Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/46169f-cf94-4d1b-b2d7-72125297af28/1/BFK4O-5Iai0mavG0SLB68m41ZgI.roa
File: BFK4O-5Iai0mavG0SLB68m41ZgI.roa (raw, json)
Hash identifier: ayTU1FsL2DFDABx6vywO6rdPgBpbrvk/obPLN8bJJQY=
Subject key identifier: 04:52:B8:3B:EE:48:6A:2D:26:6A:F1:B4:48:B0:7A:F2:6E:35:66:02
Certificate issuer: /CN=1a537a0c0a331091b307253c6f07e8f82854e6b0
Certificate serial: 13230F99
Authority key identifier: 1A:53:7A:0C:0A:33:10:91:B3:07:25:3C:6F:07:E8:F8:28:54:E6:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GlN6DAozEJGzByU8bwfo-ChU5rA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/46169f-cf94-4d1b-b2d7-72125297af28/1/BFK4O-5Iai0mavG0SLB68m41ZgI.roa
Signing time: Sat 01 Jan 2022 11:59:01 +0000
ROA not before: Sat 01 Jan 2022 11:59:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 680
IP address blocks: 141.35.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 321064857 (0x13230f99)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a537a0c0a331091b307253c6f07e8f82854e6b0
Validity
Not Before: Jan 1 11:59:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0452b83bee486a2d266af1b448b07af26e356602
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:94:23:54:27:7e:a2:e4:db:b6:31:d2:6e:b5:
8e:ad:09:1d:86:ea:e9:17:f4:a4:26:c2:4e:ae:ac:
38:b9:50:a7:91:05:f7:6f:28:b2:6f:11:87:c3:1d:
24:bd:b9:92:a1:1a:41:0f:f7:c4:d7:46:d0:3f:59:
a0:19:72:db:72:dc:7a:dd:96:e5:2f:2f:97:47:86:
48:00:b5:59:63:12:94:d6:86:b1:81:40:67:9f:27:
4b:c1:17:2c:05:d5:37:b9:8a:c5:5f:1e:a9:c6:a6:
9d:af:83:23:ae:5f:be:78:05:5d:57:34:00:1b:f2:
39:84:95:dc:34:fd:e1:24:5c:7a:42:0b:2e:e8:87:
67:83:84:4c:28:94:ea:7e:ab:ae:a3:0a:31:22:39:
60:67:21:39:6c:a1:ea:52:e5:2f:06:66:a4:ce:4f:
90:6b:97:56:2e:c6:53:44:0a:f5:17:39:68:cc:84:
a1:e5:dd:9b:2d:a2:c0:91:96:2d:f5:21:aa:6a:77:
5a:d2:c7:51:e2:9a:e0:15:a5:52:f1:d4:c6:8d:61:
67:ff:97:1d:73:a1:01:93:95:ba:9e:84:e6:ce:1e:
e1:f5:58:e8:8b:fe:a1:53:93:e3:88:43:bc:44:0e:
c9:e8:0f:ef:3c:71:32:d4:02:81:a6:4f:79:8a:6e:
36:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:52:B8:3B:EE:48:6A:2D:26:6A:F1:B4:48:B0:7A:F2:6E:35:66:02
X509v3 Authority Key Identifier:
keyid:1A:53:7A:0C:0A:33:10:91:B3:07:25:3C:6F:07:E8:F8:28:54:E6:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GlN6DAozEJGzByU8bwfo-ChU5rA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/46169f-cf94-4d1b-b2d7-72125297af28/1/BFK4O-5Iai0mavG0SLB68m41ZgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/46169f-cf94-4d1b-b2d7-72125297af28/1/GlN6DAozEJGzByU8bwfo-ChU5rA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.35.0.0/16
