Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/edd939-f18a-4165-b728-91a32eff6ccd/1/BG_dJOffuGKs-BotKGuNh-nabZU.roa
File: BG_dJOffuGKs-BotKGuNh-nabZU.roa (raw, json)
Hash identifier: mKnf7rZ7EOPuWAshMOgq9pIZt+Vg63wFTSWGUVp9sV4=
Subject key identifier: 04:6F:DD:24:E7:DF:B8:62:AC:F8:1A:2D:28:6B:8D:87:E9:DA:6D:95
Certificate issuer: /CN=953ac97a81c7794e62080e35b9e87b41d4b1868f
Certificate serial: 0F5C8424
Authority key identifier: 95:3A:C9:7A:81:C7:79:4E:62:08:0E:35:B9:E8:7B:41:D4:B1:86:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lTrJeoHHeU5iCA41ueh7QdSxho8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/edd939-f18a-4165-b728-91a32eff6ccd/1/BG_dJOffuGKs-BotKGuNh-nabZU.roa
Signing time: Sat 01 Jan 2022 15:55:54 +0000
ROA not before: Sat 01 Jan 2022 15:55:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 553
IP address blocks: 192.52.0.0/19 maxlen: 19
192.52.32.0/20 maxlen: 20
192.52.50.0/24 maxlen: 24
192.52.48.0/23 maxlen: 23
132.230.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 257721380 (0xf5c8424)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=953ac97a81c7794e62080e35b9e87b41d4b1868f
Validity
Not Before: Jan 1 15:55:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=046fdd24e7dfb862acf81a2d286b8d87e9da6d95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:07:1c:8b:ab:40:4d:02:08:f3:9b:94:64:64:
f0:a7:d1:2d:37:a4:ba:6e:e8:30:b0:e0:99:47:a3:
a8:a8:09:af:2c:3a:db:a8:da:db:71:0c:75:87:39:
c3:67:3c:93:4b:ae:fd:12:c1:33:0f:89:73:ec:2e:
25:31:6c:7c:a7:5d:fc:d9:7d:5c:90:53:e2:aa:0b:
f9:ef:9a:f4:e2:bb:77:4a:44:f2:fa:94:98:b0:a6:
a4:07:a5:85:97:03:79:36:6d:61:1a:23:e0:8f:bf:
38:19:5c:73:34:51:e3:03:e8:80:8b:6a:92:9f:0d:
21:d0:f2:4d:ba:30:8c:5d:6d:43:45:ec:cf:cb:23:
af:18:fb:a9:ae:80:e2:93:91:eb:07:bb:6c:3f:02:
e5:c9:da:4b:66:a1:48:86:d5:34:15:bf:dc:ac:4b:
0b:42:b7:eb:6d:77:37:61:22:57:2b:2b:44:db:0e:
d4:55:dc:26:5c:4f:a3:1a:75:d5:cb:36:5b:aa:ce:
6a:6c:13:d0:d4:70:3c:10:b2:3c:d6:87:0a:d5:9c:
c2:d8:27:62:8d:e8:06:96:87:f2:c9:07:36:98:a4:
2b:a5:aa:fc:0e:6f:ff:99:53:4d:7b:6e:1f:f9:9a:
0c:74:3f:a7:51:d5:51:0d:07:b7:b4:8c:6d:d6:f9:
cf:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:6F:DD:24:E7:DF:B8:62:AC:F8:1A:2D:28:6B:8D:87:E9:DA:6D:95
X509v3 Authority Key Identifier:
keyid:95:3A:C9:7A:81:C7:79:4E:62:08:0E:35:B9:E8:7B:41:D4:B1:86:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lTrJeoHHeU5iCA41ueh7QdSxho8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/edd939-f18a-4165-b728-91a32eff6ccd/1/BG_dJOffuGKs-BotKGuNh-nabZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/edd939-f18a-4165-b728-91a32eff6ccd/1/lTrJeoHHeU5iCA41ueh7QdSxho8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
