Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/f03cdc-2945-408c-8889-c69871f5d305/1/BqHFB1zKcMtPwbKdVx8dQulMcBI.roa
File: BqHFB1zKcMtPwbKdVx8dQulMcBI.roa (raw, json)
Hash identifier: yD7hnbow2lApE+bcCZFyVyBaE+4zBLZu3a3LfNIgiAs=
Subject key identifier: 06:A1:C5:07:5C:CA:70:CB:4F:C1:B2:9D:57:1F:1D:42:E9:4C:70:12
Certificate issuer: /CN=5dedd6b0e36f4bd8f1d57e26cc1c2d18c6993c04
Certificate serial: 01823ADE9A356C8543D842B0EC1D978C9F31
Authority key identifier: 5D:ED:D6:B0:E3:6F:4B:D8:F1:D5:7E:26:CC:1C:2D:18:C6:99:3C:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xe3WsONvS9jx1X4mzBwtGMaZPAQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/f03cdc-2945-408c-8889-c69871f5d305/1/BqHFB1zKcMtPwbKdVx8dQulMcBI.roa
Signing time: Tue 26 Jul 2022 14:17:23 +0000
ROA not before: Tue 26 Jul 2022 14:17:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15987
IP address blocks: 46.41.32.0/24 maxlen: 24
2a02:a00:1009::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:3a:de:9a:35:6c:85:43:d8:42:b0:ec:1d:97:8c:9f:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dedd6b0e36f4bd8f1d57e26cc1c2d18c6993c04
Validity
Not Before: Jul 26 14:17:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=06a1c5075cca70cb4fc1b29d571f1d42e94c7012
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:2c:2c:d4:5b:f3:e5:2c:f8:e8:74:b8:75:45:
5e:93:b6:0a:55:5f:ae:42:14:60:8a:3d:d2:12:e9:
90:e0:87:55:3c:ee:0a:00:0d:61:7a:02:7b:70:86:
2f:7c:30:18:a6:78:ed:e0:45:1e:d9:ca:f9:1f:04:
1e:73:35:b3:ed:f0:b1:8b:07:a7:54:92:86:55:b2:
d4:24:7f:c0:06:df:e9:d5:6b:95:89:9b:10:39:c1:
de:4f:60:7d:29:e3:19:b1:23:ea:91:d6:d5:91:b1:
b0:f5:55:ab:07:bb:ed:9c:ed:6d:60:63:f4:7e:84:
24:7d:30:7f:e7:e4:34:53:3e:57:ab:22:8d:83:1e:
26:db:2a:64:63:0d:43:ad:d4:31:de:3e:08:4f:2e:
5f:8b:07:16:0a:41:d4:7b:6c:92:ac:8b:38:ee:50:
1d:f6:7e:0a:6a:32:f4:a4:8d:1c:81:ba:d3:fa:6c:
85:42:31:02:60:5a:c7:d5:d6:25:ae:46:79:6a:e0:
a7:f4:2a:73:ee:0a:79:e3:cc:51:b1:6b:f2:a8:40:
8a:88:47:40:29:25:7c:7f:10:27:2a:e6:fa:32:c9:
de:78:b4:43:e2:d9:88:6c:70:6a:57:6e:fb:ee:68:
bf:0f:3c:c7:71:20:7a:81:c0:b6:89:6b:31:b5:54:
b3:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:A1:C5:07:5C:CA:70:CB:4F:C1:B2:9D:57:1F:1D:42:E9:4C:70:12
X509v3 Authority Key Identifier:
keyid:5D:ED:D6:B0:E3:6F:4B:D8:F1:D5:7E:26:CC:1C:2D:18:C6:99:3C:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xe3WsONvS9jx1X4mzBwtGMaZPAQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/f03cdc-2945-408c-8889-c69871f5d305/1/BqHFB1zKcMtPwbKdVx8dQulMcBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/f03cdc-2945-408c-8889-c69871f5d305/1/Xe3WsONvS9jx1X4mzBwtGMaZPAQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.41.32.0/24
