Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/5247b3-6067-436d-ae19-cba722ecb2db/1/63UX6b0xrsXM9cktN8z7VDmvW34.roa
File: 63UX6b0xrsXM9cktN8z7VDmvW34.roa (raw, json)
Hash identifier: ayCKXzAmKGWLF/yF9RiwUIuWTM2rb9oPimoXoEzklLE=
Subject key identifier: EB:75:17:E9:BD:31:AE:C5:CC:F5:C9:2D:37:CC:FB:54:39:AF:5B:7E
Certificate issuer: /CN=acfbbca852b957385909f6bd288cdf363f218b06
Certificate serial: 038EE9C2
Authority key identifier: AC:FB:BC:A8:52:B9:57:38:59:09:F6:BD:28:8C:DF:36:3F:21:8B:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rPu8qFK5VzhZCfa9KIzfNj8hiwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/5247b3-6067-436d-ae19-cba722ecb2db/1/63UX6b0xrsXM9cktN8z7VDmvW34.roa
Signing time: Sat 01 Jan 2022 11:03:49 +0000
ROA not before: Sat 01 Jan 2022 11:03:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203901
IP address blocks: 185.101.28.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59697602 (0x38ee9c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acfbbca852b957385909f6bd288cdf363f218b06
Validity
Not Before: Jan 1 11:03:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eb7517e9bd31aec5ccf5c92d37ccfb5439af5b7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:11:fc:95:0d:32:d7:73:bd:a8:b4:2f:32:ab:
3e:73:38:01:29:0f:61:c2:df:bc:a2:2e:14:e1:cc:
b2:82:70:26:bd:b5:03:66:49:78:9a:8b:64:b7:9f:
3c:47:e9:81:9a:5c:6b:34:5c:a2:5c:10:0a:e2:8f:
2e:3c:ca:ec:91:5e:f2:b2:c9:d3:5c:c3:45:cc:f7:
51:e4:30:df:58:88:1b:22:89:66:8c:d3:89:a0:af:
0f:04:36:ef:5d:e8:f7:f8:8d:e3:c2:0a:13:98:62:
93:bb:ed:8b:1f:62:b5:53:56:3d:41:1b:66:7f:0d:
eb:ee:6b:4b:02:69:e1:b2:a7:20:d6:37:2c:e6:0a:
a8:9d:f7:2b:eb:ef:04:6f:d6:00:e3:c5:06:b8:73:
86:52:30:80:2c:90:44:5b:ad:b2:c6:ab:12:91:d6:
4d:a4:b8:ab:06:68:5b:92:91:ec:11:c1:53:3f:ca:
3a:14:54:5c:fe:7a:69:7b:33:fb:5e:2f:5e:cc:92:
65:b8:09:f1:43:c7:1b:de:21:93:bf:5b:e6:3e:bd:
0e:a0:68:fd:61:72:91:4e:e0:a7:23:fb:9f:35:d8:
72:f2:84:7f:c6:95:4d:6f:3e:7c:d3:22:6a:de:b4:
03:98:ba:e0:10:c5:be:18:27:40:75:98:47:e6:a6:
26:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:75:17:E9:BD:31:AE:C5:CC:F5:C9:2D:37:CC:FB:54:39:AF:5B:7E
X509v3 Authority Key Identifier:
keyid:AC:FB:BC:A8:52:B9:57:38:59:09:F6:BD:28:8C:DF:36:3F:21:8B:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rPu8qFK5VzhZCfa9KIzfNj8hiwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/5247b3-6067-436d-ae19-cba722ecb2db/1/63UX6b0xrsXM9cktN8z7VDmvW34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/5247b3-6067-436d-ae19-cba722ecb2db/1/rPu8qFK5VzhZCfa9KIzfNj8hiwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.28.0/22
