Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/BNMgRuKbWH1QYgvFIvSbHA6oJfc.roa
File: BNMgRuKbWH1QYgvFIvSbHA6oJfc.roa (raw, json)
Hash identifier: 8QBb6KQABvRm0m4EjaGHpYla6GfNSap4PZEbJ031O0g=
Subject key identifier: 04:D3:20:46:E2:9B:58:7D:50:62:0B:C5:22:F4:9B:1C:0E:A8:25:F7
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 487F7084
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/BNMgRuKbWH1QYgvFIvSbHA6oJfc.roa
Signing time: Sat 01 Jan 2022 03:00:41 +0000
ROA not before: Sat 01 Jan 2022 03:00:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205672
IP address blocks: 5.188.164.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1216311428 (0x487f7084)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 1 03:00:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=04d32046e29b587d50620bc522f49b1c0ea825f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:f5:ff:bd:c7:c0:29:32:06:42:ee:61:1f:e9:
a0:5a:12:59:f4:14:bc:e8:e5:10:0e:0f:de:69:8e:
30:dd:65:8b:f0:90:06:7e:ba:cd:d6:e4:f1:f3:4e:
b5:88:32:e5:ca:34:0a:ed:d8:b7:c7:cd:a5:e9:ab:
fa:e6:db:75:36:b7:d3:70:18:f0:dd:74:77:8f:92:
6c:03:9c:e1:6d:32:a1:9c:98:2d:79:0c:03:93:ef:
2d:69:b4:70:42:09:cd:2f:a8:b6:52:e9:67:4a:ae:
56:a6:27:65:93:88:cd:93:5d:55:f9:49:49:ad:35:
13:b1:43:2e:80:6b:14:b0:99:59:21:62:4d:cb:6e:
25:78:7a:d6:20:f7:ef:88:b2:c3:87:1f:1d:41:9b:
48:fa:76:dd:67:87:a4:9f:4d:4e:71:eb:32:e2:d4:
00:86:2e:13:d2:72:17:70:73:74:a5:83:e4:42:cd:
6d:ea:a8:02:51:9b:97:a5:c0:db:9f:a1:b7:4f:72:
6d:29:d8:ce:a4:c4:b8:9a:da:12:9b:fc:7e:a5:73:
de:3f:64:9c:74:23:c3:a6:65:a7:d6:c3:60:1b:9b:
a6:91:c1:4f:65:95:84:fd:67:ee:7d:5f:0a:59:10:
e8:d8:ba:db:2a:0d:d1:02:06:9c:23:6c:bb:83:25:
ae:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:D3:20:46:E2:9B:58:7D:50:62:0B:C5:22:F4:9B:1C:0E:A8:25:F7
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/BNMgRuKbWH1QYgvFIvSbHA6oJfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.188.164.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:73:c0:c1:e8:91:0d:21:e8:25:bf:6e:96:87:3a:42:2c:87:
bd:7d:dc:8f:43:9d:2b:9d:9d:eb:16:59:f0:38:b9:4a:ef:ad:
5f:de:ec:07:43:16:95:b1:7e:70:4f:98:61:8d:c9:cf:b2:4c:
0a:c3:1a:9f:85:36:1e:5d:ab:41:bf:a2:28:ef:fd:08:be:6b:
c3:e1:16:13:e5:84:86:30:7f:f7:40:36:4e:5a:62:28:f8:5d:
2a:5c:37:5e:23:f6:ba:b8:aa:21:db:41:08:00:cf:06:e8:df:
7d:8a:76:79:f3:c7:9c:4e:8e:ae:4c:5e:e3:d5:1a:80:c6:2a:
9f:5a:0c:a3:da:62:69:47:98:74:be:e8:f5:fe:7e:3d:bb:ef:
9c:dc:2c:df:c3:b2:85:33:1b:68:bb:09:b9:99:a8:66:35:1c:
fe:bb:ec:e6:29:a5:d8:62:26:8b:f0:e9:49:e4:40:62:14:0a:
9e:7e:3a:0e:08:f6:ce:da:48:91:fe:2f:07:6f:e5:e3:b5:df:
d0:75:3d:df:2b:a9:27:4b:55:54:bc:4e:70:fd:d4:f4:a2:fc:
71:41:e3:f9:ea:db:24:43:8e:3a:ec:08:8f:e4:be:eb:2d:e1:
16:d5:55:3b:8f:c7:90:2a:15:0e:aa:3a:10:63:7c:4d:07:87:
c4:23:8f:5d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIESH9whDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YWFhOGEwYTVmZGZkNjk4ZTEwNGJlMzZhMmFlZWM4MTNhZWNhMDcxMB4XDTIyMDEw
MTAzMDA0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDRkMzIwNDZlMjli
NTg3ZDUwNjIwYmM1MjJmNDliMWMwZWE4MjVmNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIz1/73HwCkyBkLuYR/poFoSWfQUvOjlEA4P3mmOMN1li/CQ
Bn66zdbk8fNOtYgy5co0Cu3Yt8fNpemr+ubbdTa303AY8N10d4+SbAOc4W0yoZyY
LXkMA5PvLWm0cEIJzS+otlLpZ0quVqYnZZOIzZNdVflJSa01E7FDLoBrFLCZWSFi
TctuJXh61iD374iyw4cfHUGbSPp23WeHpJ9NTnHrMuLUAIYuE9JyF3BzdKWD5ELN
beqoAlGbl6XA25+ht09ybSnYzqTEuJraEpv8fqVz3j9knHQjw6Zlp9bDYBubppHB
T2WVhP1n7n1fClkQ6Ni62yoN0QIGnCNsu4Mlrp8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQE0yBG4ptYfVBiC8Ui9JscDqgl9zAfBgNVHSMEGDAWgBTqqooKX9/WmOEE
vjairuyBOuygcTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZxcUtDbF9mMXBqaEJMNDJvcTdzZ1Ryc29IRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvMjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8x
L0JOTWdSdUtiV0gxUVlndkZJdlNiSEE2b0pmYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
MjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8xLzZxcUtDbF9mMXBq
aEJMNDJvcTdzZ1Ryc29IRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAW8pDANBgkqhkiG9w0BAQsFAAOC
AQEAS3PAweiRDSHoJb9uloc6QiyHvX3cj0OdK52d6xZZ8Di5Su+tX97sB0MWlbF+
cE+YYY3Jz7JMCsMan4U2Hl2rQb+iKO/9CL5rw+EWE+WEhjB/90A2TlpiKPhdKlw3
XiP2uriqIdtBCADPBujffYp2efPHnE6Orkxe49UagMYqn1oMo9piaUeYdL7o9f5+
PbvvnNws38OyhTMbaLsJuZmoZjUc/rvs5iml2GImi/DpSeRAYhQKnn46Dgj2ztpI
kf4vB2/l47Xf0HU93yupJ0tVVLxOcP3U9KL8cUHj+erbJEOOOuwIj+S+6y3hFtVV
O4/HkCoVDqo6EGN8TQeHxCOPXQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:56 2023 by rpki-client on console-fra.rpki-client.org