Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/1434cd-a3d6-4488-8888-749e980ec0b7/1/BgdIIroQAaD2APEr0R4sB2GOYh4.roa
File: BgdIIroQAaD2APEr0R4sB2GOYh4.roa (raw, json)
Hash identifier: IjJyZthUJ3jrPEQC13zsUQRpos0ro/kZZfC5gNlt3JY=
Subject key identifier: 06:07:48:22:BA:10:01:A0:F6:00:F1:2B:D1:1E:2C:07:61:8E:62:1E
Certificate issuer: /CN=6940258a1a68ae605c073fb583b13e1376b778a7
Certificate serial: 32A419D4
Authority key identifier: 69:40:25:8A:1A:68:AE:60:5C:07:3F:B5:83:B1:3E:13:76:B7:78:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aUAlihpormBcBz-1g7E-E3a3eKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/1434cd-a3d6-4488-8888-749e980ec0b7/1/BgdIIroQAaD2APEr0R4sB2GOYh4.roa
Signing time: Sat 01 Jan 2022 08:59:53 +0000
ROA not before: Sat 01 Jan 2022 08:59:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50204
IP address blocks: 193.32.12.0/22 maxlen: 22
151.249.96.0/21 maxlen: 21
91.217.100.0/23 maxlen: 23
185.22.16.0/22 maxlen: 22
195.211.252.0/22 maxlen: 22
2a00:5fa0::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 849615316 (0x32a419d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6940258a1a68ae605c073fb583b13e1376b778a7
Validity
Not Before: Jan 1 08:59:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=06074822ba1001a0f600f12bd11e2c07618e621e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ce:65:8a:cc:8e:4c:cb:d8:c3:f0:a1:f2:2e:
be:43:77:64:bf:df:fa:a5:4a:a8:7c:d0:7d:b0:d6:
1d:a0:27:81:73:70:23:48:bd:50:67:4d:45:e1:7a:
9d:d3:6d:aa:1f:25:06:32:18:38:e6:d4:cf:34:38:
3d:0e:d0:ea:12:5a:63:35:95:14:a1:e6:32:61:24:
25:1f:6f:9a:cc:53:13:b4:0e:2a:e0:85:14:c1:22:
e1:4d:2e:67:6c:67:05:ca:2c:bc:02:29:0a:2e:f6:
27:5a:c5:75:f2:7d:bf:0c:5f:14:1a:17:fc:cc:80:
64:d8:04:60:b7:74:27:ce:3d:09:fc:9e:ff:5d:31:
bb:77:36:87:f0:0e:5d:fa:ee:9c:26:ce:aa:48:77:
27:48:87:93:8c:e4:96:3f:c1:d6:f6:88:95:08:c1:
5c:15:e3:32:f7:80:1c:33:a0:e7:26:b7:73:0f:31:
77:b1:ff:c5:71:8b:61:77:80:c4:c6:4d:72:a3:79:
c0:a3:10:9e:a5:97:7d:4a:33:e3:d2:10:09:42:42:
2b:76:b1:93:40:9f:43:54:dc:45:e7:10:97:f3:24:
6e:a3:80:cf:cd:88:72:3f:7e:ab:54:76:df:bd:9a:
9e:9f:c7:40:6e:3b:03:d8:fd:15:03:2a:72:7b:a4:
5b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:07:48:22:BA:10:01:A0:F6:00:F1:2B:D1:1E:2C:07:61:8E:62:1E
X509v3 Authority Key Identifier:
keyid:69:40:25:8A:1A:68:AE:60:5C:07:3F:B5:83:B1:3E:13:76:B7:78:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aUAlihpormBcBz-1g7E-E3a3eKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/1434cd-a3d6-4488-8888-749e980ec0b7/1/BgdIIroQAaD2APEr0R4sB2GOYh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/1434cd-a3d6-4488-8888-749e980ec0b7/1/aUAlihpormBcBz-1g7E-E3a3eKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.100.0/23