Signature Algorithm: sha256WithRSAEncryption
43:31:0b:a6:d5:2b:71:eb:ae:fa:5d:4f:fd:20:62:c4:5b:12:
30:a0:a6:90:cd:bb:b7:7c:12:8a:83:b8:c7:c3:ba:c5:96:76:
65:c8:b9:c3:dd:bd:7c:b7:c0:67:83:63:de:b2:ae:85:57:d5:
4e:bc:ea:8e:df:4c:de:11:c8:56:52:55:8f:2e:29:24:00:d3:
87:29:eb:a6:02:96:e3:53:9f:cb:a1:3e:6f:e6:13:72:58:c9:
3b:14:83:02:9b:29:da:3a:3e:83:3a:5c:81:ae:f2:6f:58:55:
1a:4c:91:af:13:f6:55:52:6c:ae:7b:4a:df:1e:09:c7:c0:dd:
63:d9:e6:4a:c0:22:14:eb:64:f5:b5:6b:12:f1:6e:02:0b:6f:
ff:26:2b:46:28:42:d6:12:f8:38:7e:36:ac:e4:82:b2:d8:9e:
d0:8d:8e:46:5e:da:70:8a:9f:56:e8:76:e4:18:7d:c3:82:c2:
20:d9:0c:25:ee:e7:aa:db:16:50:54:12:fc:67:dd:e6:ef:6e:
78:0d:ec:30:74:32:7d:aa:00:63:15:74:d8:7f:e9:4a:9b:02:
ba:d8:29:f3:7b:61:04:1c:ae:15:77:f8:a8:4d:29:fb:a9:09:
fa:0b:69:41:fb:01:15:bc:a4:3e:d7:7f:95:e2:4a:1b:05:75:
cc:5c:65:7a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA47pwjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
Y2ZiYmNhODUyYjk1NzM4NTkwOWY2YmQyODhjZGYzNjNmMjE4YjA2MB4XDTIyMDEw
MTExMDM0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWI3NTE3ZTliZDMx
YWVjNWNjZjVjOTJkMzdjY2ZiNTQzOWFmNWI3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOER/JUNMtdzvai0LzKrPnM4ASkPYcLfvKIuFOHMsoJwJr21
A2ZJeJqLZLefPEfpgZpcazRcolwQCuKPLjzK7JFe8rLJ01zDRcz3UeQw31iIGyKJ
ZozTiaCvDwQ2713o9/iN48IKE5hik7vtix9itVNWPUEbZn8N6+5rSwJp4bKnINY3
LOYKqJ33K+vvBG/WAOPFBrhzhlIwgCyQRFutssarEpHWTaS4qwZoW5KR7BHBUz/K
OhRUXP56aXsz+14vXsySZbgJ8UPHG94hk79b5j69DqBo/WFykU7gpyP7nzXYcvKE
f8aVTW8+fNMiat60A5i64BDFvhgnQHWYR+amJl0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTrdRfpvTGuxcz1yS03zPtUOa9bfjAfBgNVHSMEGDAWgBSs+7yoUrlXOFkJ
9r0ojN82PyGLBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JQdThxRks1VnpoWkNmYTlLSXpmTmo4aGl3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvNTI0N2IzLTYwNjctNDM2ZC1hZTE5LWNiYTcyMmVjYjJkYi8x
LzYzVVg2YjB4cnNYTTlja3ROOHo3VkRtdlczNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
NTI0N2IzLTYwNjctNDM2ZC1hZTE5LWNiYTcyMmVjYjJkYi8xL3JQdThxRks1Vnpo
WkNmYTlLSXpmTmo4aGl3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArllHDANBgkqhkiG9w0BAQsFAAOC
AQEAQzELptUrceuu+l1P/SBixFsSMKCmkM27t3wSioO4x8O6xZZ2Zci5w929fLfA
Z4Nj3rKuhVfVTrzqjt9M3hHIVlJVjy4pJADThynrpgKW41Ofy6E+b+YTcljJOxSD
Apsp2jo+gzpcga7yb1hVGkyRrxP2VVJsrntK3x4Jx8DdY9nmSsAiFOtk9bVrEvFu
Agtv/yYrRihC1hL4OH42rOSCstie0I2ORl7acIqfVuh25Bh9w4LCINkMJe7nqtsW
UFQS/Gfd5u9ueA3sMHQyfaoAYxV02H/pSpsCutgp83thBByuFXf4qE0p+6kJ+gtp
QfsBFbykPtd/leJKGwV1zFxleg==
-----END CERTIFICATE-----
Generated at Wed Apr 23 06:39:44 2025 by rpki-client