Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/BveDjXXSX03MRRH-o83qEa0YzMk.roa
File: BveDjXXSX03MRRH-o83qEa0YzMk.roa (raw, json)
Hash identifier: ladzOH+OhyJ8muIp3kiukqDoGH+dH7BLa6dylTSBfCQ=
Subject key identifier: 06:F7:83:8D:75:D2:5F:4D:CC:45:11:FE:A3:CD:EA:11:AD:18:CC:C9
Certificate issuer: /CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Certificate serial: 08FF71E4
Authority key identifier: 0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/BveDjXXSX03MRRH-o83qEa0YzMk.roa
Signing time: Sat 01 Jan 2022 08:59:08 +0000
ROA not before: Sat 01 Jan 2022 08:59:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211846
IP address blocks: 159.151.255.0/24 maxlen: 24
192.109.142.0/24 maxlen: 24
2a07:8147:ffff::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 150958564 (0x8ff71e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Validity
Not Before: Jan 1 08:59:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=06f7838d75d25f4dcc4511fea3cdea11ad18ccc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:4d:bf:69:9e:24:05:b8:05:9c:d7:14:ae:3e:
14:5b:ec:14:10:65:b8:65:f6:3b:52:56:0e:71:c4:
f3:a0:94:9e:38:d1:b8:ea:31:b7:cc:3c:a4:d2:36:
52:97:31:42:51:8c:a1:93:29:e0:ce:0a:99:df:88:
4a:a9:c2:e2:04:a3:f2:64:ba:d5:8d:a2:e3:9b:18:
f4:77:fd:4b:f0:2a:d1:ca:f9:8a:c6:3c:ad:d8:a8:
95:b2:25:24:52:1b:ff:42:70:4c:e8:1c:65:39:78:
ab:41:a4:b7:fc:d5:63:99:5c:be:97:79:a0:7d:7f:
9b:4b:65:ba:c3:b3:9b:c3:f5:ac:f2:0e:e8:5b:d0:
be:06:32:8f:a2:3e:0c:32:3d:1e:5b:ff:4b:2b:50:
f9:bc:64:3b:7e:09:b7:ee:a2:3d:01:ef:76:a5:86:
cb:ec:71:a7:b2:e5:8c:eb:30:4b:89:16:41:5e:7a:
8f:cc:30:31:8b:4e:1d:8b:29:b9:7b:de:78:84:fb:
c2:59:06:e1:bb:f6:aa:50:94:2d:e7:58:f4:56:91:
7a:73:5e:60:26:68:a3:d3:3b:31:09:11:d0:49:e9:
9e:cd:43:23:17:2e:be:b2:19:74:f7:5b:52:ca:36:
31:d4:7a:e7:0b:28:16:a4:fb:cc:ab:2d:69:d2:ca:
76:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:F7:83:8D:75:D2:5F:4D:CC:45:11:FE:A3:CD:EA:11:AD:18:CC:C9
X509v3 Authority Key Identifier:
keyid:0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/BveDjXXSX03MRRH-o83qEa0YzMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/CjfYB9T3zdPgr-SryO5aiAxgkPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.151.255.0/24
192.109.142.0/24
IPv6:
2a07:8147:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
10:6e:f2:8d:79:2f:a4:a1:6f:58:41:65:4f:28:4f:7d:da:71:
79:74:fe:62:25:32:9a:e4:ce:24:4b:39:06:05:21:5b:e1:1e:
