Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/BMCWhr2qINu9CtcnHVNSuWatS64.roa
File: BMCWhr2qINu9CtcnHVNSuWatS64.roa (raw, json)
Hash identifier: vM04MHme+ThuenPMvmUooLvYmQeqQR3GGzku+QGvkHk=
Subject key identifier: 04:C0:96:86:BD:AA:20:DB:BD:0A:D7:27:1D:53:52:B9:66:AD:4B:AE
Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial: 38CFDEFA
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/BMCWhr2qINu9CtcnHVNSuWatS64.roa
Signing time: Sat 01 Jan 2022 07:55:11 +0000
ROA not before: Sat 01 Jan 2022 07:55:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1199
IP address blocks: 145.102.136.0/22 maxlen: 22
145.111.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 953147130 (0x38cfdefa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Validity
Not Before: Jan 1 07:55:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=04c09686bdaa20dbbd0ad7271d5352b966ad4bae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:67:c5:fe:b2:de:18:a6:c3:e9:8f:6b:30:6f:
11:b0:83:06:20:4c:a4:50:75:76:fa:87:f8:d8:c8:
dc:79:1e:41:07:ad:34:66:32:2d:3b:04:c1:d3:09:
c4:b7:68:52:39:29:a6:d3:0c:dc:6f:34:25:79:e9:
36:68:20:6c:8a:ce:99:21:ab:ce:81:01:72:15:cd:
f4:fb:7d:59:cd:38:3f:f6:84:6b:7c:df:11:6c:a9:
68:4e:69:1c:0b:26:9f:ae:15:90:45:61:fa:6d:53:
05:2d:cd:a7:2c:a9:72:ed:bb:27:e9:61:e0:43:82:
f6:0a:d2:e0:27:aa:16:9c:df:3a:21:e0:57:5f:90:
eb:98:22:34:94:62:03:44:fd:1c:aa:cb:65:39:25:
0b:89:10:ed:f3:e9:e8:95:b6:eb:9f:45:13:8f:e0:
96:f1:18:08:3d:91:90:fb:51:88:d1:45:c4:d4:1a:
e1:55:72:49:aa:43:ea:bc:ca:75:a1:b5:60:53:ae:
5a:19:7d:f3:72:35:33:14:70:23:75:fd:ab:61:36:
e1:32:52:aa:a1:c6:5a:59:2b:8c:00:06:8e:63:7b:
eb:7e:14:ea:26:de:97:a4:d3:78:76:07:97:f4:a2:
96:32:42:29:9f:f6:c1:49:61:8e:f6:1d:5b:8c:cf:
a9:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:C0:96:86:BD:AA:20:DB:BD:0A:D7:27:1D:53:52:B9:66:AD:4B:AE
X509v3 Authority Key Identifier:
keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/BMCWhr2qINu9CtcnHVNSuWatS64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.102.136.0/22
145.111.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5a:0a:d6:9e:d3:2b:b5:81:4b:5f:b3:59:fa:cf:c4:c9:a6:32:
ab:f7:94:ad:25:34:b4:de:bd:1a:c9:96:43:b8:82:f2:0e:35:
1f:d4:d3:15:73:07:5e:f9:c6:3a:e4:b3:88:c3:32:26:13:28:
a2:67:88:95:25:ec:30:71:e3:2f:fd:21:5c:be:11:a0:be:b4:
7b:25:a3:9e:8d:f0:7a:a7:57:0f:8c:03:61:72:74:48:cd:0f:
4d:57:9f:ba:37:71:4e:62:34:dc:8d:22:4a:86:79:0e:31:37:
1b:a8:1b:15:87:40:69:cb:79:e9:13:7f:ad:5a:7b:f4:59:01:
90:8e:fc:62:80:e3:b0:fe:30:48:80:a7:2f:ea:72:7e:23:cf:
c5:37:72:f5:4a:92:1c:a7:53:9b:f3:83:d2:75:bf:04:42:5c:
97:54:43:ce:ea:39:97:73:3b:bb:35:33:ff:33:b4:a3:6c:da:
2c:53:a5:e0:3e:bb:54:9c:ae:57:fe:5b:c1:a8:39:37:91:02:
2c:ac:58:a2:2b:8a:2e:d8:bd:74:7c:8e:f8:88:1e:4a:01:07:
79:42:1e:05:8d:09:f8:5f:ec:93:98:f6:7d:67:f2:e8:a2:0f:
fc:85:19:cd:35:a0:81:b5:e1:26:a2:ba:25:d0:f7:29:a0:d8:
4b:04:d4:35
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIEOM/e+jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NzczZGIxNzc5NWQyYmYxYjRiNTM0NWM1YjI5MzkwZGJhZjQ1MjNlMB4XDTIyMDEw
MTA3NTUxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDRjMDk2ODZiZGFh
MjBkYmJkMGFkNzI3MWQ1MzUyYjk2NmFkNGJhZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALdnxf6y3himw+mPazBvEbCDBiBMpFB1dvqH+NjI3HkeQQet
NGYyLTsEwdMJxLdoUjkpptMM3G80JXnpNmggbIrOmSGrzoEBchXN9Pt9Wc04P/aE
a3zfEWypaE5pHAsmn64VkEVh+m1TBS3Npyypcu27J+lh4EOC9grS4CeqFpzfOiHg
V1+Q65giNJRiA0T9HKrLZTklC4kQ7fPp6JW2659FE4/glvEYCD2RkPtRiNFFxNQa
4VVySapD6rzKdaG1YFOuWhl983I1MxRwI3X9q2E24TJSqqHGWlkrjAAGjmN7634U
6ibel6TTeHYHl/SiljJCKZ/2wUlhjvYdW4zPqdcCAwEAAaOCAg4wggIKMB0GA1Ud
DgQWBBQEwJaGvaog270K1ycdU1K5Zq1LrjAfBgNVHSMEGDAWgBQXc9sXeV0r8bS1
NFxbKTkNuvRSPjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0YzUGJGM2xkS19HMHRUUmNXeWs1RGJyMFVqNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmQvZjc3Y2JkLTg5M2ItNDYxNi05ZDc2LTU0ODYxZjIzMjQ5ZC8x
L0JNQ1docjJxSU51OUN0Y25IVk5TdVdhdFM2NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmQv
Zjc3Y2JkLTg5M2ItNDYxNi05ZDc2LTU0ODYxZjIzMjQ5ZC8xL0YzUGJGM2xkS19H
MHRUUmNXeWs1RGJyMFVqNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAk
BggrBgEFBQcBBwEB/wQVMBMwEQQCAAEwCwMEApFmiAMDAJFvMA0GCSqGSIb3DQEB
CwUAA4IBAQBaCtae0yu1gUtfs1n6z8TJpjKr95StJTS03r0ayZZDuILyDjUf1NMV
cwde+cY65LOIwzImEyiiZ4iVJewwceMv/SFcvhGgvrR7JaOejfB6p1cPjANhcnRI
zQ9NV5+6N3FOYjTcjSJKhnkOMTcbqBsVh0Bpy3npE3+tWnv0WQGQjvxigOOw/jBI
gKcv6nJ+I8/FN3L1SpIcp1Ob84PSdb8EQlyXVEPO6jmXczu7NTP/M7SjbNosU6Xg
PrtUnK5X/lvBqDk3kQIsrFiiK4ou2L10fI74iB5KAQd5Qh4FjQn4X+yTmPZ9Z/Lo
og/8hRnNNaCBteEmorol0PcpoNhLBNQ1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:44 2024 by rpki-client on console-ams.rpki-client.org