Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/923448-3027-4941-98a4-ba7b1f3769e3/1/bfIrKta528qVK1I3u-51q5YYqM0.roa
File: bfIrKta528qVK1I3u-51q5YYqM0.roa (raw, json)
Hash identifier: wWMjxCXLBCrBosFsijC2Jsr8axKsWJFU40fTju1xTKQ=
Subject key identifier: 6D:F2:2B:2A:D6:B9:DB:CA:95:2B:52:37:BB:EE:75:AB:96:18:A8:CD
Certificate issuer: /CN=6ddd4052e0fc76536361cbbdc7750877ddf360ad
Certificate serial: 0185715E8A9E6F8E20D1C0607A91A0FDCCC9
Authority key identifier: 6D:DD:40:52:E0:FC:76:53:63:61:CB:BD:C7:75:08:77:DD:F3:60:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bd1AUuD8dlNjYcu9x3UId93zYK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/923448-3027-4941-98a4-ba7b1f3769e3/1/bfIrKta528qVK1I3u-51q5YYqM0.roa
Signing time: Mon 02 Jan 2023 07:24:59 +0000
ROA not before: Mon 02 Jan 2023 07:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210874
IP address blocks: 45.10.100.0/22 maxlen: 22
2a0e:3700::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:5e:8a:9e:6f:8e:20:d1:c0:60:7a:91:a0:fd:cc:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddd4052e0fc76536361cbbdc7750877ddf360ad
Validity
Not Before: Jan 2 07:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6df22b2ad6b9dbca952b5237bbee75ab9618a8cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f0:d0:3f:df:50:c3:da:76:a1:33:cf:35:ac:
6a:6a:7a:ac:8d:32:71:90:5b:a8:65:3c:66:49:5c:
f4:89:55:72:d6:39:6c:b4:ee:ba:e9:0d:23:9b:3a:
87:e2:0d:06:ea:81:5a:00:22:b5:57:4d:bf:64:19:
1c:f4:6f:90:3f:37:76:34:36:2a:4e:f2:af:61:e5:
0a:40:c0:51:cf:bf:d0:55:6d:25:d9:66:55:e2:28:
07:e6:d0:13:70:e3:8f:94:c5:4a:75:90:ec:f7:b6:
71:13:57:8e:a6:06:76:b8:75:11:6f:1d:6d:1b:a8:
87:37:6f:a8:4f:ed:9b:c9:05:6f:2b:22:a5:2d:5c:
43:6c:47:7b:47:4a:81:7e:ba:11:ac:67:15:56:1c:
67:0c:39:b7:91:72:06:84:7c:9a:35:9a:16:93:11:
e4:57:cb:df:9e:57:03:85:98:9d:a4:43:14:24:84:
53:67:65:11:e9:a9:f3:d1:59:bc:53:64:da:c9:d4:
7c:d8:f1:25:fe:ad:38:9e:23:21:e3:35:c8:b2:73:
78:2f:52:90:ec:35:f7:cd:eb:5d:42:91:fc:17:d1:
3b:67:60:c7:84:8e:40:26:fa:98:52:f1:a9:93:b1:
58:56:a9:d4:53:10:1e:7d:0d:e5:10:87:79:0d:51:
34:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:F2:2B:2A:D6:B9:DB:CA:95:2B:52:37:BB:EE:75:AB:96:18:A8:CD
X509v3 Authority Key Identifier:
keyid:6D:DD:40:52:E0:FC:76:53:63:61:CB:BD:C7:75:08:77:DD:F3:60:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd1AUuD8dlNjYcu9x3UId93zYK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/923448-3027-4941-98a4-ba7b1f3769e3/1/bfIrKta528qVK1I3u-51q5YYqM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/923448-3027-4941-98a4-ba7b1f3769e3/1/bd1AUuD8dlNjYcu9x3UId93zYK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.100.0/22
