Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/de9615-0bc0-4e5e-8318-fb1d992de001/1/BcpCQEtkRIOAA5dzH0cBhgzQ518.roa
File: BcpCQEtkRIOAA5dzH0cBhgzQ518.roa (raw, json)
Hash identifier: m4hEBKg5PdR06yBoxOlyqQRa0XZcsc5RDgek+19u5jw=
Subject key identifier: 05:CA:42:40:4B:64:44:83:80:03:97:73:1F:47:01:86:0C:D0:E7:5F
Certificate issuer: /CN=aa8551e851e69db165c6c632af45f21715512939
Certificate serial: 0452C89E
Authority key identifier: AA:85:51:E8:51:E6:9D:B1:65:C6:C6:32:AF:45:F2:17:15:51:29:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qoVR6FHmnbFlxsYyr0XyFxVRKTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/de9615-0bc0-4e5e-8318-fb1d992de001/1/BcpCQEtkRIOAA5dzH0cBhgzQ518.roa
Signing time: Sat 01 Jan 2022 04:58:17 +0000
ROA not before: Sat 01 Jan 2022 04:58:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 176.221.80.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72534174 (0x452c89e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa8551e851e69db165c6c632af45f21715512939
Validity
Not Before: Jan 1 04:58:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=05ca42404b644483800397731f4701860cd0e75f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:17:28:48:2f:56:1e:4c:06:ad:f1:e4:d9:95:
53:0c:41:4e:7f:88:7a:29:a8:d2:35:ba:81:98:86:
54:cb:8b:84:8d:2f:bc:fc:1d:d8:a9:d3:70:67:19:
da:29:39:4e:f2:f4:6e:cb:ff:a0:a4:dd:29:dc:1e:
97:b2:50:b5:bd:be:bd:2f:1a:7f:0c:96:72:e8:94:
f6:47:cc:89:99:fb:60:f2:1f:90:d8:8f:b4:de:c5:
0c:a4:51:87:a9:05:cc:58:b7:51:6f:fd:d0:77:7b:
b8:e5:f0:b1:a3:89:c1:da:e0:b9:ae:3a:d0:8e:ce:
38:3e:91:26:fa:b1:16:cc:35:e8:35:ae:00:8a:bc:
c0:dd:16:6d:e6:6c:b5:54:9d:f4:c8:5b:27:c1:c6:
1a:29:2a:b7:5a:cf:e7:3f:b6:e5:90:3f:fc:8d:71:
d2:fe:dd:a9:a8:0d:87:8a:5c:77:4b:a0:8f:af:de:
76:8c:c0:5b:22:30:0a:cf:f4:a6:f0:18:e0:fa:fa:
a1:34:5f:2f:5b:17:d8:4e:47:8f:1f:5e:d4:88:64:
82:7d:10:18:b9:c5:0a:4d:fa:f7:5d:8d:d1:6f:9c:
de:b2:0c:23:61:25:3a:de:1d:07:4a:b7:ac:3f:7b:
d3:5b:5b:34:7d:38:55:f1:2e:71:eb:7a:c3:21:80:
d4:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:CA:42:40:4B:64:44:83:80:03:97:73:1F:47:01:86:0C:D0:E7:5F
X509v3 Authority Key Identifier:
keyid:AA:85:51:E8:51:E6:9D:B1:65:C6:C6:32:AF:45:F2:17:15:51:29:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qoVR6FHmnbFlxsYyr0XyFxVRKTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/de9615-0bc0-4e5e-8318-fb1d992de001/1/BcpCQEtkRIOAA5dzH0cBhgzQ518.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/de9615-0bc0-4e5e-8318-fb1d992de001/1/qoVR6FHmnbFlxsYyr0XyFxVRKTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.221.80.0/22
