Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/bfa1_KRG7681WL-cRdu8y-HMJp8.roa
File: bfa1_KRG7681WL-cRdu8y-HMJp8.roa (raw, json)
Hash identifier: n+YVGhA09mOhejIF4q4eYWWuz92J4zSm8v7+Q4rWvOs=
Subject key identifier: 6D:F6:B5:FC:A4:46:EF:AF:35:58:BF:9C:45:DB:BC:CB:E1:CC:26:9F
Certificate issuer: /CN=64d4e8723450d0a710c32d90ffea18529104e538
Certificate serial: 018794C79687C4EEAE7EA82B131AC6FD96B3
Authority key identifier: 64:D4:E8:72:34:50:D0:A7:10:C3:2D:90:FF:EA:18:52:91:04:E5:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/bfa1_KRG7681WL-cRdu8y-HMJp8.roa
Signing time: Tue 18 Apr 2023 14:32:00 +0000
ROA not before: Tue 18 Apr 2023 14:32:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204957
IP address blocks: 193.203.49.0/24 maxlen: 24
193.203.48.0/24 maxlen: 24
2a13:f580:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:94:c7:96:87:c4:ee:ae:7e:a8:2b:13:1a:c6:fd:96:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64d4e8723450d0a710c32d90ffea18529104e538
Validity
Not Before: Apr 18 14:32:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6df6b5fca446efaf3558bf9c45dbbccbe1cc269f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:48:83:ca:87:7a:b4:86:5d:92:eb:6f:64:4d:
2d:9f:63:ef:a4:1d:49:c6:48:14:9c:73:ec:0e:66:
ea:74:93:3e:f3:a7:1f:32:43:33:1e:bd:b8:4b:cc:
9f:81:b1:5d:e1:86:f1:32:45:42:43:a8:75:0f:18:
af:1b:89:6a:86:ac:42:fc:82:57:43:36:e7:90:30:
b1:e6:6f:df:10:69:39:d4:ff:ab:dc:e6:a4:1d:0a:
2c:c3:dd:a4:e5:95:be:d2:94:a4:2b:56:8d:68:8e:
c3:33:c8:b7:1e:bc:0e:4d:ac:a5:db:d5:29:d2:71:
14:44:93:95:f5:bf:f9:53:c0:cd:48:e5:84:c7:49:
9a:42:fb:6a:39:fd:88:ac:3c:6d:54:37:37:a7:69:
87:cf:01:38:5c:33:f2:5a:f7:a7:8d:81:48:c5:0e:
ea:10:ba:ce:61:eb:18:c6:61:96:6c:43:9e:61:8e:
c3:b2:50:93:e4:ee:1e:22:c9:64:a2:f1:3b:f5:ca:
97:ab:35:db:9c:da:9a:07:57:1f:e8:d8:d1:fa:28:
21:39:9f:65:10:a7:9f:0f:7a:78:8e:fa:e9:84:42:
5f:8f:63:41:c9:bd:21:29:90:7c:2c:48:71:13:55:
91:3a:5a:64:c9:61:e7:a5:1c:d5:33:35:3a:74:25:
0d:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:F6:B5:FC:A4:46:EF:AF:35:58:BF:9C:45:DB:BC:CB:E1:CC:26:9F
X509v3 Authority Key Identifier:
keyid:64:D4:E8:72:34:50:D0:A7:10:C3:2D:90:FF:EA:18:52:91:04:E5:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/bfa1_KRG7681WL-cRdu8y-HMJp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.203.48.0/23
IPv6:
2a13:f580:3::/48
Signature Algorithm: sha256WithRSAEncryption
39:9a:4b:11:94:76:b7:ec:6d:79:62:2d:77:94:0b:e1:5c:c7:
c8:9b:31:12:60:c4:95:47:75:31:93:73:9c:66:0a:6c:08:1c:
3c:09:df:bb:8d:c8:bf:b1:79:29:0c:07:43:41:8a:ee:27:1a:
f8:c6:85:12:07:82:1c:63:31:8f:c1:27:b2:75:40:7b:f1:0b:
80:08:30:14:0f:b8:64:aa:86:0d:14:13:61:e1:e4:e4:95:63:
c0:35:8a:72:ac:c3:a7:68:27:b7:11:a3:4e:a8:bb:b9:03:ec:
44:fb:6d:68:61:46:26:be:7d:0e:6d:57:c9:e4:25:3e:4a:bd:
bf:aa:e1:48:e9:65:4f:29:fa:c8:8e:5c:2a:00:d5:5a:7d:71:
14:26:61:f2:1c:b4:be:4e:82:06:8c:f4:3d:a8:b1:64:a1:fb:
c0:66:e0:f9:d8:cd:7f:c1:7f:79:4e:40:c6:14:a7:72:d7:39:
8d:22:16:20:94:2f:4d:25:03:8a:43:f5:6e:b2:23:fb:ef:fa:
dd:ee:8e:78:ca:a1:bc:c3:82:f3:0d:fd:66:06:25:c1:96:b4:
d6:a2:aa:b2:4b:05:b0:cb:af:65:a9:23:2d:55:0d:a6:c0:69:
bd:b2:a7:0a:35:49:b9:28:68:25:61:b1:6a:7f:f1:3f:75:bd:
09:f5:cb:a9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYeUx5aHxO6ufqgrExrG/ZazMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZDRlODcyMzQ1MGQwYTcxMGMzMmQ5MGZmZWExODUyOTEw
NGU1MzgwHhcNMjMwNDE4MTQzMjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGY2YjVmY2E0NDZlZmFmMzU1OGJmOWM0NWRiYmNjYmUxY2MyNjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgEiDyod6tIZdkutvZE0tn2PvpB1J
xkgUnHPsDmbqdJM+86cfMkMzHr24S8yfgbFd4YbxMkVCQ6h1DxivG4lqhqxC/IJX
QzbnkDCx5m/fEGk51P+r3OakHQosw92k5ZW+0pSkK1aNaI7DM8i3HrwOTayl29Up
0nEURJOV9b/5U8DNSOWEx0maQvtqOf2IrDxtVDc3p2mHzwE4XDPyWvenjYFIxQ7q
ELrOYesYxmGWbEOeYY7DslCT5O4eIslkovE79cqXqzXbnNqaB1cf6NjR+ighOZ9l
EKefD3p4jvrphEJfj2NByb0hKZB8LEhxE1WROlpkyWHnpRzVMzU6dCUNkwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG32tfykRu+vNVi/nEXbvMvhzCafMB8GA1UdIwQY
MBaAFGTU6HI0UNCnEMMtkP/qGFKRBOU4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5Ub2NqUlEwS2NRd3kyUV8tb1lVcEVFNVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yMzEwYjEtOTZhMS00OGU0LWFhNzIt
NDIyYWVkM2E3NzAyLzEvYmZhMV9LUkc3NjgxV0wtY1JkdTh5LUhNSnA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yMzEwYjEtOTZhMS00OGU0LWFhNzItNDIyYWVkM2E3NzAy
LzEvWk5Ub2NqUlEwS2NRd3kyUV8tb1lVcEVFNVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwcswMA8E
AgACMAkDBwAqE/WAAAMwDQYJKoZIhvcNAQELBQADggEBADmaSxGUdrfsbXliLXeU
C+Fcx8ibMRJgxJVHdTGTc5xmCmwIHDwJ37uNyL+xeSkMB0NBiu4nGvjGhRIHghxj
MY/BJ7J1QHvxC4AIMBQPuGSqhg0UE2Hh5OSVY8A1inKsw6doJ7cRo06ou7kD7ET7
bWhhRia+fQ5tV8nkJT5Kvb+q4UjpZU8p+siOXCoA1Vp9cRQmYfIctL5OggaM9D2o
sWSh+8Bm4PnYzX/Bf3lOQMYUp3LXOY0iFiCUL00lA4pD9W6yI/vv+t3ujnjKobzD
gvMN/WYGJcGWtNaiqrJLBbDLr2WpIy1VDabAab2ypwo1SbkoaCVhsWp/8T91vQn1
y6k=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:11:57 2025 by rpki-client