19:d3:86:66:17:94:b0:8f:d8:aa:f3:03:66:71:23:ea:69:7b:
c4:1b:23:72:0e:17:ed:de:94:9b:59:4e:66:9d:6f:a7:a6:2c:
83:4f:66:51:4b:01:86:8a:a6:59:ab:04:42:21:d7:2e:c9:20:
2e:67:14:f2:83:11:54:b1:5c:c1:3d:51:47:58:fa:5e:31:3e:
07:3d:7a:22:42:5e:a5:03:fa:52:38:49:c3:0f:9e:99:b8:71:
d7:fe:2b:1b:06:e3:4a:60:51:05:fd:ff:7b:15:ed:57:7a:6e:
1f:fc:12:48:79:6a:0c:87:fe:91:8e:4f:5a:6c:51:42:b0:50:
6a:b3:46:c3:1c:7a:1e:e1:b2:ae:c3:8a:fe:cc:81:bf:48:cf:
fd:d3:36:8f:a5:f3:66:d2:c5:93:1b:39:d9:d4:46:be:f7:a3:
42:96:ab:1d:1d:c7:2b:95:d6:1f:a8:cf:2f:de:c7:2c:d3:21:
6c:d7:2f:82:76:6b:29:7c:5b:12:6a:3d:7d:24:05:54:b3:3e:
a1:d3:08:db:e7:e5:83:41:42:87:a0:98:90:55:25:e6:d3:8d:
16:33:0a:e1
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIECP9x5DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YTM3ZDgwN2Q0ZjdjZGQzZTBhZmU0YWJjOGVlNWE4ODBjNjA5MGYxMB4XDTIyMDEw
MTA4NTkwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDZmNzgzOGQ3NWQy
NWY0ZGNjNDUxMWZlYTNjZGVhMTFhZDE4Y2NjOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL9Nv2meJAW4BZzXFK4+FFvsFBBluGX2O1JWDnHE86CUnjjR
uOoxt8w8pNI2UpcxQlGMoZMp4M4Kmd+ISqnC4gSj8mS61Y2i45sY9Hf9S/Aq0cr5
isY8rdiolbIlJFIb/0JwTOgcZTl4q0Gkt/zVY5lcvpd5oH1/m0tlusOzm8P1rPIO
6FvQvgYyj6I+DDI9Hlv/SytQ+bxkO34Jt+6iPQHvdqWGy+xxp7LljOswS4kWQV56
j8wwMYtOHYspuXveeIT7wlkG4bv2qlCULedY9FaRenNeYCZoo9M7MQkR0Enpns1D
IxcuvrIZdPdbUso2MdR65wsoFqT7zKstadLKdpcCAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBQG94ONddJfTcxFEf6jzeoRrRjMyTAfBgNVHSMEGDAWgBQKN9gH1PfN0+Cv
5KvI7lqIDGCQ8TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NqZllCOVQzemRQZ3ItU3J5TzVhaUF4Z2tQRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODgvYmMyNjhkLTYxZjAtNDcxZi1hYWI5LTgwMGVkYTJjZmIzNi8x
L0J2ZURqWFhTWDAzTVJSSC1vODNxRWEwWXpNay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgv
YmMyNjhkLTYxZjAtNDcxZi1hYWI5LTgwMGVkYTJjZmIzNi8xL0NqZllCOVQzemRQ
Z3ItU3J5TzVhaUF4Z2tQRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEAJ+X/wMEAMBtjjAPBAIAAjAJAwcA
KgeBR///MA0GCSqGSIb3DQEBCwUAA4IBAQAQbvKNeS+koW9YQWVPKE992nF5dP5i
JTKa5M4kSzkGBSFb4R4Z04ZmF5Swj9iq8wNmcSPqaXvEGyNyDhft3pSbWU5mnW+n
piyDT2ZRSwGGiqZZqwRCIdcuySAuZxTygxFUsVzBPVFHWPpeMT4HPXoiQl6lA/pS
OEnDD56ZuHHX/isbBuNKYFEF/f97Fe1Xem4f/BJIeWoMh/6Rjk9abFFCsFBqs0bD
HHoe4bKuw4r+zIG/SM/90zaPpfNm0sWTGznZ1Ea+96NClqsdHccrldYfqM8v3scs
0yFs1y+CdmspfFsSaj19JAVUsz6h0wjb5+WDQUKHoJiQVSXm040WMwrh
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:39 2023 by rpki-client on console-ams.rpki-client.org