Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/5bcee0-512e-41f4-8d6b-95d16364dbb9/1/BDjqF2KMe2-YxeOlQpes1u1iPYs.roa
File: BDjqF2KMe2-YxeOlQpes1u1iPYs.roa (raw, json)
Hash identifier: mgO2iTvA5WjAzZSnUsEEUYVinZLvR5MCSexAtwv+GTo=
Subject key identifier: 04:38:EA:17:62:8C:7B:6F:98:C5:E3:A5:42:97:AC:D6:ED:62:3D:8B
Certificate issuer: /CN=0804ace6946fb701bb2c45e30acafea66dac2f7a
Certificate serial: 018B7F76902097466BD6CFE1B8172CCAE894
Authority key identifier: 08:04:AC:E6:94:6F:B7:01:BB:2C:45:E3:0A:CA:FE:A6:6D:AC:2F:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CASs5pRvtwG7LEXjCsr-pm2sL3o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/5bcee0-512e-41f4-8d6b-95d16364dbb9/1/BDjqF2KMe2-YxeOlQpes1u1iPYs.roa
Signing time: Mon 30 Oct 2023 07:22:38 +0000
ROA not before: Mon 30 Oct 2023 07:22:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216352
IP address blocks: 2001:67c:c4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:7f:76:90:20:97:46:6b:d6:cf:e1:b8:17:2c:ca:e8:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0804ace6946fb701bb2c45e30acafea66dac2f7a
Validity
Not Before: Oct 30 07:22:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0438ea17628c7b6f98c5e3a54297acd6ed623d8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a6:5a:2b:ff:f5:92:20:2c:5c:5c:46:9d:f3:
d2:cf:54:07:cb:7d:ab:ca:05:e1:8f:ad:21:41:38:
9a:08:47:84:d7:1b:9d:21:0b:2e:4c:cd:d3:34:94:
4c:c8:aa:e3:24:cb:9c:2b:15:75:8c:2a:69:de:78:
f2:c3:c5:da:ef:2a:48:17:01:a8:e6:7f:5e:a2:4b:
28:7d:0e:4b:51:c7:b5:16:86:59:6d:60:15:e7:75:
90:4f:bc:7e:ae:62:53:ce:22:77:09:34:cf:10:9f:
4d:dc:df:d7:75:e9:ee:80:cc:2a:d6:cd:ee:51:32:
8d:63:82:85:7f:e9:f6:82:2a:ae:1e:94:c6:f7:27:
99:46:5e:08:36:65:84:35:4f:f3:da:ef:87:88:b1:
dd:56:32:ea:89:f3:09:2b:a3:86:95:08:dd:b7:c4:
cf:7e:c9:50:0e:30:a4:d6:1c:4b:55:23:83:53:38:
8a:bb:10:5c:ce:f5:ce:9a:85:14:d9:a3:74:29:80:
3a:84:ac:65:7e:e5:a8:63:fe:e6:cf:f5:86:d8:95:
8c:1b:2c:8a:2c:e3:87:dc:ee:ea:a8:6b:fa:1b:75:
fc:34:0d:7b:2b:36:5b:05:69:9a:8b:9a:90:6d:e3:
e1:d3:8b:c3:77:de:c2:ec:ff:13:fb:68:98:8b:72:
2a:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:38:EA:17:62:8C:7B:6F:98:C5:E3:A5:42:97:AC:D6:ED:62:3D:8B
X509v3 Authority Key Identifier:
keyid:08:04:AC:E6:94:6F:B7:01:BB:2C:45:E3:0A:CA:FE:A6:6D:AC:2F:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CASs5pRvtwG7LEXjCsr-pm2sL3o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/5bcee0-512e-41f4-8d6b-95d16364dbb9/1/BDjqF2KMe2-YxeOlQpes1u1iPYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/5bcee0-512e-41f4-8d6b-95d16364dbb9/1/CASs5pRvtwG7LEXjCsr-pm2sL3o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:c4::/48
