Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/72d48b-865a-4e6e-96f3-5768d37f7bb5/1/BzdyNof25SgeFWMow1-HRzlS1ow.roa
File: BzdyNof25SgeFWMow1-HRzlS1ow.roa (raw, json)
Hash identifier: y6cXYNzi+yjqVlM/Vdg+RuhvQs8X8/CfaVsbLZtAkAo=
Subject key identifier: 07:37:72:36:87:F6:E5:28:1E:15:63:28:C3:5F:87:47:39:52:D6:8C
Certificate issuer: /CN=f356cdd5a49ce6c42a9a35fa77b9727819688896
Certificate serial: 01840E5526E43B8F965FDAF991B408429604
Authority key identifier: F3:56:CD:D5:A4:9C:E6:C4:2A:9A:35:FA:77:B9:72:78:19:68:88:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/81bN1aSc5sQqmjX6d7lyeBloiJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/72d48b-865a-4e6e-96f3-5768d37f7bb5/1/BzdyNof25SgeFWMow1-HRzlS1ow.roa
Signing time: Tue 25 Oct 2022 08:49:32 +0000
ROA not before: Tue 25 Oct 2022 08:49:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 680
IP address blocks: 134.99.0.0/16 maxlen: 16
134.99.235.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0e:55:26:e4:3b:8f:96:5f:da:f9:91:b4:08:42:96:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f356cdd5a49ce6c42a9a35fa77b9727819688896
Validity
Not Before: Oct 25 08:49:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0737723687f6e5281e156328c35f87473952d68c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:07:f2:8e:ea:82:c0:8e:72:b3:ce:44:fe:0c:
8b:02:da:39:cb:e5:1b:be:f6:e6:63:59:e1:8b:31:
68:6e:69:40:b7:8e:d2:b7:09:cb:ed:1c:f2:17:0e:
30:12:f0:fb:bf:5f:51:5a:be:1c:30:e7:bb:78:48:
f4:ed:1c:51:8e:d7:8c:3d:4e:bd:ec:c7:39:6e:d4:
06:d8:81:fc:24:ef:fc:0a:e0:e8:a2:28:cf:7b:73:
fd:f0:c3:80:2a:3b:13:4c:17:72:6f:6a:ef:bb:69:
93:16:69:f6:f2:d4:e0:04:0a:d7:ad:82:72:d9:9d:
dc:e4:ef:90:5d:68:6d:b6:87:87:dc:98:6c:e1:11:
76:8c:f5:0c:97:e0:12:d3:fb:e6:b1:89:a3:da:b7:
8f:53:48:58:96:ee:44:11:5d:27:be:8a:17:f6:54:
f8:95:e8:a8:0d:84:ed:38:25:58:36:b4:25:58:6d:
33:12:b8:81:96:4c:34:37:79:12:51:98:cb:93:e8:
52:94:44:92:a9:c6:8f:b8:1d:79:30:19:dd:70:e6:
5a:e6:bb:2b:43:90:6c:28:50:7d:66:7a:9c:7e:5b:
3d:80:7c:fa:24:7d:1e:bf:f6:2f:69:53:ef:26:be:
b8:06:9d:73:04:ac:51:fa:49:f5:ab:bd:1c:1b:d7:
41:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:37:72:36:87:F6:E5:28:1E:15:63:28:C3:5F:87:47:39:52:D6:8C
X509v3 Authority Key Identifier:
keyid:F3:56:CD:D5:A4:9C:E6:C4:2A:9A:35:FA:77:B9:72:78:19:68:88:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/81bN1aSc5sQqmjX6d7lyeBloiJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/72d48b-865a-4e6e-96f3-5768d37f7bb5/1/BzdyNof25SgeFWMow1-HRzlS1ow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/72d48b-865a-4e6e-96f3-5768d37f7bb5/1/81bN1aSc5sQqmjX6d7lyeBloiJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.99.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4a:13:24:67:5e:f6:f5:c6:cd:0a:fb:b2:1b:c6:2a:ac:28:92:
