Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/54e912-b503-454c-a433-4def57365169/1/BnIQrtPMRGY2O06D3dVH-qcBcI8.roa
File: BnIQrtPMRGY2O06D3dVH-qcBcI8.roa (raw, json)
Hash identifier: CSjd5/6RTpV4MRNfNw+s2gx/gsQssr8gs3Koq47Kgn8=
Subject key identifier: 06:72:10:AE:D3:CC:44:66:36:3B:4E:83:DD:D5:47:FA:A7:01:70:8F
Certificate issuer: /CN=7a0bcdee8ce839c4d20413c862423cca04fdc60a
Certificate serial: 018AF18EA685B52B5A217A3797F7AA54A823
Authority key identifier: 7A:0B:CD:EE:8C:E8:39:C4:D2:04:13:C8:62:42:3C:CA:04:FD:C6:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/egvN7ozoOcTSBBPIYkI8ygT9xgo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/54e912-b503-454c-a433-4def57365169/1/BnIQrtPMRGY2O06D3dVH-qcBcI8.roa
Signing time: Mon 02 Oct 2023 18:02:52 +0000
ROA not before: Mon 02 Oct 2023 18:02:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48940
IP address blocks: 84.23.51.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f1:8e:a6:85:b5:2b:5a:21:7a:37:97:f7:aa:54:a8:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a0bcdee8ce839c4d20413c862423cca04fdc60a
Validity
Not Before: Oct 2 18:02:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=067210aed3cc4466363b4e83ddd547faa701708f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:72:5e:18:9a:b7:98:c8:f6:14:1b:50:53:d9:
b7:96:7f:24:2b:ff:f2:43:55:b6:81:11:9d:83:e4:
ce:bd:74:ab:93:40:df:0a:b6:ab:45:cd:1c:82:51:
cd:76:bd:bf:6a:e6:9f:05:01:44:0a:0d:fa:23:10:
13:3a:27:15:ce:ce:cf:b8:13:ec:4a:a1:81:46:0a:
c6:31:8d:8b:ff:4a:2a:32:c1:52:82:2a:ec:80:83:
39:51:68:3c:80:4c:7f:22:09:ef:68:e6:e2:c3:b1:
bb:c2:aa:ca:19:cc:c4:cc:23:3e:ea:97:19:84:00:
09:b0:a4:b4:d5:79:68:97:70:9f:d3:d0:da:a0:b7:
93:8d:9e:53:e5:ec:d6:d8:9c:be:85:b2:51:b0:c0:
4d:f6:39:51:bd:93:67:6d:67:30:c0:86:4a:fb:b1:
ee:19:1c:6b:d8:ef:78:dc:e0:fe:02:43:b0:a8:1a:
6b:5c:63:92:0a:3d:c4:81:9e:37:97:48:8e:4e:49:
3d:76:6f:eb:a0:4a:e5:6b:a1:f0:e1:45:9f:d3:66:
03:92:a7:94:54:18:4a:53:09:f0:98:7c:7f:4f:5b:
fd:83:56:ab:35:16:36:07:e7:fa:ff:bf:52:f7:5a:
3e:85:46:fd:96:6b:65:04:53:9e:cf:00:b7:a9:c4:
48:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:72:10:AE:D3:CC:44:66:36:3B:4E:83:DD:D5:47:FA:A7:01:70:8F
X509v3 Authority Key Identifier:
keyid:7A:0B:CD:EE:8C:E8:39:C4:D2:04:13:C8:62:42:3C:CA:04:FD:C6:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/egvN7ozoOcTSBBPIYkI8ygT9xgo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/54e912-b503-454c-a433-4def57365169/1/BnIQrtPMRGY2O06D3dVH-qcBcI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/54e912-b503-454c-a433-4def57365169/1/egvN7ozoOcTSBBPIYkI8ygT9xgo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.23.51.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:51:ff:0a:d4:29:38:9d:dd:32:4e:6b:a9:92:5f:bf:13:bb:
29:0d:ba:15:95:fd:fa:4c:b8:11:42:c1:90:92:09:ee:e4:58:
e9:0d:ff:05:cf:5c:da:04:88:c4:2f:30:fc:0c:8b:bd:b7:c1:
f8:0a:4c:6a:16:a5:91:c1:32:2c:71:44:c6:57:31:c7:9b:8d:
3f:6e:af:81:68:f2:e1:79:4b:6a:8c:8f:37:14:7b:c3:7e:a3:
93:09:b8:2d:07:e2:39:1d:20:47:ca:06:f2:53:22:d4:58:83:
5b:ba:25:73:37:33:2e:b9:e8:98:9b:ac:31:e5:26:68:d5:0d:
36:be:0f:60:23:96:8a:8d:a8:e3:f1:8f:6a:95:d1:59:ff:38:
a0:a4:1e:84:69:72:09:e6:4c:c6:0f:59:32:11:44:a4:0f:35:
b8:aa:44:1d:58:9c:5a:1d:f3:90:b1:ae:f3:8c:3b:ee:26:0f:
8e:d4:67:c5:e2:f4:cd:b9:f8:fa:7f:fb:69:5d:c4:4a:aa:fb:
04:22:6d:51:f5:f7:29:23:5e:d4:f1:8c:92:05:cd:98:a1:ba:
9c:9c:9e:e2:b0:97:8d:11:c7:82:23:05:67:0b:b4:52:c7:0a:
3b:f1:4c:00:0d:bd:c9:9f:96:bb:85:08:48:a5:c1:b9:0d:ce:
01:49:4d:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrxjqaFtStaIXo3l/eqVKgjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMGJjZGVlOGNlODM5YzRkMjA0MTNjODYyNDIzY2NhMDRm
ZGM2MGEwHhcNMjMxMDAyMTgwMjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjcyMTBhZWQzY2M0NDY2MzYzYjRlODNkZGQ1NDdmYWE3MDE3MDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHJeGJq3mMj2FBtQU9m3ln8kK//y
Q1W2gRGdg+TOvXSrk0DfCrarRc0cglHNdr2/auafBQFECg36IxATOicVzs7PuBPs
SqGBRgrGMY2L/0oqMsFSgirsgIM5UWg8gEx/IgnvaObiw7G7wqrKGczEzCM+6pcZ
hAAJsKS01Xlol3Cf09DaoLeTjZ5T5ezW2Jy+hbJRsMBN9jlRvZNnbWcwwIZK+7Hu
GRxr2O943OD+AkOwqBprXGOSCj3EgZ43l0iOTkk9dm/roErla6Hw4UWf02YDkqeU
VBhKUwnwmHx/T1v9g1arNRY2B+f6/79S91o+hUb9lmtlBFOezwC3qcRIfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAZyEK7TzERmNjtOg93VR/qnAXCPMB8GA1UdIwQY
MBaAFHoLze6M6DnE0gQTyGJCPMoE/cYKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWd2Tjdvem9PY1RTQkJQSVlrSTh5Z1Q5eGdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81NGU5MTItYjUwMy00NTRjLWE0MzMt
NGRlZjU3MzY1MTY5LzEvQm5JUXJ0UE1SR1kyTzA2RDNkVkgtcWNCY0k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81NGU5MTItYjUwMy00NTRjLWE0MzMtNGRlZjU3MzY1MTY5
LzEvZWd2Tjdvem9PY1RTQkJQSVlrSTh5Z1Q5eGdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVBczMA0G
CSqGSIb3DQEBCwUAA4IBAQB6Uf8K1Ck4nd0yTmupkl+/E7spDboVlf36TLgRQsGQ
kgnu5FjpDf8Fz1zaBIjELzD8DIu9t8H4CkxqFqWRwTIscUTGVzHHm40/bq+BaPLh
eUtqjI83FHvDfqOTCbgtB+I5HSBHygbyUyLUWINbuiVzNzMuueiYm6wx5SZo1Q02
vg9gI5aKjajj8Y9qldFZ/zigpB6EaXIJ5kzGD1kyEUSkDzW4qkQdWJxaHfOQsa7z
jDvuJg+O1GfF4vTNufj6f/tpXcRKqvsEIm1R9fcpI17U8YySBc2YobqcnJ7isJeN
EceCIwVnC7RSxwo78UwADb3Jn5a7hQhIpcG5Dc4BSU0s
-----END CERTIFICATE-----
Generated at Wed Apr 9 21:18:34 2025 by rpki-client