Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/916670-1d0a-4e6d-af4a-27c6820a23fa/1/BD_zBXelsuSn-IIpgYiSJYbV700.roa
File: BD_zBXelsuSn-IIpgYiSJYbV700.roa (raw, json)
Hash identifier: KPVHQqZwG7pwR9BHKDxb8pPLxV8VveTQVRH1rO6+lwY=
Subject key identifier: 04:3F:F3:05:77:A5:B2:E4:A7:F8:82:29:81:88:92:25:86:D5:EF:4D
Certificate issuer: /CN=a7f1a0af5a7e92077ce3a2988d7976d1f5c74b19
Certificate serial: 01153459
Authority key identifier: A7:F1:A0:AF:5A:7E:92:07:7C:E3:A2:98:8D:79:76:D1:F5:C7:4B:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_Ggr1p-kgd846KYjXl20fXHSxk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/916670-1d0a-4e6d-af4a-27c6820a23fa/1/BD_zBXelsuSn-IIpgYiSJYbV700.roa
Signing time: Sat 01 Jan 2022 04:58:31 +0000
ROA not before: Sat 01 Jan 2022 04:58:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 194.29.58.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18166873 (0x1153459)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7f1a0af5a7e92077ce3a2988d7976d1f5c74b19
Validity
Not Before: Jan 1 04:58:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=043ff30577a5b2e4a7f882298188922586d5ef4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a1:54:86:6d:af:3f:19:0e:af:be:00:ae:0c:
87:4c:82:df:48:ae:31:29:85:7e:26:7e:c9:9d:2a:
87:fd:24:69:33:35:21:20:2f:46:3a:88:47:27:fa:
aa:d7:20:35:37:df:d7:4a:25:48:bc:13:58:3b:52:
e5:5e:a9:c9:13:4f:cd:8d:fc:0e:52:bf:ef:a4:d6:
92:26:1a:2f:72:4e:17:55:6d:9a:a6:d7:ee:33:7b:
5c:6c:ef:32:a8:5f:d6:46:ce:41:fb:7d:44:0c:ee:
fc:96:13:d7:a3:a0:6d:a1:5d:35:e7:cc:33:cc:f5:
63:1b:62:58:66:2c:f7:68:7a:db:9a:12:0e:43:4f:
6e:9b:4e:7c:3a:63:de:8d:a7:9d:e0:fa:a1:58:1b:
ce:4f:72:58:e1:29:6e:d9:b0:46:aa:d4:fa:63:7e:
01:d6:ff:2a:9e:27:47:83:c6:23:37:9e:71:f1:18:
f4:2e:00:4d:78:f1:fc:27:44:94:f8:4d:b1:ca:b3:
1f:dd:6a:56:07:db:26:25:f2:0a:e6:da:dc:75:45:
de:13:d8:64:48:1b:1f:29:b6:cd:61:a6:09:10:94:
ff:9e:dc:a6:d6:19:c5:57:e3:01:e2:90:6c:85:06:
0d:d1:65:62:a1:a8:a3:dd:21:cd:d7:2f:58:ca:74:
e3:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:3F:F3:05:77:A5:B2:E4:A7:F8:82:29:81:88:92:25:86:D5:EF:4D
X509v3 Authority Key Identifier:
keyid:A7:F1:A0:AF:5A:7E:92:07:7C:E3:A2:98:8D:79:76:D1:F5:C7:4B:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_Ggr1p-kgd846KYjXl20fXHSxk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/916670-1d0a-4e6d-af4a-27c6820a23fa/1/BD_zBXelsuSn-IIpgYiSJYbV700.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/916670-1d0a-4e6d-af4a-27c6820a23fa/1/p_Ggr1p-kgd846KYjXl20fXHSxk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.29.58.0/24