Signature Algorithm: sha256WithRSAEncryption
78:c9:37:b3:58:f7:1d:47:17:c2:eb:d0:6a:dc:a6:96:a7:60:
9e:a8:f9:31:91:08:d1:ab:4a:b6:81:73:69:b5:14:a2:f2:0b:
77:e6:b7:c3:bd:f1:78:ac:47:83:e7:42:ef:65:1a:51:b6:95:
c0:c7:7b:89:32:4f:9c:76:a8:87:82:36:2c:18:e9:18:65:af:
da:53:1e:6d:52:48:db:04:92:82:24:a0:4f:3b:78:e5:8b:c9:
68:c9:54:fc:8f:b3:56:ee:84:24:63:bd:dd:e3:1c:d3:c2:df:
3f:68:b9:45:ec:ed:99:b4:a4:92:b8:24:2e:33:52:f3:41:13:
18:8e:f3:e9:51:52:e1:d2:42:c9:d7:a3:b6:b9:c5:92:c9:aa:
1a:ed:ed:34:57:0e:1d:32:01:db:b2:16:6d:86:0e:14:e9:7d:
69:4e:77:5e:ee:5c:bb:28:96:c1:d0:10:3d:3d:6c:06:4f:e4:
d1:28:01:83:a3:fb:25:a1:7c:4f:0f:9b:96:31:df:15:0b:a2:
7c:be:00:60:a0:2f:2a:f6:17:cf:9c:3b:47:a4:76:4b:38:d7:
ff:35:50:92:c1:f1:be:8c:4c:7f:3b:7b:51:8b:47:58:57:9a:
5d:08:69:8b:0d:37:ee:36:5c:d7:42:c3:b0:4e:3a:55:d2:ec:
0d:05:cf:ac
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIEEyMPmTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YTUzN2EwYzBhMzMxMDkxYjMwNzI1M2M2ZjA3ZThmODI4NTRlNmIwMB4XDTIyMDEw
MTExNTkwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDQ1MmI4M2JlZTQ4
NmEyZDI2NmFmMWI0NDhiMDdhZjI2ZTM1NjYwMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALGUI1QnfqLk27Yx0m61jq0JHYbq6Rf0pCbCTq6sOLlQp5EF
928osm8Rh8MdJL25kqEaQQ/3xNdG0D9ZoBly23Lcet2W5S8vl0eGSAC1WWMSlNaG
sYFAZ58nS8EXLAXVN7mKxV8eqcamna+DI65fvngFXVc0ABvyOYSV3DT94SRcekIL
LuiHZ4OETCiU6n6rrqMKMSI5YGchOWyh6lLlLwZmpM5PkGuXVi7GU0QK9Rc5aMyE
oeXdmy2iwJGWLfUhqmp3WtLHUeKa4BWlUvHUxo1hZ/+XHXOhAZOVup6E5s4e4fVY
6Iv+oVOT44hDvEQOyegP7zxxMtQCgaZPeYpuNiECAwEAAaOCAggwggIEMB0GA1Ud
DgQWBBQEUrg77khqLSZq8bRIsHrybjVmAjAfBgNVHSMEGDAWgBQaU3oMCjMQkbMH
JTxvB+j4KFTmsDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dsTjZEQW96RUpHekJ5VThid2ZvLUNoVTVyQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWIvNDYxNjlmLWNmOTQtNGQxYi1iMmQ3LTcyMTI1Mjk3YWYyOC8x
L0JGSzRPLTVJYWkwbWF2RzBTTEI2OG00MVpnSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIv
NDYxNjlmLWNmOTQtNGQxYi1iMmQ3LTcyMTI1Mjk3YWYyOC8xL0dsTjZEQW96RUpH
ekJ5VThid2ZvLUNoVTVyQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAe
BggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAI0jMA0GCSqGSIb3DQEBCwUAA4IB
AQB4yTezWPcdRxfC69Bq3KaWp2CeqPkxkQjRq0q2gXNptRSi8gt35rfDvfF4rEeD
50LvZRpRtpXAx3uJMk+cdqiHgjYsGOkYZa/aUx5tUkjbBJKCJKBPO3jli8loyVT8
j7NW7oQkY73d4xzTwt8/aLlF7O2ZtKSSuCQuM1LzQRMYjvPpUVLh0kLJ16O2ucWS
yaoa7e00Vw4dMgHbshZthg4U6X1pTnde7ly7KJbB0BA9PWwGT+TRKAGDo/sloXxP
D5uWMd8VC6J8vgBgoC8q9hfPnDtHpHZLONf/NVCSwfG+jEx/O3tRi0dYV5pdCGmL
DTfuNlzXQsOwTjpV0uwNBc+s
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:45 2023 by rpki-client on console-ams.rpki-client.org