Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/481236-a06c-4903-9385-6b7d7e4ed701/1/BfkzkXnO6hW3o3SgdcPXJAjxO3o.roa
File: BfkzkXnO6hW3o3SgdcPXJAjxO3o.roa (raw, json)
Hash identifier: dVl2uQC+sJCpoauDBmZF3SH1SVq+L4JZhfdBSZuPJeQ=
Subject key identifier: 05:F9:33:91:79:CE:EA:15:B7:A3:74:A0:75:C3:D7:24:08:F1:3B:7A
Certificate issuer: /CN=35d45f2ac5bce1569df6b2ad80d16f1b92fbd85c
Certificate serial: 14054D34
Authority key identifier: 35:D4:5F:2A:C5:BC:E1:56:9D:F6:B2:AD:80:D1:6F:1B:92:FB:D8:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NdRfKsW84Vad9rKtgNFvG5L72Fw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/481236-a06c-4903-9385-6b7d7e4ed701/1/BfkzkXnO6hW3o3SgdcPXJAjxO3o.roa
Signing time: Wed 30 Mar 2022 12:12:06 +0000
ROA not before: Wed 30 Mar 2022 12:12:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203600
IP address blocks: 2a06:e540::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 335891764 (0x14054d34)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35d45f2ac5bce1569df6b2ad80d16f1b92fbd85c
Validity
Not Before: Mar 30 12:12:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=05f9339179ceea15b7a374a075c3d72408f13b7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:9e:31:37:32:43:28:9b:3a:94:d4:5a:b9:b4:
08:59:68:04:cf:7b:19:e3:ef:a0:81:d4:e7:3d:52:
6f:68:3b:e6:3e:af:5a:17:8f:b2:fc:70:e2:3a:f2:
2c:0a:cf:b9:dc:0a:02:b0:b2:ca:c8:c8:00:d7:a1:
cb:3a:3f:6a:1f:c9:22:c5:15:ce:d2:5a:25:a6:bb:
a4:8f:c8:b4:67:eb:58:f9:a4:77:08:46:f2:bc:92:
a7:ea:3e:bb:5c:fd:f2:49:89:67:4c:a9:72:b7:0c:
ee:a1:18:65:21:9c:00:97:38:af:a9:e5:66:3b:e2:
53:ee:46:43:75:b7:79:d5:83:54:b0:b0:bb:9b:a2:
52:9a:1b:39:66:7a:3b:17:f2:5f:e1:71:fa:ff:db:
79:ab:2b:f0:32:e9:0b:af:d1:87:7d:20:89:ef:10:
d6:6b:d5:a5:df:b7:30:43:a6:11:b4:37:89:b4:6b:
5c:33:fb:75:7a:12:c9:a0:59:93:89:4c:55:de:fc:
33:4c:0f:80:30:3a:4c:26:ee:73:16:4f:a3:a3:aa:
78:9a:dc:6e:f0:2f:ab:4e:7b:8e:42:56:5c:a6:73:
9f:81:53:f3:cc:ce:ee:ec:5a:31:25:e0:e1:8c:6a:
62:d3:70:cf:37:3f:ee:13:49:17:a3:bb:c0:0e:ce:
18:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:F9:33:91:79:CE:EA:15:B7:A3:74:A0:75:C3:D7:24:08:F1:3B:7A
X509v3 Authority Key Identifier:
keyid:35:D4:5F:2A:C5:BC:E1:56:9D:F6:B2:AD:80:D1:6F:1B:92:FB:D8:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NdRfKsW84Vad9rKtgNFvG5L72Fw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/481236-a06c-4903-9385-6b7d7e4ed701/1/BfkzkXnO6hW3o3SgdcPXJAjxO3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/481236-a06c-4903-9385-6b7d7e4ed701/1/NdRfKsW84Vad9rKtgNFvG5L72Fw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:e540::/29
