Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/f0a67c-bd4f-4ddc-8c61-3fe7aea9e2e0/1/BfutYnx-xLj8smP0KZjpGrUP8PY.roa
File: BfutYnx-xLj8smP0KZjpGrUP8PY.roa (raw, json)
Hash identifier: T65HN4B5zu0m9mC/r8dd6tL652/15dt60g/ljnYZik0=
Subject key identifier: 05:FB:AD:62:7C:7E:C4:B8:FC:B2:63:F4:29:98:E9:1A:B5:0F:F0:F6
Certificate issuer: /CN=200b15e0783fe00f1b8a57bd14fdbd06924b8832
Certificate serial: 060D5A5D
Authority key identifier: 20:0B:15:E0:78:3F:E0:0F:1B:8A:57:BD:14:FD:BD:06:92:4B:88:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IAsV4Hg_4A8bile9FP29BpJLiDI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/f0a67c-bd4f-4ddc-8c61-3fe7aea9e2e0/1/BfutYnx-xLj8smP0KZjpGrUP8PY.roa
Signing time: Sat 01 Jan 2022 13:55:26 +0000
ROA not before: Sat 01 Jan 2022 13:55:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60951
IP address blocks: 152.89.225.0/24 maxlen: 24
152.89.224.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101538397 (0x60d5a5d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=200b15e0783fe00f1b8a57bd14fdbd06924b8832
Validity
Not Before: Jan 1 13:55:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=05fbad627c7ec4b8fcb263f42998e91ab50ff0f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:9d:7d:b3:bc:48:4e:ab:80:13:a2:e4:06:8c:
a3:ae:b4:69:74:c1:3f:ce:49:dc:6f:03:6c:db:a6:
4b:42:46:61:38:70:d1:6d:3f:eb:52:ab:46:0f:5f:
fa:cb:30:fb:82:c3:ca:98:0b:e6:27:0e:75:e9:d8:
70:fa:aa:11:87:02:7c:a7:ae:ad:8b:6e:f0:f8:1d:
fb:dd:b5:f9:99:b7:a8:ea:c4:ec:19:2a:95:8c:ea:
a5:2e:c1:46:90:35:73:f2:f0:c4:2b:d6:49:fd:0e:
36:e8:27:d2:fa:ef:cb:9e:41:86:16:9a:5d:e2:78:
30:ed:fd:ce:c4:5e:dc:88:65:38:1b:1f:90:24:6c:
86:68:17:33:ba:24:18:4a:62:63:02:a4:98:5a:da:
b1:77:94:4e:58:2a:40:46:ed:a9:13:bf:c1:4a:d9:
9e:6b:bb:7a:a7:5b:8a:67:e3:d5:ec:9f:e7:60:7c:
d8:87:b3:82:d0:af:57:0f:09:33:ca:9b:63:ea:43:
99:33:7f:4d:e3:fb:45:2c:2a:2a:9d:cf:9c:0e:d8:
56:07:a1:8d:8e:2c:cc:05:48:42:73:c3:d6:4b:10:
dc:d8:27:e4:58:74:12:b3:39:f5:b3:6c:89:8c:6e:
7a:01:b4:7e:2b:25:bd:38:04:70:71:dd:ac:53:57:
ed:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:FB:AD:62:7C:7E:C4:B8:FC:B2:63:F4:29:98:E9:1A:B5:0F:F0:F6
X509v3 Authority Key Identifier:
keyid:20:0B:15:E0:78:3F:E0:0F:1B:8A:57:BD:14:FD:BD:06:92:4B:88:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IAsV4Hg_4A8bile9FP29BpJLiDI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/f0a67c-bd4f-4ddc-8c61-3fe7aea9e2e0/1/BfutYnx-xLj8smP0KZjpGrUP8PY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/f0a67c-bd4f-4ddc-8c61-3fe7aea9e2e0/1/IAsV4Hg_4A8bile9FP29BpJLiDI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.224.0/22
