Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BLZ8eHQJ_5ZMYl2TfGgQxPpNysA.roa
File: BLZ8eHQJ_5ZMYl2TfGgQxPpNysA.roa (raw, json)
Hash identifier: k5xLqkHEru1USxNb1Ne7LqTM65sk0J3LVLUb64kiqZk=
Subject key identifier: 04:B6:7C:78:74:09:FF:96:4C:62:5D:93:7C:68:10:C4:FA:4D:CA:C0
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0183C5F4C6FE733C2D4C57B7AE9646B5697F
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BLZ8eHQJ_5ZMYl2TfGgQxPpNysA.roa
Signing time: Tue 11 Oct 2022 07:31:36 +0000
ROA not before: Tue 11 Oct 2022 07:31:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206216
IP address blocks: 194.87.169.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c5:f4:c6:fe:73:3c:2d:4c:57:b7:ae:96:46:b5:69:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 11 07:31:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=04b67c787409ff964c625d937c6810c4fa4dcac0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:aa:09:46:c2:a7:93:88:77:d8:3e:db:34:62:
be:24:67:f5:82:4f:73:2d:32:16:48:d4:48:5e:36:
c6:2b:89:1e:48:1e:cc:28:57:b9:5a:51:8f:15:84:
45:b4:5d:de:f2:1e:12:a5:71:f1:29:e5:e1:ae:8f:
a2:9e:f2:25:1d:a6:6f:5b:ce:b9:b5:1f:aa:48:76:
0e:82:8e:c7:a1:fa:50:f5:46:ff:7c:ac:83:8d:a5:
5c:a7:26:fa:0f:50:e5:7c:53:3e:89:5a:91:ce:e6:
f5:0e:59:fc:bd:41:a6:3c:27:aa:74:46:b0:87:2a:
ec:fc:8b:2c:04:a3:78:a3:d6:8a:93:de:b3:14:2a:
c6:c1:fa:65:3a:c0:fe:9f:ad:b5:65:b7:6c:dc:14:
98:ff:9c:a9:df:66:fb:4c:d6:17:12:61:d2:30:72:
fa:ca:3b:c4:93:9c:32:68:f3:a3:55:e8:32:ea:20:
53:e4:3c:3b:dc:e7:66:cd:4c:22:ac:ad:41:2b:4c:
14:e8:2a:a9:b4:0e:37:2d:e0:63:ce:80:6f:75:70:
4a:df:07:5d:d5:05:8b:49:e4:56:a2:77:3b:d9:e6:
19:2b:9e:7b:5b:ad:e1:fa:f6:81:27:1a:e1:97:12:
03:ab:ce:22:aa:c2:8a:0f:e0:83:c8:47:e2:d3:ce:
33:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:B6:7C:78:74:09:FF:96:4C:62:5D:93:7C:68:10:C4:FA:4D:CA:C0
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BLZ8eHQJ_5ZMYl2TfGgQxPpNysA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.169.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:1e:7f:01:24:17:55:79:dc:64:27:91:78:0f:85:b8:c2:ae:
40:72:d3:7a:a1:37:e9:d3:ec:a5:d1:b1:a8:16:3f:9d:c8:ad:
9d:a6:8b:0e:ab:88:ea:78:03:f6:35:ec:42:ea:5c:fa:21:dd:
b6:11:11:ab:e0:cb:5a:cf:09:ee:39:31:5e:3c:80:94:a0:34:
7c:3c:9d:78:9e:68:0e:0c:ab:de:47:ce:a8:a9:ca:44:ea:72:
3b:12:e3:2b:c1:e0:52:58:12:20:03:6a:89:ff:27:48:e8:93:
09:88:ae:aa:7a:28:a5:48:74:35:56:1c:ad:be:b2:1b:57:f8:
d3:1e:0f:74:b1:db:3f:f8:85:02:5a:76:19:8d:0b:8a:06:a8:
04:f6:b6:f8:4e:3a:e9:98:b0:ea:ec:92:6e:38:41:f9:f0:18:
9b:16:4b:2b:6a:dd:4e:31:26:a9:f9:f0:32:74:2b:83:ce:45:
1b:e3:95:a5:58:c2:ca:7a:46:09:e6:64:ba:48:3d:53:bd:d3:
64:c5:d4:4f:2a:49:6a:59:5f:06:9a:3e:ad:9a:8d:30:fa:c6:
e7:6f:0f:c7:53:4a:6e:35:d3:d2:c5:b9:e4:bb:f5:ba:0f:95:
ac:b7:28:b3:7c:36:19:30:66:c7:a9:f7:ce:7f:f8:16:b7:d0:
a0:ec:61:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPF9Mb+czwtTFe3rpZGtWl/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDExMDczMTM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGI2N2M3ODc0MDlmZjk2NGM2MjVkOTM3YzY4MTBjNGZhNGRjYWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6oJRsKnk4h32D7bNGK+JGf1gk9z
LTIWSNRIXjbGK4keSB7MKFe5WlGPFYRFtF3e8h4SpXHxKeXhro+invIlHaZvW865
tR+qSHYOgo7HofpQ9Ub/fKyDjaVcpyb6D1DlfFM+iVqRzub1Dln8vUGmPCeqdEaw
hyrs/IssBKN4o9aKk96zFCrGwfplOsD+n621Zbds3BSY/5yp32b7TNYXEmHSMHL6
yjvEk5wyaPOjVegy6iBT5Dw73OdmzUwirK1BK0wU6CqptA43LeBjzoBvdXBK3wdd
1QWLSeRWonc72eYZK557W63h+vaBJxrhlxIDq84iqsKKD+CDyEfi084zNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAS2fHh0Cf+WTGJdk3xoEMT6TcrAMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQkxaOGVIUUpfNVpNWWwyVGZHZ1F4UHBOeXNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlepMA0G
CSqGSIb3DQEBCwUAA4IBAQBLHn8BJBdVedxkJ5F4D4W4wq5ActN6oTfp0+yl0bGo
Fj+dyK2dposOq4jqeAP2NexC6lz6Id22ERGr4MtazwnuOTFePICUoDR8PJ14nmgO
DKveR86oqcpE6nI7EuMrweBSWBIgA2qJ/ydI6JMJiK6qeiilSHQ1VhytvrIbV/jT
Hg90sds/+IUCWnYZjQuKBqgE9rb4TjrpmLDq7JJuOEH58BibFksrat1OMSap+fAy
dCuDzkUb45WlWMLKekYJ5mS6SD1TvdNkxdRPKklqWV8Gmj6tmo0w+sbnbw/HU0pu
NdPSxbnku/W6D5WstyizfDYZMGbHqffOf/gWt9Cg7GHs
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:52 2023 by rpki-client on console-ams.rpki-client.org