Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/Bq-s-LyD5Fq8Oy4ce_HJZyBOWTg.roa
File: Bq-s-LyD5Fq8Oy4ce_HJZyBOWTg.roa (raw, json)
Hash identifier: /D39fNTnX8f8h82iw4rWv6a2Y2ElJxNcHM9Nrj7Kh6E=
Subject key identifier: 06:AF:AC:F8:BC:83:E4:5A:BC:3B:2E:1C:7B:F1:C9:67:20:4E:59:38
Certificate issuer: /CN=7a350d024af01f8eaf125717caa03aafad184e1d
Certificate serial: 14751EB7
Authority key identifier: 7A:35:0D:02:4A:F0:1F:8E:AF:12:57:17:CA:A0:3A:AF:AD:18:4E:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ejUNAkrwH46vElcXyqA6r60YTh0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/Bq-s-LyD5Fq8Oy4ce_HJZyBOWTg.roa
Signing time: Sat 01 Jan 2022 15:57:24 +0000
ROA not before: Sat 01 Jan 2022 15:57:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197211
IP address blocks: 109.104.246.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 343219895 (0x14751eb7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a350d024af01f8eaf125717caa03aafad184e1d
Validity
Not Before: Jan 1 15:57:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=06afacf8bc83e45abc3b2e1c7bf1c967204e5938
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:12:49:0c:10:58:16:5f:23:51:f5:42:b9:96:
d7:6f:57:df:91:b3:da:58:d6:93:50:04:f6:45:3d:
16:c7:04:fd:55:9d:9d:40:0e:8c:55:70:6f:f7:80:
24:80:f8:ed:d4:ed:73:3e:d2:83:11:7b:65:a3:dd:
1d:1d:63:7b:9c:e5:80:f1:d8:70:da:be:05:10:25:
49:2f:28:65:b3:70:05:fb:fd:86:ae:50:14:92:d1:
3a:f4:4c:8b:85:56:de:42:18:fb:11:9e:98:79:28:
44:8a:c7:ec:34:dc:1b:88:75:4f:fc:dd:f9:bc:f0:
04:b3:6f:96:91:d6:d4:b0:fc:dc:cf:98:94:c8:4a:
60:89:db:76:e3:ca:4a:c7:2d:96:23:4c:ed:ba:06:
79:7e:1b:46:6a:1c:34:bf:9e:46:57:86:aa:17:b9:
a9:47:be:51:75:3b:02:a9:d9:28:52:53:09:fd:73:
23:57:a9:cd:8d:ac:d9:17:1e:0f:4a:0a:0a:ef:73:
40:45:8c:ec:51:12:79:94:fb:82:85:be:b6:5c:cf:
35:6a:2a:63:cc:dd:9a:dd:7e:b3:ef:09:2a:94:c1:
6f:f2:0e:a0:d9:6c:8d:b4:b7:ca:05:ce:bb:fe:3f:
fc:f7:a2:fd:7f:73:29:cc:ce:98:e6:ba:c4:65:da:
d6:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:AF:AC:F8:BC:83:E4:5A:BC:3B:2E:1C:7B:F1:C9:67:20:4E:59:38
X509v3 Authority Key Identifier:
keyid:7A:35:0D:02:4A:F0:1F:8E:AF:12:57:17:CA:A0:3A:AF:AD:18:4E:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ejUNAkrwH46vElcXyqA6r60YTh0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/Bq-s-LyD5Fq8Oy4ce_HJZyBOWTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/ejUNAkrwH46vElcXyqA6r60YTh0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.104.246.0/24
Signature Algorithm: sha256WithRSAEncryption
