Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/BwRL1R3Cfzig2HzvIdyHe7rIZGE.roa
File: BwRL1R3Cfzig2HzvIdyHe7rIZGE.roa (raw, json)
Hash identifier: C7zfjjp74M749re/Ad7FYjxpOMirWTQpRVYH9u3GToQ=
Subject key identifier: 07:04:4B:D5:1D:C2:7F:38:A0:D8:7C:EF:21:DC:87:7B:BA:C8:64:61
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 08BA2F4A
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/BwRL1R3Cfzig2HzvIdyHe7rIZGE.roa
Signing time: Sat 01 Jan 2022 14:01:54 +0000
ROA not before: Sat 01 Jan 2022 14:01:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211722
IP address blocks: 2a0e:8f02:2130::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146419530 (0x8ba2f4a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 14:01:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=07044bd51dc27f38a0d87cef21dc877bbac86461
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:99:eb:ea:3a:e5:c6:20:0f:c0:08:96:f7:09:
15:dd:f1:ce:f6:58:81:60:96:80:23:89:97:4a:67:
ce:c7:80:6f:3b:4e:df:42:92:06:85:ec:b7:81:75:
e6:9e:a1:52:0c:b3:7f:7e:00:19:a3:30:57:cb:da:
d9:bd:85:43:e5:dd:3a:71:d2:f4:45:17:0e:c5:f3:
d8:20:93:c7:64:90:01:29:9e:dc:65:b9:dd:6d:e1:
49:6f:17:5e:43:56:5f:26:75:56:94:9e:20:9c:28:
07:2d:56:67:dd:9a:af:33:0f:35:9f:de:3c:0c:f3:
c2:96:60:0d:e8:7a:41:df:a5:c5:c8:4e:f4:5e:fe:
29:1f:b0:a6:29:45:4e:ff:88:c7:07:7d:62:65:2e:
16:90:3f:fb:4d:d9:fe:7a:7b:e3:67:57:21:f2:04:
95:12:1a:20:11:75:c2:02:6b:5c:0f:36:93:7d:6c:
fa:b4:b2:8d:c2:7e:86:fd:39:b2:9a:5d:ee:11:e4:
0c:9f:6a:b8:b4:7e:b8:0d:5e:65:bb:9f:85:e6:a3:
e4:93:ca:48:2b:1e:b5:f6:8f:e4:0d:3b:1b:46:84:
a8:08:9b:65:38:00:a3:f8:89:b9:9b:aa:44:7b:f5:
f9:de:45:9a:6d:3a:a0:3f:d8:09:ad:67:0e:58:c1:
32:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:04:4B:D5:1D:C2:7F:38:A0:D8:7C:EF:21:DC:87:7B:BA:C8:64:61
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/BwRL1R3Cfzig2HzvIdyHe7rIZGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:2130::/44
Signature Algorithm: sha256WithRSAEncryption
2a:c8:10:76:d3:25:5f:24:49:9a:4a:50:39:c8:c3:41:f3:70:
87:0b:ad:bd:0e:8e:49:82:a5:62:7b:5f:c2:4e:d7:84:df:87:
12:4d:c0:8b:71:10:eb:4d:52:25:eb:f1:25:49:a9:bc:89:7a:
bf:07:28:b1:f3:00:26:17:48:cd:06:d0:c3:e2:bf:29:b8:3a:
4a:ee:4a:45:98:9c:7f:1e:86:6c:92:bb:d6:a9:b0:c6:b1:e9:
e6:9a:48:25:09:ee:7b:3a:e8:6d:7e:37:4c:10:de:f2:64:a5:
51:d3:71:05:f0:6c:28:aa:8a:ac:86:7a:4e:29:24:72:45:07:
e1:9b:2e:20:fc:35:cf:7d:03:81:42:92:3b:74:3f:84:fd:8b:
1c:20:6e:16:e8:94:e4:bb:5b:04:15:5d:95:3e:a9:b4:a3:b5:
20:2e:1e:21:c1:32:96:eb:6e:bb:a3:fb:b3:bd:9d:14:24:f6:
95:63:69:6f:89:25:09:ee:b8:4d:51:07:c2:f9:63:f0:79:ff:
c5:cb:04:97:ea:ed:60:97:4b:5b:e1:2e:2b:73:3d:92:d1:9a:
41:41:e4:22:72:6c:fe:7d:d6:6b:bc:39:4a:8c:73:cf:19:62:
83:b1:8f:17:c6:2b:f0:9b:c0:df:e0:3c:c8:5a:fd:e9:ee:ab:
99:8f:3d:bd
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECLovSjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NTZlZjQ4ZWQ2MTU1ZGQ3ODQzZWVkMzYzMjQ2OWFiYWEzMTAwYmYzMB4XDTIyMDEw
MTE0MDE1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDcwNDRiZDUxZGMy
N2YzOGEwZDg3Y2VmMjFkYzg3N2JiYWM4NjQ2MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALCZ6+o65cYgD8AIlvcJFd3xzvZYgWCWgCOJl0pnzseAbztO
30KSBoXst4F15p6hUgyzf34AGaMwV8va2b2FQ+XdOnHS9EUXDsXz2CCTx2SQASme
3GW53W3hSW8XXkNWXyZ1VpSeIJwoBy1WZ92arzMPNZ/ePAzzwpZgDeh6Qd+lxchO
9F7+KR+wpilFTv+Ixwd9YmUuFpA/+03Z/np742dXIfIElRIaIBF1wgJrXA82k31s
+rSyjcJ+hv05sppd7hHkDJ9quLR+uA1eZbufheaj5JPKSCsetfaP5A07G0aEqAib
ZTgAo/iJuZuqRHv1+d5Fmm06oD/YCa1nDljBMq0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQHBEvVHcJ/OKDYfO8h3Id7ushkYTAfBgNVHSMEGDAWgBTVbvSO1hVd14Q+
7TYyRpq6oxAL8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFXNzBqdFlWWGRlRVB1MDJNa2FhdXFNUUNfTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvNThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8x
L0J3UkwxUjNDZnppZzJIenZJZHlIZTdySVpHRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
NThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8xLzFXNzBqdFlWWGRl
RVB1MDJNa2FhdXFNUUNfTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoOjwIhMDANBgkqhkiG9w0BAQsF
AAOCAQEAKsgQdtMlXyRJmkpQOcjDQfNwhwutvQ6OSYKlYntfwk7XhN+HEk3Ai3EQ
601SJevxJUmpvIl6vwcosfMAJhdIzQbQw+K/Kbg6Su5KRZicfx6GbJK71qmwxrHp
5ppIJQnuezrobX43TBDe8mSlUdNxBfBsKKqKrIZ6TikkckUH4ZsuIPw1z30DgUKS
O3Q/hP2LHCBuFuiU5LtbBBVdlT6ptKO1IC4eIcEylutuu6P7s72dFCT2lWNpb4kl
Ce64TVEHwvlj8Hn/xcsEl+rtYJdLW+EuK3M9ktGaQUHkInJs/n3Wa7w5Soxzzxli
g7GPF8Yr8JvA3+A8yFr96e6rmY89vQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:12 2023 by rpki-client on console-ams.rpki-client.org