Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/4578a6-1a1c-4944-a773-c25d7fca0037/1/BgLX8IUxD2WLBlLDgQgqQb2ppLk.roa
File: BgLX8IUxD2WLBlLDgQgqQb2ppLk.roa (raw, json)
Hash identifier: tTiDfIcSBHEL//yxdRgHJ6AUJaEVeCR5Ix/Gk9Cua3k=
Subject key identifier: 06:02:D7:F0:85:31:0F:65:8B:06:52:C3:81:08:2A:41:BD:A9:A4:B9
Certificate issuer: /CN=0324d16977eee2f58beb1bb7aa2f4b2fa1abfc48
Certificate serial: 01856DEF5F9AFEFC4F63653194CA6FE8A6A6
Authority key identifier: 03:24:D1:69:77:EE:E2:F5:8B:EB:1B:B7:AA:2F:4B:2F:A1:AB:FC:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AyTRaXfu4vWL6xu3qi9LL6Gr_Eg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/4578a6-1a1c-4944-a773-c25d7fca0037/1/BgLX8IUxD2WLBlLDgQgqQb2ppLk.roa
Signing time: Sun 01 Jan 2023 15:24:42 +0000
ROA not before: Sun 01 Jan 2023 15:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5610
IP address blocks: 78.24.232.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ef:5f:9a:fe:fc:4f:63:65:31:94:ca:6f:e8:a6:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0324d16977eee2f58beb1bb7aa2f4b2fa1abfc48
Validity
Not Before: Jan 1 15:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0602d7f085310f658b0652c381082a41bda9a4b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f8:77:ef:f9:f1:03:82:5e:93:69:a0:2f:a6:
c7:ea:f1:7a:03:c6:be:b7:4c:03:82:ee:e7:b5:28:
92:26:4f:1d:be:ab:f0:84:9f:d3:83:2e:97:5b:ff:
8d:12:5d:5c:01:0b:63:c0:e2:9b:0d:51:9c:48:4b:
84:35:14:04:0a:b0:14:3d:8e:86:bc:2a:25:ca:33:
77:6e:8b:bd:c9:a7:d9:3d:83:22:af:aa:a1:d5:11:
1c:87:ab:16:ca:dd:d7:78:8e:3d:43:f9:26:23:d5:
42:e8:37:df:ac:66:b1:a3:54:95:91:5c:57:5c:7a:
2d:9b:2c:87:47:f9:51:ab:a0:78:b6:39:0a:56:88:
21:b0:e5:43:e8:f4:69:80:e1:8a:2e:2f:e3:29:b7:
ee:0c:94:c8:d8:6f:91:56:85:59:94:c9:38:3a:41:
4f:51:42:09:d3:50:23:5c:49:ae:8c:6e:e2:1a:f6:
6c:b5:1f:af:b1:70:b0:8a:b7:06:db:74:1d:3d:40:
39:44:75:4b:c1:eb:3d:2a:76:d7:1d:a5:4b:49:58:
71:f8:73:b7:89:0f:1e:10:ae:2c:fc:d7:e2:f3:dd:
9c:67:63:4a:b1:96:09:63:62:76:81:b0:7f:c3:ef:
14:60:20:b8:cf:69:93:c2:00:54:c3:f7:42:41:7e:
07:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:02:D7:F0:85:31:0F:65:8B:06:52:C3:81:08:2A:41:BD:A9:A4:B9
X509v3 Authority Key Identifier:
keyid:03:24:D1:69:77:EE:E2:F5:8B:EB:1B:B7:AA:2F:4B:2F:A1:AB:FC:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AyTRaXfu4vWL6xu3qi9LL6Gr_Eg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/4578a6-1a1c-4944-a773-c25d7fca0037/1/BgLX8IUxD2WLBlLDgQgqQb2ppLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/4578a6-1a1c-4944-a773-c25d7fca0037/1/AyTRaXfu4vWL6xu3qi9LL6Gr_Eg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.24.232.0/21
