Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/bc94df-7259-42d1-822a-3d9810098703/1/bvpInSpV1ITmM-npNlNNfoQjWAA.roa
File: bvpInSpV1ITmM-npNlNNfoQjWAA.roa (raw, json)
Hash identifier: aSoyXTatvUEo0qX5H0QRuyBr/DkSs1tt85nlaLO1oSM=
Subject key identifier: 6E:FA:48:9D:2A:55:D4:84:E6:33:E9:E9:36:53:4D:7E:84:23:58:00
Certificate issuer: /CN=1bc3c1bef15f4bccc4e748c08957ecc229a0f1ef
Certificate serial: 01856B77BB5345E46D02259BACD7DAFB7326
Authority key identifier: 1B:C3:C1:BE:F1:5F:4B:CC:C4:E7:48:C0:89:57:EC:C2:29:A0:F1:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G8PBvvFfS8zE50jAiVfswimg8e8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/bc94df-7259-42d1-822a-3d9810098703/1/bvpInSpV1ITmM-npNlNNfoQjWAA.roa
Signing time: Sun 01 Jan 2023 03:54:46 +0000
ROA not before: Sun 01 Jan 2023 03:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35370
IP address blocks: 160.20.100.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:77:bb:53:45:e4:6d:02:25:9b:ac:d7:da:fb:73:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bc3c1bef15f4bccc4e748c08957ecc229a0f1ef
Validity
Not Before: Jan 1 03:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6efa489d2a55d484e633e9e936534d7e84235800
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:10:bd:46:96:d9:3e:20:01:bc:7c:70:6f:19:
94:d2:b6:94:a7:cf:56:7c:ff:6a:b4:50:b8:2a:da:
c9:6b:62:88:9d:f6:0b:5b:55:ef:41:59:17:a1:88:
35:11:9a:7c:24:3c:1b:de:de:52:49:40:3d:2b:1e:
00:d4:a2:7c:ea:a1:5f:c5:cd:7e:c8:8f:c8:99:47:
25:fa:ac:f4:98:9f:68:7c:cf:68:a3:ba:aa:bf:59:
bf:bf:c9:12:41:a6:3c:61:20:36:d9:7e:5a:fb:19:
74:f8:c2:8d:b8:15:c9:ad:c4:06:b0:2b:cf:32:36:
48:7a:4a:8e:2a:ff:2a:84:a1:7d:43:77:7a:11:1b:
b0:e4:7f:ce:72:1c:f1:26:c2:88:c7:37:c9:88:f2:
bf:10:a4:45:a0:6a:2a:35:11:08:7f:8a:9e:0e:b4:
3b:a5:fa:a8:f6:a3:d4:b6:eb:f9:33:da:8c:c1:ca:
3c:f2:ed:38:3d:12:20:f9:2e:aa:4d:0f:1c:26:00:
dc:d6:47:07:13:0a:60:86:c1:2f:b0:96:04:0b:83:
5c:d3:78:48:84:f6:3d:1a:fc:ec:a2:e7:1a:bc:50:
0a:ab:75:34:a9:31:09:59:17:db:43:8c:32:41:eb:
bd:4f:b5:af:66:e2:d2:2e:45:ad:1c:e9:be:ec:81:
b1:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:FA:48:9D:2A:55:D4:84:E6:33:E9:E9:36:53:4D:7E:84:23:58:00
X509v3 Authority Key Identifier:
keyid:1B:C3:C1:BE:F1:5F:4B:CC:C4:E7:48:C0:89:57:EC:C2:29:A0:F1:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G8PBvvFfS8zE50jAiVfswimg8e8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/bc94df-7259-42d1-822a-3d9810098703/1/bvpInSpV1ITmM-npNlNNfoQjWAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/bc94df-7259-42d1-822a-3d9810098703/1/G8PBvvFfS8zE50jAiVfswimg8e8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.20.100.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:13:86:8f:6b:83:02:e9:77:17:8c:04:fa:9f:45:c9:03:8e:
