Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/6b547f-cebd-48b5-bdcb-83ae2f214121/1/BRFySbmHlJqE9-fEpy932uitLq0.roa
File: BRFySbmHlJqE9-fEpy932uitLq0.roa (raw, json)
Hash identifier: kfUwOD0+Q8tyE6KnZqLcQHF1b5vA/+dRec2IAvFCEF4=
Subject key identifier: 05:11:72:49:B9:87:94:9A:84:F7:E7:C4:A7:2F:77:DA:E8:AD:2E:AD
Certificate issuer: /CN=5690efa23c778ef7470f3ac0a905619bc7c277e4
Certificate serial: 01856C0A4A121C5B9B4C2A46323E60220719
Authority key identifier: 56:90:EF:A2:3C:77:8E:F7:47:0F:3A:C0:A9:05:61:9B:C7:C2:77:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VpDvojx3jvdHDzrAqQVhm8fCd-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/6b547f-cebd-48b5-bdcb-83ae2f214121/1/BRFySbmHlJqE9-fEpy932uitLq0.roa
Signing time: Sun 01 Jan 2023 06:34:51 +0000
ROA not before: Sun 01 Jan 2023 06:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137
IP address blocks: 141.250.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:0a:4a:12:1c:5b:9b:4c:2a:46:32:3e:60:22:07:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5690efa23c778ef7470f3ac0a905619bc7c277e4
Validity
Not Before: Jan 1 06:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05117249b987949a84f7e7c4a72f77dae8ad2ead
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:84:c8:39:8c:6d:58:47:30:c7:8b:82:bf:04:
42:e9:ca:b1:a9:2e:b4:55:b3:3d:80:c8:d2:bd:c5:
8c:f7:5c:41:8d:c9:60:0b:32:93:62:c6:59:ee:65:
62:4b:d7:ec:9e:a6:ab:7b:51:88:bd:80:64:5b:15:
d9:81:32:7c:10:67:48:f8:71:54:4c:41:71:bd:5b:
ef:b8:70:02:56:d4:61:39:00:0f:2e:92:8c:d5:fa:
c9:9c:4f:77:ec:3b:88:ed:c0:c5:e4:9d:57:74:8e:
23:e0:17:fb:0b:22:fe:72:4f:77:32:2b:61:ec:a1:
f9:4d:48:87:f4:90:db:f5:cd:b7:16:d9:be:6a:32:
64:b5:7e:6b:97:c0:91:ef:d1:fc:35:db:96:4d:b8:
0b:cc:52:3d:51:f7:5c:8f:70:ea:ba:c6:c3:84:a9:
c5:4a:ad:cd:60:b7:47:40:6b:6b:80:32:a0:de:8f:
d0:b2:8a:ab:36:74:16:c0:7c:24:58:bd:78:e2:09:
46:ec:ad:07:68:d0:93:dc:5a:ca:3f:65:56:95:35:
72:8a:2d:df:91:66:e6:ed:27:d4:58:94:89:a2:51:
80:7a:b9:08:da:f0:29:e3:75:3a:e8:4a:d4:ed:d9:
47:5b:bb:d4:53:08:5f:94:95:4e:c8:fe:9e:a6:d6:
d4:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:11:72:49:B9:87:94:9A:84:F7:E7:C4:A7:2F:77:DA:E8:AD:2E:AD
X509v3 Authority Key Identifier:
keyid:56:90:EF:A2:3C:77:8E:F7:47:0F:3A:C0:A9:05:61:9B:C7:C2:77:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VpDvojx3jvdHDzrAqQVhm8fCd-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6b547f-cebd-48b5-bdcb-83ae2f214121/1/BRFySbmHlJqE9-fEpy932uitLq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6b547f-cebd-48b5-bdcb-83ae2f214121/1/VpDvojx3jvdHDzrAqQVhm8fCd-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.250.0.0/16
