Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/36d70c-58f0-45bb-a8f1-77eeab28be26/1/BfgM0DvFZfKqplWhQ3bHWymOr70.roa
File: BfgM0DvFZfKqplWhQ3bHWymOr70.roa (raw, json)
Hash identifier: eMy3hh5L9CM4vU4fMo1Zpo96Zbe5CsFZGJywGzjtXdU=
Subject key identifier: 05:F8:0C:D0:3B:C5:65:F2:AA:A6:55:A1:43:76:C7:5B:29:8E:AF:BD
Certificate issuer: /CN=0e05e6cea4b39345ce2902c97a1dbabcb46d2a3b
Certificate serial: 05E2E8BC
Authority key identifier: 0E:05:E6:CE:A4:B3:93:45:CE:29:02:C9:7A:1D:BA:BC:B4:6D:2A:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DgXmzqSzk0XOKQLJeh26vLRtKjs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/36d70c-58f0-45bb-a8f1-77eeab28be26/1/BfgM0DvFZfKqplWhQ3bHWymOr70.roa
Signing time: Sat 01 Jan 2022 06:58:41 +0000
ROA not before: Sat 01 Jan 2022 06:58:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201213
IP address blocks: 91.199.75.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98756796 (0x5e2e8bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e05e6cea4b39345ce2902c97a1dbabcb46d2a3b
Validity
Not Before: Jan 1 06:58:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=05f80cd03bc565f2aaa655a14376c75b298eafbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:d7:9f:21:af:94:32:99:16:a4:61:65:ab:92:
ea:87:27:23:ed:75:c0:ab:c4:b2:4b:70:ce:ba:7d:
37:6c:b9:14:14:0e:49:00:d1:64:a1:7a:bf:46:9f:
16:12:f8:43:91:35:9e:cd:ce:b1:80:b3:48:64:0f:
c8:33:59:32:5b:47:6f:11:e1:a9:de:87:e3:f1:c8:
6f:8e:7e:b3:d1:87:bf:c2:a2:5d:82:9f:00:0d:a2:
e3:ba:40:ad:b6:aa:0e:47:29:5b:23:fc:16:18:d0:
58:b7:90:1b:b4:cf:fd:29:b3:50:3f:a3:cc:f6:c6:
d0:61:c1:72:43:ce:c8:ee:92:bc:c9:41:e3:63:8c:
f3:80:cf:9f:b6:ed:f5:10:83:bc:97:f6:78:ba:d0:
89:0d:04:3f:eb:8e:78:0b:19:6f:16:db:14:5e:df:
2c:fd:b4:50:d9:aa:df:03:c4:fe:43:35:18:b3:b7:
6e:be:80:49:fb:3e:a8:79:fe:e2:b9:8d:02:7a:03:
65:88:fb:54:88:c7:e1:e3:55:79:49:3b:9f:a5:c2:
39:d9:0d:68:18:0d:91:04:87:9a:45:7c:74:0c:ee:
07:79:6b:e7:d4:52:16:7e:2c:73:6a:dd:29:40:f6:
74:fb:7d:08:79:93:99:2a:8e:10:3b:65:11:a2:ef:
cc:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:F8:0C:D0:3B:C5:65:F2:AA:A6:55:A1:43:76:C7:5B:29:8E:AF:BD
X509v3 Authority Key Identifier:
keyid:0E:05:E6:CE:A4:B3:93:45:CE:29:02:C9:7A:1D:BA:BC:B4:6D:2A:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DgXmzqSzk0XOKQLJeh26vLRtKjs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/36d70c-58f0-45bb-a8f1-77eeab28be26/1/BfgM0DvFZfKqplWhQ3bHWymOr70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/36d70c-58f0-45bb-a8f1-77eeab28be26/1/DgXmzqSzk0XOKQLJeh26vLRtKjs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.75.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:35:55:fe:7c:42:a0:5b:a7:5e:19:65:c5:93:a6:4b:19:b1:
