Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/3587eb-ebd4-40ab-a19b-22920565cda4/1/BSgPYT348m5VElg8qfpHyVRbuvc.roa
File: BSgPYT348m5VElg8qfpHyVRbuvc.roa (raw, json)
Hash identifier: x/duh2CGrqcL+UJWuFd3v/d8fYYIpuoc//gFjoWY6sk=
Subject key identifier: 05:28:0F:61:3D:F8:F2:6E:55:12:58:3C:A9:FA:47:C9:54:5B:BA:F7
Certificate issuer: /CN=d50cda48c35e54eb802575aaa408cce579927216
Certificate serial: 018C4A2AAFE551006C3D9A29E612D0416684
Authority key identifier: D5:0C:DA:48:C3:5E:54:EB:80:25:75:AA:A4:08:CC:E5:79:92:72:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1QzaSMNeVOuAJXWqpAjM5XmSchY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/3587eb-ebd4-40ab-a19b-22920565cda4/1/BSgPYT348m5VElg8qfpHyVRbuvc.roa
Signing time: Fri 08 Dec 2023 16:02:40 +0000
ROA not before: Fri 08 Dec 2023 16:02:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 396982
IP address blocks: 217.12.224.0/22 maxlen: 28
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:4a:2a:af:e5:51:00:6c:3d:9a:29:e6:12:d0:41:66:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d50cda48c35e54eb802575aaa408cce579927216
Validity
Not Before: Dec 8 16:02:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05280f613df8f26e5512583ca9fa47c9545bbaf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:b1:01:95:3a:82:96:8b:a7:e9:70:ee:cc:52:
ec:fe:fe:98:44:de:e6:8a:e5:10:dc:f9:3d:da:a1:
7c:fc:bd:76:b5:c0:be:91:e0:af:79:d3:f3:71:c8:
a4:83:20:a0:14:8c:25:ee:5c:47:8b:30:f6:8d:ab:
ee:aa:64:f2:9f:4f:00:85:57:82:6f:49:b3:7f:7a:
00:aa:82:e1:84:a6:f4:fe:da:90:d0:1f:e7:57:2f:
c5:29:4b:47:8c:60:47:ff:e6:46:f0:00:60:d6:33:
e5:c6:48:a0:90:6f:0a:ae:88:ef:56:39:db:37:d3:
25:8b:c9:e1:a7:4e:d1:84:57:06:2a:13:88:75:5e:
bc:55:9b:cd:36:ff:80:47:0c:9a:af:31:10:81:5f:
2b:3d:ad:a7:f5:b3:7c:35:48:13:fa:a4:d8:9f:30:
fb:41:3a:4e:05:c7:57:de:af:96:50:06:b6:36:2b:
87:e3:c4:ae:de:59:b3:e9:e9:13:66:79:05:dc:73:
11:92:3d:d2:f8:62:a6:b9:2b:a2:ac:c7:fc:38:b1:
6f:c7:5b:e1:2a:da:98:ba:25:de:51:2c:94:2d:93:
2d:db:a6:a3:b2:cd:7c:4a:46:7e:88:0d:b2:8e:e4:
9d:37:51:09:7f:29:5d:98:d3:b2:00:3a:80:66:cf:
22:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:28:0F:61:3D:F8:F2:6E:55:12:58:3C:A9:FA:47:C9:54:5B:BA:F7
X509v3 Authority Key Identifier:
keyid:D5:0C:DA:48:C3:5E:54:EB:80:25:75:AA:A4:08:CC:E5:79:92:72:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1QzaSMNeVOuAJXWqpAjM5XmSchY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/3587eb-ebd4-40ab-a19b-22920565cda4/1/BSgPYT348m5VElg8qfpHyVRbuvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/3587eb-ebd4-40ab-a19b-22920565cda4/1/1QzaSMNeVOuAJXWqpAjM5XmSchY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.12.224.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:93:6d:25:ad:4b:de:48:08:5b:cf:16:d1:7a:4c:f0:3f:97:
