Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/39db4d-e93f-4139-aad8-6c28bb40d52e/1/BMZBf-snyKn-dSGWDx5H0AI0QkY.roa
File: BMZBf-snyKn-dSGWDx5H0AI0QkY.roa (raw, json)
Hash identifier: vSwYM4pJQ9CUH+0ZT0wMkgZFmjb4Lxzg6rZ1PdIHeXE=
Subject key identifier: 04:C6:41:7F:EB:27:C8:A9:FE:75:21:96:0F:1E:47:D0:02:34:42:46
Certificate issuer: /CN=86623a8458eff347d424348588829ee137b45a3f
Certificate serial: 018C8C83D2A32E2CECD0FBB1EEA3B415D880
Authority key identifier: 86:62:3A:84:58:EF:F3:47:D4:24:34:85:88:82:9E:E1:37:B4:5A:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hmI6hFjv80fUJDSFiIKe4Te0Wj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/39db4d-e93f-4139-aad8-6c28bb40d52e/1/BMZBf-snyKn-dSGWDx5H0AI0QkY.roa
Signing time: Thu 21 Dec 2023 13:14:58 +0000
ROA not before: Thu 21 Dec 2023 13:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43754
IP address blocks: 91.207.205.0/27 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8c:83:d2:a3:2e:2c:ec:d0:fb:b1:ee:a3:b4:15:d8:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86623a8458eff347d424348588829ee137b45a3f
Validity
Not Before: Dec 21 13:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=04c6417feb27c8a9fe7521960f1e47d002344246
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:dc:03:7d:c2:2f:d9:7d:63:8c:1b:49:71:18:
0b:0b:cf:9b:e2:4c:76:0a:e4:ec:8d:97:29:f1:21:
7d:86:fd:64:12:df:c8:84:0a:e2:6b:1e:87:0e:e4:
ec:68:76:57:f0:de:d5:24:39:a2:af:51:1b:f0:1c:
51:df:1c:0b:ad:21:34:23:1a:3a:37:56:88:43:97:
d3:ac:7f:a4:bf:7f:fc:c1:a8:19:bc:97:ea:ef:ef:
87:69:f0:2a:eb:59:24:92:0f:24:e1:1b:fe:8e:b8:
7c:df:74:f9:02:3f:f8:a5:0c:b0:4c:53:9e:15:ff:
cd:da:48:ce:cd:d2:30:b5:ef:4b:c1:65:fd:cc:a8:
36:ab:8e:d9:9a:ae:99:ba:9c:e9:0f:c0:54:7a:33:
17:5f:f3:fe:3b:1a:60:a5:37:22:31:a4:81:b8:80:
37:da:21:e2:f3:bf:96:78:63:34:e2:89:a6:4e:c0:
e1:f9:c9:8d:fb:e1:f7:58:49:fd:95:8f:a5:3e:d2:
83:c5:40:e5:f5:1c:3b:cb:83:43:39:ce:55:37:01:
14:b1:ee:1e:8e:ef:9a:f4:2a:5d:f8:25:4d:23:43:
48:f4:69:17:ae:8d:7d:4e:08:34:d0:cd:fc:f4:0c:
3f:5e:5b:ef:e1:94:fb:af:29:0e:e9:61:c1:01:2f:
44:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:C6:41:7F:EB:27:C8:A9:FE:75:21:96:0F:1E:47:D0:02:34:42:46
X509v3 Authority Key Identifier:
keyid:86:62:3A:84:58:EF:F3:47:D4:24:34:85:88:82:9E:E1:37:B4:5A:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hmI6hFjv80fUJDSFiIKe4Te0Wj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/39db4d-e93f-4139-aad8-6c28bb40d52e/1/BMZBf-snyKn-dSGWDx5H0AI0QkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/39db4d-e93f-4139-aad8-6c28bb40d52e/1/hmI6hFjv80fUJDSFiIKe4Te0Wj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.205.0/27