132.230.0.0/16
192.52.0.0-192.52.50.255
Signature Algorithm: sha256WithRSAEncryption
3b:dd:46:f9:b2:5f:6d:ba:6d:54:e6:36:98:8e:f0:b2:15:74:
ca:7b:8f:a1:e6:5b:62:98:f8:dd:fb:41:2f:55:c3:b7:45:19:
13:fd:64:1e:40:47:51:62:e4:86:72:da:ac:76:c8:d9:0b:4e:
08:0d:d4:51:07:3b:de:3a:17:31:aa:ca:5a:29:93:a1:17:03:
f5:4e:ce:ff:ab:a6:c7:b1:e2:2d:98:03:90:91:c1:ef:c2:65:
f7:6f:10:0d:80:50:d1:32:1e:65:30:15:a0:7a:31:2c:10:94:
8d:8d:ff:10:7a:e2:86:6e:1e:4a:50:1f:3b:1d:e1:e2:ae:37:
3a:cd:17:3f:34:77:6f:a8:b6:9b:c7:ff:06:30:6c:7a:0f:26:
4f:9a:7a:a2:24:64:5b:4f:17:f1:9d:49:c4:1d:f5:0c:b4:86:
84:c7:81:79:93:92:03:17:05:4c:08:3f:0f:0b:d9:2b:a4:f6:
76:07:1c:3c:d0:b3:b9:75:47:d1:e0:be:29:7f:76:5c:7f:96:
0f:a3:be:6b:4c:77:2d:44:96:2c:f9:f7:e9:c5:e3:68:f9:be:
f2:3f:90:3a:44:64:c3:ab:b0:7d:36:13:6a:21:c7:48:58:a9:
d0:4d:e8:fd:93:2a:ef:ae:08:dc:af:56:33:02:88:13:48:47:
12:fc:a1:fb
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIED1yEJDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NTNhYzk3YTgxYzc3OTRlNjIwODBlMzViOWU4N2I0MWQ0YjE4NjhmMB4XDTIyMDEw
MTE1NTU1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDQ2ZmRkMjRlN2Rm
Yjg2MmFjZjgxYTJkMjg2YjhkODdlOWRhNmQ5NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALgHHIurQE0CCPOblGRk8KfRLTekum7oMLDgmUejqKgJryw6
26ja23EMdYc5w2c8k0uu/RLBMw+Jc+wuJTFsfKdd/Nl9XJBT4qoL+e+a9OK7d0pE
8vqUmLCmpAelhZcDeTZtYRoj4I+/OBlcczRR4wPogItqkp8NIdDyTbowjF1tQ0Xs
z8sjrxj7qa6A4pOR6we7bD8C5cnaS2ahSIbVNBW/3KxLC0K36213N2EiVysrRNsO
1FXcJlxPoxp11cs2W6rOamwT0NRwPBCyPNaHCtWcwtgnYo3oBpaH8skHNpikK6Wq
/A5v/5lTTXtuH/maDHQ/p1HVUQ0Ht7SMbdb5z78CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQEb90k59+4Yqz4Gi0oa42H6dptlTAfBgNVHSMEGDAWgBSVOsl6gcd5TmII
DjW56HtB1LGGjzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xUckplb0hIZVU1aUNBNDF1ZWg3UWRTeGhvOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODkvZWRkOTM5LWYxOGEtNDE2NS1iNzI4LTkxYTMyZWZmNmNjZC8x
L0JHX2RKT2ZmdUdLcy1Cb3RLR3VOaC1uYWJaVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODkv
ZWRkOTM5LWYxOGEtNDE2NS1iNzI4LTkxYTMyZWZmNmNjZC8xL2xUckplb0hIZVU1
aUNBNDF1ZWg3UWRTeGhvOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMDAITmMAsDAwLANAMEAMA0MjANBgkq
hkiG9w0BAQsFAAOCAQEAO91G+bJfbbptVOY2mI7wshV0ynuPoeZbYpj43ftBL1XD
t0UZE/1kHkBHUWLkhnLarHbI2QtOCA3UUQc73joXMarKWimToRcD9U7O/6umx7Hi
LZgDkJHB78Jl928QDYBQ0TIeZTAVoHoxLBCUjY3/EHrihm4eSlAfOx3h4q43Os0X
PzR3b6i2m8f/BjBseg8mT5p6oiRkW08X8Z1JxB31DLSGhMeBeZOSAxcFTAg/DwvZ
K6T2dgccPNCzuXVH0eC+KX92XH+WD6O+a0x3LUSWLPn36cXjaPm+8j+QOkRkw6uw
fTYTaiHHSFip0E3o/ZMq764I3K9WMwKIE0hHEvyh+w==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:21 2025 by rpki-client