Signature Algorithm: sha256WithRSAEncryption
03:29:65:36:49:0d:a6:e2:c7:8a:7b:d9:76:d4:36:6a:2b:9c:
4a:f3:1a:3b:37:dd:b4:44:04:f7:b7:d3:9e:97:b3:df:75:0e:
c4:35:15:e1:0f:0a:b8:da:29:62:c5:6a:47:21:a9:f8:ac:81:
be:05:c5:ba:f9:2c:c3:71:6f:ba:37:42:dc:e4:48:1c:c6:4b:
5b:75:9f:6b:dc:a9:d7:ce:5b:2c:a3:14:69:20:c9:34:9e:28:
39:af:37:e0:2a:8c:0f:00:b8:e7:6c:3d:e3:c6:ce:00:d8:c1:
79:d3:89:c9:4b:fc:77:fb:4e:00:7e:b8:ac:e5:26:c7:a6:fe:
ae:e0:a1:33:70:cd:d8:b7:82:76:52:c4:c8:35:dc:89:f9:28:
c6:cc:30:6e:11:44:e3:3e:22:a8:d3:04:23:73:a6:f5:33:4c:
ab:f7:ff:4b:a2:97:c3:94:55:ac:fc:a5:03:21:ea:0c:5a:e7:
c5:07:f3:0e:da:26:47:43:72:10:43:7c:a5:9a:27:4f:64:b9:
f9:af:83:98:5d:61:79:0c:ad:36:33:d9:5c:52:29:4c:89:54:
ba:bd:fd:35:a6:c3:c0:c8:6c:5d:c2:b2:95:99:81:82:16:8d:
04:73:66:56:ed:c6:12:eb:94:11:30:9a:27:2f:4c:3e:04:ca:
3d:5c:4c:82
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBFLInjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YTg1NTFlODUxZTY5ZGIxNjVjNmM2MzJhZjQ1ZjIxNzE1NTEyOTM5MB4XDTIyMDEw
MTA0NTgxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDVjYTQyNDA0YjY0
NDQ4MzgwMDM5NzczMWY0NzAxODYwY2QwZTc1ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANYXKEgvVh5MBq3x5NmVUwxBTn+Ieimo0jW6gZiGVMuLhI0v
vPwd2KnTcGcZ2ik5TvL0bsv/oKTdKdwel7JQtb2+vS8afwyWcuiU9kfMiZn7YPIf
kNiPtN7FDKRRh6kFzFi3UW/90Hd7uOXwsaOJwdrgua460I7OOD6RJvqxFsw16DWu
AIq8wN0WbeZstVSd9MhbJ8HGGikqt1rP5z+25ZA//I1x0v7dqagNh4pcd0ugj6/e
dozAWyIwCs/0pvAY4Pr6oTRfL1sX2E5Hjx9e1Ihkgn0QGLnFCk36912N0W+c3rIM
I2ElOt4dB0q3rD9701tbNH04VfEucet6wyGA1J8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQFykJAS2REg4ADl3MfRwGGDNDnXzAfBgNVHSMEGDAWgBSqhVHoUeadsWXG
xjKvRfIXFVEpOTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FvVlI2RkhtbmJGbHhzWXlyMFh5RnhWUktUay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTIvZGU5NjE1LTBiYzAtNGU1ZS04MzE4LWZiMWQ5OTJkZTAwMS8x
L0JjcENRRXRrUklPQUE1ZHpIMGNCaGd6UTUxOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIv
ZGU5NjE1LTBiYzAtNGU1ZS04MzE4LWZiMWQ5OTJkZTAwMS8xL3FvVlI2RkhtbmJG
bHhzWXlyMFh5RnhWUktUay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArDdUDANBgkqhkiG9w0BAQsFAAOC
AQEAAyllNkkNpuLHinvZdtQ2aiucSvMaOzfdtEQE97fTnpez33UOxDUV4Q8KuNop
YsVqRyGp+KyBvgXFuvksw3FvujdC3ORIHMZLW3Wfa9yp185bLKMUaSDJNJ4oOa83
4CqMDwC452w948bOANjBedOJyUv8d/tOAH64rOUmx6b+ruChM3DN2LeCdlLEyDXc
ifkoxswwbhFE4z4iqNMEI3Om9TNMq/f/S6KXw5RVrPylAyHqDFrnxQfzDtomR0Ny
EEN8pZonT2S5+a+DmF1heQytNjPZXFIpTIlUur39NabDwMhsXcKylZmBghaNBHNm
Vu3GEuuUETCaJy9MPgTKPVxMgg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:39 2023 by rpki-client on console-fra.rpki-client.org