Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/0f06fb-a822-45e5-973e-6425e4382333/1/BNBdy0zzfet_WBrDN1-1p1eMhyg.roa
File: BNBdy0zzfet_WBrDN1-1p1eMhyg.roa (raw, json)
Hash identifier: oLxL1qhE7kI0RTHyqwx+LX5EsqeVNE8OgnzQmhH8jiM=
Subject key identifier: 04:D0:5D:CB:4C:F3:7D:EB:7F:58:1A:C3:37:5F:B5:A7:57:8C:87:28
Certificate issuer: /CN=59f25f826ca383a0b7a5c0367ad781fe277f67cf
Certificate serial: 17F55771
Authority key identifier: 59:F2:5F:82:6C:A3:83:A0:B7:A5:C0:36:7A:D7:81:FE:27:7F:67:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WfJfgmyjg6C3pcA2eteB_id_Z88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/0f06fb-a822-45e5-973e-6425e4382333/1/BNBdy0zzfet_WBrDN1-1p1eMhyg.roa
Signing time: Sat 01 Jan 2022 09:58:17 +0000
ROA not before: Sat 01 Jan 2022 09:58:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12591
IP address blocks: 193.178.152.0/24 maxlen: 24
193.178.152.0/23 maxlen: 23
193.178.153.0/24 maxlen: 24
2001:67c:2154::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 401954673 (0x17f55771)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59f25f826ca383a0b7a5c0367ad781fe277f67cf
Validity
Not Before: Jan 1 09:58:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=04d05dcb4cf37deb7f581ac3375fb5a7578c8728
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:8a:49:b2:76:ff:c6:a3:4d:c0:6d:63:4f:f9:
d5:19:1d:5a:cf:7a:6f:8b:ec:fa:5c:18:2d:f6:12:
fd:92:a6:71:57:58:38:51:a8:b7:37:39:15:4c:bf:
fd:96:37:da:0f:1e:89:86:6c:15:60:96:67:ae:f3:
c1:fc:15:42:25:36:dd:a0:e9:cd:91:f4:b2:98:2c:
8e:e5:ad:78:e1:fa:05:2c:c6:ea:4c:d1:f1:7a:78:
d0:8e:3c:44:67:f4:2d:ea:2b:2d:67:77:70:a2:06:
f3:3b:88:57:56:6d:93:27:ab:0d:4b:f0:45:fb:f8:
95:f6:b7:cd:f2:4a:69:63:9b:34:c2:39:60:2c:eb:
87:0f:8f:93:92:6a:43:38:fa:ea:fb:33:00:f0:48:
5e:9a:4c:3f:f7:ed:25:65:1e:ff:cc:8e:83:8e:e9:
3e:a7:15:ba:38:52:86:f7:5a:f1:30:66:95:7e:36:
d9:1a:a3:63:7d:18:a2:f0:18:cc:8b:bd:45:24:45:
35:72:e3:d0:cc:ab:d9:c9:40:c1:e1:18:89:89:da:
a6:fe:f2:b2:46:ef:87:84:ed:2c:eb:39:0b:ca:c2:
c6:1e:98:11:2e:4e:88:fd:be:46:cf:c1:83:7d:c2:
c1:c8:1f:91:3d:4c:53:01:1d:41:13:34:f7:21:a5:
c4:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:D0:5D:CB:4C:F3:7D:EB:7F:58:1A:C3:37:5F:B5:A7:57:8C:87:28
X509v3 Authority Key Identifier:
keyid:59:F2:5F:82:6C:A3:83:A0:B7:A5:C0:36:7A:D7:81:FE:27:7F:67:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WfJfgmyjg6C3pcA2eteB_id_Z88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/0f06fb-a822-45e5-973e-6425e4382333/1/BNBdy0zzfet_WBrDN1-1p1eMhyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/0f06fb-a822-45e5-973e-6425e4382333/1/WfJfgmyjg6C3pcA2eteB_id_Z88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.178.152.0/23
