Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/d1c06a-dfa5-4c78-980a-6be2f4d24c96/1/BOumfgfFsxXhyvLAll0-o3hCHv8.roa
File: BOumfgfFsxXhyvLAll0-o3hCHv8.roa (raw, json)
Hash identifier: xejJ8piK3YwMN8LwR0ostOA+9Imh4h7G/8lVW4pbz9A=
Subject key identifier: 04:EB:A6:7E:07:C5:B3:15:E1:CA:F2:C0:96:5D:3E:A3:78:42:1E:FF
Certificate issuer: /CN=0008589496bf86d2d0f8874b76cac843025bcd3b
Certificate serial: 6A7B5E
Authority key identifier: 00:08:58:94:96:BF:86:D2:D0:F8:87:4B:76:CA:C8:43:02:5B:CD:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AAhYlJa_htLQ-IdLdsrIQwJbzTs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/d1c06a-dfa5-4c78-980a-6be2f4d24c96/1/BOumfgfFsxXhyvLAll0-o3hCHv8.roa
Signing time: Sat 01 Jan 2022 02:52:36 +0000
ROA not before: Sat 01 Jan 2022 02:52:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8220
IP address blocks: 193.100.254.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6978398 (0x6a7b5e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0008589496bf86d2d0f8874b76cac843025bcd3b
Validity
Not Before: Jan 1 02:52:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=04eba67e07c5b315e1caf2c0965d3ea378421eff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:99:1d:37:53:63:9b:7a:f3:e3:b4:f2:50:83:
14:9a:49:ad:77:b5:c1:24:c3:8d:0c:1f:d6:da:2d:
d7:11:37:cb:d0:0d:ad:85:44:3d:9f:89:39:37:20:
06:01:6a:aa:50:60:b4:fa:65:d7:e0:e9:38:51:ba:
4f:7b:f0:8a:50:2c:82:b9:b5:e3:cf:73:f6:ac:d0:
3b:23:82:09:82:c9:51:51:28:f9:5e:d4:bd:fc:13:
db:c3:34:75:8c:0c:10:d4:27:9a:56:fc:60:6b:3a:
5e:e1:ce:d7:11:b7:64:22:d7:d0:99:9e:53:15:42:
d6:bb:24:d0:48:02:fa:93:ac:69:0b:15:e2:59:05:
95:0d:c0:78:75:06:33:fc:32:74:b5:a1:69:42:ea:
6b:a3:37:37:4d:c7:d9:0b:53:d8:3b:6b:8c:aa:33:
77:64:56:96:45:d5:c7:e7:46:e3:f0:5f:ce:af:07:
d9:b0:77:a5:ac:df:0e:16:1c:f7:c5:35:2a:b0:06:
58:c2:d9:1b:4e:c5:00:a7:20:fa:06:d9:98:9f:6b:
3d:58:4a:aa:17:fb:f3:b0:c9:9b:dc:06:c8:d3:aa:
e8:e3:78:4a:35:91:3e:44:44:7a:fc:54:50:eb:d3:
52:f4:87:35:ba:e9:fa:ae:2d:02:d6:ab:9c:98:d0:
98:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:EB:A6:7E:07:C5:B3:15:E1:CA:F2:C0:96:5D:3E:A3:78:42:1E:FF
X509v3 Authority Key Identifier:
keyid:00:08:58:94:96:BF:86:D2:D0:F8:87:4B:76:CA:C8:43:02:5B:CD:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AAhYlJa_htLQ-IdLdsrIQwJbzTs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/d1c06a-dfa5-4c78-980a-6be2f4d24c96/1/BOumfgfFsxXhyvLAll0-o3hCHv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/d1c06a-dfa5-4c78-980a-6be2f4d24c96/1/AAhYlJa_htLQ-IdLdsrIQwJbzTs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.100.254.0/24