Signature Algorithm: sha256WithRSAEncryption
97:39:fc:35:57:7d:d9:00:cf:66:d4:87:69:ac:58:dc:47:84:
d9:9e:2f:57:b3:05:96:ab:2d:7c:a3:83:f1:d1:e6:b7:38:cf:
d3:ae:44:91:f0:d0:ed:af:47:15:b9:4b:88:c2:48:db:72:65:
16:ed:44:02:6a:de:a0:38:7e:81:ea:ec:33:8b:d8:af:d8:d5:
61:c9:ee:94:fb:26:7b:9a:0f:77:b6:97:8a:96:e0:1a:8d:01:
25:28:82:6e:dd:d6:67:b5:75:6e:63:08:26:23:55:0c:09:e1:
36:3e:75:2c:3c:77:55:4e:e6:39:38:7c:60:60:31:af:bd:34:
61:f1:83:b9:1a:fc:5f:04:02:2a:33:aa:67:28:c7:00:48:3a:
7d:21:4d:d7:b9:74:5a:71:d6:db:e7:55:46:4c:f5:b3:a7:d4:
72:ca:7b:cd:af:db:d7:77:ab:cb:a1:77:fc:cd:09:17:f1:b4:
ff:4f:5d:e8:5b:cb:0a:a4:be:93:69:59:0e:13:0d:d2:21:11:
17:d4:a3:db:e0:da:91:2c:78:b9:50:8e:59:3a:63:c2:8f:57:
cf:17:b1:be:bd:6b:2c:91:a1:a5:b0:12:08:9d:95:43:81:7b:
06:35:a4:e6:d0:c0:58:13:05:96:92:f3:33:1b:cf:8e:cf:a4:
b0:05:45:4b
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEFAVNNDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NWQ0NWYyYWM1YmNlMTU2OWRmNmIyYWQ4MGQxNmYxYjkyZmJkODVjMB4XDTIyMDMz
MDEyMTIwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDVmOTMzOTE3OWNl
ZWExNWI3YTM3NGEwNzVjM2Q3MjQwOGYxM2I3YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPaeMTcyQyibOpTUWrm0CFloBM97GePvoIHU5z1Sb2g75j6v
WhePsvxw4jryLArPudwKArCyysjIANehyzo/ah/JIsUVztJaJaa7pI/ItGfrWPmk
dwhG8rySp+o+u1z98kmJZ0ypcrcM7qEYZSGcAJc4r6nlZjviU+5GQ3W3edWDVLCw
u5uiUpobOWZ6OxfyX+Fx+v/beasr8DLpC6/Rh30gie8Q1mvVpd+3MEOmEbQ3ibRr
XDP7dXoSyaBZk4lMVd78M0wPgDA6TCbucxZPo6OqeJrcbvAvq057jkJWXKZzn4FT
88zO7uxaMSXg4YxqYtNwzzc/7hNJF6O7wA7OGJ8CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBQF+TORec7qFbejdKB1w9ckCPE7ejAfBgNVHSMEGDAWgBQ11F8qxbzhVp32
sq2A0W8bkvvYXDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05kUmZLc1c4NFZhZDlyS3RnTkZ2RzVMNzJGdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjUvNDgxMjM2LWEwNmMtNDkwMy05Mzg1LTZiN2Q3ZTRlZDcwMS8x
L0Jma3prWG5PNmhXM28zU2dkY1BYSkFqeE8zby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjUv
NDgxMjM2LWEwNmMtNDkwMy05Mzg1LTZiN2Q3ZTRlZDcwMS8xL05kUmZLc1c4NFZh
ZDlyS3RnTkZ2RzVMNzJGdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoG5UAwDQYJKoZIhvcNAQELBQAD
ggEBAJc5/DVXfdkAz2bUh2msWNxHhNmeL1ezBZarLXyjg/HR5rc4z9OuRJHw0O2v
RxW5S4jCSNtyZRbtRAJq3qA4foHq7DOL2K/Y1WHJ7pT7JnuaD3e2l4qW4BqNASUo
gm7d1me1dW5jCCYjVQwJ4TY+dSw8d1VO5jk4fGBgMa+9NGHxg7ka/F8EAiozqmco
xwBIOn0hTde5dFpx1tvnVUZM9bOn1HLKe82v29d3q8uhd/zNCRfxtP9PXehbywqk
vpNpWQ4TDdIhERfUo9vg2pEseLlQjlk6Y8KPV88Xsb69ayyRoaWwEgidlUOBewY1
pObQwFgTBZaS8zMbz47PpLAFRUs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:47 2024 by rpki-client on console-fra.rpki-client.org