Signature Algorithm: sha256WithRSAEncryption
6b:08:65:56:28:08:5e:78:99:a1:57:80:4d:2d:0f:89:dc:c2:
d4:12:0e:62:a4:85:d9:02:03:86:20:ce:ef:d9:12:01:32:a1:
64:9f:08:86:b1:24:a2:42:21:e1:35:15:3d:f5:76:29:af:3d:
40:fd:9a:76:8c:2a:67:b3:cb:83:a5:f4:96:bf:b7:b7:85:d8:
5a:7b:80:26:c8:10:04:6b:81:25:82:eb:bc:62:f8:92:b1:0a:
d6:be:23:10:57:52:e5:8f:9d:56:36:7d:90:12:b0:73:e9:ff:
29:a2:cb:dc:d3:fc:b5:78:dd:ca:74:80:7a:be:49:5b:e6:21:
2b:64:78:2b:6f:0e:5d:34:fa:7a:ae:7d:5a:51:eb:20:7a:22:
87:21:24:89:70:46:27:dc:fc:b7:0f:52:19:61:ce:48:58:e4:
f8:95:29:51:90:96:ff:d1:93:b8:eb:f6:59:2f:74:80:96:d3:
34:63:dc:0e:7c:a5:fd:cf:63:db:c6:3b:38:8b:3c:c7:b3:82:
69:c5:0f:89:69:ca:dc:57:48:5b:e2:a6:91:73:46:06:4a:05:
d1:a0:af:fb:e0:64:70:c1:86:d5:82:b6:79:a8:eb:dc:28:14:
21:30:1e:2b:2b:a8:2f:39:2c:e9:10:34:6f:1a:76:51:75:f0:
03:d6:8d:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt71+a/vxPY2UxlMpv6KamMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMjRkMTY5NzdlZWUyZjU4YmViMWJiN2FhMmY0YjJmYTFh
YmZjNDgwHhcNMjMwMTAxMTUyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjAyZDdmMDg1MzEwZjY1OGIwNjUyYzM4MTA4MmE0MWJkYTlhNGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfh37/nxA4Jek2mgL6bH6vF6A8a+
t0wDgu7ntSiSJk8dvqvwhJ/Tgy6XW/+NEl1cAQtjwOKbDVGcSEuENRQECrAUPY6G
vColyjN3bou9yafZPYMir6qh1REch6sWyt3XeI49Q/kmI9VC6DffrGaxo1SVkVxX
XHotmyyHR/lRq6B4tjkKVoghsOVD6PRpgOGKLi/jKbfuDJTI2G+RVoVZlMk4OkFP
UUIJ01AjXEmujG7iGvZstR+vsXCwircG23QdPUA5RHVLwes9KnbXHaVLSVhx+HO3
iQ8eEK4s/Nfi892cZ2NKsZYJY2J2gbB/w+8UYCC4z2mTwgBUw/dCQX4HAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAYC1/CFMQ9liwZSw4EIKkG9qaS5MB8GA1UdIwQY
MBaAFAMk0Wl37uL1i+sbt6ovSy+hq/xIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXlUUmFYZnU0dldMNnh1M3FpOUxMNkdyX0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS80NTc4YTYtMWExYy00OTQ0LWE3NzMt
YzI1ZDdmY2EwMDM3LzEvQmdMWDhJVXhEMldMQmxMRGdRZ3FRYjJwcExrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS80NTc4YTYtMWExYy00OTQ0LWE3NzMtYzI1ZDdmY2EwMDM3
LzEvQXlUUmFYZnU0dldMNnh1M3FpOUxMNkdyX0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDThjoMA0G
CSqGSIb3DQEBCwUAA4IBAQBrCGVWKAheeJmhV4BNLQ+J3MLUEg5ipIXZAgOGIM7v
2RIBMqFknwiGsSSiQiHhNRU99XYprz1A/Zp2jCpns8uDpfSWv7e3hdhae4AmyBAE
a4Elguu8YviSsQrWviMQV1Llj51WNn2QErBz6f8posvc0/y1eN3KdIB6vklb5iEr
ZHgrbw5dNPp6rn1aUesgeiKHISSJcEYn3Py3D1IZYc5IWOT4lSlRkJb/0ZO46/ZZ
L3SAltM0Y9wOfKX9z2Pbxjs4izzHs4JpxQ+JacrcV0hb4qaRc0YGSgXRoK/74GRw
wYbVgrZ5qOvcKBQhMB4rK6gvOSzpEDRvGnZRdfAD1o3/
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:26:10 2025 by rpki-client