Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/81ef2d-ae66-4739-8deb-bdc248a6f565/1/BhjrkRe2_yDqe8AkH0rQX7BBn7I.roa
File: BhjrkRe2_yDqe8AkH0rQX7BBn7I.roa (raw, json)
Hash identifier: 0ehuWdt2OKi/pjYHGgObguEDh+mnJR36TOJTHXfI2qM=
Subject key identifier: 06:18:EB:91:17:B6:FF:20:EA:7B:C0:24:1F:4A:D0:5F:B0:41:9F:B2
Certificate issuer: /CN=0afe9d66655b5fd27b2c17ca9685650d53f3bb0a
Certificate serial: 01847FFAB39564EA70781BB83BACF06AD612
Authority key identifier: 0A:FE:9D:66:65:5B:5F:D2:7B:2C:17:CA:96:85:65:0D:53:F3:BB:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cv6dZmVbX9J7LBfKloVlDVPzuwo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/81ef2d-ae66-4739-8deb-bdc248a6f565/1/BhjrkRe2_yDqe8AkH0rQX7BBn7I.roa
Signing time: Wed 16 Nov 2022 10:27:27 +0000
ROA not before: Wed 16 Nov 2022 10:27:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41419
IP address blocks: 89.250.80.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7f:fa:b3:95:64:ea:70:78:1b:b8:3b:ac:f0:6a:d6:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0afe9d66655b5fd27b2c17ca9685650d53f3bb0a
Validity
Not Before: Nov 16 10:27:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0618eb9117b6ff20ea7bc0241f4ad05fb0419fb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:41:86:ad:0f:07:b8:6b:c8:fa:58:e7:59:6e:
bd:39:de:75:fb:1b:bb:13:78:44:f2:68:53:f6:f3:
3c:8b:3d:55:52:11:86:ea:c3:53:10:5d:be:ae:05:
a1:fd:60:0f:16:86:7e:db:cc:1b:dd:36:03:0d:46:
60:9b:b5:ee:fa:9e:20:5a:2b:ca:1d:aa:8d:12:14:
13:77:ac:ea:1e:c1:f8:a2:e6:2e:e1:d9:80:64:17:
24:ef:e0:98:01:ff:ce:ed:27:6e:78:c2:45:05:c8:
30:40:bb:9a:34:4e:53:b8:dd:16:07:5e:70:55:5f:
6d:30:aa:f2:6a:29:cc:b2:95:06:55:60:6c:7a:9c:
b0:53:e1:a4:5d:29:8a:47:3b:fe:cb:6b:85:e5:6a:
f9:fd:d7:85:e0:2d:97:5c:76:5a:37:df:24:a6:db:
18:92:65:22:c9:79:ac:ee:93:2a:6d:2e:82:18:2b:
6c:28:a7:3b:8f:68:82:30:8b:47:29:f0:f8:a3:ad:
67:e2:05:e1:65:d2:d3:7c:26:e3:99:3c:45:1f:8a:
d5:59:22:b1:bc:33:b4:62:9a:89:40:94:26:e6:4b:
89:b2:80:4d:c5:5f:fc:9a:f4:7d:76:ca:7f:01:30:
1e:a7:36:48:01:93:99:dc:a3:d1:e3:ca:e0:a8:5a:
5e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:18:EB:91:17:B6:FF:20:EA:7B:C0:24:1F:4A:D0:5F:B0:41:9F:B2
X509v3 Authority Key Identifier:
keyid:0A:FE:9D:66:65:5B:5F:D2:7B:2C:17:CA:96:85:65:0D:53:F3:BB:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cv6dZmVbX9J7LBfKloVlDVPzuwo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/81ef2d-ae66-4739-8deb-bdc248a6f565/1/BhjrkRe2_yDqe8AkH0rQX7BBn7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/81ef2d-ae66-4739-8deb-bdc248a6f565/1/Cv6dZmVbX9J7LBfKloVlDVPzuwo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.250.80.0/20
