Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/bqtnGFakgVpUOYCkL898e6SGYN0.roa
File: bqtnGFakgVpUOYCkL898e6SGYN0.roa (raw, json)
Hash identifier: ER4thfiPaSko86mny6c2C7cZeCv1oln2VIetZHKwAF4=
Subject key identifier: 6E:AB:67:18:56:A4:81:5A:54:39:80:A4:2F:CF:7C:7B:A4:86:60:DD
Certificate issuer: /CN=dc44e19e2bb4e7023cc1ba10d49b74ede4bf865c
Certificate serial: DF345B
Authority key identifier: DC:44:E1:9E:2B:B4:E7:02:3C:C1:BA:10:D4:9B:74:ED:E4:BF:86:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3EThniu05wI8wboQ1Jt07eS_hlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/bqtnGFakgVpUOYCkL898e6SGYN0.roa
Signing time: Sat 01 Jan 2022 08:02:07 +0000
ROA not before: Sat 01 Jan 2022 08:02:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199055
IP address blocks: 25.240.0.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14627931 (0xdf345b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc44e19e2bb4e7023cc1ba10d49b74ede4bf865c
Validity
Not Before: Jan 1 08:02:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6eab671856a4815a543980a42fcf7c7ba48660dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:79:90:43:0f:82:ec:27:af:89:15:eb:49:e0:
49:70:6a:4d:4b:d8:20:dc:44:2c:b1:3f:f8:4f:03:
23:62:fe:ab:d9:47:20:90:fb:4d:dc:65:32:0c:3b:
72:66:e9:00:4f:73:77:fa:80:86:a4:c9:a9:fa:cf:
c9:db:b5:af:ee:d8:05:55:81:2f:00:59:29:11:38:
fb:c0:2c:0f:4a:08:8c:0c:38:24:23:cb:ac:f3:3e:
e4:7c:33:26:c8:a9:11:7e:fb:d6:76:ba:42:99:03:
c9:ac:1e:8c:30:81:bd:aa:7d:19:06:9f:f5:4d:a7:
0e:ad:a7:ae:e4:1d:a6:05:73:ca:ad:62:44:f2:3d:
a5:ef:7e:37:f0:4c:dd:84:32:9d:ac:41:94:37:89:
80:c0:fc:c1:16:99:d7:34:80:3d:5f:f7:7c:75:7e:
c1:67:3d:61:88:81:ec:ea:99:b6:a6:ff:7b:c7:19:
cc:ca:57:4c:86:85:00:c2:d9:4d:b8:15:f5:fe:21:
a6:3a:08:24:67:70:b8:35:12:71:b4:a6:ee:08:39:
cc:3d:22:ce:e7:52:3e:83:0c:7c:6a:34:53:d7:41:
42:0d:c2:32:c1:a2:13:8b:14:69:1c:7c:79:d8:cc:
b4:74:b3:33:99:3c:62:6f:de:64:2b:82:39:af:88:
63:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:AB:67:18:56:A4:81:5A:54:39:80:A4:2F:CF:7C:7B:A4:86:60:DD
X509v3 Authority Key Identifier:
keyid:DC:44:E1:9E:2B:B4:E7:02:3C:C1:BA:10:D4:9B:74:ED:E4:BF:86:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3EThniu05wI8wboQ1Jt07eS_hlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/bqtnGFakgVpUOYCkL898e6SGYN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/3EThniu05wI8wboQ1Jt07eS_hlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
25.240.0.0/21
Signature Algorithm: sha256WithRSAEncryption
