Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/a5f931-6fa8-4cf0-8f97-23b28f39a602/1/BFQFWcJo7MYXn6livS2anf5DtZ8.roa
File: BFQFWcJo7MYXn6livS2anf5DtZ8.roa (raw, json)
Hash identifier: Ivlru+znXYmP9ouR5OszU0Kct+bSjJd8bgzhOOkWvns=
Subject key identifier: 04:54:05:59:C2:68:EC:C6:17:9F:A9:62:BD:2D:9A:9D:FE:43:B5:9F
Certificate issuer: /CN=da27113db55b63b67a4a627a7008a8afc2bcc42c
Certificate serial: 018215F53E2D5F8CCC3A435EDDB43B17DB1F
Authority key identifier: DA:27:11:3D:B5:5B:63:B6:7A:4A:62:7A:70:08:A8:AF:C2:BC:C4:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2icRPbVbY7Z6SmJ6cAior8K8xCw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/a5f931-6fa8-4cf0-8f97-23b28f39a602/1/BFQFWcJo7MYXn6livS2anf5DtZ8.roa
Signing time: Tue 19 Jul 2022 10:16:09 +0000
ROA not before: Tue 19 Jul 2022 10:16:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 146.66.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:15:f5:3e:2d:5f:8c:cc:3a:43:5e:dd:b4:3b:17:db:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da27113db55b63b67a4a627a7008a8afc2bcc42c
Validity
Not Before: Jul 19 10:16:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=04540559c268ecc6179fa962bd2d9a9dfe43b59f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c0:d2:f6:61:31:8c:b5:ed:e6:63:66:d5:76:
62:3b:c1:ce:ab:12:91:ab:aa:10:7c:3d:91:9c:08:
98:d4:44:15:42:ca:b1:01:d4:b6:1c:89:3e:1a:8c:
9d:a6:33:90:41:9a:86:75:ae:26:de:c8:4c:90:6c:
d3:bb:1b:d7:97:2a:48:68:84:f2:d8:46:c9:e1:a9:
3e:c7:7b:89:a4:7a:90:5d:7c:05:1f:0a:33:2a:ef:
84:f3:c1:9c:4b:c2:c6:0d:06:28:56:cc:2e:a0:59:
ba:de:d3:7f:f9:82:f7:e2:e1:31:34:4b:71:83:12:
44:f0:d4:a8:9f:b2:77:7d:17:d0:60:6c:c4:7a:f8:
53:57:0a:d7:43:4d:74:57:3b:42:28:63:cf:91:e7:
d4:b8:1e:cc:bc:e8:67:02:46:4e:29:90:c4:4a:c7:
ac:93:a5:dd:88:b0:24:12:83:57:23:95:25:23:5a:
4e:c9:00:aa:8c:e4:2f:bd:ea:4b:21:79:9e:91:f3:
57:65:11:e8:93:bd:c4:56:c7:d0:f7:e5:19:b7:e7:
a9:ed:d3:cc:53:b2:76:ec:47:c3:8f:31:c4:37:0c:
6f:69:c9:99:93:ad:ed:2e:d9:42:9d:6a:49:eb:d5:
02:b0:f1:74:0d:1d:a4:a6:98:95:a0:7e:7b:2f:4d:
b0:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:54:05:59:C2:68:EC:C6:17:9F:A9:62:BD:2D:9A:9D:FE:43:B5:9F
X509v3 Authority Key Identifier:
keyid:DA:27:11:3D:B5:5B:63:B6:7A:4A:62:7A:70:08:A8:AF:C2:BC:C4:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2icRPbVbY7Z6SmJ6cAior8K8xCw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/a5f931-6fa8-4cf0-8f97-23b28f39a602/1/BFQFWcJo7MYXn6livS2anf5DtZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/a5f931-6fa8-4cf0-8f97-23b28f39a602/1/2icRPbVbY7Z6SmJ6cAior8K8xCw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.66.3.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:85:b5:3d:dc:63:8b:2c:4f:23:47:8f:c3:78:3d:3f:10:6b:
f3:07:e9:85:27:fb:72:fb:3e:d5:15:57:82:6a:63:ef:3d:c5:
d6:fb:9b:62:6c:76:83:5b:98:c3:ba:3b:61:a3:56:6d:ba:d4:
28:d4:b8:04:d3:5d:87:c7:22:35:44:69:95:b1:93:fd:1c:ef:
3e:0e:d9:f4:7c:f0:e2:32:cf:a9:28:84:d2:ee:94:86:76:9b:
80:02:79:73:04:d2:f6:2e:ab:d0:bf:7e:29:bc:27:82:9f:b3:
98:ab:7a:2d:77:86:c7:5b:31:d7:b6:c7:0d:ee:c4:23:1e:d2:
3f:69:00:37:a1:a3:d5:37:a8:cf:a1:0d:15:89:50:90:9a:3b:
89:e7:de:70:5b:8e:0b:93:f8:22:8e:32:5e:57:f5:f2:a4:9e:
51:26:2f:1b:bb:10:75:6d:84:9a:0f:85:9a:ad:87:95:b2:f9:
2f:8c:0c:91:f1:85:67:24:c6:74:01:64:77:4f:75:5b:27:43:
f0:e0:47:5e:6b:ab:d1:72:0a:dd:e7:b9:de:53:a6:01:9a:d7:
cd:9a:43:3a:9c:f8:a1:80:3e:b9:59:4b:9e:df:73:f5:88:b0:
ad:c6:ef:02:47:f9:d4:73:67:01:09:05:b0:29:f3:a2:ff:ca:
de:4a:35:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIV9T4tX4zMOkNe3bQ7F9sfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMjcxMTNkYjU1YjYzYjY3YTRhNjI3YTcwMDhhOGFmYzJi
Y2M0MmMwHhcNMjIwNzE5MTAxNjA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDU0MDU1OWMyNjhlY2M2MTc5ZmE5NjJiZDJkOWE5ZGZlNDNiNTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMDS9mExjLXt5mNm1XZiO8HOqxKR
q6oQfD2RnAiY1EQVQsqxAdS2HIk+GoydpjOQQZqGda4m3shMkGzTuxvXlypIaITy
2EbJ4ak+x3uJpHqQXXwFHwozKu+E88GcS8LGDQYoVswuoFm63tN/+YL34uExNEtx
gxJE8NSon7J3fRfQYGzEevhTVwrXQ010VztCKGPPkefUuB7MvOhnAkZOKZDESses
k6XdiLAkEoNXI5UlI1pOyQCqjOQvvepLIXmekfNXZRHok73EVsfQ9+UZt+ep7dPM
U7J27EfDjzHENwxvacmZk63tLtlCnWpJ69UCsPF0DR2kppiVoH57L02wuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFARUBVnCaOzGF5+pYr0tmp3+Q7WfMB8GA1UdIwQY
MBaAFNonET21W2O2ekpienAIqK/CvMQsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmljUlBiVmJZN1o2U21KNmNBaW9yOEs4eEN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9hNWY5MzEtNmZhOC00Y2YwLThmOTct
MjNiMjhmMzlhNjAyLzEvQkZRRldjSm83TVlYbjZsaXZTMmFuZjVEdFo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9hNWY5MzEtNmZhOC00Y2YwLThmOTctMjNiMjhmMzlhNjAy
LzEvMmljUlBiVmJZN1o2U21KNmNBaW9yOEs4eEN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkkIDMA0G
CSqGSIb3DQEBCwUAA4IBAQClhbU93GOLLE8jR4/DeD0/EGvzB+mFJ/ty+z7VFVeC
amPvPcXW+5tibHaDW5jDujtho1ZtutQo1LgE012HxyI1RGmVsZP9HO8+Dtn0fPDi
Ms+pKITS7pSGdpuAAnlzBNL2LqvQv34pvCeCn7OYq3otd4bHWzHXtscN7sQjHtI/
aQA3oaPVN6jPoQ0ViVCQmjuJ595wW44Lk/gijjJeV/XypJ5RJi8buxB1bYSaD4Wa
rYeVsvkvjAyR8YVnJMZ0AWR3T3VbJ0Pw4Edea6vRcgrd57neU6YBmtfNmkM6nPih
gD65WUue33P1iLCtxu8CR/nUc2cBCQWwKfOi/8reSjX+
-----END CERTIFICATE-----
Generated at Sun Apr 6 23:37:54 2025 by rpki-client