Signature Algorithm: sha256WithRSAEncryption
44:03:7d:36:0b:2d:68:3e:b5:60:57:68:b9:51:52:e5:e7:fb:
14:12:3a:20:aa:b7:c0:af:31:62:d0:51:2b:78:52:35:e3:59:
50:be:d3:b9:b8:3d:5f:c9:f3:83:e1:3f:d9:41:5f:84:fa:33:
68:f7:78:60:36:a1:ed:a7:e5:ce:a0:75:86:87:d7:76:96:f9:
01:30:eb:45:29:22:3f:cf:a8:d8:3a:cc:57:05:df:88:53:c3:
8f:52:ce:30:4e:d0:3e:60:6b:d8:1a:0b:a4:97:c8:29:ae:91:
28:a1:91:cc:8a:49:a4:1e:9b:89:55:b5:07:f5:25:d1:73:17:
b6:fb:2b:b9:32:3e:96:e1:d4:85:11:06:57:b0:cc:b8:64:86:
ee:a8:1b:eb:bc:ac:74:1e:99:cc:0a:e0:69:28:74:8f:fd:f2:
4b:1c:a8:79:5e:71:0b:3f:5f:68:bc:b9:3d:3f:8b:46:82:b6:
cd:66:f6:fe:48:b6:a1:ef:d0:ae:e0:c3:1e:b0:47:c7:98:f2:
6c:a7:8f:f3:bf:2d:84:9e:46:84:cd:b9:9e:bf:74:b8:3c:92:
a0:1a:72:f2:0a:ab:d1:c5:88:2d:ef:23:16:28:73:a6:db:2a:
39:7c:dd:33:fc:39:4c:7c:a5:a7:ef:1f:98:1d:4b:27:44:40:
60:ef:8a:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYR/+rOVZOpweBu4O6zwatYSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhZmU5ZDY2NjU1YjVmZDI3YjJjMTdjYTk2ODU2NTBkNTNm
M2JiMGEwHhcNMjIxMTE2MTAyNzI3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjE4ZWI5MTE3YjZmZjIwZWE3YmMwMjQxZjRhZDA1ZmIwNDE5ZmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkGGrQ8HuGvI+ljnWW69Od51+xu7
E3hE8mhT9vM8iz1VUhGG6sNTEF2+rgWh/WAPFoZ+28wb3TYDDUZgm7Xu+p4gWivK
HaqNEhQTd6zqHsH4ouYu4dmAZBck7+CYAf/O7SdueMJFBcgwQLuaNE5TuN0WB15w
VV9tMKryainMspUGVWBsepywU+GkXSmKRzv+y2uF5Wr5/deF4C2XXHZaN98kptsY
kmUiyXms7pMqbS6CGCtsKKc7j2iCMItHKfD4o61n4gXhZdLTfCbjmTxFH4rVWSKx
vDO0YpqJQJQm5kuJsoBNxV/8mvR9dsp/ATAepzZIAZOZ3KPR48rgqFpeHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAYY65EXtv8g6nvAJB9K0F+wQZ+yMB8GA1UdIwQY
MBaAFAr+nWZlW1/SeywXypaFZQ1T87sKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3Y2ZFptVmJYOUo3TEJmS2xvVmxEVlB6dXdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS84MWVmMmQtYWU2Ni00NzM5LThkZWIt
YmRjMjQ4YTZmNTY1LzEvQmhqcmtSZTJfeURxZThBa0gwclFYN0JCbjdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS84MWVmMmQtYWU2Ni00NzM5LThkZWItYmRjMjQ4YTZmNTY1
LzEvQ3Y2ZFptVmJYOUo3TEJmS2xvVmxEVlB6dXdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEWfpQMA0G
CSqGSIb3DQEBCwUAA4IBAQBEA302Cy1oPrVgV2i5UVLl5/sUEjogqrfArzFi0FEr
eFI141lQvtO5uD1fyfOD4T/ZQV+E+jNo93hgNqHtp+XOoHWGh9d2lvkBMOtFKSI/
z6jYOsxXBd+IU8OPUs4wTtA+YGvYGgukl8gprpEooZHMikmkHpuJVbUH9SXRcxe2
+yu5Mj6W4dSFEQZXsMy4ZIbuqBvrvKx0HpnMCuBpKHSP/fJLHKh5XnELP19ovLk9
P4tGgrbNZvb+SLah79Cu4MMesEfHmPJsp4/zvy2EnkaEzbmev3S4PJKgGnLyCqvR
xYgt7yMWKHOm2yo5fN0z/DlMfKWn7x+YHUsnREBg74ol
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:39 2023 by rpki-client on console-ams.rpki-client.org