Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Bgj8Mx_tBQuC6frYf01AhYrroOs.roa
File: Bgj8Mx_tBQuC6frYf01AhYrroOs.roa (raw, json)
Hash identifier: yGCNK/K1gcNbZH5HPnfBCRa/N3zgIxhXjWqDTR6xDVg=
Subject key identifier: 06:08:FC:33:1F:ED:05:0B:82:E9:FA:D8:7F:4D:40:85:8A:EB:A0:EB
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0182899DE26F2D4B8D2F95C3F3132DD4D170
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Bgj8Mx_tBQuC6frYf01AhYrroOs.roa
Signing time: Wed 10 Aug 2022 21:16:41 +0000
ROA not before: Wed 10 Aug 2022 21:16:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 209.35.158.0/24 maxlen: 24
64.226.159.0/24 maxlen: 24
64.226.156.0/24 maxlen: 24
64.226.158.0/24 maxlen: 24
64.226.157.0/24 maxlen: 24
64.226.54.0/24 maxlen: 24
64.226.55.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:89:9d:e2:6f:2d:4b:8d:2f:95:c3:f3:13:2d:d4:d1:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 10 21:16:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0608fc331fed050b82e9fad87f4d40858aeba0eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:22:b6:04:80:5d:d4:e2:67:63:dd:e6:46:1b:
8f:4d:f5:37:f2:46:63:4b:6a:6a:06:0d:30:70:59:
e4:d3:85:8d:cc:b9:62:b5:1c:26:31:0d:2b:ac:03:
c9:48:c5:a3:16:86:a9:94:37:d1:12:64:7f:bc:43:
ca:20:35:33:1d:db:02:fa:42:3a:67:dc:0b:1b:4f:
b5:78:11:2b:c4:cb:34:31:6b:a3:c9:28:bf:c3:a7:
5d:0a:60:3a:c1:0f:3c:7a:3d:f8:99:fc:ea:67:10:
8c:ca:b4:46:aa:a4:17:51:6a:34:1a:08:cf:76:14:
8f:b8:c7:8e:cc:1d:bb:0f:57:ae:ef:9e:77:49:f4:
b4:3d:95:6c:e9:ea:da:9f:52:80:23:27:ff:a8:f8:
96:c5:5b:f6:6e:1f:1a:3e:3b:d9:d6:36:b2:b4:b0:
3b:0f:8a:37:ff:1c:7f:e2:cd:33:eb:50:84:db:92:
4d:40:41:fb:84:71:24:cc:d3:a2:08:a6:e5:7d:fa:
12:4a:fd:dc:f8:e6:fc:46:d8:f5:e6:ce:d3:46:ba:
f3:34:31:d3:66:0e:0f:39:1e:60:4c:57:a0:85:0d:
f0:85:b2:81:ae:a1:67:17:1f:4c:73:eb:0d:23:4c:
dd:24:29:37:e4:66:ab:f9:ea:8e:17:bc:78:df:c2:
30:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:08:FC:33:1F:ED:05:0B:82:E9:FA:D8:7F:4D:40:85:8A:EB:A0:EB
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Bgj8Mx_tBQuC6frYf01AhYrroOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.226.54.0/23
64.226.156.0/22
209.35.158.0/24
Signature Algorithm: sha256WithRSAEncryption
19:58:d2:70:6a:68:e5:45:35:81:93:b1:38:d5:64:fc:4f:0a:
24:15:e7:89:46:18:fd:fc:ee:dd:67:24:e1:e2:d6:b6:85:60:
3b:f2:0a:6b:6d:d4:75:13:1f:25:d6:ae:e1:33:10:b0:ed:2f:
d9:1a:89:bb:95:6c:a5:1b:1a:07:c8:b8:3f:ab:2e:31:46:a1:
44:31:dc:8a:d0:f2:32:83:4b:e8:2f:83:f1:78:ae:17:9b:58:
4f:63:d6:4d:2e:64:09:71:6b:c0:45:88:ae:f6:84:c9:35:3b:
d8:16:b3:84:79:c3:1f:9a:2b:70:46:9e:aa:19:23:f7:db:8d:
e7:a2:d6:e9:cf:77:4b:cf:d9:db:12:dd:43:de:5a:58:6f:39:
7f:1a:83:af:d8:af:de:b5:3a:f8:44:91:a1:0e:65:2e:56:ad:
58:78:0e:76:9c:62:55:a6:61:c0:7b:e1:51:ab:58:5b:fb:7c:
02:99:0a:67:8c:76:4c:37:f3:04:23:88:c1:e4:75:9f:35:df:
0e:af:2d:a9:d5:4b:4d:78:1d:05:73:4e:84:68:c6:44:5e:d6:
f8:43:62:32:2e:25:14:32:be:79:4d:b1:db:b8:a3:64:6b:29:
48:77:63:81:6b:a5:30:ca:d8:44:aa:47:80:49:81:84:2f:c1:
f5:26:8b:ee
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYKJneJvLUuNL5XD8xMt1NFwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjIwODEwMjExNjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjA4ZmMzMzFmZWQwNTBiODJlOWZhZDg3ZjRkNDA4NThhZWJhMGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSK2BIBd1OJnY93mRhuPTfU38kZj
S2pqBg0wcFnk04WNzLlitRwmMQ0rrAPJSMWjFoaplDfREmR/vEPKIDUzHdsC+kI6
Z9wLG0+1eBErxMs0MWujySi/w6ddCmA6wQ88ej34mfzqZxCMyrRGqqQXUWo0GgjP
dhSPuMeOzB27D1eu7553SfS0PZVs6eran1KAIyf/qPiWxVv2bh8aPjvZ1jaytLA7
D4o3/xx/4s0z61CE25JNQEH7hHEkzNOiCKblffoSSv3c+Ob8Rtj15s7TRrrzNDHT
Zg4POR5gTFeghQ3whbKBrqFnFx9Mc+sNI0zdJCk35Gar+eqOF7x438IwTwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAYI/DMf7QULgun62H9NQIWK66DrMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvQmdqOE14X3RCUXVDNmZyWWYwMUFoWXJyb09zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBQOI2AwQC
QOKcAwQA0SOeMA0GCSqGSIb3DQEBCwUAA4IBAQAZWNJwamjlRTWBk7E41WT8Twok
FeeJRhj9/O7dZyTh4ta2hWA78gprbdR1Ex8l1q7hMxCw7S/ZGom7lWylGxoHyLg/
qy4xRqFEMdyK0PIyg0voL4PxeK4Xm1hPY9ZNLmQJcWvARYiu9oTJNTvYFrOEecMf
mitwRp6qGSP3243notbpz3dLz9nbEt1D3lpYbzl/GoOv2K/etTr4RJGhDmUuVq1Y
eA52nGJVpmHAe+FRq1hb+3wCmQpnjHZMN/MEI4jB5HWfNd8Ory2p1UtNeB0Fc06E
aMZEXtb4Q2IyLiUUMr55TbHbuKNkaylId2OBa6UwythEqkeASYGEL8H1Jovu
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:26:09 2025 by rpki-client