40:82:53:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d25b90b8981b591d75a7e935e1304a74075602fd
Validity
Not Before: Jul 8 10:01:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bf0456d925582af491f69a5793f130911d54826
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:64:9e:18:24:a3:bc:33:12:79:5a:29:a5:de:
ae:c3:ea:35:38:f0:11:5b:0f:eb:3c:e9:b0:92:26:
3c:3e:fc:ef:ce:e9:28:3f:f5:27:1f:ea:ef:d6:5c:
71:ba:97:9a:af:6a:d1:16:58:b0:d9:20:bc:d8:10:
2b:17:e5:ec:57:e2:9e:94:01:1c:d3:1b:6d:8d:dd:
e9:45:f5:6e:e3:20:50:bb:0a:e3:37:34:b5:a0:14:
ae:68:cc:d1:ff:69:bf:c5:51:1c:0b:ad:06:3e:f8:
5b:28:8b:fe:2e:d6:0b:a7:29:3f:ab:26:ee:62:a1:
2b:65:4c:1c:c1:a8:ea:88:0f:50:8e:f2:a2:19:71:
fc:8b:8b:46:8b:11:3d:7e:eb:a3:7a:f5:5e:f7:31:
9e:59:ad:7c:34:69:8d:df:df:d1:a6:e8:e3:2d:43:
51:5f:3c:c1:b2:e5:bd:ea:35:98:16:4d:26:73:a6:
14:26:40:95:50:f3:b1:c9:2f:9a:20:a7:9b:02:9a:
2e:d4:61:a7:32:07:a4:ba:41:0f:42:cc:d6:79:06:
27:6f:07:ac:68:0b:fc:d8:cc:d1:f2:f7:f3:77:63:
20:24:da:15:e6:75:55:6b:1b:d2:18:d7:68:23:c4:
8d:78:33:22:4b:5a:30:42:8f:8b:4c:e4:5c:e3:29:
46:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:F0:45:6D:92:55:82:AF:49:1F:69:A5:79:3F:13:09:11:D5:48:26
X509v3 Authority Key Identifier:
keyid:D2:5B:90:B8:98:1B:59:1D:75:A7:E9:35:E1:30:4A:74:07:56:02:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0luQuJgbWR11p-k14TBKdAdWAv0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/2ce520-ec07-45ef-b587-a2abdadf5f90/1/O_BFbZJVgq9JH2mleT8TCRHVSCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/2ce520-ec07-45ef-b587-a2abdadf5f90/1/0luQuJgbWR11p-k14TBKdAdWAv0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.141.109.0/24
193.141.121.0/24
193.142.3.0/24
Signature Algorithm: sha256WithRSAEncryption
80:60:19:c0:c0:7b:bb:af:34:74:e1:00:ce:b8:5e:c6:5b:62:
7b:94:bb:5f:49:15:3e:3d:3c:3a:ca:a1:86:c2:fd:57:98:10:
55:0f:b5:71:55:bb:f5:53:13:33:55:89:33:f6:c7:0f:85:2f:
0b:06:28:d8:cb:cb:80:ad:82:9f:1d:3d:d4:de:15:2f:42:b2:
3b:c6:a6:65:30:5d:0a:db:26:cb:46:bb:f7:86:da:3d:21:8f:
96:b9:0e:0b:b6:be:62:47:28:5c:d2:0f:65:78:0b:b0:ed:c0:
16:7e:f3:05:4f:ee:0c:16:99:22:f6:cd:1f:41:c2:fa:6b:b8:
a9:bf:b5:53:8f:7f:37:c7:44:11:84:89:e0:86:3c:0e:9c:4a:
b8:85:d8:1a:a2:2b:74:05:3a:b7:f8:48:b4:f3:28:7b:70:58:
75:1a:0c:a9:fb:8e:3d:d0:a5:21:ce:7c:3b:69:c4:e3:28:c6:
ed:2e:e1:5e:cb:49:5b:46:04:48:79:3b:5b:c6:ce:31:2e:47:
cc:fc:38:57:22:f5:ca:91:42:8e:af:a8:63:9e:15:df:2f:09:
32:d0:0d:65:2a:bb:e3:ac:b7:8d:60:33:15:36:30:98:58:a1:
41:78:91:f9:77:a8:11:58:e5:a4:96:e4:7d:1f:ca:7d:e1:2f:
c4:0e:7b:f5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYk081wrS98JDIYNRS1AglPBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNWI5MGI4OTgxYjU5MWQ3NWE3ZTkzNWUxMzA0YTc0MDc1
NjAyZmQwHhcNMjMwNzA4MTAwMTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmYwNDU2ZDkyNTU4MmFmNDkxZjY5YTU3OTNmMTMwOTExZDU0ODI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmSeGCSjvDMSeVoppd6uw+o1OPAR
Ww/rPOmwkiY8PvzvzukoP/UnH+rv1lxxupear2rRFliw2SC82BArF+XsV+KelAEc
0xttjd3pRfVu4yBQuwrjNzS1oBSuaMzR/2m/xVEcC60GPvhbKIv+LtYLpyk/qybu
YqErZUwcwajqiA9QjvKiGXH8i4tGixE9fuujevVe9zGeWa18NGmN39/RpujjLUNR
XzzBsuW96jWYFk0mc6YUJkCVUPOxyS+aIKebApou1GGnMgekukEPQszWeQYnbwes
aAv82MzR8vfzd2MgJNoV5nVVaxvSGNdoI8SNeDMiS1owQo+LTORc4ylGOwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDvwRW2SVYKvSR9ppXk/EwkR1UgmMB8GA1UdIwQY
MBaAFNJbkLiYG1kddafpNeEwSnQHVgL9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGx1UXVKZ2JXUjExcC1rMTRUQktkQWRXQXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8yY2U1MjAtZWMwNy00NWVmLWI1ODct
YTJhYmRhZGY1ZjkwLzEvT19CRmJaSlZncTlKSDJtbGVUOFRDUkhWU0NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8yY2U1MjAtZWMwNy00NWVmLWI1ODctYTJhYmRhZGY1Zjkw
LzEvMGx1UXVKZ2JXUjExcC1rMTRUQktkQWRXQXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwY1tAwQA
wY15AwQAwY4DMA0GCSqGSIb3DQEBCwUAA4IBAQCAYBnAwHu7rzR04QDOuF7GW2J7
lLtfSRU+PTw6yqGGwv1XmBBVD7VxVbv1UxMzVYkz9scPhS8LBijYy8uArYKfHT3U
3hUvQrI7xqZlMF0K2ybLRrv3hto9IY+WuQ4Ltr5iRyhc0g9leAuw7cAWfvMFT+4M
Fpki9s0fQcL6a7ipv7VTj383x0QRhInghjwOnEq4hdgaoit0BTq3+Ei08yh7cFh1
Ggyp+4490KUhznw7acTjKMbtLuFey0lbRgRIeTtbxs4xLkfM/DhXIvXKkUKOr6hj
nhXfLwky0A1lKrvjrLeNYDMVNjCYWKFBeJH5d6gRWOWkluR9H8p94S/EDnv1
-----END CERTIFICATE-----
Generated at Sun Jun 15 08:59:27 2025 by rpki-client