37:c7:c4:d5:2b:e0:73:b3:e2:3d:90:ff:15:fb:ff:b8:6e:6a:
8c:4f:a8:ee:bc:fb:db:3f:1d:89:ca:23:d4:6d:80:8f:2a:51:
d7:ea:dd:1d:73:a5:e8:64:3d:ed:fb:33:70:bc:3f:9a:10:70:
59:50:be:a4:40:17:1d:56:0f:a7:e3:66:ff:fd:33:88:4c:d7:
17:58:c3:de:96:64:81:3b:1f:35:9d:6c:ed:4f:98:3f:5e:39:
35:9b:8d:ef:9b:f9:bd:1c:c7:66:0b:57:87:88:53:87:45:ca:
63:20:10:5f:fd:ca:da:2a:90:46:17:2a:48:cb:96:2d:c5:40:
3a:4e:09:7e:6e:84:16:8a:51:e1:69:df:60:ae:de:96:c8:a1:
96:4f:5f:22:20:4e:7a:84:dc:45:25:94:35:6a:05:58:d2:c4:
31:a8:53:d2:15:6b:29:16:f3:51:a9:8e:69:d0:17:72:23:d5:
98:c8:41:b9:a4:4c:51:4c:87:ef:88:61:61:08:81:b1:2d:02:
93:01:64:c3:9e:5b:c4:ef:9c:1a:63:7a:02:5b:fd:47:35:90:
ef:70:45:55:dc:9f:30:1d:19:f9:26:62:44:6e:5c:ca:a5:42:
67:97:a5:33
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBeLovDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZTA1ZTZjZWE0YjM5MzQ1Y2UyOTAyYzk3YTFkYmFiY2I0NmQyYTNiMB4XDTIyMDEw
MTA2NTg0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDVmODBjZDAzYmM1
NjVmMmFhYTY1NWExNDM3NmM3NWIyOThlYWZiZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANTXnyGvlDKZFqRhZauS6ocnI+11wKvEsktwzrp9N2y5FBQO
SQDRZKF6v0afFhL4Q5E1ns3OsYCzSGQPyDNZMltHbxHhqd6H4/HIb45+s9GHv8Ki
XYKfAA2i47pArbaqDkcpWyP8FhjQWLeQG7TP/SmzUD+jzPbG0GHBckPOyO6SvMlB
42OM84DPn7bt9RCDvJf2eLrQiQ0EP+uOeAsZbxbbFF7fLP20UNmq3wPE/kM1GLO3
br6ASfs+qHn+4rmNAnoDZYj7VIjH4eNVeUk7n6XCOdkNaBgNkQSHmkV8dAzuB3lr
59RSFn4sc2rdKUD2dPt9CHmTmSqOEDtlEaLvzFcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQF+AzQO8Vl8qqmVaFDdsdbKY6vvTAfBgNVHSMEGDAWgBQOBebOpLOTRc4p
Asl6Hbq8tG0qOzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RnWG16cVN6azBYT0tRTEplaDI2dkxSdEtqcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTYvMzZkNzBjLTU4ZjAtNDViYi1hOGYxLTc3ZWVhYjI4YmUyNi8x
L0JmZ00wRHZGWmZLcXBsV2hRM2JIV3ltT3I3MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTYv
MzZkNzBjLTU4ZjAtNDViYi1hOGYxLTc3ZWVhYjI4YmUyNi8xL0RnWG16cVN6azBY
T0tRTEplaDI2dkxSdEtqcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvHSzANBgkqhkiG9w0BAQsFAAOC
AQEAmjVV/nxCoFunXhllxZOmSxmxN8fE1Svgc7PiPZD/Ffv/uG5qjE+o7rz72z8d
icoj1G2AjypR1+rdHXOl6GQ97fszcLw/mhBwWVC+pEAXHVYPp+Nm//0ziEzXF1jD
3pZkgTsfNZ1s7U+YP145NZuN75v5vRzHZgtXh4hTh0XKYyAQX/3K2iqQRhcqSMuW
LcVAOk4Jfm6EFopR4WnfYK7elsihlk9fIiBOeoTcRSWUNWoFWNLEMahT0hVrKRbz
UamOadAXciPVmMhBuaRMUUyH74hhYQiBsS0CkwFkw55bxO+cGmN6Alv9RzWQ73BF
VdyfMB0Z+SZiRG5cyqVCZ5elMw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:28 2023 by rpki-client on console-ams.rpki-client.org