Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BaFzXM84H3J3wXakyL1zEnJ1tlc.roa
File: BaFzXM84H3J3wXakyL1zEnJ1tlc.roa (raw, json)
Hash identifier: q3Tv4HV+L9kOlg4tZ5P80XDDA3LeHL5OquZHzp8R0Dk=
Subject key identifier: 05:A1:73:5C:CF:38:1F:72:77:C1:76:A4:C8:BD:73:12:72:75:B6:57
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184F62D642F34BB16A99DC3DE024016BA7D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BaFzXM84H3J3wXakyL1zEnJ1tlc.roa
Signing time: Fri 09 Dec 2022 09:18:00 +0000
ROA not before: Fri 09 Dec 2022 09:18:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211415
IP address blocks: 192.124.173.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f6:2d:64:2f:34:bb:16:a9:9d:c3:de:02:40:16:ba:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 9 09:18:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=05a1735ccf381f7277c176a4c8bd73127275b657
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:7f:ab:b3:01:54:cd:5c:a8:d1:2c:ab:0b:dc:
1f:d6:1a:58:3b:ad:a7:c5:e5:59:a5:76:f6:ec:f4:
72:08:5c:66:25:bf:e6:5e:cb:b7:ca:f3:e2:9e:7d:
08:e8:80:5a:ce:4d:d1:94:02:4c:f5:69:1f:3d:a5:
5e:ef:ed:e6:c8:cf:5b:a2:98:f3:2e:0f:fc:ec:80:
2b:15:45:41:83:41:c3:33:8e:6f:70:d0:9d:2a:c7:
46:67:cb:9b:2c:4a:25:e1:e5:11:f3:fc:89:b7:68:
a8:82:06:62:38:0c:c3:e7:9e:c9:04:cc:a4:e1:f3:
5b:c6:f3:78:a6:91:48:0d:9a:35:ab:60:7c:a0:f2:
76:83:4c:ff:a3:22:20:88:31:91:a1:eb:6d:64:1b:
b3:1c:73:64:d7:7d:85:b3:91:11:86:79:69:3e:74:
73:29:ac:e7:17:c1:c4:b2:b7:10:a1:8a:89:3c:7c:
27:aa:77:cf:a7:70:ac:50:68:3c:ec:31:dc:2a:b7:
00:27:b3:c0:de:c6:69:4e:76:bf:03:b5:f6:dd:1c:
75:8a:98:e4:00:53:df:93:92:d5:fc:c7:25:26:c8:
60:bb:d7:16:78:46:61:e2:90:58:a4:c6:6b:9f:c9:
83:b8:b3:6c:64:a6:2c:89:c0:b9:b1:16:53:c3:f5:
e4:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:A1:73:5C:CF:38:1F:72:77:C1:76:A4:C8:BD:73:12:72:75:B6:57
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BaFzXM84H3J3wXakyL1zEnJ1tlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.173.0/24
Signature Algorithm: sha256WithRSAEncryption
07:c7:36:48:37:df:f8:15:6b:ea:20:0d:b8:1b:13:0c:26:d7:
f5:99:7e:8f:55:b1:0b:02:af:3b:3d:73:5c:39:e0:84:60:07:
e6:b3:e1:f5:51:a6:33:2f:4a:67:21:0b:f8:50:e8:e4:7d:dc:
b2:31:85:f4:03:21:9b:37:95:21:f2:eb:4c:f5:05:4f:82:b8:
9f:b4:18:f5:b1:c2:78:ba:51:fa:23:f9:71:48:6c:79:75:c4:
dc:b2:63:0a:0f:13:3a:2b:d8:76:30:43:9d:3b:a0:73:f3:2b:
0c:78:52:d5:be:81:c0:26:c1:23:e7:f1:cd:6e:9f:37:4f:62:
82:fd:d5:71:e9:1a:2d:71:f1:6f:81:0f:57:8b:e8:44:73:3b:
9b:ed:47:ad:ab:4b:23:1d:62:4c:ee:5f:6b:77:6a:70:60:c7:
23:c3:66:d2:61:c1:a8:79:44:a2:40:22:40:08:aa:ac:2b:e6:
66:37:dc:dc:55:fc:fd:07:33:a3:26:2c:e4:d0:20:cc:d1:e9:
a4:7c:02:6f:62:ff:25:68:da:a9:b8:75:11:bf:bd:31:d1:80:
87:2a:c8:3a:02:8c:2d:59:c1:22:88:5d:57:6c:dc:d1:87:39:
16:ed:6c:24:d9:42:74:2c:da:a6:d5:7d:76:75:7b:96:96:91:
66:bd:13:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYT2LWQvNLsWqZ3D3gJAFrp9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjA5MDkxODAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWExNzM1Y2NmMzgxZjcyNzdjMTc2YTRjOGJkNzMxMjcyNzViNjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA03+rswFUzVyo0SyrC9wf1hpYO62n
xeVZpXb27PRyCFxmJb/mXsu3yvPinn0I6IBazk3RlAJM9WkfPaVe7+3myM9bopjz
Lg/87IArFUVBg0HDM45vcNCdKsdGZ8ubLEol4eUR8/yJt2ioggZiOAzD557JBMyk
4fNbxvN4ppFIDZo1q2B8oPJ2g0z/oyIgiDGRoettZBuzHHNk132Fs5ERhnlpPnRz
KaznF8HEsrcQoYqJPHwnqnfPp3CsUGg87DHcKrcAJ7PA3sZpTna/A7X23Rx1ipjk
AFPfk5LV/MclJshgu9cWeEZh4pBYpMZrn8mDuLNsZKYsicC5sRZTw/XkXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAWhc1zPOB9yd8F2pMi9cxJydbZXMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQmFGelhNODRIM0ozd1hha3lMMXpFbkoxdGxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwHytMA0G
CSqGSIb3DQEBCwUAA4IBAQAHxzZIN9/4FWvqIA24GxMMJtf1mX6PVbELAq87PXNc
OeCEYAfms+H1UaYzL0pnIQv4UOjkfdyyMYX0AyGbN5Uh8utM9QVPgriftBj1scJ4
ulH6I/lxSGx5dcTcsmMKDxM6K9h2MEOdO6Bz8ysMeFLVvoHAJsEj5/HNbp83T2KC
/dVx6RotcfFvgQ9Xi+hEczub7Uetq0sjHWJM7l9rd2pwYMcjw2bSYcGoeUSiQCJA
CKqsK+ZmN9zcVfz9BzOjJizk0CDM0emkfAJvYv8laNqpuHURv70x0YCHKsg6Aowt
WcEiiF1XbNzRhzkW7Wwk2UJ0LNqm1X12dXuWlpFmvROP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:08 2024 by rpki-client on console-fra.rpki-client.org