Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/c55be7-fe64-4e73-a063-1b0ef44f7884/1/Bf-0vxK6tyIbJJknJoT3HxPMVns.roa
File: Bf-0vxK6tyIbJJknJoT3HxPMVns.roa (raw, json)
Hash identifier: 7Hm3haubW+LKm4dpj1mWPFda2KaKG2Ztl/WlNZdvMxc=
Subject key identifier: 05:FF:B4:BF:12:BA:B7:22:1B:24:99:27:26:84:F7:1F:13:CC:56:7B
Certificate issuer: /CN=b3c856e956c4addb61598f3c2489f2bdf6ed1d18
Certificate serial: 01856C53F466D329A67D731A227E82B7E05D
Authority key identifier: B3:C8:56:E9:56:C4:AD:DB:61:59:8F:3C:24:89:F2:BD:F6:ED:1D:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s8hW6VbErdthWY88JInyvfbtHRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/c55be7-fe64-4e73-a063-1b0ef44f7884/1/Bf-0vxK6tyIbJJknJoT3HxPMVns.roa
Signing time: Sun 01 Jan 2023 07:55:19 +0000
ROA not before: Sun 01 Jan 2023 07:55:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41289
IP address blocks: 141.17.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:f4:66:d3:29:a6:7d:73:1a:22:7e:82:b7:e0:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3c856e956c4addb61598f3c2489f2bdf6ed1d18
Validity
Not Before: Jan 1 07:55:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05ffb4bf12bab7221b2499272684f71f13cc567b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:28:fc:a7:cf:cb:84:75:a0:2a:9c:ea:5e:18:
37:e7:29:23:68:d7:ab:f9:47:cc:3b:3f:70:dc:c6:
8a:d7:c7:b5:d4:9a:06:a2:77:cc:42:10:00:76:79:
30:a0:be:d3:01:09:6e:29:7d:bd:31:ab:21:89:ec:
10:d9:38:3d:4c:cf:e9:c9:e5:fd:8e:3c:3c:41:1f:
f6:41:8a:e0:92:1a:e6:1c:6d:16:0a:05:fd:26:be:
04:56:73:93:19:f0:fc:86:29:7e:3b:0c:c2:4d:2c:
f8:93:b3:8b:8e:d7:1d:f7:31:c0:36:12:ba:87:f4:
8b:74:09:e0:fb:99:71:cc:86:4b:3f:35:0c:5a:59:
fc:44:4e:0d:29:24:49:44:38:93:65:53:dd:8c:6b:
44:c3:6d:5d:f0:07:09:74:fe:de:9e:79:3c:3b:02:
26:1a:4f:c6:5a:41:cf:53:de:c4:9e:00:1b:32:9b:
c1:4f:98:58:91:af:ac:36:31:06:de:bf:63:95:05:
6f:05:01:02:34:bd:3d:6e:a7:b3:d7:85:f3:49:18:
d3:b3:ab:69:f8:cf:c1:8b:fc:f0:b7:9e:52:17:ca:
68:05:13:18:d2:1e:83:49:b6:b1:c2:36:a7:ad:98:
d3:0e:1a:73:85:55:58:e9:06:70:1f:c5:42:6d:6b:
cc:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:FF:B4:BF:12:BA:B7:22:1B:24:99:27:26:84:F7:1F:13:CC:56:7B
X509v3 Authority Key Identifier:
keyid:B3:C8:56:E9:56:C4:AD:DB:61:59:8F:3C:24:89:F2:BD:F6:ED:1D:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s8hW6VbErdthWY88JInyvfbtHRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/c55be7-fe64-4e73-a063-1b0ef44f7884/1/Bf-0vxK6tyIbJJknJoT3HxPMVns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/c55be7-fe64-4e73-a063-1b0ef44f7884/1/s8hW6VbErdthWY88JInyvfbtHRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.17.0.0/16