be:67:29:bd:47:a3:48:b8:10:88:fb:ad:55:c3:aa:d4:99:53:
fe:23:91:51:4e:77:f5:c8:eb:f9:37:14:ef:ca:3e:01:1f:27:
fa:5f:ac:30:7c:a1:58:b1:16:1a:4b:81:19:d8:38:1c:64:02:
d3:6f:5b:51:16:d7:0a:51:fe:67:f8:00:c3:50:6a:b3:13:c4:
7e:c0:e0:0b:d8:3f:c7:1e:94:21:c0:95:5f:4e:db:16:c1:cd:
b5:a0:73:00:8d:9e:4c:80:af:e5:7b:ea:7a:5e:11:23:22:6a:
2d:60:1c:30:17:65:d9:e4:ef:24:0a:c4:2b:bd:aa:fe:81:88:
65:45:22:7b:b8:82:95:55:4c:da:a6:9c:1e:d1:b4:89:2b:c9:
6a:23:88:26:c6:76:55:47:71:64:b2:cf:50:f8:ee:35:47:34:
49:0e:7c:08:0a:94:79:50:ad:65:c7:73:0e:ff:ca:74:d6:fa:
28:7f:aa:a0:03:1f:d4:1e:8e:4e:4b:f4:6b:64:b0:7c:8f:74:
22:74:35:d9:e5:6b:96:ac:16:cc:83:ea:87:65:0f:09:e8:35:
46:24:a3:0e:44:e1:2d:4a:fe:af:d0:13:93:22:86:a8:9e:f1:
ae:34:2a:75
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYQOVSbkO4+WX9r5kbQIQpYEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzNTZjZGQ1YTQ5Y2U2YzQyYTlhMzVmYTc3Yjk3Mjc4MTk2
ODg4OTYwHhcNMjIxMDI1MDg0OTMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzM3NzIzNjg3ZjZlNTI4MWUxNTYzMjhjMzVmODc0NzM5NTJkNjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQfyjuqCwI5ys85E/gyLAto5y+Ub
vvbmY1nhizFobmlAt47StwnL7RzyFw4wEvD7v19RWr4cMOe7eEj07RxRjteMPU69
7Mc5btQG2IH8JO/8CuDooijPe3P98MOAKjsTTBdyb2rvu2mTFmn28tTgBArXrYJy
2Z3c5O+QXWhttoeH3Jhs4RF2jPUMl+AS0/vmsYmj2rePU0hYlu5EEV0nvooX9lT4
leioDYTtOCVYNrQlWG0zEriBlkw0N3kSUZjLk+hSlESSqcaPuB15MBndcOZa5rsr
Q5BsKFB9Znqcfls9gHz6JH0ev/YvaVPvJr64Bp1zBKxR+kn1q70cG9dBpwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFAc3cjaH9uUoHhVjKMNfh0c5UtaMMB8GA1UdIwQY
MBaAFPNWzdWknObEKpo1+ne5cngZaIiWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODFiTjFhU2M1c1FxbWpYNmQ3bHllQmxvaUpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni83MmQ0OGItODY1YS00ZTZlLTk2ZjMt
NTc2OGQzN2Y3YmI1LzEvQnpkeU5vZjI1U2dlRldNb3cxLUhSemxTMW93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni83MmQ0OGItODY1YS00ZTZlLTk2ZjMtNTc2OGQzN2Y3YmI1
LzEvODFiTjFhU2M1c1FxbWpYNmQ3bHllQmxvaUpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAhmMwDQYJ
KoZIhvcNAQELBQADggEBAEoTJGde9vXGzQr7shvGKqwokr5nKb1Ho0i4EIj7rVXD
qtSZU/4jkVFOd/XI6/k3FO/KPgEfJ/pfrDB8oVixFhpLgRnYOBxkAtNvW1EW1wpR
/mf4AMNQarMTxH7A4AvYP8celCHAlV9O2xbBzbWgcwCNnkyAr+V76npeESMiai1g
HDAXZdnk7yQKxCu9qv6BiGVFInu4gpVVTNqmnB7RtIkryWojiCbGdlVHcWSyz1D4
7jVHNEkOfAgKlHlQrWXHcw7/ynTW+ih/qqADH9Qejk5L9GtksHyPdCJ0Ndnla5as
FsyD6odlDwnoNUYkow5E4S1K/q/QE5Mihqie8a40KnU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:04 2025 by rpki-client