Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/bfWfVCIooc57JgdYtOBkuAW8akM.roa
File: bfWfVCIooc57JgdYtOBkuAW8akM.roa (raw, json)
Hash identifier: 2QoRhJL+7kFvsu01+7EbJWNYzwKYmspbkkv55tGzNfg=
Subject key identifier: 6D:F5:9F:54:22:28:A1:CE:7B:26:07:58:B4:E0:64:B8:05:BC:6A:43
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 099B3624
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/bfWfVCIooc57JgdYtOBkuAW8akM.roa
Signing time: Sat 01 Jan 2022 05:04:10 +0000
ROA not before: Sat 01 Jan 2022 05:04:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200845
IP address blocks: 185.25.197.0/24 maxlen: 24
31.14.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 161166884 (0x99b3624)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 1 05:04:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6df59f542228a1ce7b260758b4e064b805bc6a43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:98:ca:00:c2:42:57:0c:07:5f:7c:8f:ba:bf:
cc:17:b9:79:3a:ce:12:d7:8e:d3:1c:5e:87:26:e6:
99:a8:4a:83:aa:27:50:de:93:65:e4:0f:8e:ed:98:
23:2e:d3:5a:5e:76:67:43:90:09:0f:09:3b:5d:31:
86:00:df:ff:f1:1e:77:d3:08:0d:70:3d:fd:cf:0f:
76:3f:f9:fa:43:38:f3:0c:be:43:a4:f2:54:10:72:
8d:af:03:5a:0b:92:92:48:4b:2c:61:83:41:a1:5d:
76:dc:7c:a7:6a:9e:b7:dc:13:13:9b:eb:6c:6e:62:
b3:34:ce:8f:7e:e7:f2:98:33:62:d4:99:f7:3a:a6:
07:d4:64:49:7b:b8:6d:71:9b:d5:eb:22:ad:a7:f5:
d8:82:70:98:7b:5c:8e:99:41:40:f1:23:0d:b4:d5:
2e:d2:e9:f9:81:d5:7e:22:35:ec:8b:73:3a:a4:c8:
73:45:42:65:ff:a3:7c:5f:b9:dd:9f:47:1e:cd:6b:
b4:68:95:14:94:b4:a7:f0:95:2e:ee:61:92:53:66:
84:ce:00:81:e1:02:b5:f5:04:4d:b0:70:ed:0b:cd:
55:86:11:ff:fa:e3:c4:fd:41:73:2f:05:0d:d2:f0:
5a:3d:5c:fb:51:64:31:54:76:62:ec:2c:4b:e3:2c:
2f:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:F5:9F:54:22:28:A1:CE:7B:26:07:58:B4:E0:64:B8:05:BC:6A:43
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/bfWfVCIooc57JgdYtOBkuAW8akM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.207.0/24
185.25.197.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:2f:ba:72:91:79:04:8f:42:27:01:5e:31:3c:73:52:67:9c:
b1:ed:ea:40:12:4f:04:23:bd:f8:ed:97:d9:55:9a:33:8d:84:
c3:9d:28:4f:8a:1f:00:ea:f4:df:c8:2f:dd:a6:d2:1c:4a:cc:
49:4e:3c:16:bf:41:ce:ff:99:f1:5e:23:98:18:e3:5d:ff:46:
5b:32:46:d6:33:65:12:06:8a:89:04:eb:4c:01:87:3a:8e:4e:
21:0a:ad:e1:20:ad:c0:0f:56:12:4c:f1:e5:78:c0:c2:49:26:
e0:a0:fd:b8:a7:9e:c4:cb:27:c5:59:7e:4c:98:3c:9a:af:4d:
a9:4e:82:6f:99:ca:e0:cb:c9:06:b6:bf:da:aa:20:c8:f3:1f:
ec:a3:55:72:99:ca:e2:26:f4:09:9e:a4:bd:f0:2a:a5:d5:19:
53:1e:34:1f:57:f2:61:a6:42:dd:39:80:07:b3:cd:92:3f:2b:
90:ea:ed:75:c3:11:7f:8a:4b:9a:7c:6e:5e:42:39:18:50:da:
e5:91:6c:40:e7:b9:af:55:51:a6:50:b0:f9:17:26:03:6a:1f:
36:6d:a5:14:df:da:3b:c6:b5:b6:29:68:e2:84:c9:a4:b5:da:
6c:a5:7a:05:77:73:05:cf:09:54:56:61:59:d0:6e:1f:9b:b3:
2d:67:7c:9e
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECZs2JDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YWFmMTdiMDAxNWRiYjdjZDk5MmYyNmNkZmYwMWM0ZTI2MjBiNzNlMB4XDTIyMDEw
MTA1MDQxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmRmNTlmNTQyMjI4
YTFjZTdiMjYwNzU4YjRlMDY0YjgwNWJjNmE0MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOKYygDCQlcMB198j7q/zBe5eTrOEteO0xxehybmmahKg6on
UN6TZeQPju2YIy7TWl52Z0OQCQ8JO10xhgDf//Eed9MIDXA9/c8Pdj/5+kM48wy+
Q6TyVBByja8DWguSkkhLLGGDQaFddtx8p2qet9wTE5vrbG5iszTOj37n8pgzYtSZ
9zqmB9RkSXu4bXGb1esiraf12IJwmHtcjplBQPEjDbTVLtLp+YHVfiI17ItzOqTI
c0VCZf+jfF+53Z9HHs1rtGiVFJS0p/CVLu5hklNmhM4AgeECtfUETbBw7QvNVYYR
//rjxP1Bcy8FDdLwWj1c+1FkMVR2YuwsS+MsL0sCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRt9Z9UIiihznsmB1i04GS4BbxqQzAfBgNVHSMEGDAWgBTarxewAV27fNmS
8mzf8BxOJiC3PjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJxOFhzQUZkdTN6Wmt2SnMzX0FjVGlZZ3R6NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDUvYzg5NzNjLTNjZmEtNDYwNC04MTEwLWNmMDZkMTk4M2JhMS8x
L2JmV2ZWQ0lvb2M1N0pnZFl0T0JrdUFXOGFrTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUv
Yzg5NzNjLTNjZmEtNDYwNC04MTEwLWNmMDZkMTk4M2JhMS8xLzJxOFhzQUZkdTN6
Wmt2SnMzX0FjVGlZZ3R6NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAB8OzwMEALkZxTANBgkqhkiG9w0B
AQsFAAOCAQEATi+6cpF5BI9CJwFeMTxzUmecse3qQBJPBCO9+O2X2VWaM42Ew50o
T4ofAOr038gv3abSHErMSU48Fr9Bzv+Z8V4jmBjjXf9GWzJG1jNlEgaKiQTrTAGH
Oo5OIQqt4SCtwA9WEkzx5XjAwkkm4KD9uKeexMsnxVl+TJg8mq9NqU6Cb5nK4MvJ
Bra/2qogyPMf7KNVcpnK4ib0CZ6kvfAqpdUZUx40H1fyYaZC3TmAB7PNkj8rkOrt
dcMRf4pLmnxuXkI5GFDa5ZFsQOe5r1VRplCw+RcmA2ofNm2lFN/aO8a1tilo4oTJ
pLXabKV6BXdzBc8JVFZhWdBuH5uzLWd8ng==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:02 2023 by rpki-client on console-ams.rpki-client.org