Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/34bd6e-79a7-4126-8a32-2fd280e0d54a/1/bPNElhD2QeXo8cv2NQlVFb3gSJU.roa
File: bPNElhD2QeXo8cv2NQlVFb3gSJU.roa (raw, json)
Hash identifier: CnBLpce/PSJ8gtiOqx9iL0r4vVEEe9fYUTcn8p68H5c=
Subject key identifier: 6C:F3:44:96:10:F6:41:E5:E8:F1:CB:F6:35:09:55:15:BD:E0:48:95
Certificate issuer: /CN=58f75ef0d630e1d086790ca0b78e7eef8e2acfbb
Certificate serial: 370936CB
Authority key identifier: 58:F7:5E:F0:D6:30:E1:D0:86:79:0C:A0:B7:8E:7E:EF:8E:2A:CF:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WPde8NYw4dCGeQygt45-744qz7s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/34bd6e-79a7-4126-8a32-2fd280e0d54a/1/bPNElhD2QeXo8cv2NQlVFb3gSJU.roa
Signing time: Sat 01 Jan 2022 15:03:11 +0000
ROA not before: Sat 01 Jan 2022 15:03:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 196725
IP address blocks: 151.252.96.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 923350731 (0x370936cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58f75ef0d630e1d086790ca0b78e7eef8e2acfbb
Validity
Not Before: Jan 1 15:03:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6cf3449610f641e5e8f1cbf635095515bde04895
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:57:4a:8f:a9:c6:1e:79:59:23:7a:d0:6d:dd:
69:7c:4b:49:64:e3:f1:af:d4:f7:ff:3d:68:05:eb:
4d:a4:2d:26:77:08:80:4b:7e:7f:ed:e7:5a:b0:d9:
c0:f1:d6:3e:54:0d:39:25:55:92:16:84:1f:7c:aa:
e9:b0:02:61:9c:d4:c5:d9:02:08:62:66:76:9a:8c:
eb:42:d8:10:81:e6:fe:9b:25:16:34:bc:8f:82:e7:
96:d7:a1:f0:c2:67:18:f9:25:2b:c6:81:7e:38:44:
06:88:cc:a5:13:a1:ca:a6:2d:5c:a7:03:7d:0a:10:
97:ba:69:14:b5:7e:28:28:f3:66:aa:f4:ae:7f:93:
55:a5:65:42:29:4b:3f:eb:05:e4:39:8a:70:4a:df:
5e:7e:f3:9d:d0:16:41:f4:96:e1:38:cc:e4:24:e1:
c9:75:83:e3:06:31:5a:e9:7a:97:3c:92:9b:44:36:
dd:64:28:e5:0d:99:e2:1c:96:1e:1a:93:de:0d:d3:
2f:6d:df:46:38:ba:a3:1a:65:13:62:e7:4c:54:79:
d5:e4:fc:55:61:f2:02:2c:53:8a:10:d4:0f:83:f2:
f8:2a:a8:ee:6d:7c:1a:ff:58:cf:70:99:b2:fd:7d:
98:c0:96:28:d4:2d:17:2f:d1:08:a5:18:7b:70:15:
8a:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:F3:44:96:10:F6:41:E5:E8:F1:CB:F6:35:09:55:15:BD:E0:48:95
X509v3 Authority Key Identifier:
keyid:58:F7:5E:F0:D6:30:E1:D0:86:79:0C:A0:B7:8E:7E:EF:8E:2A:CF:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WPde8NYw4dCGeQygt45-744qz7s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/34bd6e-79a7-4126-8a32-2fd280e0d54a/1/bPNElhD2QeXo8cv2NQlVFb3gSJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/34bd6e-79a7-4126-8a32-2fd280e0d54a/1/WPde8NYw4dCGeQygt45-744qz7s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.252.96.0/21
