Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/2b0e11-f18d-4757-9011-6678eb81b8b0/1/BK-aKF-ixGUAVAIlSmewFidUloM.roa
File: BK-aKF-ixGUAVAIlSmewFidUloM.roa (raw, json)
Hash identifier: bQKUAoiofBtea5KCYBCiY6hBGZpvNqZyQVi/6hkTXAA=
Subject key identifier: 04:AF:9A:28:5F:A2:C4:65:00:54:02:25:4A:67:B0:16:27:54:96:83
Certificate issuer: /CN=95d70bf80a07c9ffcbef0cd8465b458d613dcc85
Certificate serial: 0187B8D4B8AA31E12252178F570B9A212E4D
Authority key identifier: 95:D7:0B:F8:0A:07:C9:FF:CB:EF:0C:D8:46:5B:45:8D:61:3D:CC:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ldcL-AoHyf_L7wzYRltFjWE9zIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/2b0e11-f18d-4757-9011-6678eb81b8b0/1/BK-aKF-ixGUAVAIlSmewFidUloM.roa
Signing time: Tue 25 Apr 2023 14:32:41 +0000
ROA not before: Tue 25 Apr 2023 14:32:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199557
IP address blocks: 2a13:fa80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b8:d4:b8:aa:31:e1:22:52:17:8f:57:0b:9a:21:2e:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95d70bf80a07c9ffcbef0cd8465b458d613dcc85
Validity
Not Before: Apr 25 14:32:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=04af9a285fa2c465005402254a67b01627549683
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0f:24:88:94:9e:2d:2c:b1:74:cb:20:b8:34:
72:f3:d3:01:5f:35:e6:bb:6c:94:58:ef:28:1f:a9:
21:03:db:53:11:b9:06:34:20:f2:e0:bf:24:79:f5:
10:f9:fb:81:a8:b1:24:3c:60:b0:22:a8:e4:3f:6c:
02:bc:d5:59:88:ae:35:1d:f3:c0:3b:d7:b3:b1:77:
35:ad:75:b2:c1:5a:10:d4:06:d0:d8:33:96:03:7e:
27:04:7b:03:c7:6d:7d:b0:67:b0:61:e3:36:ae:db:
b2:52:b9:0d:21:ca:b7:e4:21:c0:3b:38:cc:8a:13:
44:7f:74:e5:28:fb:54:91:0f:82:10:26:20:47:c1:
fe:74:28:e3:da:c0:a0:f2:26:36:4a:d4:c3:75:6d:
74:bf:70:bf:6b:25:b6:49:a2:e8:de:c9:86:ad:89:
76:b6:a8:b0:d1:57:a0:97:01:83:0c:4c:1f:ea:62:
3e:a9:1e:b0:b6:35:92:45:fe:83:73:60:b6:29:da:
c5:b1:e6:2c:f6:48:7d:be:c5:0f:4a:c1:b8:21:2f:
c6:85:08:90:06:13:3e:c6:91:5f:f0:72:87:1d:8e:
79:00:47:55:11:6b:22:b7:81:e7:fe:19:84:c7:ff:
2d:31:90:84:ec:1a:b7:17:45:5a:77:93:9a:33:f8:
e4:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:AF:9A:28:5F:A2:C4:65:00:54:02:25:4A:67:B0:16:27:54:96:83
X509v3 Authority Key Identifier:
keyid:95:D7:0B:F8:0A:07:C9:FF:CB:EF:0C:D8:46:5B:45:8D:61:3D:CC:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ldcL-AoHyf_L7wzYRltFjWE9zIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/2b0e11-f18d-4757-9011-6678eb81b8b0/1/BK-aKF-ixGUAVAIlSmewFidUloM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/2b0e11-f18d-4757-9011-6678eb81b8b0/1/ldcL-AoHyf_L7wzYRltFjWE9zIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:fa80::/29