Signature Algorithm: sha256WithRSAEncryption
a6:67:b1:26:4a:77:9b:ef:85:01:48:eb:8d:37:1c:0b:55:42:
84:60:30:f7:7c:af:3d:d1:b4:27:92:be:9a:cc:fb:5c:23:9b:
a4:54:4a:ee:e9:5f:ef:df:48:ab:06:21:b3:a2:5e:8f:19:75:
86:14:fe:bf:49:50:6a:56:09:0e:42:72:50:45:a6:10:7a:02:
58:de:82:4f:7e:9b:f4:31:9d:ae:27:5f:b0:e6:e2:09:29:05:
c9:cf:df:33:81:d9:25:16:95:49:4b:39:bf:9e:82:6f:c2:8e:
b9:80:7c:c8:90:41:27:98:9a:a2:57:b9:2d:df:fa:ea:2e:af:
2c:62:bf:05:16:b7:14:b9:7d:5c:3e:79:f9:53:04:55:a9:7e:
d6:d7:bd:39:a4:5b:c2:3a:7d:06:8e:35:76:92:91:d3:4c:cc:
9f:60:91:ab:44:11:fe:7f:d0:2d:ac:15:0a:56:5a:06:41:5c:
5e:b9:20:bd:b6:d8:87:f0:10:c4:b8:df:63:17:be:ea:aa:80:
8d:0f:8c:39:3a:49:a9:19:87:24:0b:fb:49:e5:68:8f:7c:5a:
7a:19:44:53:3d:89:14:63:ae:67:d6:ee:7a:05:d4:54:02:13:
8b:db:11:3c:b2:aa:db:de:1c:c2:d4:42:03:6d:ca:50:81:22:
fe:cb:b4:56
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYt/dpAgl0Zr1s/huBcsyuiUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDRhY2U2OTQ2ZmI3MDFiYjJjNDVlMzBhY2FmZWE2NmRh
YzJmN2EwHhcNMjMxMDMwMDcyMjM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDM4ZWExNzYyOGM3YjZmOThjNWUzYTU0Mjk3YWNkNmVkNjIzZDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiaZaK//1kiAsXFxGnfPSz1QHy32r
ygXhj60hQTiaCEeE1xudIQsuTM3TNJRMyKrjJMucKxV1jCpp3njyw8Xa7ypIFwGo
5n9eoksofQ5LUce1FoZZbWAV53WQT7x+rmJTziJ3CTTPEJ9N3N/XdenugMwq1s3u
UTKNY4KFf+n2giquHpTG9yeZRl4INmWENU/z2u+HiLHdVjLqifMJK6OGlQjdt8TP
fslQDjCk1hxLVSODUziKuxBczvXOmoUU2aN0KYA6hKxlfuWoY/7mz/WG2JWMGyyK
LOOH3O7qqGv6G3X8NA17KzZbBWmai5qQbePh04vDd97C7P8T+2iYi3IqmQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAQ46hdijHtvmMXjpUKXrNbtYj2LMB8GA1UdIwQY
MBaAFAgErOaUb7cBuyxF4wrK/qZtrC96MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FTczVwUnZ0d0c3TEVYakNzci1wbTJzTDNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC81YmNlZTAtNTEyZS00MWY0LThkNmIt
OTVkMTYzNjRkYmI5LzEvQkRqcUYyS01lMi1ZeGVPbFFwZXMxdTFpUFlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC81YmNlZTAtNTEyZS00MWY0LThkNmItOTVkMTYzNjRkYmI5
LzEvQ0FTczVwUnZ0d0c3TEVYakNzci1wbTJzTDNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfADE
MA0GCSqGSIb3DQEBCwUAA4IBAQCmZ7EmSneb74UBSOuNNxwLVUKEYDD3fK890bQn
kr6azPtcI5ukVEru6V/v30irBiGzol6PGXWGFP6/SVBqVgkOQnJQRaYQegJY3oJP
fpv0MZ2uJ1+w5uIJKQXJz98zgdklFpVJSzm/noJvwo65gHzIkEEnmJqiV7kt3/rq
Lq8sYr8FFrcUuX1cPnn5UwRVqX7W1705pFvCOn0GjjV2kpHTTMyfYJGrRBH+f9At
rBUKVloGQVxeuSC9ttiH8BDEuN9jF77qqoCND4w5OkmpGYckC/tJ5WiPfFp6GURT
PYkUY65n1u56BdRUAhOL2xE8sqrb3hzC1EIDbcpQgSL+y7RW
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:18 2025 by rpki-client