Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/BKFZ1daFid8mXterDVoyDqnMZgk.roa
File: BKFZ1daFid8mXterDVoyDqnMZgk.roa (raw, json)
Hash identifier: C8hS7A0hACuz0xNnOiC2LEJ8r1hKk0MDUD+Wb+ZgFCk=
Subject key identifier: 04:A1:59:D5:D6:85:89:DF:26:5E:D7:AB:0D:5A:32:0E:A9:CC:66:09
Certificate issuer: /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial: 02EFA108
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/BKFZ1daFid8mXterDVoyDqnMZgk.roa
Signing time: Thu 03 Mar 2022 17:52:37 +0000
ROA not before: Thu 03 Mar 2022 17:52:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49245
IP address blocks: 2a05:4140:14::/48 maxlen: 48
2a05:4140:12::/48 maxlen: 48
2a05:4140:5::/48 maxlen: 48
2a05:4140:15::/48 maxlen: 48
2a05:4140:13::/48 maxlen: 48
2a05:4140:3::/48 maxlen: 48
2a05:4140:11::/48 maxlen: 48
2a05:4140:21::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 49258760 (0x2efa108)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Validity
Not Before: Mar 3 17:52:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=04a159d5d68589df265ed7ab0d5a320ea9cc6609
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:6d:bd:a5:9f:d5:e1:06:b1:bb:2f:0f:dc:a4:
36:6e:3b:51:57:91:a6:ae:aa:c6:40:c7:6c:4d:a1:
27:a8:3a:3e:a1:3d:34:d4:a7:95:bd:fb:4a:77:74:
72:fe:16:70:78:3a:a9:92:96:72:60:e6:7b:b7:77:
6a:29:8b:16:12:4d:f3:80:5d:41:d8:56:81:4c:9f:
30:e8:9e:6c:bb:f7:fd:6b:7c:43:a1:d3:5b:0b:b0:
83:38:d2:27:b3:7c:2f:59:5b:54:ec:33:3f:70:48:
0e:26:83:7c:3f:f5:19:5a:6b:4b:0e:93:d2:39:91:
62:fd:cc:8b:8a:d3:a1:26:2d:73:5a:8b:6e:de:1f:
ae:b8:bf:b7:25:34:6a:43:16:ab:e5:b8:79:9e:02:
ce:e1:e8:96:d1:a4:50:34:55:26:e7:d3:2f:47:fb:
57:33:c0:da:e7:0c:d3:b5:1e:49:95:a7:4d:48:04:
fa:d7:0a:1f:55:f6:7e:89:d1:1d:b1:99:3b:ca:b5:
62:ea:1a:d8:42:61:10:7e:27:92:06:ca:86:93:44:
99:5f:ee:a5:cc:07:a8:34:76:a6:95:8e:4d:f7:2e:
e5:2c:8b:cd:fd:a9:f4:68:e3:98:3f:5e:0f:9c:3b:
e4:02:7c:49:f4:7f:5b:30:dd:70:74:63:06:71:68:
04:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:A1:59:D5:D6:85:89:DF:26:5E:D7:AB:0D:5A:32:0E:A9:CC:66:09
X509v3 Authority Key Identifier:
keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/BKFZ1daFid8mXterDVoyDqnMZgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:4140:3::/48
2a05:4140:5::/48
2a05:4140:11::-2a05:4140:15:ffff:ffff:ffff:ffff:ffff
2a05:4140:21::/48
Signature Algorithm: sha256WithRSAEncryption
83:67:2e:25:6f:90:0b:70:ce:8a:36:d7:22:c9:60:86:f6:42:
38:f7:65:26:11:cd:26:c4:1d:91:6a:11:80:67:51:2b:86:f2:
85:81:fc:95:89:df:12:a9:c3:b9:08:57:a8:c1:d6:f5:e2:ab:
4a:2f:60:48:53:58:a5:13:49:03:da:9d:51:b5:6c:29:4e:01:
dc:f5:db:f9:20:39:c0:7d:c1:a1:9a:0a:73:f3:8b:2e:1c:44:
76:4e:f7:7f:5d:8f:f3:29:8b:58:18:a1:67:5c:d4:d4:16:81:
fd:bd:2d:1e:ee:25:06:e6:e6:2b:8d:da:06:8e:36:dd:a3:d7:
30:73:89:10:83:1e:3b:fe:dc:d5:57:0f:bb:85:fd:48:75:04:
31:6b:42:61:75:ec:f4:bf:27:79:f9:04:b7:67:0c:72:89:b7:
70:17:17:42:4d:c9:82:47:21:25:d1:6e:10:fa:b6:de:80:f6:
e7:36:4f:54:67:9c:3a:60:4f:1f:89:61:89:a9:fc:5c:ca:0a:
de:d5:e3:3f:98:bc:7d:c6:e5:d3:2b:1a:58:e8:8b:e4:a1:63:
4a:ae:ed:69:75:c9:0f:60:7c:96:12:a2:36:f1:29:2a:37:5e:
a8:75:b7:42:c9:50:c1:35:86:41:5e:de:18:93:85:8b:e2:d9:
10:cb:db:2a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIEAu+hCDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NzRjNjBhZGViMGNkNTc2OGNmNzU2ZjU2MmIxYjVjYzViOWMxODBhMB4XDTIyMDMw
MzE3NTIzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDRhMTU5ZDVkNjg1
ODlkZjI2NWVkN2FiMGQ1YTMyMGVhOWNjNjYwOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMRtvaWf1eEGsbsvD9ykNm47UVeRpq6qxkDHbE2hJ6g6PqE9
NNSnlb37Snd0cv4WcHg6qZKWcmDme7d3aimLFhJN84BdQdhWgUyfMOiebLv3/Wt8
Q6HTWwuwgzjSJ7N8L1lbVOwzP3BIDiaDfD/1GVprSw6T0jmRYv3Mi4rToSYtc1qL
bt4frri/tyU0akMWq+W4eZ4CzuHoltGkUDRVJufTL0f7VzPA2ucM07UeSZWnTUgE
+tcKH1X2fonRHbGZO8q1Yuoa2EJhEH4nkgbKhpNEmV/upcwHqDR2ppWOTfcu5SyL
zf2p9GjjmD9eD5w75AJ8SfR/WzDdcHRjBnFoBB8CAwEAAaOCAjIwggIuMB0GA1Ud
DgQWBBQEoVnV1oWJ3yZe16sNWjIOqcxmCTAfBgNVHSMEGDAWgBTHTGCt6wzVdoz3
VvVisbXMW5wYCjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3gweGdyZXNNMVhhTTkxYjFZckcxekZ1Y0dBby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWYvYWRiNjVjLWY2ZjctNDQ5NS1iYTIzLTg4NWU4NGU3NTEyZS8x
L0JLRloxZGFGaWQ4bVh0ZXJEVm95RHFuTVpnay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWYv
YWRiNjVjLWY2ZjctNDQ5NS1iYTIzLTg4NWU4NGU3NTEyZS8xL3gweGdyZXNNMVhh
TTkxYjFZckcxekZ1Y0dBby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBI
BggrBgEFBQcBBwEB/wQ5MDcwNQQCAAIwLwMHACoFQUAAAwMHACoFQUAABTASAwcA
KgVBQAARAwcBKgVBQAAUAwcAKgVBQAAhMA0GCSqGSIb3DQEBCwUAA4IBAQCDZy4l
b5ALcM6KNtciyWCG9kI492UmEc0mxB2RahGAZ1ErhvKFgfyVid8SqcO5CFeowdb1
4qtKL2BIU1ilE0kD2p1RtWwpTgHc9dv5IDnAfcGhmgpz84suHER2Tvd/XY/zKYtY
GKFnXNTUFoH9vS0e7iUG5uYrjdoGjjbdo9cwc4kQgx47/tzVVw+7hf1IdQQxa0Jh
dez0vyd5+QS3ZwxyibdwFxdCTcmCRyEl0W4Q+rbegPbnNk9UZ5w6YE8fiWGJqfxc
ygre1eM/mLx9xuXTKxpY6IvkoWNKru1pdckPYHyWEqI28SkqN16odbdCyVDBNYZB
Xt4Yk4WL4tkQy9sq
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:06 2023 by rpki-client on console-fra.rpki-client.org