Signature Algorithm: sha256WithRSAEncryption
30:76:64:e9:62:18:29:37:f9:7b:22:e7:64:2a:ef:5d:8f:53:
c0:c6:ff:2f:8b:03:22:c6:c3:8e:2d:88:b4:d4:3b:fa:37:d8:
f2:5a:3f:45:a4:c6:db:de:3f:b2:6e:79:f5:42:73:11:44:76:
3b:cf:3f:93:44:ef:36:e1:ef:7f:23:18:a2:b5:64:44:32:d7:
ee:cf:d7:01:54:b7:99:c6:b2:cd:c4:68:1e:9d:03:52:2d:99:
63:bf:93:63:85:00:38:cb:f3:bb:c9:41:3d:4b:12:7e:1f:be:
c8:54:2d:d2:1b:2e:b5:df:ea:db:1f:76:17:51:8b:81:a8:09:
ab:51:bd:85:2b:ec:6e:21:a4:5a:35:2e:e7:1c:18:93:d4:10:
11:29:e9:8f:f0:c6:65:49:76:e2:dc:67:75:de:02:cf:86:1c:
87:07:09:fb:ee:4a:aa:40:59:b9:9b:93:94:e6:6b:b2:f1:e9:
6a:c0:83:10:6a:50:3d:60:1d:ed:d4:10:e6:65:53:da:91:88:
2e:61:cb:30:08:19:e7:34:68:b1:2b:b5:6f:92:c0:4a:cd:11:
ed:1f:33:0e:42:18:60:74:63:ac:9f:07:1b:05:20:aa:e1:9a:
04:18:ab:3f:0a:b5:d5:3a:9e:be:12:95:11:25:ac:05:cf:fb:
6f:20:c4:60
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYe41LiqMeEiUhePVwuaIS5NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZDcwYmY4MGEwN2M5ZmZjYmVmMGNkODQ2NWI0NThkNjEz
ZGNjODUwHhcNMjMwNDI1MTQzMjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGFmOWEyODVmYTJjNDY1MDA1NDAyMjU0YTY3YjAxNjI3NTQ5NjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqA8kiJSeLSyxdMsguDRy89MBXzXm
u2yUWO8oH6khA9tTEbkGNCDy4L8kefUQ+fuBqLEkPGCwIqjkP2wCvNVZiK41HfPA
O9ezsXc1rXWywVoQ1AbQ2DOWA34nBHsDx219sGewYeM2rtuyUrkNIcq35CHAOzjM
ihNEf3TlKPtUkQ+CECYgR8H+dCjj2sCg8iY2StTDdW10v3C/ayW2SaLo3smGrYl2
tqiw0VeglwGDDEwf6mI+qR6wtjWSRf6Dc2C2KdrFseYs9kh9vsUPSsG4IS/GhQiQ
BhM+xpFf8HKHHY55AEdVEWsit4Hn/hmEx/8tMZCE7Bq3F0Vad5OaM/jknwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFASvmihfosRlAFQCJUpnsBYnVJaDMB8GA1UdIwQY
MBaAFJXXC/gKB8n/y+8M2EZbRY1hPcyFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGRjTC1Bb0h5Zl9MN3d6WVJsdEZqV0U5eklVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8yYjBlMTEtZjE4ZC00NzU3LTkwMTEt
NjY3OGViODFiOGIwLzEvQkstYUtGLWl4R1VBVkFJbFNtZXdGaWRVbG9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8yYjBlMTEtZjE4ZC00NzU3LTkwMTEtNjY3OGViODFiOGIw
LzEvbGRjTC1Bb0h5Zl9MN3d6WVJsdEZqV0U5eklVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhP6gDAN
BgkqhkiG9w0BAQsFAAOCAQEAMHZk6WIYKTf5eyLnZCrvXY9TwMb/L4sDIsbDji2I
tNQ7+jfY8lo/RaTG294/sm559UJzEUR2O88/k0TvNuHvfyMYorVkRDLX7s/XAVS3
mcayzcRoHp0DUi2ZY7+TY4UAOMvzu8lBPUsSfh++yFQt0hsutd/q2x92F1GLgagJ
q1G9hSvsbiGkWjUu5xwYk9QQESnpj/DGZUl24txndd4Cz4YchwcJ++5KqkBZuZuT
lOZrsvHpasCDEGpQPWAd7dQQ5mVT2pGILmHLMAgZ5zRosSu1b5LASs0R7R8zDkIY
YHRjrJ8HGwUgquGaBBirPwq11TqevhKVESWsBc/7byDEYA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:16 2025 by rpki-client