Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/7e28ee-c65d-4529-a47b-48633d718590/1/08K0a2HNKqIwbqtZcPcr7k1KCss.roa
File: 08K0a2HNKqIwbqtZcPcr7k1KCss.roa (raw, json)
Hash identifier: wFnaKmpoT8HbD2vsjNNQ9PTQV8qaG+jPn/toWAoUdOE=
Subject key identifier: D3:C2:B4:6B:61:CD:2A:A2:30:6E:AB:59:70:F7:2B:EE:4D:4A:0A:CB
Certificate issuer: /CN=bf107e07952c069358cd3f82aaeceb4c69483ca9
Certificate serial: 01856F66E715C2E1D7F6D47A0AE009C4F2C7
Authority key identifier: BF:10:7E:07:95:2C:06:93:58:CD:3F:82:AA:EC:EB:4C:69:48:3C:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vxB-B5UsBpNYzT-CquzrTGlIPKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/7e28ee-c65d-4529-a47b-48633d718590/1/08K0a2HNKqIwbqtZcPcr7k1KCss.roa
Signing time: Sun 01 Jan 2023 22:14:52 +0000
ROA not before: Sun 01 Jan 2023 22:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202829
IP address blocks: 151.248.20.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:e7:15:c2:e1:d7:f6:d4:7a:0a:e0:09:c4:f2:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf107e07952c069358cd3f82aaeceb4c69483ca9
Validity
Not Before: Jan 1 22:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d3c2b46b61cd2aa2306eab5970f72bee4d4a0acb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:12:9a:3a:84:b6:85:49:54:5e:40:53:88:ce:
9d:25:e2:28:00:b1:b7:ab:03:45:dd:0b:03:f8:41:
3a:4e:9c:e6:69:52:6e:77:ee:3d:47:02:5f:85:d0:
3e:0d:28:10:ac:9e:36:0d:89:55:8b:bc:63:35:70:
bf:c2:09:94:87:7c:62:26:33:32:1c:a3:e3:86:8a:
12:23:2b:a8:ef:8a:60:65:ce:36:6b:07:7c:20:8f:
a0:c7:d3:d0:0b:87:45:1e:a6:97:95:eb:b0:9a:b9:
57:4d:4e:89:5f:87:98:42:b5:9b:40:6f:51:1d:19:
8a:43:b0:c6:ee:fa:09:40:6f:0c:d7:d3:63:7c:07:
61:22:d5:be:94:c5:9f:dc:c8:63:af:33:7e:0e:1b:
59:73:2b:0a:48:a3:40:2f:54:1d:cc:c7:ce:fe:aa:
d1:ff:19:c7:de:b1:fd:b9:45:c5:d0:99:30:9b:9b:
ff:57:ce:ca:66:f6:ca:fa:72:c9:8c:53:ae:66:23:
c9:bd:8a:a5:08:09:aa:2f:2b:46:fd:a4:c4:64:91:
a4:b7:25:c0:85:94:24:07:d5:3f:62:3a:aa:25:e3:
22:3c:5b:4c:58:61:ec:16:f9:22:38:f7:e5:10:77:
b1:e3:f0:04:a4:23:5a:09:19:cb:23:67:6f:62:96:
7c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:C2:B4:6B:61:CD:2A:A2:30:6E:AB:59:70:F7:2B:EE:4D:4A:0A:CB
X509v3 Authority Key Identifier:
keyid:BF:10:7E:07:95:2C:06:93:58:CD:3F:82:AA:EC:EB:4C:69:48:3C:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vxB-B5UsBpNYzT-CquzrTGlIPKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/7e28ee-c65d-4529-a47b-48633d718590/1/08K0a2HNKqIwbqtZcPcr7k1KCss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/7e28ee-c65d-4529-a47b-48633d718590/1/vxB-B5UsBpNYzT-CquzrTGlIPKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.248.20.0/22