Signature Algorithm: sha256WithRSAEncryption
14:4e:d6:68:b8:6c:90:19:b9:7f:f4:da:81:e0:82:2e:98:28:
12:fe:8d:07:48:c3:3f:88:7a:97:b1:3a:81:9d:d4:50:2e:ed:
5b:04:1a:d9:9a:89:ad:32:48:c9:8c:fd:e6:d1:14:4c:d3:2e:
4e:25:34:ac:07:86:28:3b:56:ef:75:0b:de:61:5e:e7:75:5e:
53:58:e3:4a:1b:16:f9:b3:c2:8d:f8:e0:ed:02:03:af:6f:54:
f8:19:c0:bd:9a:c4:30:87:43:f7:84:13:e1:b2:d2:f4:1a:b0:
41:16:36:bf:05:9c:69:65:63:f1:61:f4:bb:4b:f7:31:03:53:
ff:b4:6e:e6:21:3b:6b:56:23:c1:1b:b2:d5:58:d1:42:48:0c:
20:41:43:b6:4a:ee:ad:17:bc:75:9d:91:77:7c:ae:9a:f7:03:
4b:55:bf:92:3e:7b:1c:12:ca:56:8a:af:89:68:41:57:29:32:
06:85:fd:d4:52:1b:a6:59:1b:4e:49:10:b0:23:22:43:77:4a:
f6:1d:12:0c:33:e9:b5:34:b7:3b:b0:0a:28:4e:df:1c:27:0d:
0d:ca:40:36:b1:0e:39:77:4a:3e:88:cc:ac:09:3e:f7:4e:21:
be:1e:02:03:93:fd:28:f3:37:59:28:5c:5c:a2:ab:82:d7:12:
1f:2c:07:5f
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVsU/Rm0ymmfXMaIn6Ct+BdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYzg1NmU5NTZjNGFkZGI2MTU5OGYzYzI0ODlmMmJkZjZl
ZDFkMTgwHhcNMjMwMTAxMDc1NTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWZmYjRiZjEyYmFiNzIyMWIyNDk5MjcyNjg0ZjcxZjEzY2M1NjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSj8p8/LhHWgKpzqXhg35ykjaNer
+UfMOz9w3MaK18e11JoGonfMQhAAdnkwoL7TAQluKX29MashiewQ2Tg9TM/pyeX9
jjw8QR/2QYrgkhrmHG0WCgX9Jr4EVnOTGfD8hil+OwzCTSz4k7OLjtcd9zHANhK6
h/SLdAng+5lxzIZLPzUMWln8RE4NKSRJRDiTZVPdjGtEw21d8AcJdP7ennk8OwIm
Gk/GWkHPU97EngAbMpvBT5hYka+sNjEG3r9jlQVvBQECNL09bqez14XzSRjTs6tp
+M/Bi/zwt55SF8poBRMY0h6DSbaxwjanrZjTDhpzhVVY6QZwH8VCbWvMZQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFAX/tL8SurciGySZJyaE9x8TzFZ7MB8GA1UdIwQY
MBaAFLPIVulWxK3bYVmPPCSJ8r327R0YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczhoVzZWYkVyZHRoV1k4OEpJbnl2ZmJ0SFJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9jNTViZTctZmU2NC00ZTczLWEwNjMt
MWIwZWY0NGY3ODg0LzEvQmYtMHZ4SzZ0eUliSkprbkpvVDNIeFBNVm5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9jNTViZTctZmU2NC00ZTczLWEwNjMtMWIwZWY0NGY3ODg0
LzEvczhoVzZWYkVyZHRoV1k4OEpJbnl2ZmJ0SFJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjREwDQYJ
KoZIhvcNAQELBQADggEBABRO1mi4bJAZuX/02oHggi6YKBL+jQdIwz+IepexOoGd
1FAu7VsEGtmaia0ySMmM/ebRFEzTLk4lNKwHhig7Vu91C95hXud1XlNY40obFvmz
wo344O0CA69vVPgZwL2axDCHQ/eEE+Gy0vQasEEWNr8FnGllY/Fh9LtL9zEDU/+0
buYhO2tWI8EbstVY0UJIDCBBQ7ZK7q0XvHWdkXd8rpr3A0tVv5I+exwSylaKr4lo
QVcpMgaF/dRSG6ZZG05JELAjIkN3SvYdEgwz6bU0tzuwCihO3xwnDQ3KQDaxDjl3
Sj6IzKwJPvdOIb4eAgOT/SjzN1koXFyiq4LXEh8sB18=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:25:18 2025 by rpki-client