Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/019a1e-be98-414c-8c2c-6b27ff2257c6/1/BdgmTC08HFpX11zUWZJgONiRi2Y.roa
File: BdgmTC08HFpX11zUWZJgONiRi2Y.roa (raw, json)
Hash identifier: 12vPHyqa6C2YIrqCNapM5Uz12n2HTVBZTLx/h2Oerxw=
Subject key identifier: 05:D8:26:4C:2D:3C:1C:5A:57:D7:5C:D4:59:92:60:38:D8:91:8B:66
Certificate issuer: /CN=a47f708c34a5e71daf3d2e54b99ab74f069ef80b
Certificate serial: 0182B2D1464442913927E1F7AF9E61D83143
Authority key identifier: A4:7F:70:8C:34:A5:E7:1D:AF:3D:2E:54:B9:9A:B7:4F:06:9E:F8:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pH9wjDSl5x2vPS5UuZq3Twae-As.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/019a1e-be98-414c-8c2c-6b27ff2257c6/1/BdgmTC08HFpX11zUWZJgONiRi2Y.roa
Signing time: Thu 18 Aug 2022 21:17:15 +0000
ROA not before: Thu 18 Aug 2022 21:17:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198213
IP address blocks: 109.202.124.0/24 maxlen: 24
109.202.121.0/24 maxlen: 24
109.202.123.0/24 maxlen: 24
109.202.120.0/24 maxlen: 24
109.202.125.0/24 maxlen: 24
109.202.122.0/24 maxlen: 24
109.202.127.0/24 maxlen: 24
109.202.126.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:b2:d1:46:44:42:91:39:27:e1:f7:af:9e:61:d8:31:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a47f708c34a5e71daf3d2e54b99ab74f069ef80b
Validity
Not Before: Aug 18 21:17:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=05d8264c2d3c1c5a57d75cd459926038d8918b66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f3:63:5d:b3:66:b1:7d:86:58:95:c1:50:ce:
88:0d:49:6d:d6:af:fd:91:1b:49:64:28:d3:c3:3b:
ae:4b:f3:26:3d:52:56:ce:9f:67:29:b1:1f:c1:57:
19:3c:12:22:fc:a1:16:b5:6c:e5:41:eb:7a:85:e5:
36:c5:3f:4b:43:31:37:ec:12:67:3e:42:42:6c:18:
33:82:f0:f5:a3:27:73:ea:41:79:0c:b7:78:da:f5:
e4:05:fd:1c:96:a2:5d:2c:c4:f8:f0:34:9f:75:a5:
39:86:f4:a9:83:9d:ba:26:7b:a8:91:b1:de:1b:0f:
5a:0d:76:4e:cc:23:6b:27:75:98:76:77:e0:c4:b5:
de:64:03:28:20:1a:be:91:99:a4:61:c1:ec:7f:13:
3f:3f:06:b1:69:da:46:70:63:a2:f6:ca:45:22:dc:
ef:0a:b9:85:91:6c:b7:71:e6:51:d5:e0:7c:a3:c4:
1a:6c:16:97:d1:3e:a3:9b:43:ed:c9:c7:f1:34:f6:
c0:d3:1d:84:b3:dd:f1:72:df:54:bc:18:e9:cc:77:
40:4c:35:27:39:fe:5c:13:eb:92:2d:7e:2c:a6:88:
26:71:b2:9d:d0:74:8c:53:c2:28:dd:8b:cf:b7:3b:
ad:63:11:56:82:4c:bf:58:38:6a:92:5f:24:cf:3a:
b4:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:D8:26:4C:2D:3C:1C:5A:57:D7:5C:D4:59:92:60:38:D8:91:8B:66
X509v3 Authority Key Identifier:
keyid:A4:7F:70:8C:34:A5:E7:1D:AF:3D:2E:54:B9:9A:B7:4F:06:9E:F8:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pH9wjDSl5x2vPS5UuZq3Twae-As.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/019a1e-be98-414c-8c2c-6b27ff2257c6/1/BdgmTC08HFpX11zUWZJgONiRi2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/019a1e-be98-414c-8c2c-6b27ff2257c6/1/pH9wjDSl5x2vPS5UuZq3Twae-As.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.202.120.0/21