b9:3f:7a:99:91:be:02:33:f0:b3:d3:4b:c4:ee:22:1b:de:b7:
f0:a8:48:46:cf:25:f4:45:e4:b0:0f:7d:a2:92:a7:2a:56:2d:
0e:dc:c4:f7:d1:50:a0:51:52:2a:0f:54:5a:73:51:85:c4:76:
29:41:d0:10:88:5e:e2:e1:53:79:22:59:6b:dc:62:6c:4b:f7:
4b:28:b1:bb:3c:91:5c:79:1d:49:4a:6c:87:d4:76:09:3c:07:
e1:fa:b8:fa:44:3f:50:c8:82:a3:d5:b1:9e:1f:e9:fd:31:96:
f3:c7:8d:e5:ee:b6:e1:61:9d:a3:9a:f8:69:9a:b2:6b:76:4d:
c5:ef:cf:73:49:21:20:1a:ab:40:98:bd:c7:b6:69:09:14:50:
4e:90:6e:6c:9a:f3:fd:55:ab:95:39:a8:12:ae:15:e9:5a:8b:
09:6e:f1:62:9d:d0:0f:f5:15:8f:d1:ea:26:45:74:b9:13:d9:
cb:f1:a3:62:41:65:a4:a4:9d:16:dc:11:a6:73:c1:d5:22:a0:
35:1e:7f:e0:f2:a8:44:61:00:c2:a2:d3:a0:8e:35:f7:da:42:
8a:e0:3d:81:57:43:20:99:2e:4e:76:ed:aa:44:a0:53:f6:fe:
95:05:20:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxKKq/lUQBsPZop5hLQQWaEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MGNkYTQ4YzM1ZTU0ZWI4MDI1NzVhYWE0MDhjY2U1Nzk5
MjcyMTYwHhcNMjMxMjA4MTYwMjQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTI4MGY2MTNkZjhmMjZlNTUxMjU4M2NhOWZhNDdjOTU0NWJiYWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrEBlTqCloun6XDuzFLs/v6YRN7m
iuUQ3Pk92qF8/L12tcC+keCvedPzccikgyCgFIwl7lxHizD2javuqmTyn08AhVeC
b0mzf3oAqoLhhKb0/tqQ0B/nVy/FKUtHjGBH/+ZG8ABg1jPlxkigkG8KrojvVjnb
N9Mli8nhp07RhFcGKhOIdV68VZvNNv+ARwyarzEQgV8rPa2n9bN8NUgT+qTYnzD7
QTpOBcdX3q+WUAa2NiuH48Su3lmz6ekTZnkF3HMRkj3S+GKmuSuirMf8OLFvx1vh
KtqYuiXeUSyULZMt26ajss18SkZ+iA2yjuSdN1EJfyldmNOyADqAZs8iYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAUoD2E9+PJuVRJYPKn6R8lUW7r3MB8GA1UdIwQY
MBaAFNUM2kjDXlTrgCV1qqQIzOV5knIWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVF6YVNNTmVWT3VBSlhXcXBBak01WG1TY2hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zNTg3ZWItZWJkNC00MGFiLWExOWIt
MjI5MjA1NjVjZGE0LzEvQlNnUFlUMzQ4bTVWRWxnOHFmcEh5VlJidXZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zNTg3ZWItZWJkNC00MGFiLWExOWItMjI5MjA1NjVjZGE0
LzEvMVF6YVNNTmVWT3VBSlhXcXBBak01WG1TY2hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2QzgMA0G
CSqGSIb3DQEBCwUAA4IBAQB6k20lrUveSAhbzxbRekzwP5e5P3qZkb4CM/Cz00vE
7iIb3rfwqEhGzyX0ReSwD32ikqcqVi0O3MT30VCgUVIqD1Rac1GFxHYpQdAQiF7i
4VN5Illr3GJsS/dLKLG7PJFceR1JSmyH1HYJPAfh+rj6RD9QyIKj1bGeH+n9MZbz
x43l7rbhYZ2jmvhpmrJrdk3F789zSSEgGqtAmL3HtmkJFFBOkG5smvP9VauVOagS
rhXpWosJbvFindAP9RWP0eomRXS5E9nL8aNiQWWkpJ0W3BGmc8HVIqA1Hn/g8qhE
YQDCotOgjjX32kKK4D2BV0MgmS5Odu2qRKBT9v6VBSBj
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:18 2025 by rpki-client