Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/BVqJOC7RO43hrIgstyj7DokTSHk.roa
File: BVqJOC7RO43hrIgstyj7DokTSHk.roa (raw, json)
Hash identifier: jCag4mCkha+QcMrRRBGY06RBhPJfJpIjiCf9BNOAqdU=
Subject key identifier: 05:5A:89:38:2E:D1:3B:8D:E1:AC:88:2C:B7:28:FB:0E:89:13:48:79
Certificate issuer: /CN=206f1c32bc0a9006081d552fede67d6842921ec3
Certificate serial: 0E1C2430
Authority key identifier: 20:6F:1C:32:BC:0A:90:06:08:1D:55:2F:ED:E6:7D:68:42:92:1E:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/BVqJOC7RO43hrIgstyj7DokTSHk.roa
Signing time: Sat 01 Jan 2022 14:07:32 +0000
ROA not before: Sat 01 Jan 2022 14:07:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16089
IP address blocks: 2a07:240::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 236725296 (0xe1c2430)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=206f1c32bc0a9006081d552fede67d6842921ec3
Validity
Not Before: Jan 1 14:07:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=055a89382ed13b8de1ac882cb728fb0e89134879
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:37:d6:bd:7d:f8:17:38:97:09:49:7f:5f:6d:
04:30:aa:fa:f9:35:bf:24:a2:b9:33:3f:4e:35:6f:
48:b9:26:39:0f:3c:4e:bc:15:b2:7f:bc:7a:6e:be:
21:f6:ae:11:ca:35:1f:e8:af:28:db:0e:0d:75:8c:
cc:0a:ee:07:91:89:de:1a:f5:6f:a4:19:35:61:93:
18:93:99:bb:20:c6:96:f6:f4:79:40:80:df:9e:d0:
78:b3:52:1f:66:c4:c7:fb:cc:39:56:1b:04:7b:70:
aa:77:f4:37:45:8a:19:d0:99:75:12:7b:02:cb:ad:
aa:91:05:ef:e0:2e:96:4c:69:95:0d:84:01:fb:c9:
18:4b:9f:b4:06:d2:76:f9:ac:8b:10:9d:56:6a:52:
f2:fd:2e:cc:62:ed:34:88:26:08:93:9e:aa:86:82:
3c:9b:37:88:48:be:c2:b7:19:5b:e6:9a:c0:63:0a:
73:77:a6:1a:6b:64:42:fd:35:18:be:da:f0:9f:54:
e9:44:24:68:1f:b4:5f:46:51:a2:ea:c5:ab:39:19:
4b:52:2c:42:f5:7f:1f:4a:b5:42:22:d2:fe:83:f4:
af:3b:77:cb:95:f4:9d:02:82:ff:43:0a:b1:2e:59:
87:a2:59:e1:41:cc:95:d8:af:85:ca:72:93:c1:46:
4d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:5A:89:38:2E:D1:3B:8D:E1:AC:88:2C:B7:28:FB:0E:89:13:48:79
X509v3 Authority Key Identifier:
keyid:20:6F:1C:32:BC:0A:90:06:08:1D:55:2F:ED:E6:7D:68:42:92:1E:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/BVqJOC7RO43hrIgstyj7DokTSHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:240::/32
Signature Algorithm: sha256WithRSAEncryption
b5:1f:fa:9e:ec:f9:3c:5d:1d:b2:87:ed:0f:16:9e:5b:7b:bb:
9c:e1:48:3c:72:82:8a:eb:6d:57:9f:18:d7:11:c4:e1:dd:23:
eb:d3:4a:e3:c3:08:fd:7a:40:56:49:f2:74:e2:bc:45:f4:04:
7e:c6:3b:1d:b2:4f:39:63:2f:64:b9:59:99:2e:d5:79:19:4d:
19:4c:50:b8:2e:70:c1:bb:2d:79:5b:33:ce:72:56:8a:77:b4:
3c:33:00:2a:40:4f:95:46:96:c4:23:7d:7a:ea:84:5b:e5:7d:
d7:04:84:87:92:23:55:d4:ed:7a:92:da:1e:cb:99:00:2c:2c:
2a:8f:47:9c:28:f7:c2:c6:56:6a:f5:8c:c7:73:2a:cd:2e:92:
10:2e:87:fa:f5:dc:b3:e3:08:ef:f6:ad:18:8d:13:3a:e5:62:
a6:79:74:9e:10:ee:c1:00:ae:e9:4f:d5:61:49:e3:52:0b:0f:
0a:e9:bb:2a:a4:53:98:21:a8:22:80:82:1e:c1:da:d3:f0:32:
9c:5e:69:c7:a0:d3:59:f4:b8:6f:f0:96:df:ba:b8:cc:90:ff:
16:44:13:81:57:dc:fd:b1:cf:2e:e5:8f:31:cb:db:39:c4:66:
0e:96:34:09:ac:d5:94:c0:e7:be:7f:1c:ff:f9:c3:34:bf:9c:
ef:e1:5c:54
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEDhwkMDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MDZmMWMzMmJjMGE5MDA2MDgxZDU1MmZlZGU2N2Q2ODQyOTIxZWMzMB4XDTIyMDEw
MTE0MDczMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDU1YTg5MzgyZWQx
M2I4ZGUxYWM4ODJjYjcyOGZiMGU4OTEzNDg3OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL431r19+Bc4lwlJf19tBDCq+vk1vySiuTM/TjVvSLkmOQ88
TrwVsn+8em6+IfauEco1H+ivKNsODXWMzAruB5GJ3hr1b6QZNWGTGJOZuyDGlvb0
eUCA357QeLNSH2bEx/vMOVYbBHtwqnf0N0WKGdCZdRJ7AsutqpEF7+AulkxplQ2E
AfvJGEuftAbSdvmsixCdVmpS8v0uzGLtNIgmCJOeqoaCPJs3iEi+wrcZW+aawGMK
c3emGmtkQv01GL7a8J9U6UQkaB+0X0ZRourFqzkZS1IsQvV/H0q1QiLS/oP0rzt3
y5X0nQKC/0MKsS5Zh6JZ4UHMldivhcpyk8FGTZUCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBQFWok4LtE7jeGsiCy3KPsOiRNIeTAfBgNVHSMEGDAWgBQgbxwyvAqQBggd
VS/t5n1oQpIewzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lHOGNNcndLa0FZSUhWVXY3ZVo5YUVLU0hzTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDMvYTkxODg0LTZmNTgtNGRkZC04OTMyLWJiYTg2MGIyNmMwMi8x
L0JWcUpPQzdSTzQzaHJJZ3N0eWo3RG9rVFNIay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMv
YTkxODg0LTZmNTgtNGRkZC04OTMyLWJiYTg2MGIyNmMwMi8xL0lHOGNNcndLa0FZ
SUhWVXY3ZVo5YUVLU0hzTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoHAkAwDQYJKoZIhvcNAQELBQAD
ggEBALUf+p7s+TxdHbKH7Q8Wnlt7u5zhSDxygorrbVefGNcRxOHdI+vTSuPDCP16
QFZJ8nTivEX0BH7GOx2yTzljL2S5WZku1XkZTRlMULgucMG7LXlbM85yVop3tDwz
ACpAT5VGlsQjfXrqhFvlfdcEhIeSI1XU7XqS2h7LmQAsLCqPR5wo98LGVmr1jMdz
Ks0ukhAuh/r13LPjCO/2rRiNEzrlYqZ5dJ4Q7sEArulP1WFJ41ILDwrpuyqkU5gh
qCKAgh7B2tPwMpxeaceg01n0uG/wlt+6uMyQ/xZEE4FX3P2xzy7ljzHL2znEZg6W
NAms1ZTA575/HP/5wzS/nO/hXFQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:10 2024 by rpki-client on console-fra.rpki-client.org