Signature Algorithm: sha256WithRSAEncryption
03:9b:22:37:df:dc:ad:21:e5:c6:ef:46:87:82:0d:b4:6a:d8:
dc:88:d8:4e:d9:fe:82:66:e6:7a:d7:38:3e:09:80:f1:f9:f1:
aa:82:47:75:87:c2:ef:c3:4c:a8:4c:b6:93:76:44:a1:e4:72:
cf:eb:99:a3:70:2d:ef:18:4a:1c:e3:56:32:ff:ce:a0:b9:a4:
ab:a6:e8:5f:70:ba:da:32:84:c6:da:39:da:41:5b:09:ea:08:
d4:cb:32:d8:a8:16:13:81:df:10:9f:04:f8:fe:f1:54:c1:d2:
38:59:87:5d:94:f5:bf:c4:a9:87:d1:26:55:d5:8a:52:0d:04:
39:60:89:b1:aa:cc:d2:b0:0b:84:85:21:99:1b:fc:05:4a:5b:
68:ee:6a:0f:3a:96:ee:e6:09:6f:a7:76:22:2e:5d:73:e4:e1:
77:28:c3:20:39:ee:a8:f4:d0:fe:c8:99:8c:87:bc:f6:7b:76:
7e:d2:0b:c6:ee:f7:d1:bb:ee:e5:c1:59:9b:f0:f8:d7:8b:90:
a5:a5:b9:72:0f:f5:21:59:27:68:c2:73:c0:99:b9:0c:80:25:
e2:57:0e:cd:aa:13:ab:58:9a:16:a1:fe:b6:fb:12:43:b1:54:
68:4a:ff:e5:47:fe:92:b2:90:7f:b9:bf:fa:1a:10:7e:19:d2:
61:fb:c7:41
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYyMg9KjLizs0Pux7qO0FdiAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NjIzYTg0NThlZmYzNDdkNDI0MzQ4NTg4ODI5ZWUxMzdi
NDVhM2YwHhcNMjMxMjIxMTMxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGM2NDE3ZmViMjdjOGE5ZmU3NTIxOTYwZjFlNDdkMDAyMzQ0MjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntwDfcIv2X1jjBtJcRgLC8+b4kx2
CuTsjZcp8SF9hv1kEt/IhAriax6HDuTsaHZX8N7VJDmir1Eb8BxR3xwLrSE0Ixo6
N1aIQ5fTrH+kv3/8wagZvJfq7++HafAq61kkkg8k4Rv+jrh833T5Aj/4pQywTFOe
Ff/N2kjOzdIwte9LwWX9zKg2q47Zmq6ZupzpD8BUejMXX/P+OxpgpTciMaSBuIA3
2iHi87+WeGM04ommTsDh+cmN++H3WEn9lY+lPtKDxUDl9Rw7y4NDOc5VNwEUse4e
ju+a9Cpd+CVNI0NI9GkXro19Tgg00M389Aw/Xlvv4ZT7rykO6WHBAS9EYQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFATGQX/rJ8ip/nUhlg8eR9ACNEJGMB8GA1UdIwQY
MBaAFIZiOoRY7/NH1CQ0hYiCnuE3tFo/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaG1JNmhGanY4MGZVSkRTRmlJS2U0VGUwV2o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi8zOWRiNGQtZTkzZi00MTM5LWFhZDgt
NmMyOGJiNDBkNTJlLzEvQk1aQmYtc255S24tZFNHV0R4NUgwQUkwUWtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi8zOWRiNGQtZTkzZi00MTM5LWFhZDgtNmMyOGJiNDBkNTJl
LzEvaG1JNmhGanY4MGZVSkRTRmlJS2U0VGUwV2o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAATAHAwUFW8/NADAN
BgkqhkiG9w0BAQsFAAOCAQEAA5siN9/crSHlxu9Gh4INtGrY3IjYTtn+gmbmetc4
PgmA8fnxqoJHdYfC78NMqEy2k3ZEoeRyz+uZo3At7xhKHONWMv/OoLmkq6boX3C6
2jKExto52kFbCeoI1Msy2KgWE4HfEJ8E+P7xVMHSOFmHXZT1v8Sph9EmVdWKUg0E
OWCJsarM0rALhIUhmRv8BUpbaO5qDzqW7uYJb6d2Ii5dc+ThdyjDIDnuqPTQ/siZ
jIe89nt2ftILxu730bvu5cFZm/D414uQpaW5cg/1IVknaMJzwJm5DIAl4lcOzaoT
q1iaFqH+tvsSQ7FUaEr/5Uf+krKQf7m/+hoQfhnSYfvHQQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:31 2025 by rpki-client