Signature Algorithm: sha256WithRSAEncryption
39:6c:d2:e6:22:7d:8a:ad:97:7d:4a:2d:22:c7:ec:37:4e:1f:
46:b7:e0:16:df:ce:fb:7e:7a:5e:0d:be:c4:7a:dc:74:04:c7:
26:86:98:62:5f:03:23:74:37:3b:c7:af:2f:b9:e3:98:f0:aa:
bd:0b:25:33:7c:42:d1:bb:b8:86:d9:09:fe:b6:41:1d:ed:d9:
99:a2:9a:08:23:41:9a:a4:6c:3f:b5:a0:65:c8:d9:fd:45:01:
b8:6d:d1:70:5b:33:a2:03:21:33:cb:7f:be:9a:75:8a:d2:fa:
8f:c3:3e:dd:db:e2:e1:e4:4a:70:fb:bc:3f:c1:35:c3:fb:22:
82:e6:d9:cc:41:b9:11:0d:ef:35:0f:a3:7c:b4:0a:4a:fb:3a:
59:60:36:12:95:a4:d8:82:5c:5d:cd:81:8b:7d:7a:c4:f4:de:
5c:3a:d7:16:d6:4d:7a:af:74:b0:fe:60:47:e2:c5:41:bd:4e:
95:ff:a8:ab:f8:fb:29:cf:33:9e:69:15:2f:40:4b:c1:36:d7:
3d:17:ff:e8:0b:69:09:7e:6e:53:62:93:ad:f7:cd:d8:a5:ff:
53:77:e3:d0:21:74:bd:a6:30:20:4a:78:4f:75:61:30:48:ad:
b4:b2:65:ed:d8:c1:d5:c4:45:32:80:09:71:db:74:e4:f4:77:
24:a0:46:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvZucVwuHX9tR6CuAJxPLHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmMTA3ZTA3OTUyYzA2OTM1OGNkM2Y4MmFhZWNlYjRjNjk0
ODNjYTkwHhcNMjMwMTAxMjIxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2MyYjQ2YjYxY2QyYWEyMzA2ZWFiNTk3MGY3MmJlZTRkNGEwYWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhKaOoS2hUlUXkBTiM6dJeIoALG3
qwNF3QsD+EE6TpzmaVJud+49RwJfhdA+DSgQrJ42DYlVi7xjNXC/wgmUh3xiJjMy
HKPjhooSIyuo74pgZc42awd8II+gx9PQC4dFHqaXleuwmrlXTU6JX4eYQrWbQG9R
HRmKQ7DG7voJQG8M19NjfAdhItW+lMWf3MhjrzN+DhtZcysKSKNAL1QdzMfO/qrR
/xnH3rH9uUXF0Jkwm5v/V87KZvbK+nLJjFOuZiPJvYqlCAmqLytG/aTEZJGktyXA
hZQkB9U/YjqqJeMiPFtMWGHsFvkiOPflEHex4/AEpCNaCRnLI2dvYpZ8aQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNPCtGthzSqiMG6rWXD3K+5NSgrLMB8GA1UdIwQY
MBaAFL8QfgeVLAaTWM0/gqrs60xpSDypMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnhCLUI1VXNCcE5ZelQtQ3F1enJUR2xJUEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi83ZTI4ZWUtYzY1ZC00NTI5LWE0N2It
NDg2MzNkNzE4NTkwLzEvMDhLMGEySE5LcUl3YnF0WmNQY3I3azFLQ3NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi83ZTI4ZWUtYzY1ZC00NTI5LWE0N2ItNDg2MzNkNzE4NTkw
LzEvdnhCLUI1VXNCcE5ZelQtQ3F1enJUR2xJUEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCl/gUMA0G
CSqGSIb3DQEBCwUAA4IBAQA5bNLmIn2KrZd9Si0ix+w3Th9Gt+AW3877fnpeDb7E
etx0BMcmhphiXwMjdDc7x68vueOY8Kq9CyUzfELRu7iG2Qn+tkEd7dmZopoII0Ga
pGw/taBlyNn9RQG4bdFwWzOiAyEzy3++mnWK0vqPwz7d2+Lh5Epw+7w/wTXD+yKC
5tnMQbkRDe81D6N8tApK+zpZYDYSlaTYglxdzYGLfXrE9N5cOtcW1k16r3Sw/mBH
4sVBvU6V/6ir+PspzzOeaRUvQEvBNtc9F//oC2kJfm5TYpOt983Ypf9Td+PQIXS9
pjAgSnhPdWEwSK20smXt2MHVxEUygAlx23Tk9HckoEYN
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:16 2025 by rpki-client