73:17:14:a9:86:62:41:e7:4a:e8:c4:aa:85:32:e1:a4:92:07:
8e:4a:4d:14:ec:83:42:c9:a6:6d:fa:91:d5:62:f6:a3:a5:80:
1f:17:a7:5f:2b:4e:5a:74:39:de:cd:3a:ec:ea:e4:6d:2d:e3:
5f:05:fe:eb:85:23:33:be:56:c3:bd:9c:62:6a:e7:b7:2d:42:
2c:ce:b1:f5:27:aa:03:29:8c:79:29:1e:d0:db:a6:9f:d7:25:
e8:a4:b6:da:2a:b3:98:f7:bc:33:a3:66:f7:2a:33:ea:1d:ad:
27:3b:4d:cb:d7:c5:27:ac:a6:92:b8:d6:b2:ff:0c:ac:f0:ad:
ee:a0:2b:5b:1d:a4:ef:9b:cd:98:98:51:83:28:16:de:68:49:
9e:8e:53:18:34:b2:d0:7c:b0:ff:a3:d5:69:2c:15:cb:1b:af:
97:ec:3f:07:f7:aa:df:92:b5:ae:0b:6c:24:3b:18:fa:45:a7:
30:2d:b8:bf:71:3b:18:fa:33:bd:d1:da:07:63:ee:fc:e5:a1:
26:ff:a6:4a:fb:f8:16:fc:22:e8:af:f6:5d:f2:33:6f:bd:b8:
a6:b7:43:c2:9a:d9:93:e3:48:be:b6:51:29:e2:62:24:17:dd:
98:20:4a:a9:fc:93:e1:d6:04:e8:cc:e3:d0:18:bd:b5:34:76:
f2:00:ff:1a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFHUetzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
YTM1MGQwMjRhZjAxZjhlYWYxMjU3MTdjYWEwM2FhZmFkMTg0ZTFkMB4XDTIyMDEw
MTE1NTcyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDZhZmFjZjhiYzgz
ZTQ1YWJjM2IyZTFjN2JmMWM5NjcyMDRlNTkzODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALISSQwQWBZfI1H1QrmW129X35Gz2ljWk1AE9kU9FscE/VWd
nUAOjFVwb/eAJID47dTtcz7SgxF7ZaPdHR1je5zlgPHYcNq+BRAlSS8oZbNwBfv9
hq5QFJLROvRMi4VW3kIY+xGemHkoRIrH7DTcG4h1T/zd+bzwBLNvlpHW1LD83M+Y
lMhKYInbduPKSsctliNM7boGeX4bRmocNL+eRleGqhe5qUe+UXU7AqnZKFJTCf1z
I1epzY2s2RceD0oKCu9zQEWM7FESeZT7goW+tlzPNWoqY8zdmt1+s+8JKpTBb/IO
oNlsjbS3ygXOu/4//Pei/X9zKczOmOa6xGXa1j8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQGr6z4vIPkWrw7Lhx78clnIE5ZODAfBgNVHSMEGDAWgBR6NQ0CSvAfjq8S
VxfKoDqvrRhOHTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VqVU5Ba3J3SDQ2dkVsY1h5cUE2cjYwWVRoMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvNzk2NmFlLTljODgtNDNlOS1iODk5LWQwMDNlNTZmZTc1My8x
L0JxLXMtTHlENUZxOE95NGNlX0hKWnlCT1dUZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
Nzk2NmFlLTljODgtNDNlOS1iODk5LWQwMDNlNTZmZTc1My8xL2VqVU5Ba3J3SDQ2
dkVsY1h5cUE2cjYwWVRoMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAG1o9jANBgkqhkiG9w0BAQsFAAOC
AQEAcxcUqYZiQedK6MSqhTLhpJIHjkpNFOyDQsmmbfqR1WL2o6WAHxenXytOWnQ5
3s067OrkbS3jXwX+64UjM75Ww72cYmrnty1CLM6x9SeqAymMeSke0Numn9cl6KS2
2iqzmPe8M6Nm9yoz6h2tJztNy9fFJ6ymkrjWsv8MrPCt7qArWx2k75vNmJhRgygW
3mhJno5TGDSy0Hyw/6PVaSwVyxuvl+w/B/eq35K1rgtsJDsY+kWnMC24v3E7GPoz
vdHaB2Pu/OWhJv+mSvv4Fvwi6K/2XfIzb724prdDwprZk+NIvrZRKeJiJBfdmCBK
qfyT4dYE6Mzj0Bi9tTR28gD/Gg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:09 2025 by rpki-client