Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/BpdiHkfx1hS4SH2NTkiAK-EXO9Y.roa
File: BpdiHkfx1hS4SH2NTkiAK-EXO9Y.roa (raw, json)
Hash identifier: lso2lNG3qQj7Pf8wZe7Qi+XLH+klOTEy9XcpWqT2Xeo=
Subject key identifier: 06:97:62:1E:47:F1:D6:14:B8:48:7D:8D:4E:48:80:2B:E1:17:3B:D6
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 018451D16D9BE5CD70567A6464419EC6C9E3
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/BpdiHkfx1hS4SH2NTkiAK-EXO9Y.roa
Signing time: Mon 07 Nov 2022 11:19:50 +0000
ROA not before: Mon 07 Nov 2022 11:19:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14315
IP address blocks: 2.58.202.0/24 maxlen: 24
2.58.203.0/24 maxlen: 24
2.58.200.0/24 maxlen: 24
2.58.201.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:51:d1:6d:9b:e5:cd:70:56:7a:64:64:41:9e:c6:c9:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Nov 7 11:19:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0697621e47f1d614b8487d8d4e48802be1173bd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a1:9d:88:ea:a5:9a:60:9e:5c:9a:00:b8:69:
84:cc:4f:b1:f2:5f:c0:ec:3a:5c:91:ee:4d:98:df:
48:c3:0e:ad:c0:43:d0:55:b4:d9:1c:32:83:4f:ea:
41:eb:6d:c5:86:57:41:4e:99:42:65:bc:bc:38:79:
7d:46:e2:f1:cb:bc:e8:8b:e2:27:d7:8b:b1:9c:ff:
87:b5:85:74:c1:3a:3f:dc:4e:28:a5:21:fd:44:aa:
96:44:26:8a:99:eb:e4:6f:88:65:b0:e9:64:6e:85:
5f:ff:2d:14:30:4e:e9:3f:9b:ba:de:66:43:88:1b:
69:b5:eb:08:30:b5:03:d8:88:f9:b1:44:31:3a:aa:
9e:fd:03:5c:91:5e:2c:ec:1e:8d:fd:e1:67:cb:ad:
7b:d5:8f:4b:fb:19:51:d0:cc:7f:f4:56:a0:55:3a:
ff:1c:1e:71:f3:78:8f:5c:82:68:de:a2:bd:77:06:
7c:f1:b4:74:24:ed:d5:b7:12:e7:7c:d7:10:07:00:
cf:50:ec:55:d7:80:dd:33:eb:66:a9:92:1b:57:34:
fe:80:02:b1:0c:01:3e:fd:9f:f5:c4:39:d0:1f:ee:
53:75:82:2e:8f:23:89:f3:bc:d4:fb:f6:a8:b8:a9:
e4:e5:2f:b1:99:69:7c:89:32:1f:5d:72:55:67:17:
ed:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:97:62:1E:47:F1:D6:14:B8:48:7D:8D:4E:48:80:2B:E1:17:3B:D6
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/BpdiHkfx1hS4SH2NTkiAK-EXO9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.200.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:3e:1d:f9:1c:46:49:02:42:70:41:db:60:24:f6:4d:a7:ac:
08:ad:85:94:83:62:7f:e7:55:01:42:33:3c:e5:fe:d5:ae:09:
55:2b:b8:d8:34:31:a3:f2:e7:fc:c3:3d:10:91:0e:d0:e7:d4:
55:ed:f7:32:f8:bf:52:b9:76:1e:7c:91:50:c6:59:67:d7:22:
bb:67:ce:68:56:b7:ef:f8:72:b4:16:3f:8f:c5:68:d3:7c:2a:
61:bc:5a:c1:e1:b4:37:be:cc:99:e7:e3:86:b9:38:d3:5b:d5:
95:a8:4c:3e:fc:7e:3e:c3:b7:af:88:cc:98:1f:3f:f3:00:d1:
9e:93:26:c6:26:9d:45:e7:58:b6:49:52:78:bb:5c:dd:b5:2b:
b7:04:17:cc:24:7f:52:79:2f:1b:22:0e:03:a7:fe:cf:74:5a:
0a:c4:11:96:1b:54:83:ed:1b:4d:8d:f2:80:40:97:17:a5:de:
27:33:95:fc:c6:f5:18:92:77:6c:5a:a7:d2:b5:80:51:04:a0:
74:d8:db:b3:27:e5:ef:ec:6b:fc:b6:4e:23:19:3b:ef:e0:bb:
30:5f:42:4f:d5:e9:89:67:ca:b8:da:cd:69:81:41:14:ca:28:
6a:9e:a8:ec:d4:ca:d5:a0:bf:28:65:1b:a5:0f:0d:75:3a:e4:
47:7e:84:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRR0W2b5c1wVnpkZEGexsnjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjIxMTA3MTExOTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjk3NjIxZTQ3ZjFkNjE0Yjg0ODdkOGQ0ZTQ4ODAyYmUxMTczYmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqGdiOqlmmCeXJoAuGmEzE+x8l/A
7Dpcke5NmN9Iww6twEPQVbTZHDKDT+pB623FhldBTplCZby8OHl9RuLxy7zoi+In
14uxnP+HtYV0wTo/3E4opSH9RKqWRCaKmevkb4hlsOlkboVf/y0UME7pP5u63mZD
iBtptesIMLUD2Ij5sUQxOqqe/QNckV4s7B6N/eFny6171Y9L+xlR0Mx/9FagVTr/
HB5x83iPXIJo3qK9dwZ88bR0JO3VtxLnfNcQBwDPUOxV14DdM+tmqZIbVzT+gAKx
DAE+/Z/1xDnQH+5TdYIujyOJ87zU+/aouKnk5S+xmWl8iTIfXXJVZxftgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAaXYh5H8dYUuEh9jU5IgCvhFzvWMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvQnBkaUhrZngxaFM0U0gyTlRraUFLLUVYTzlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAjrIMA0G
CSqGSIb3DQEBCwUAA4IBAQA8Ph35HEZJAkJwQdtgJPZNp6wIrYWUg2J/51UBQjM8
5f7VrglVK7jYNDGj8uf8wz0QkQ7Q59RV7fcy+L9SuXYefJFQxlln1yK7Z85oVrfv
+HK0Fj+PxWjTfCphvFrB4bQ3vsyZ5+OGuTjTW9WVqEw+/H4+w7eviMyYHz/zANGe
kybGJp1F51i2SVJ4u1zdtSu3BBfMJH9SeS8bIg4Dp/7PdFoKxBGWG1SD7RtNjfKA
QJcXpd4nM5X8xvUYkndsWqfStYBRBKB02NuzJ+Xv7Gv8tk4jGTvv4LswX0JP1emJ
Z8q42s1pgUEUyihqnqjs1MrVoL8oZRulDw11OuRHfoSD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:28 2024 by rpki-client on console-fra.rpki-client.org