Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/88e482-8277-4280-9f5b-8144b140edf9/1/BWjkBjv6n75EUNSxUFSHcKoPCBA.roa
File: BWjkBjv6n75EUNSxUFSHcKoPCBA.roa (raw, json)
Hash identifier: 8zs+vopp0yQfbGrRZcjC22gwbXa5vXn9O/gO/G4fsks=
Subject key identifier: 05:68:E4:06:3B:FA:9F:BE:44:50:D4:B1:50:54:87:70:AA:0F:08:10
Certificate issuer: /CN=30d66b66a3982d20a81ef201dc755ed3353b16a4
Certificate serial: F72A14
Authority key identifier: 30:D6:6B:66:A3:98:2D:20:A8:1E:F2:01:DC:75:5E:D3:35:3B:16:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MNZrZqOYLSCoHvIB3HVe0zU7FqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/88e482-8277-4280-9f5b-8144b140edf9/1/BWjkBjv6n75EUNSxUFSHcKoPCBA.roa
Signing time: Sat 01 Jan 2022 05:57:25 +0000
ROA not before: Sat 01 Jan 2022 05:57:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197770
IP address blocks: 194.9.58.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16198164 (0xf72a14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30d66b66a3982d20a81ef201dc755ed3353b16a4
Validity
Not Before: Jan 1 05:57:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0568e4063bfa9fbe4450d4b150548770aa0f0810
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ce:fe:77:dd:21:8d:33:05:7c:51:c9:1b:88:
de:0a:02:ef:98:2b:e2:76:b6:c1:fc:ac:8f:58:98:
ad:26:0f:31:ae:df:19:b4:0f:cf:d1:28:7a:6f:ec:
f9:c2:0c:a7:27:25:2c:fa:cd:15:2e:f4:c3:16:8f:
14:fd:8d:71:d1:10:cf:92:76:ba:8b:89:6b:fe:1d:
ed:1d:6d:05:e9:62:30:0f:18:97:df:82:32:5f:9b:
a6:5f:fa:50:6c:2c:60:4e:e3:6b:18:26:9d:a3:86:
ab:38:f9:2c:1a:ab:45:2b:67:3c:79:f9:14:23:9e:
d1:e0:e3:e9:0f:a4:2b:ad:98:5b:79:45:b1:dd:d6:
ab:f4:94:26:b6:47:ed:6b:04:2d:73:32:88:ae:a1:
1d:b1:44:cc:9c:d9:62:81:0f:40:28:d1:ce:45:f3:
50:e9:41:07:d6:70:5e:45:63:fa:35:12:11:8d:0c:
f4:1f:f8:9b:f8:b7:ed:16:bf:0a:f3:ad:09:89:b5:
8d:07:d0:10:23:34:61:72:14:b5:e0:14:9b:fc:bc:
ab:fb:6d:b2:1d:86:b7:87:09:72:8c:a6:6d:03:05:
20:54:a8:f1:85:39:35:8c:53:4e:13:e2:12:81:2c:
bd:2d:30:4f:de:9c:2d:4b:69:d7:70:1a:e2:06:3b:
59:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:68:E4:06:3B:FA:9F:BE:44:50:D4:B1:50:54:87:70:AA:0F:08:10
X509v3 Authority Key Identifier:
keyid:30:D6:6B:66:A3:98:2D:20:A8:1E:F2:01:DC:75:5E:D3:35:3B:16:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MNZrZqOYLSCoHvIB3HVe0zU7FqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/88e482-8277-4280-9f5b-8144b140edf9/1/BWjkBjv6n75EUNSxUFSHcKoPCBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/88e482-8277-4280-9f5b-8144b140edf9/1/MNZrZqOYLSCoHvIB3HVe0zU7FqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.9.58.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:a8:10:0d:7a:00:6d:e7:51:78:65:0c:dd:55:da:6c:bb:7d:
62:d2:2c:2d:a9:e6:81:1e:5e:14:ae:cd:0d:39:32:20:77:5f:
55:e3:13:bc:10:8f:29:5a:a1:7c:50:70:a3:f5:d7:29:0a:e6:
17:f0:20:b7:9b:d9:c0:10:09:07:9c:88:79:b4:38:62:e3:a5:
99:9f:0f:74:0f:2c:a6:06:e0:13:43:09:46:01:c4:18:98:b3:
0d:ce:72:7c:c2:3e:81:11:40:dd:44:51:75:48:20:52:96:08:
78:94:0c:4d:f6:8f:ec:b2:5e:70:93:54:e3:d0:bc:f2:91:bd:
70:f6:9a:6a:bb:3d:89:a1:d6:43:95:94:73:d8:71:eb:b1:73:
79:5f:79:a0:ee:35:0d:81:aa:96:44:a7:de:83:80:c6:ca:df:
dd:74:fa:4a:5b:8e:4f:77:ac:17:13:f1:ec:16:cb:56:1d:d4:
75:44:3c:ff:1b:20:75:42:5d:0a:b0:09:8e:ee:2d:f6:c2:95:
66:9b:32:a3:c2:9d:a6:40:be:7e:14:f0:e3:37:23:74:51:fb:
3e:20:9c:a2:d5:e0:69:40:f4:99:9d:40:39:74:de:2d:f5:a9:
8b:96:bb:07:67:1c:2b:63:88:7c:4e:44:75:27:e9:4f:b3:db:
f8:2a:a5:19
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAPcqFDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MGQ2NmI2NmEzOTgyZDIwYTgxZWYyMDFkYzc1NWVkMzM1M2IxNmE0MB4XDTIyMDEw
MTA1NTcyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDU2OGU0MDYzYmZh
OWZiZTQ0NTBkNGIxNTA1NDg3NzBhYTBmMDgxMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKHO/nfdIY0zBXxRyRuI3goC75gr4na2wfysj1iYrSYPMa7f
GbQPz9Eoem/s+cIMpyclLPrNFS70wxaPFP2NcdEQz5J2uouJa/4d7R1tBeliMA8Y
l9+CMl+bpl/6UGwsYE7jaxgmnaOGqzj5LBqrRStnPHn5FCOe0eDj6Q+kK62YW3lF
sd3Wq/SUJrZH7WsELXMyiK6hHbFEzJzZYoEPQCjRzkXzUOlBB9ZwXkVj+jUSEY0M
9B/4m/i37Ra/CvOtCYm1jQfQECM0YXIUteAUm/y8q/ttsh2Gt4cJcoymbQMFIFSo
8YU5NYxTThPiEoEsvS0wT96cLUtp13Aa4gY7WX8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQFaOQGO/qfvkRQ1LFQVIdwqg8IEDAfBgNVHSMEGDAWgBQw1mtmo5gtIKge
8gHcdV7TNTsWpDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01OWnJacU9ZTFNDb0h2SUIzSFZlMHpVN0ZxUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDQvODhlNDgyLTgyNzctNDI4MC05ZjViLTgxNDRiMTQwZWRmOS8x
L0JXamtCanY2bjc1RVVOU3hVRlNIY0tvUENCQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQv
ODhlNDgyLTgyNzctNDI4MC05ZjViLTgxNDRiMTQwZWRmOS8xL01OWnJacU9ZTFND
b0h2SUIzSFZlMHpVN0ZxUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcIJOjANBgkqhkiG9w0BAQsFAAOC
AQEAG6gQDXoAbedReGUM3VXabLt9YtIsLanmgR5eFK7NDTkyIHdfVeMTvBCPKVqh
fFBwo/XXKQrmF/Agt5vZwBAJB5yIebQ4YuOlmZ8PdA8spgbgE0MJRgHEGJizDc5y
fMI+gRFA3URRdUggUpYIeJQMTfaP7LJecJNU49C88pG9cPaaars9iaHWQ5WUc9hx
67FzeV95oO41DYGqlkSn3oOAxsrf3XT6SluOT3esFxPx7BbLVh3UdUQ8/xsgdUJd
CrAJju4t9sKVZpsyo8KdpkC+fhTw4zcjdFH7PiCcotXgaUD0mZ1AOXTeLfWpi5a7
B2ccK2OIfE5EdSfpT7Pb+CqlGQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:57 2023 by rpki-client on console-ams.rpki-client.org