Signature Algorithm: sha256WithRSAEncryption
54:a6:ee:6a:11:0f:58:ac:d0:1c:02:47:a4:36:3f:39:ea:6c:
fc:56:01:24:9b:59:44:81:3f:c9:6a:ad:92:35:38:c4:e8:9c:
81:64:e9:f6:12:14:e5:b9:9a:4e:a1:c4:40:5e:88:95:9c:89:
da:55:4b:12:2d:5f:ed:1a:f1:33:33:ed:1f:d1:7a:62:f8:bc:
12:99:75:53:b9:18:13:4d:6b:22:d6:43:bc:df:c1:ce:3b:b6:
99:ae:45:0e:ba:74:0a:ab:a0:ba:01:c4:01:94:9b:dc:83:a1:
31:f7:69:7c:c5:ab:11:47:74:61:81:e8:7b:37:81:e6:53:f8:
29:ef:8b:5b:60:e6:22:73:a8:10:78:c1:11:5e:59:f8:20:82:
e9:0b:d0:ca:56:cf:bc:25:01:1c:b9:ef:d4:00:3e:52:69:bb:
bd:f7:4e:8e:a1:44:77:3d:a7:a8:45:ce:85:1c:6b:82:a2:57:
12:1a:b3:91:83:ec:03:58:27:32:b3:27:82:42:c0:a2:d3:87:
f3:ef:f2:00:a3:b3:de:92:3d:70:15:4e:18:f0:a6:a7:0d:59:
fe:c0:56:a8:67:c9:ed:c0:c1:ea:4e:43:78:ff:0b:f7:38:ee:
52:93:17:ce:9a:6d:8a:66:12:81:1f:11:97:56:2d:2e:62:68:
ca:3a:3f:e8
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDanteMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDAw
MDg1ODk0OTZiZjg2ZDJkMGY4ODc0Yjc2Y2FjODQzMDI1YmNkM2IwHhcNMjIwMTAx
MDI1MjM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwNGViYTY3ZTA3YzVi
MzE1ZTFjYWYyYzA5NjVkM2VhMzc4NDIxZWZmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA55kdN1Njm3rz47TyUIMUmkmtd7XBJMONDB/W2i3XETfL0A2t
hUQ9n4k5NyAGAWqqUGC0+mXX4Ok4UbpPe/CKUCyCubXjz3P2rNA7I4IJgslRUSj5
XtS9/BPbwzR1jAwQ1CeaVvxgazpe4c7XEbdkItfQmZ5TFULWuyTQSAL6k6xpCxXi
WQWVDcB4dQYz/DJ0taFpQuprozc3TcfZC1PYO2uMqjN3ZFaWRdXH50bj8F/OrwfZ
sHelrN8OFhz3xTUqsAZYwtkbTsUApyD6BtmYn2s9WEqqF/vzsMmb3AbI06ro43hK
NZE+RER6/FRQ69NS9Ic1uun6ri0C1qucmNCYWwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFATrpn4HxbMV4crywJZdPqN4Qh7/MB8GA1UdIwQYMBaAFAAIWJSWv4bS0PiH
S3bKyEMCW807MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
QUFoWWxKYV9odExRLUlkTGRzcklRd0pielRzLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC84NS9kMWMwNmEtZGZhNS00Yzc4LTk4MGEtNmJlMmY0ZDI0Yzk2LzEv
Qk91bWZnZkZzeFhoeXZMQWxsMC1vM2hDSHY4LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9k
MWMwNmEtZGZhNS00Yzc4LTk4MGEtNmJlMmY0ZDI0Yzk2LzEvQUFoWWxKYV9odExR
LUlkTGRzcklRd0pielRzLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWT+MA0GCSqGSIb3DQEBCwUAA4IB
AQBUpu5qEQ9YrNAcAkekNj856mz8VgEkm1lEgT/Jaq2SNTjE6JyBZOn2EhTluZpO
ocRAXoiVnInaVUsSLV/tGvEzM+0f0Xpi+LwSmXVTuRgTTWsi1kO838HOO7aZrkUO
unQKq6C6AcQBlJvcg6Ex92l8xasRR3Rhgeh7N4HmU/gp74tbYOYic6gQeMERXln4
IILpC9DKVs+8JQEcue/UAD5Sabu9906OoUR3PaeoRc6FHGuColcSGrORg+wDWCcy
syeCQsCi04fz7/IAo7Pekj1wFU4Y8KanDVn+wFaoZ8ntwMHqTkN4/wv3OO5SkxfO
mm2KZhKBHxGXVi0uYmjKOj/o
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:30 2023 by rpki-client on console-ams.rpki-client.org