Signature Algorithm: sha256WithRSAEncryption
81:1a:39:44:ea:88:c1:8a:4c:c4:7a:bb:0a:cb:67:ec:dc:e9:
d5:82:1f:4f:ee:79:c1:7c:6a:89:e3:ed:1f:1f:20:25:58:ea:
4e:47:a4:5c:db:56:33:6f:55:de:f2:18:dd:d5:bb:91:7c:a8:
ee:24:2e:4f:02:95:ca:70:ff:08:d0:d5:32:b7:dc:31:da:4f:
4a:0c:6b:8a:8c:36:e9:95:b6:7c:fd:07:78:3a:c7:d5:6e:16:
89:1a:5f:04:86:3d:d6:3a:59:b5:a6:6e:1f:06:ef:6b:89:c2:
c2:29:0f:95:0d:5d:dd:94:06:0d:4a:67:e7:97:25:a5:34:c6:
27:1d:f8:8e:95:90:9a:9e:2c:49:3f:70:74:3a:e1:9d:3a:d9:
33:c9:5e:d4:38:b5:75:50:a2:45:90:ea:08:d1:97:84:83:9c:
f2:c9:f4:41:37:a8:2d:ce:98:13:c0:3d:1b:8e:0a:ff:e2:54:
7c:e1:40:91:55:9f:a0:1f:50:bb:e9:ad:39:4d:cf:4c:e5:88:
4a:b4:e4:61:ce:ef:35:81:8e:70:27:b4:c1:58:aa:37:be:de:
d2:23:41:d9:2e:81:fe:23:5e:1d:e1:93:10:8a:8f:ba:da:f6:
8b:69:9c:ca:99:13:f3:0e:2c:dd:ff:f3:82:44:db:30:5f:ca:
e8:7a:d3:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKy0UZEQpE5J+H3r55h2DFDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0N2Y3MDhjMzRhNWU3MWRhZjNkMmU1NGI5OWFiNzRmMDY5
ZWY4MGIwHhcNMjIwODE4MjExNzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWQ4MjY0YzJkM2MxYzVhNTdkNzVjZDQ1OTkyNjAzOGQ4OTE4YjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvNjXbNmsX2GWJXBUM6IDUlt1q/9
kRtJZCjTwzuuS/MmPVJWzp9nKbEfwVcZPBIi/KEWtWzlQet6heU2xT9LQzE37BJn
PkJCbBgzgvD1oydz6kF5DLd42vXkBf0clqJdLMT48DSfdaU5hvSpg526JnuokbHe
Gw9aDXZOzCNrJ3WYdnfgxLXeZAMoIBq+kZmkYcHsfxM/PwaxadpGcGOi9spFItzv
CrmFkWy3ceZR1eB8o8QabBaX0T6jm0PtycfxNPbA0x2Es93xct9UvBjpzHdATDUn
Of5cE+uSLX4spogmcbKd0HSMU8Io3YvPtzutYxFWgky/WDhqkl8kzzq0AQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAXYJkwtPBxaV9dc1FmSYDjYkYtmMB8GA1UdIwQY
MBaAFKR/cIw0pecdrz0uVLmat08GnvgLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEg5d2pEU2w1eDJ2UFM1VXVacTNUd2FlLUFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8wMTlhMWUtYmU5OC00MTRjLThjMmMt
NmIyN2ZmMjI1N2M2LzEvQmRnbVRDMDhIRnBYMTF6VVdaSmdPTmlSaTJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8wMTlhMWUtYmU5OC00MTRjLThjMmMtNmIyN2ZmMjI1N2M2
LzEvcEg5d2pEU2w1eDJ2UFM1VXVacTNUd2FlLUFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDbcp4MA0G
CSqGSIb3DQEBCwUAA4IBAQCBGjlE6ojBikzEersKy2fs3OnVgh9P7nnBfGqJ4+0f
HyAlWOpOR6Rc21Yzb1Xe8hjd1buRfKjuJC5PApXKcP8I0NUyt9wx2k9KDGuKjDbp
lbZ8/Qd4OsfVbhaJGl8Ehj3WOlm1pm4fBu9ricLCKQ+VDV3dlAYNSmfnlyWlNMYn
HfiOlZCanixJP3B0OuGdOtkzyV7UOLV1UKJFkOoI0ZeEg5zyyfRBN6gtzpgTwD0b
jgr/4lR84UCRVZ+gH1C76a05Tc9M5YhKtORhzu81gY5wJ7TBWKo3vt7SI0HZLoH+
I14d4ZMQio+62vaLaZzKmRPzDizd//OCRNswX8roetMn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:03 2024 by rpki-client on console-fra.rpki-client.org