IPv6:
2a0e:3700::/29
Signature Algorithm: sha256WithRSAEncryption
85:66:df:07:67:28:97:4a:0e:6d:07:44:b3:6f:c4:70:2d:b4:
a8:64:89:a3:83:31:fd:a1:40:91:9e:e7:8a:95:1a:90:1d:9a:
56:79:41:3d:80:b7:1a:5c:ea:79:ca:4c:9d:f2:4f:56:1d:5a:
43:eb:71:25:c0:c5:90:c8:57:1b:5a:d3:77:0d:4c:31:5e:4d:
63:7b:e5:67:9e:9a:dd:35:4f:14:c7:f8:20:d5:42:ef:94:85:
8c:06:b7:17:b2:0c:0f:77:93:f0:5e:42:17:5c:3c:42:1e:07:
46:d0:73:99:ac:7f:ed:c5:8d:cf:d8:34:ba:5e:2b:e0:d6:22:
0c:4d:e2:52:b2:b1:79:b8:6f:59:cc:3e:2e:12:08:32:e7:23:
59:41:7e:d0:ce:1a:9c:2d:73:66:49:19:50:48:5b:05:83:76:
66:1d:4c:49:2e:91:00:0d:79:cf:c8:62:96:d3:f3:0d:ab:72:
78:29:39:7b:3b:48:c5:c1:d9:b1:04:40:36:63:1f:2d:39:25:
13:97:70:ad:b5:cb:0d:9d:e1:e1:1e:3f:0f:71:08:5c:2b:7f:
6f:79:b6:4f:51:2a:75:c1:9e:30:90:27:c3:b1:22:76:6c:d8:
83:55:90:75:2a:2d:4c:23:89:32:cc:12:53:83:24:fb:23:87:
94:af:99:20
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxXoqeb44g0cBgepGg/czJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGQ0MDUyZTBmYzc2NTM2MzYxY2JiZGM3NzUwODc3ZGRm
MzYwYWQwHhcNMjMwMTAyMDcyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGYyMmIyYWQ2YjlkYmNhOTUyYjUyMzdiYmVlNzVhYjk2MThhOGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfDQP99Qw9p2oTPPNaxqanqsjTJx
kFuoZTxmSVz0iVVy1jlstO666Q0jmzqH4g0G6oFaACK1V02/ZBkc9G+QPzd2NDYq
TvKvYeUKQMBRz7/QVW0l2WZV4igH5tATcOOPlMVKdZDs97ZxE1eOpgZ2uHURbx1t
G6iHN2+oT+2byQVvKyKlLVxDbEd7R0qBfroRrGcVVhxnDDm3kXIGhHyaNZoWkxHk
V8vfnlcDhZidpEMUJIRTZ2UR6anz0Vm8U2TaydR82PEl/q04niMh4zXIsnN4L1KQ
7DX3zetdQpH8F9E7Z2DHhI5AJvqYUvGpk7FYVqnUUxAefQ3lEId5DVE0pQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG3yKyrWudvKlStSN7vudauWGKjNMB8GA1UdIwQY
MBaAFG3dQFLg/HZTY2HLvcd1CHfd82CtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmQxQVV1RDhkbE5qWWN1OXgzVUlkOTN6WUswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85MjM0NDgtMzAyNy00OTQxLTk4YTQt
YmE3YjFmMzc2OWUzLzEvYmZJckt0YTUyOHFWSzFJM3UtNTFxNVlZcU0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85MjM0NDgtMzAyNy00OTQxLTk4YTQtYmE3YjFmMzc2OWUz
LzEvYmQxQVV1RDhkbE5qWWN1OXgzVUlkOTN6WUswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLQpkMA0E
AgACMAcDBQMqDjcAMA0GCSqGSIb3DQEBCwUAA4IBAQCFZt8HZyiXSg5tB0Szb8Rw
LbSoZImjgzH9oUCRnueKlRqQHZpWeUE9gLcaXOp5ykyd8k9WHVpD63ElwMWQyFcb
WtN3DUwxXk1je+VnnprdNU8Ux/gg1ULvlIWMBrcXsgwPd5PwXkIXXDxCHgdG0HOZ
rH/txY3P2DS6Xivg1iIMTeJSsrF5uG9ZzD4uEggy5yNZQX7QzhqcLXNmSRlQSFsF
g3ZmHUxJLpEADXnPyGKW0/MNq3J4KTl7O0jFwdmxBEA2Yx8tOSUTl3CttcsNneHh
Hj8PcQhcK39vebZPUSp1wZ4wkCfDsSJ2bNiDVZB1Ki1MI4kyzBJTgyT7I4eUr5kg
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:34 2025 by rpki-client