Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/BFvAiz0J5rncAQK7x8I8dFMov2A.roa
File: BFvAiz0J5rncAQK7x8I8dFMov2A.roa (raw, json)
Hash identifier: bKtVnjQSgZXcv5lYze/qvbEFOo1OTLjvkupvIcaEDss=
Subject key identifier: 04:5B:C0:8B:3D:09:E6:B9:DC:01:02:BB:C7:C2:3C:74:53:28:BF:60
Certificate issuer: /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial: 1BD1BD1A
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/BFvAiz0J5rncAQK7x8I8dFMov2A.roa
Signing time: Wed 20 Apr 2022 11:15:39 +0000
ROA not before: Wed 20 Apr 2022 11:15:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60631
IP address blocks: 87.248.135.0/24 maxlen: 24
87.248.134.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 466730266 (0x1bd1bd1a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Validity
Not Before: Apr 20 11:15:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=045bc08b3d09e6b9dc0102bbc7c23c745328bf60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:2e:63:42:7f:c0:68:5a:23:96:18:36:9b:3b:
9e:b7:ac:c5:4f:43:38:e3:e1:3a:88:26:1a:6e:80:
18:7b:bc:71:f3:3c:41:b4:dc:da:f3:af:8c:fb:b3:
44:98:8c:b7:d2:a3:5b:5a:7f:ff:94:3c:28:8d:b8:
ab:0c:60:f1:33:ba:ca:05:c6:22:13:6f:bc:86:c5:
54:82:77:1f:2b:69:06:82:21:ca:1b:ca:0a:7d:9e:
0f:ec:51:6a:32:d2:8e:e7:5f:b0:1a:bf:7e:80:0b:
76:53:d4:3d:d5:d0:ea:fd:c6:69:e6:69:3d:4d:1a:
f9:74:39:6b:0c:37:b0:8d:20:c4:9f:f1:d1:10:81:
44:e5:3a:d6:b5:f8:89:b8:b4:d1:47:cd:4c:f7:f3:
66:d1:93:f7:db:4d:67:89:83:77:6c:da:77:bb:a6:
ae:c7:c4:03:f6:3b:57:a6:07:e9:65:75:e7:fc:76:
d6:16:59:82:96:8b:35:08:82:27:35:b7:b2:c2:cf:
18:d5:c3:b4:15:80:67:72:46:b7:8a:fd:e1:ae:36:
30:79:15:62:f0:30:81:ec:ba:00:a0:95:a9:78:5e:
9f:9b:5b:13:d3:e3:14:8b:ac:42:87:d5:f0:6c:7b:
17:ec:c5:b5:c7:47:98:63:ec:88:6d:b4:15:6c:8a:
0c:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:5B:C0:8B:3D:09:E6:B9:DC:01:02:BB:C7:C2:3C:74:53:28:BF:60
X509v3 Authority Key Identifier:
keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/BFvAiz0J5rncAQK7x8I8dFMov2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.248.134.0/23
Signature Algorithm: sha256WithRSAEncryption
b0:5b:87:70:03:b2:c0:39:e6:87:96:64:be:3e:7b:ef:07:49:
cb:8c:5c:59:1d:a7:9d:de:72:b8:5c:2f:86:be:4a:c2:e9:62:
85:6d:b4:b9:cc:2d:34:fc:53:9d:28:d0:8e:f4:9d:3c:af:5b:
5a:7d:77:2a:41:da:18:a5:e7:70:24:ac:09:25:59:67:27:63:
73:73:74:64:94:06:90:14:e3:c0:ab:ff:62:87:0c:a9:ce:32:
f8:97:72:bc:3d:32:ce:c6:5c:d4:34:b0:02:c0:f0:99:cc:6b:
5d:c3:92:fa:d0:7e:11:4f:b0:b8:a2:77:20:18:e8:13:32:3a:
ff:82:25:46:54:15:de:4e:88:02:a1:d8:fe:d9:fe:41:6a:83:
1f:41:d6:78:93:7d:52:07:0b:23:a6:cd:50:4e:f1:37:55:c0:
2d:31:68:89:30:80:5d:88:9e:92:b5:3c:87:58:be:40:4a:cc:
7e:78:f6:12:5c:3e:b7:85:55:e9:4f:35:7b:e2:4b:49:20:0c:
d1:92:30:31:03:4c:33:c7:87:45:fd:e0:25:f7:cb:df:e9:66:
0d:b6:90:af:8a:16:a5:1c:12:5d:07:e6:4f:4b:0c:1d:f4:54:
32:ee:48:0c:87:5f:a7:12:1e:bb:c8:94:7b:44:68:7a:bb:0b:
25:7a:4f:3c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEG9G9GjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
N2Y2MWZjN2MwYWI0MWNlMTU0ZTdiY2IwOGVmOTYyMzUxYTQ2Nzg0MB4XDTIyMDQy
MDExMTUzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDQ1YmMwOGIzZDA5
ZTZiOWRjMDEwMmJiYzdjMjNjNzQ1MzI4YmY2MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANIuY0J/wGhaI5YYNps7nresxU9DOOPhOogmGm6AGHu8cfM8
QbTc2vOvjPuzRJiMt9KjW1p//5Q8KI24qwxg8TO6ygXGIhNvvIbFVIJ3HytpBoIh
yhvKCn2eD+xRajLSjudfsBq/foALdlPUPdXQ6v3GaeZpPU0a+XQ5aww3sI0gxJ/x
0RCBROU61rX4ibi00UfNTPfzZtGT99tNZ4mDd2zad7umrsfEA/Y7V6YH6WV15/x2
1hZZgpaLNQiCJzW3ssLPGNXDtBWAZ3JGt4r94a42MHkVYvAwgey6AKCVqXhen5tb
E9PjFIusQofV8Gx7F+zFtcdHmGPsiG20FWyKDEcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQEW8CLPQnmudwBArvHwjx0Uyi/YDAfBgNVHSMEGDAWgBR39h/HwKtBzhVO
e8sI75YjUaRnhDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RfWWZ4OENyUWM0VlRudkxDTy1XSTFHa1o0US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvOTIxM2VjLTg1YTktNDhkNi1hYTY5LWVkYzlkMDJmYWY1NC8x
L0JGdkFpejBKNXJuY0FRSzd4OEk4ZEZNb3YyQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
OTIxM2VjLTg1YTktNDhkNi1hYTY5LWVkYzlkMDJmYWY1NC8xL2RfWWZ4OENyUWM0
VlRudkxDTy1XSTFHa1o0US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVf4hjANBgkqhkiG9w0BAQsFAAOC
AQEAsFuHcAOywDnmh5Zkvj577wdJy4xcWR2nnd5yuFwvhr5KwulihW20ucwtNPxT
nSjQjvSdPK9bWn13KkHaGKXncCSsCSVZZydjc3N0ZJQGkBTjwKv/YocMqc4y+Jdy
vD0yzsZc1DSwAsDwmcxrXcOS+tB+EU+wuKJ3IBjoEzI6/4IlRlQV3k6IAqHY/tn+
QWqDH0HWeJN9UgcLI6bNUE7xN1XALTFoiTCAXYiekrU8h1i+QErMfnj2Elw+t4VV
6U81e+JLSSAM0ZIwMQNMM8eHRf3gJffL3+lmDbaQr4oWpRwSXQfmT0sMHfRUMu5I
DIdfpxIeu8iUe0RoersLJXpPPA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:21 2023 by rpki-client on console-fra.rpki-client.org