Signature Algorithm: sha256WithRSAEncryption
6e:57:dd:96:20:1f:a8:31:8a:b1:88:82:62:5a:c5:96:88:3f:
c0:1a:99:99:24:2b:60:42:ca:f2:69:f3:c3:9e:1f:c7:14:f2:
f9:b7:a6:85:a7:8f:cc:bc:ff:60:e5:c3:02:5a:ff:18:ce:1b:
05:27:d5:d7:7f:da:62:e5:9d:cc:cd:a3:f0:c1:0b:44:c4:a4:
a9:bc:56:26:c6:91:b9:fa:86:12:2a:d0:48:55:44:c8:9a:3f:
a2:ec:44:e4:3f:80:b5:40:d8:0a:c3:ee:d0:88:98:1a:49:f5:
16:04:e3:58:41:5a:f0:3f:0d:b6:6d:ba:3f:82:48:bd:d8:56:
91:6c:84:8b:4a:18:b3:a7:8d:ce:25:db:fc:76:b2:2f:76:67:
01:2e:80:5e:0a:30:20:8d:bc:c8:77:c7:0e:99:fd:35:f7:38:
ba:fa:a1:19:4a:61:b0:b3:a2:19:5d:45:8d:91:e3:f6:da:3c:
5d:0c:63:e5:16:47:8d:61:e6:75:8e:3c:25:98:6e:7c:9e:f1:
d4:fb:44:3e:09:a1:56:23:58:ec:f3:fc:fc:86:3b:ea:04:c3:
41:83:9f:2e:d8:99:69:ef:2f:20:0c:17:cb:93:a7:6e:87:d2:
67:bb:cb:a7:1e:2f:ea:f6:20:32:86:55:56:c5:05:48:fd:02:
6d:86:21:f5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENwk2yzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
OGY3NWVmMGQ2MzBlMWQwODY3OTBjYTBiNzhlN2VlZjhlMmFjZmJiMB4XDTIyMDEw
MTE1MDMxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmNmMzQ0OTYxMGY2
NDFlNWU4ZjFjYmY2MzUwOTU1MTViZGUwNDg5NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK9XSo+pxh55WSN60G3daXxLSWTj8a/U9/89aAXrTaQtJncI
gEt+f+3nWrDZwPHWPlQNOSVVkhaEH3yq6bACYZzUxdkCCGJmdpqM60LYEIHm/psl
FjS8j4Lnlteh8MJnGPklK8aBfjhEBojMpROhyqYtXKcDfQoQl7ppFLV+KCjzZqr0
rn+TVaVlQilLP+sF5DmKcErfXn7zndAWQfSW4TjM5CThyXWD4wYxWul6lzySm0Q2
3WQo5Q2Z4hyWHhqT3g3TL23fRji6oxplE2LnTFR51eT8VWHyAixTihDUD4Py+Cqo
7m18Gv9Yz3CZsv19mMCWKNQtFy/RCKUYe3AVig8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRs80SWEPZB5ejxy/Y1CVUVveBIlTAfBgNVHSMEGDAWgBRY917w1jDh0IZ5
DKC3jn7vjirPuzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dQZGU4Tll3NGRDR2VReWd0NDUtNzQ0cXo3cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzIvMzRiZDZlLTc5YTctNDEyNi04YTMyLTJmZDI4MGUwZDU0YS8x
L2JQTkVsaEQyUWVYbzhjdjJOUWxWRmIzZ1NKVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzIv
MzRiZDZlLTc5YTctNDEyNi04YTMyLTJmZDI4MGUwZDU0YS8xL1dQZGU4Tll3NGRD
R2VReWd0NDUtNzQ0cXo3cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA5f8YDANBgkqhkiG9w0BAQsFAAOC
AQEAblfdliAfqDGKsYiCYlrFlog/wBqZmSQrYELK8mnzw54fxxTy+bemhaePzLz/
YOXDAlr/GM4bBSfV13/aYuWdzM2j8MELRMSkqbxWJsaRufqGEirQSFVEyJo/ouxE
5D+AtUDYCsPu0IiYGkn1FgTjWEFa8D8Ntm26P4JIvdhWkWyEi0oYs6eNziXb/Hay
L3ZnAS6AXgowII28yHfHDpn9Nfc4uvqhGUphsLOiGV1FjZHj9to8XQxj5RZHjWHm
dY48JZhufJ7x1PtEPgmhViNY7PP8/IY76gTDQYOfLtiZae8vIAwXy5OnbofSZ7vL
px4v6vYgMoZVVsUFSP0CbYYh9Q==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:35 2023 by rpki-client on console.sobornost.net