Signature Algorithm: sha256WithRSAEncryption
52:89:98:ee:5b:94:88:de:b8:5a:4e:bb:fe:34:71:7d:fa:e7:
8d:58:0e:7d:1d:fe:de:73:a9:c3:ce:9d:d1:23:1d:bd:29:d8:
06:ff:e3:62:c1:37:42:76:32:53:4c:15:c0:2b:35:05:7a:21:
fc:ba:9c:81:6b:26:5a:26:b5:6f:3d:de:94:73:5f:be:f3:ae:
d1:cc:4c:8d:0d:08:8e:c2:37:65:88:83:42:c0:69:a4:18:d1:
83:ed:57:3f:28:52:a0:b2:97:2e:3e:10:b9:ef:30:87:8f:0b:
fa:48:e5:48:79:9e:5d:2a:88:af:a4:17:fc:52:3f:72:09:b3:
7e:ba:0d:26:41:6b:e3:b2:e0:27:b9:59:a4:6b:a8:5c:04:f6:
c4:46:f8:43:21:64:5c:12:6f:0a:7b:cb:62:b6:51:0d:22:43:
4c:6f:c0:3b:d1:5b:49:a6:00:b5:74:3b:87:d6:5f:b2:aa:2f:
8a:5f:a9:c9:4c:93:76:15:41:89:51:61:b7:6c:25:8f:03:d2:
ff:c6:7c:cf:0b:6e:08:f2:df:24:b6:57:2a:ef:73:b4:bc:21:
5e:4a:96:db:c9:07:12:dd:52:0c:4b:5f:d8:e1:15:6f:ec:48:
7e:f7:9b:88:cf:64:ed:5e:13:1e:23:47:f1:59:e5:cd:a1:7a:
5f:6f:c2:0e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBg1aXTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MDBiMTVlMDc4M2ZlMDBmMWI4YTU3YmQxNGZkYmQwNjkyNGI4ODMyMB4XDTIyMDEw
MTEzNTUyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDVmYmFkNjI3Yzdl
YzRiOGZjYjI2M2Y0Mjk5OGU5MWFiNTBmZjBmNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN6dfbO8SE6rgBOi5AaMo660aXTBP85J3G8DbNumS0JGYThw
0W0/61KrRg9f+ssw+4LDypgL5icOdenYcPqqEYcCfKeurYtu8Pgd+921+Zm3qOrE
7BkqlYzqpS7BRpA1c/LwxCvWSf0ONugn0vrvy55BhhaaXeJ4MO39zsRe3IhlOBsf
kCRshmgXM7okGEpiYwKkmFrasXeUTlgqQEbtqRO/wUrZnmu7eqdbimfj1eyf52B8
2IezgtCvVw8JM8qbY+pDmTN/TeP7RSwqKp3PnA7YVgehjY4szAVIQnPD1ksQ3Ngn
5Fh0ErM59bNsiYxuegG0fislvTgEcHHdrFNX7acCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQF+61ifH7EuPyyY/QpmOkatQ/w9jAfBgNVHSMEGDAWgBQgCxXgeD/gDxuK
V70U/b0GkkuIMjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lBc1Y0SGdfNEE4YmlsZTlGUDI5QnBKTGlESS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzkvZjBhNjdjLWJkNGYtNGRkYy04YzYxLTNmZTdhZWE5ZTJlMC8x
L0JmdXRZbngteExqOHNtUDBLWmpwR3JVUDhQWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzkv
ZjBhNjdjLWJkNGYtNGRkYy04YzYxLTNmZTdhZWE5ZTJlMC8xL0lBc1Y0SGdfNEE4
YmlsZTlGUDI5QnBKTGlESS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAphZ4DANBgkqhkiG9w0BAQsFAAOC
AQEAUomY7luUiN64Wk67/jRxffrnjVgOfR3+3nOpw86d0SMdvSnYBv/jYsE3QnYy
U0wVwCs1BXoh/LqcgWsmWia1bz3elHNfvvOu0cxMjQ0IjsI3ZYiDQsBppBjRg+1X
PyhSoLKXLj4Que8wh48L+kjlSHmeXSqIr6QX/FI/cgmzfroNJkFr47LgJ7lZpGuo
XAT2xEb4QyFkXBJvCnvLYrZRDSJDTG/AO9FbSaYAtXQ7h9Zfsqovil+pyUyTdhVB
iVFht2wljwPS/8Z8zwtuCPLfJLZXKu9ztLwhXkqW28kHEt1SDEtf2OEVb+xIfveb
iM9k7V4THiNH8VnlzaF6X2/CDg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:52 2023 by rpki-client on console-ams.rpki-client.org