IPv6:
2001:67c:2154::/48
Signature Algorithm: sha256WithRSAEncryption
26:f5:c2:bd:cb:03:34:d4:99:fc:d2:64:82:7e:35:ef:33:a9:
7a:93:4e:59:b0:c9:54:ea:56:51:92:57:72:01:2c:7a:90:ef:
de:0d:ad:5d:d6:41:11:71:fa:c0:c9:fc:2f:96:ab:81:04:7c:
2e:51:ab:e1:70:65:92:36:07:0f:9a:6b:36:cb:3c:5f:fa:48:
30:33:dc:0e:42:68:dc:de:ec:f0:a3:34:6d:c0:27:bc:a1:cd:
fe:71:61:31:09:f3:92:d7:eb:a7:d5:8e:c7:01:bf:2c:42:27:
65:5d:5b:9a:1e:fb:60:e7:0d:19:ea:12:37:ce:c6:5b:72:d4:
c7:30:d6:1e:49:64:84:ed:8e:60:ce:11:8d:af:a4:7f:18:2b:
85:84:13:af:04:cd:4a:61:93:c2:da:af:27:df:d2:bc:ca:6d:
8f:bc:a3:2b:8e:54:0a:34:74:82:2b:c4:a9:08:c1:42:39:a4:
5c:7b:cb:74:ed:c0:a9:94:79:43:c4:3f:ba:42:cc:bc:03:4a:
8b:6a:2c:75:2b:c1:17:3f:3f:a3:d9:4c:f5:22:2c:b0:92:c9:
2c:b7:a9:1a:24:29:7f:a7:28:e0:70:0d:c4:e3:c3:fd:de:20:
bb:7f:f3:69:48:05:c5:37:73:00:3b:63:12:bd:86:ef:f6:77:
31:71:a1:a7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEF/VXcTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
OWYyNWY4MjZjYTM4M2EwYjdhNWMwMzY3YWQ3ODFmZTI3N2Y2N2NmMB4XDTIyMDEw
MTA5NTgxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDRkMDVkY2I0Y2Yz
N2RlYjdmNTgxYWMzMzc1ZmI1YTc1NzhjODcyODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJuKSbJ2/8ajTcBtY0/51RkdWs96b4vs+lwYLfYS/ZKmcVdY
OFGotzc5FUy//ZY32g8eiYZsFWCWZ67zwfwVQiU23aDpzZH0spgsjuWteOH6BSzG
6kzR8Xp40I48RGf0LeorLWd3cKIG8zuIV1ZtkyerDUvwRfv4lfa3zfJKaWObNMI5
YCzrhw+Pk5JqQzj66vszAPBIXppMP/ftJWUe/8yOg47pPqcVujhShvda8TBmlX42
2RqjY30YovAYzIu9RSRFNXLj0Myr2clAweEYiYnapv7yskbvh4TtLOs5C8rCxh6Y
ES5OiP2+Rs/Bg33CwcgfkT1MUwEdQRM09yGlxMcCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQE0F3LTPN9639YGsM3X7WnV4yHKDAfBgNVHSMEGDAWgBRZ8l+CbKODoLel
wDZ614H+J39nzzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dmSmZnbXlqZzZDM3BjQTJldGVCX2lkX1o4OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmEvMGYwNmZiLWE4MjItNDVlNS05NzNlLTY0MjVlNDM4MjMzMy8x
L0JOQmR5MHp6ZmV0X1dCckROMS0xcDFlTWh5Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmEv
MGYwNmZiLWE4MjItNDVlNS05NzNlLTY0MjVlNDM4MjMzMy8xL1dmSmZnbXlqZzZD
M3BjQTJldGVCX2lkX1o4OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAcGymDAPBAIAAjAJAwcAIAEGfCFU
MA0GCSqGSIb3DQEBCwUAA4IBAQAm9cK9ywM01Jn80mSCfjXvM6l6k05ZsMlU6lZR
kldyASx6kO/eDa1d1kERcfrAyfwvlquBBHwuUavhcGWSNgcPmms2yzxf+kgwM9wO
Qmjc3uzwozRtwCe8oc3+cWExCfOS1+un1Y7HAb8sQidlXVuaHvtg5w0Z6hI3zsZb
ctTHMNYeSWSE7Y5gzhGNr6R/GCuFhBOvBM1KYZPC2q8n39K8ym2PvKMrjlQKNHSC
K8SpCMFCOaRce8t07cCplHlDxD+6Qsy8A0qLaix1K8EXPz+j2Uz1Iiywkskst6ka
JCl/pyjgcA3E48P93iC7f/NpSAXFN3MAO2MSvYbv9ncxcaGn
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:37 2023 by rpki-client on console.sobornost.net