Signature Algorithm: sha256WithRSAEncryption
71:10:16:98:e2:04:c8:19:ee:1d:04:0a:3b:39:a4:16:86:db:
93:22:8a:c8:67:8e:dd:42:99:0f:01:17:cc:c6:0b:b5:8e:b7:
cf:77:35:f7:31:6a:81:47:e1:e2:c7:f9:e9:a7:d2:58:8e:69:
8b:c2:33:47:a9:ae:ff:8d:b5:a0:ba:7f:d9:b4:2a:2d:8b:b2:
8d:33:33:cb:ba:45:e1:77:12:59:00:fb:a6:bd:94:dd:8f:f9:
a0:f2:29:00:a8:bd:6f:3b:d6:49:0e:e7:11:ef:34:10:8a:cb:
07:42:aa:06:07:db:09:a0:28:c2:90:8d:bc:74:8c:7a:55:82:
5d:df:3a:e3:c7:2e:06:2c:76:a3:da:c6:e4:25:a2:d9:6d:05:
16:a1:11:c9:7a:ba:cb:be:88:66:5e:15:f7:a9:92:21:c9:81:
46:1f:83:1f:d4:2a:9d:7c:5f:d4:3c:cb:d5:b6:92:cb:cc:39:
56:3c:0d:98:5d:54:38:6b:07:ff:59:15:59:5f:28:0b:73:0c:
82:ae:50:79:d9:37:2a:32:45:47:02:39:7d:76:63:14:fc:86:
6a:3e:72:44:f6:02:21:41:0b:4a:d4:7c:a5:45:15:fd:cc:31:
19:1e:49:60:b7:1d:89:06:0b:54:f1:6b:bc:cd:44:d7:50:c0:
8d:69:63:d2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEARU0WTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
N2YxYTBhZjVhN2U5MjA3N2NlM2EyOTg4ZDc5NzZkMWY1Yzc0YjE5MB4XDTIyMDEw
MTA0NTgzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDQzZmYzMDU3N2E1
YjJlNGE3Zjg4MjI5ODE4ODkyMjU4NmQ1ZWY0ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALKhVIZtrz8ZDq++AK4Mh0yC30iuMSmFfiZ+yZ0qh/0kaTM1
ISAvRjqIRyf6qtcgNTff10olSLwTWDtS5V6pyRNPzY38DlK/76TWkiYaL3JOF1Vt
mqbX7jN7XGzvMqhf1kbOQft9RAzu/JYT16OgbaFdNefMM8z1YxtiWGYs92h625oS
DkNPbptOfDpj3o2nneD6oVgbzk9yWOEpbtmwRqrU+mN+Adb/Kp4nR4PGIzeecfEY
9C4ATXjx/CdElPhNscqzH91qVgfbJiXyCuba3HVF3hPYZEgbHym2zWGmCRCU/57c
ptYZxVfjAeKQbIUGDdFlYqGoo90hzdcvWMp047sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQEP/MFd6Wy5Kf4gimBiJIlhtXvTTAfBgNVHSMEGDAWgBSn8aCvWn6SB3zj
opiNeXbR9cdLGTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BfR2dyMXAta2dkODQ2S1lqWGwyMGZYSFN4ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvOTE2NjcwLTFkMGEtNGU2ZC1hZjRhLTI3YzY4MjBhMjNmYS8x
L0JEX3pCWGVsc3VTbi1JSXBnWWlTSlliVjcwMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
OTE2NjcwLTFkMGEtNGU2ZC1hZjRhLTI3YzY4MjBhMjNmYS8xL3BfR2dyMXAta2dk
ODQ2S1lqWGwyMGZYSFN4ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIdOjANBgkqhkiG9w0BAQsFAAOC
AQEAcRAWmOIEyBnuHQQKOzmkFobbkyKKyGeO3UKZDwEXzMYLtY63z3c19zFqgUfh
4sf56afSWI5pi8IzR6mu/421oLp/2bQqLYuyjTMzy7pF4XcSWQD7pr2U3Y/5oPIp
AKi9bzvWSQ7nEe80EIrLB0KqBgfbCaAowpCNvHSMelWCXd8648cuBix2o9rG5CWi
2W0FFqERyXq6y76IZl4V96mSIcmBRh+DH9QqnXxf1DzL1baSy8w5VjwNmF1UOGsH
/1kVWV8oC3MMgq5Qedk3KjJFRwI5fXZjFPyGaj5yRPYCIUELStR8pUUV/cwxGR5J
YLcdiQYLVPFrvM1E11DAjWlj0g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:45 2023 by rpki-client on console-ams.rpki-client.org