15:25:4e:70:c6:c5:77:9c:c6:05:db:28:d3:f4:e2:83:60:ce:
f6:49:fe:50:11:32:15:49:f5:30:80:30:0b:9d:02:39:f1:ac:
80:cd:83:cb:5d:60:4c:c4:91:5e:84:6e:d8:83:fe:33:f3:2d:
a7:8a:00:41:45:93:40:b4:9e:5b:13:4f:e6:49:cb:f6:14:a3:
6a:4a:fb:6e:7d:6f:e2:0c:6f:44:e1:03:c8:b7:0d:47:bd:4d:
f8:2c:9c:ef:27:b2:1b:e2:50:50:4d:92:e3:29:e3:5a:a8:0b:
32:ca:f8:46:73:31:45:3c:48:30:3a:4c:39:0a:3b:ce:51:db:
2d:03:96:ee:41:d8:5a:4b:02:63:c4:84:b1:61:e4:58:0a:72:
54:31:95:e2:a2:21:05:5a:b1:82:aa:59:fb:8b:64:19:7b:54:
60:80:5e:14:29:1a:c9:67:ea:9c:73:af:5e:6f:55:dd:72:77:
34:5d:ea:30:86:d8:5c:36:db:7e:86:71:b8:2a:cc:26:04:6d:
6d:bf:49:ce:86:45:89:22:07:40:34:c2:a1:c4:ba:29:cc:4d:
1e:11:0e:ac:1b:9d:c1:64:da:d7:72:c1:5b:21:4f:b7:6c:53:
62:8a:8f:3b:f9:eb:78:7e:f6:cc:96:fa:9e:78:25:56:88:c6:
b6:7c:78:8c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAN80WzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YzQ0ZTE5ZTJiYjRlNzAyM2NjMWJhMTBkNDliNzRlZGU0YmY4NjVjMB4XDTIyMDEw
MTA4MDIwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmVhYjY3MTg1NmE0
ODE1YTU0Mzk4MGE0MmZjZjdjN2JhNDg2NjBkZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL95kEMPguwnr4kV60ngSXBqTUvYINxELLE/+E8DI2L+q9lH
IJD7TdxlMgw7cmbpAE9zd/qAhqTJqfrPydu1r+7YBVWBLwBZKRE4+8AsD0oIjAw4
JCPLrPM+5HwzJsipEX771na6QpkDyawejDCBvap9GQaf9U2nDq2nruQdpgVzyq1i
RPI9pe9+N/BM3YQynaxBlDeJgMD8wRaZ1zSAPV/3fHV+wWc9YYiB7OqZtqb/e8cZ
zMpXTIaFAMLZTbgV9f4hpjoIJGdwuDUScbSm7gg5zD0izudSPoMMfGo0U9dBQg3C
MsGiE4sUaRx8edjMtHSzM5k8Ym/eZCuCOa+IY28CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRuq2cYVqSBWlQ5gKQvz3x7pIZg3TAfBgNVHSMEGDAWgBTcROGeK7TnAjzB
uhDUm3Tt5L+GXDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNFVGhuaXUwNXdJOHdib1ExSnQwN2VTX2hsdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDUvNDZmNWI5LTYwMDAtNDA3Mi04OWYyLTRjODJhY2U3MmM4NS8x
L2JxdG5HRmFrZ1ZwVU9ZQ2tMODk4ZTZTR1lOMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDUv
NDZmNWI5LTYwMDAtNDA3Mi04OWYyLTRjODJhY2U3MmM4NS8xLzNFVGhuaXUwNXdJ
OHdib1ExSnQwN2VTX2hsdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAxnwADANBgkqhkiG9w0BAQsFAAOC
AQEAFSVOcMbFd5zGBdso0/Tig2DO9kn+UBEyFUn1MIAwC50COfGsgM2Dy11gTMSR
XoRu2IP+M/Mtp4oAQUWTQLSeWxNP5knL9hSjakr7bn1v4gxvROEDyLcNR71N+Cyc
7yeyG+JQUE2S4ynjWqgLMsr4RnMxRTxIMDpMOQo7zlHbLQOW7kHYWksCY8SEsWHk
WApyVDGV4qIhBVqxgqpZ+4tkGXtUYIBeFCkayWfqnHOvXm9V3XJ3NF3qMIbYXDbb
foZxuCrMJgRtbb9JzoZFiSIHQDTCocS6KcxNHhEOrBudwWTa13LBWyFPt2xTYoqP
O/nreH72zJb6nnglVojGtnx4jA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:51 2023 by rpki-client on console-ams.rpki-client.org