78:9a:5a:be:c4:3b:6c:76:1f:85:c6:d4:eb:8e:af:47:63:72:
7f:aa:e5:ca:88:cb:7e:a9:4c:f4:f8:73:16:df:94:68:37:98:
64:b4:73:13:64:34:0e:0d:3e:63:7e:ff:9a:03:fd:94:f6:1c:
00:09:ff:ec:dc:3f:74:19:c2:d7:44:ad:94:8b:4c:9c:ef:08:
70:97:01:f7:f5:58:73:a4:e8:c5:21:46:a3:fc:04:b7:84:ae:
10:42:75:78:13:59:b5:2f:b1:57:4d:9a:42:e5:bb:29:a4:bc:
f4:ac:92:9e:90:09:0b:e1:4a:f9:9d:10:c2:ca:4e:34:cf:09:
44:a1:0c:ce:e5:0b:4e:06:4c:db:9c:36:13:2e:b4:50:f1:b1:
62:8e:12:7c:bf:be:e1:7c:c7:b1:11:30:67:5e:a8:11:d4:15:
c1:09:d2:a9:37:45:b8:fc:28:79:b0:50:23:bb:95:99:6f:8c:
00:18:6b:aa:1a:15:19:3e:f2:ff:dd:ba:b1:dd:a8:24:ce:c2:
12:81:33:70:56:28:91:c6:ee:5e:d6:12:62:ff:3b:ed:03:64:
84:73:ed:7b:26:cc:f8:b6:b6:36:33:3e:be:ac:d5:2f:53:4e:
d9:1b:d8:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrd7tTReRtAiWbrNfa+3MmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYzNjMWJlZjE1ZjRiY2NjNGU3NDhjMDg5NTdlY2MyMjlh
MGYxZWYwHhcNMjMwMTAxMDM1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWZhNDg5ZDJhNTVkNDg0ZTYzM2U5ZTkzNjUzNGQ3ZTg0MjM1ODAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhBC9RpbZPiABvHxwbxmU0raUp89W
fP9qtFC4KtrJa2KInfYLW1XvQVkXoYg1EZp8JDwb3t5SSUA9Kx4A1KJ86qFfxc1+
yI/ImUcl+qz0mJ9ofM9oo7qqv1m/v8kSQaY8YSA22X5a+xl0+MKNuBXJrcQGsCvP
MjZIekqOKv8qhKF9Q3d6ERuw5H/OchzxJsKIxzfJiPK/EKRFoGoqNREIf4qeDrQ7
pfqo9qPUtuv5M9qMwco88u04PRIg+S6qTQ8cJgDc1kcHEwpghsEvsJYEC4Nc03hI
hPY9GvzsoucavFAKq3U0qTEJWRfbQ4wyQeu9T7WvZuLSLkWtHOm+7IGx5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG76SJ0qVdSE5jPp6TZTTX6EI1gAMB8GA1UdIwQY
MBaAFBvDwb7xX0vMxOdIwIlX7MIpoPHvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzhQQnZ2RmZTOHpFNTBqQWlWZnN3aW1nOGU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9iYzk0ZGYtNzI1OS00MmQxLTgyMmEt
M2Q5ODEwMDk4NzAzLzEvYnZwSW5TcFYxSVRtTS1ucE5sTk5mb1FqV0FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9iYzk0ZGYtNzI1OS00MmQxLTgyMmEtM2Q5ODEwMDk4NzAz
LzEvRzhQQnZ2RmZTOHpFNTBqQWlWZnN3aW1nOGU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCoBRkMA0G
CSqGSIb3DQEBCwUAA4IBAQANE4aPa4MC6XcXjAT6n0XJA454mlq+xDtsdh+FxtTr
jq9HY3J/quXKiMt+qUz0+HMW35RoN5hktHMTZDQODT5jfv+aA/2U9hwACf/s3D90
GcLXRK2Ui0yc7whwlwH39VhzpOjFIUaj/AS3hK4QQnV4E1m1L7FXTZpC5bsppLz0
rJKekAkL4Ur5nRDCyk40zwlEoQzO5QtOBkzbnDYTLrRQ8bFijhJ8v77hfMexETBn
XqgR1BXBCdKpN0W4/Ch5sFAju5WZb4wAGGuqGhUZPvL/3bqx3agkzsISgTNwViiR
xu5e1hJi/zvtA2SEc+17Jsz4trY2Mz6+rNUvU07ZG9hF
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:27 2025 by rpki-client