151.249.96.0/21
185.22.16.0/22
193.32.12.0/22
195.211.252.0/22
IPv6:
2a00:5fa0::/36
Signature Algorithm: sha256WithRSAEncryption
e0:88:0e:f6:89:58:f9:18:3b:d9:ac:1c:c2:3e:26:76:db:c4:
a0:04:4b:19:fc:99:e0:2f:77:87:3b:da:e5:d2:e0:30:e4:3e:
d2:0c:bb:52:f1:e9:70:02:71:5e:b5:0c:ab:d6:67:bd:27:61:
95:19:9c:e5:2c:89:d8:53:1d:63:36:be:1a:3e:08:11:2e:1e:
fc:02:d6:3d:62:87:7a:e3:df:d4:bc:82:8b:5c:d9:84:37:ca:
48:71:2a:fe:34:ba:b8:1a:f4:9a:68:1f:bf:4b:bf:ed:2a:d7:
bc:6a:6f:ed:b3:29:9b:b4:79:66:22:0f:91:95:5c:ec:76:8e:
77:ac:b3:93:6e:76:d9:1c:66:28:2f:a2:ce:15:25:20:a6:1c:
86:6b:eb:d2:24:6e:f7:8d:3c:86:7a:31:b2:88:b1:e5:53:50:
3d:d9:0e:db:38:c1:d0:22:ab:6f:48:ac:59:b8:bf:e2:2a:05:
17:fb:67:7c:55:ad:75:c3:18:b4:89:07:5e:5d:2d:53:a0:34:
df:05:10:31:77:24:1e:bb:ee:02:14:3e:d2:0c:7d:97:47:05:
f1:47:26:47:63:b0:7b:05:1e:4f:56:9d:be:6a:b2:fd:cd:7b:
ea:ab:83:09:58:17:61:2c:ec:1e:83:b0:a6:0b:6f:c5:d9:b5:
b6:cc:56:31
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIEMqQZ1DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
OTQwMjU4YTFhNjhhZTYwNWMwNzNmYjU4M2IxM2UxMzc2Yjc3OGE3MB4XDTIyMDEw
MTA4NTk1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDYwNzQ4MjJiYTEw
MDFhMGY2MDBmMTJiZDExZTJjMDc2MThlNjIxZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALTOZYrMjkzL2MPwofIuvkN3ZL/f+qVKqHzQfbDWHaAngXNw
I0i9UGdNReF6ndNtqh8lBjIYOObUzzQ4PQ7Q6hJaYzWVFKHmMmEkJR9vmsxTE7QO
KuCFFMEi4U0uZ2xnBcosvAIpCi72J1rFdfJ9vwxfFBoX/MyAZNgEYLd0J849Cfye
/10xu3c2h/AOXfrunCbOqkh3J0iHk4zklj/B1vaIlQjBXBXjMveAHDOg5ya3cw8x
d7H/xXGLYXeAxMZNcqN5wKMQnqWXfUoz49IQCUJCK3axk0CfQ1TcRecQl/MkbqOA
z82Icj9+q1R2372anp/HQG47A9j9FQMqcnukWw8CAwEAAaOCAjEwggItMB0GA1Ud
DgQWBBQGB0giuhABoPYA8SvRHiwHYY5iHjAfBgNVHSMEGDAWgBRpQCWKGmiuYFwH
P7WDsT4Tdrd4pzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FVQWxpaHBvcm1CY0J6LTFnN0UtRTNhM2VLYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvMTQzNGNkLWEzZDYtNDQ4OC04ODg4LTc0OWU5ODBlYzBiNy8x
L0JnZElJcm9RQWFEMkFQRXIwUjRzQjJHT1loNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
MTQzNGNkLWEzZDYtNDQ4OC04ODg4LTc0OWU5ODBlYzBiNy8xL2FVQWxpaHBvcm1C
Y0J6LTFnN0UtRTNhM2VLYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBH
BggrBgEFBQcBBwEB/wQ4MDYwJAQCAAEwHgMEAVvZZAMEA5f5YAMEArkWEAMEAsEg
DAMEAsPT/DAOBAIAAjAIAwYEKgBfoAAwDQYJKoZIhvcNAQELBQADggEBAOCIDvaJ
WPkYO9msHMI+JnbbxKAESxn8meAvd4c72uXS4DDkPtIMu1Lx6XACcV61DKvWZ70n
YZUZnOUsidhTHWM2vho+CBEuHvwC1j1ih3rj39S8gotc2YQ3ykhxKv40urga9Jpo
H79Lv+0q17xqb+2zKZu0eWYiD5GVXOx2jness5NudtkcZigvos4VJSCmHIZr69Ik
bveNPIZ6MbKIseVTUD3ZDts4wdAiq29IrFm4v+IqBRf7Z3xVrXXDGLSJB15dLVOg
NN8FEDF3JB677gIUPtIMfZdHBfFHJkdjsHsFHk9Wnb5qsv3Ne+qrgwlYF2Es7B6D
sKYLb8XZtbbMVjE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:43 2023 by rpki-client on console-ams.rpki-client.org