IPv6:
2a02:a00:1009::/48
Signature Algorithm: sha256WithRSAEncryption
6e:21:b0:49:ff:d7:1d:c7:21:c5:64:9b:cf:7d:22:b0:3e:64:
e7:76:8e:92:d0:50:d4:d4:ef:fa:32:41:99:e8:27:50:a5:b9:
a7:0f:8a:99:c4:0c:f2:e9:c6:b9:57:16:69:44:de:4b:c1:bc:
4d:bc:05:8c:aa:38:6d:db:d1:d3:cb:7a:27:4c:79:48:78:cb:
a7:66:bf:26:24:15:4c:da:fa:c1:46:c9:85:fb:4e:b1:82:4e:
e2:fb:b7:87:31:c6:60:74:60:de:ff:0a:07:38:2d:dc:4c:49:
54:af:ba:47:80:a3:f8:98:ea:30:ac:44:80:6f:81:9f:ab:3c:
8c:21:cf:25:a4:31:15:1d:af:86:d7:d4:a6:4e:4a:45:a7:99:
33:e3:66:1e:29:e9:f9:93:78:b4:60:e5:3d:1f:d3:97:4d:70:
9f:3b:bc:89:0f:09:60:53:73:fa:74:61:5d:fa:7c:63:9d:33:
7c:27:ca:fd:a0:a8:a6:6b:79:4f:72:80:33:5b:26:3c:49:bd:
0f:19:2f:b7:07:5b:b6:24:57:5a:6e:81:17:db:f3:44:2d:4b:
7f:2a:e3:e0:38:3e:c7:9c:52:ff:2f:fd:86:9b:1e:24:0b:77:
fa:a2:19:78:99:47:10:df:57:f7:6f:55:83:a2:76:40:34:d1:
93:b0:af:4f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYI63po1bIVD2EKw7B2XjJ8xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZWRkNmIwZTM2ZjRiZDhmMWQ1N2UyNmNjMWMyZDE4YzY5
OTNjMDQwHhcNMjIwNzI2MTQxNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmExYzUwNzVjY2E3MGNiNGZjMWIyOWQ1NzFmMWQ0MmU5NGM3MDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjiws1Fvz5Sz46HS4dUVek7YKVV+u
QhRgij3SEumQ4IdVPO4KAA1hegJ7cIYvfDAYpnjt4EUe2cr5HwQeczWz7fCxiwen
VJKGVbLUJH/ABt/p1WuViZsQOcHeT2B9KeMZsSPqkdbVkbGw9VWrB7vtnO1tYGP0
foQkfTB/5+Q0Uz5XqyKNgx4m2ypkYw1DrdQx3j4ITy5fiwcWCkHUe2ySrIs47lAd
9n4KajL0pI0cgbrT+myFQjECYFrH1dYlrkZ5auCn9Cpz7gp548xRsWvyqECKiEdA
KSV8fxAnKub6MsneeLRD4tmIbHBqV2777mi/DzzHcSB6gcC2iWsxtVSzTwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAahxQdcynDLT8GynVcfHULpTHASMB8GA1UdIwQY
MBaAFF3t1rDjb0vY8dV+JswcLRjGmTwEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGUzV3NPTnZTOWp4MVg0bXpCd3RHTWFaUEFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9mMDNjZGMtMjk0NS00MDhjLTg4ODkt
YzY5ODcxZjVkMzA1LzEvQnFIRkIxektjTXRQd2JLZFZ4OGRRdWxNY0JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9mMDNjZGMtMjk0NS00MDhjLTg4ODktYzY5ODcxZjVkMzA1
LzEvWGUzV3NPTnZTOWp4MVg0bXpCd3RHTWFaUEFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALikgMA8E
AgACMAkDBwAqAgoAEAkwDQYJKoZIhvcNAQELBQADggEBAG4hsEn/1x3HIcVkm899
IrA+ZOd2jpLQUNTU7/oyQZnoJ1CluacPipnEDPLpxrlXFmlE3kvBvE28BYyqOG3b
0dPLeidMeUh4y6dmvyYkFUza+sFGyYX7TrGCTuL7t4cxxmB0YN7/Cgc4LdxMSVSv
ukeAo/iY6jCsRIBvgZ+rPIwhzyWkMRUdr4bX1KZOSkWnmTPjZh4p6fmTeLRg5T0f
05dNcJ87vIkPCWBTc/p0YV36fGOdM3wnyv2gqKZreU9ygDNbJjxJvQ8ZL7cHW7Yk
V1pugRfb80QtS38q4+A4PsecUv8v/YabHiQLd/qiGXiZRxDfV/dvVYOidkA00ZOw
r08=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:32 2024 by rpki-client on console-ams.rpki-client.org