Signature Algorithm: sha256WithRSAEncryption
46:90:7f:24:de:cf:21:df:c3:ed:eb:de:13:cd:95:f8:b1:55:
aa:54:6e:25:d3:18:b4:34:5e:c2:a7:98:d6:52:bc:ff:2b:6c:
6c:8d:35:33:3a:1d:4d:63:35:ea:cc:ce:4a:d0:75:40:ee:28:
99:76:e4:b2:7b:db:d0:01:a4:98:89:0f:b4:5b:9e:c9:c9:87:
e0:b9:d3:ea:c2:ee:a2:6f:d6:45:47:28:e4:02:a7:8c:bb:b9:
a3:da:ee:c8:4a:13:1d:2e:02:37:86:e7:69:cc:2c:4d:6f:4f:
f5:c7:78:aa:1b:34:a5:69:37:cd:a7:b9:2e:a0:3e:bd:8e:2f:
22:ed:d4:ce:91:06:59:56:07:09:7b:bf:35:c0:eb:d0:91:8c:
d8:b7:91:ca:17:85:9a:11:54:25:7b:0b:00:a0:dd:85:c2:04:
61:ee:89:09:8f:af:b4:c9:cf:ab:e5:32:43:d0:a8:05:ce:bb:
8d:60:06:e3:cb:b1:36:c9:14:ce:a2:4f:31:d7:c4:f3:15:d0:
c4:a9:53:83:9b:18:70:20:67:68:58:2b:cc:4a:f3:ec:15:2a:
bd:04:3b:63:a9:fc:eb:a8:50:5c:ef:63:93:d2:f9:39:d0:c3:
dc:55:ad:6d:5e:72:de:4c:0b:25:ca:e9:97:b0:fb:7c:cb:24:
a0:8c:d1:f0
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVsCkoSHFubTCpGMj5gIgcZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2OTBlZmEyM2M3NzhlZjc0NzBmM2FjMGE5MDU2MTliYzdj
Mjc3ZTQwHhcNMjMwMTAxMDYzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTExNzI0OWI5ODc5NDlhODRmN2U3YzRhNzJmNzdkYWU4YWQyZWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4TIOYxtWEcwx4uCvwRC6cqxqS60
VbM9gMjSvcWM91xBjclgCzKTYsZZ7mViS9fsnqare1GIvYBkWxXZgTJ8EGdI+HFU
TEFxvVvvuHACVtRhOQAPLpKM1frJnE937DuI7cDF5J1XdI4j4Bf7CyL+ck93Mith
7KH5TUiH9JDb9c23Ftm+ajJktX5rl8CR79H8NduWTbgLzFI9Ufdcj3DqusbDhKnF
Sq3NYLdHQGtrgDKg3o/QsoqrNnQWwHwkWL144glG7K0HaNCT3FrKP2VWlTVyii3f
kWbm7SfUWJSJolGAerkI2vAp43U66ErU7dlHW7vUUwhflJVOyP6eptbUhwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFAURckm5h5SahPfnxKcvd9rorS6tMB8GA1UdIwQY
MBaAFFaQ76I8d473Rw86wKkFYZvHwnfkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnBEdm9qeDNqdmRIRHpyQXFRVmhtOGZDZC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy82YjU0N2YtY2ViZC00OGI1LWJkY2It
ODNhZTJmMjE0MTIxLzEvQlJGeVNibUhsSnFFOS1mRXB5OTMydWl0THEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy82YjU0N2YtY2ViZC00OGI1LWJkY2ItODNhZTJmMjE0MTIx
LzEvVnBEdm9qeDNqdmRIRHpyQXFRVmhtOGZDZC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjfowDQYJ
KoZIhvcNAQELBQADggEBAEaQfyTezyHfw+3r3hPNlfixVapUbiXTGLQ0XsKnmNZS
vP8rbGyNNTM6HU1jNerMzkrQdUDuKJl25LJ729ABpJiJD7RbnsnJh+C50+rC7qJv
1kVHKOQCp4y7uaPa7shKEx0uAjeG52nMLE1vT/XHeKobNKVpN82nuS6gPr2OLyLt
1M6RBllWBwl7vzXA69CRjNi3kcoXhZoRVCV7CwCg3YXCBGHuiQmPr7TJz6vlMkPQ
qAXOu41gBuPLsTbJFM6iTzHXxPMV0MSpU4ObGHAgZ2hYK8xK8+wVKr0EO2Op/Ouo
UFzvY5PS+TnQw9xVrW1ect5MCyXK6Zew+3zLJKCM0fA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:13 2025 by rpki-client