Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/5247b3-6067-436d-ae19-cba722ecb2db/1/tNmH4emLvbGbnfZaZ8uR9_BpNlM.roa
File: tNmH4emLvbGbnfZaZ8uR9_BpNlM.roa (raw, json)
Hash identifier: 2muzotmhDV8KJoESU9SxbaBDldYwQ3dAqX3p2cOuP2o=
Subject key identifier: B4:D9:87:E1:E9:8B:BD:B1:9B:9D:F6:5A:67:CB:91:F7:F0:69:36:53
Certificate issuer: /CN=acfbbca852b957385909f6bd288cdf363f218b06
Certificate serial: 018571DE8F78F22DF83FFB71CBA93C3C4E7F
Authority key identifier: AC:FB:BC:A8:52:B9:57:38:59:09:F6:BD:28:8C:DF:36:3F:21:8B:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rPu8qFK5VzhZCfa9KIzfNj8hiwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/5247b3-6067-436d-ae19-cba722ecb2db/1/tNmH4emLvbGbnfZaZ8uR9_BpNlM.roa
Signing time: Mon 02 Jan 2023 09:44:49 +0000
ROA not before: Mon 02 Jan 2023 09:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203901
IP address blocks: 185.101.28.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:de:8f:78:f2:2d:f8:3f:fb:71:cb:a9:3c:3c:4e:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acfbbca852b957385909f6bd288cdf363f218b06
Validity
Not Before: Jan 2 09:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4d987e1e98bbdb19b9df65a67cb91f7f0693653
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:8b:2d:ff:c6:cf:4d:21:5f:70:37:07:e0:c6:
c9:d5:cf:cc:f8:34:f0:ec:b8:bc:60:22:9c:41:9d:
8a:5d:49:c3:5e:34:28:bf:2b:fb:81:78:7c:7d:f5:
c9:56:65:5f:12:e7:d2:d8:6b:60:f1:4b:9a:00:80:
0e:04:0f:31:ea:82:d8:f5:3c:e0:a5:d1:c2:8e:b6:
7e:de:3f:61:b1:88:36:8e:e2:50:b3:09:f4:a2:8a:
a8:6e:1c:b2:18:07:77:b5:ee:55:d9:4a:61:27:ce:
77:ae:96:fc:17:4b:32:49:6e:97:99:89:fc:31:1d:
32:b2:18:e4:7e:04:c8:d2:9e:b0:d5:60:bf:13:32:
7c:11:f8:bc:0a:46:c6:bb:e1:40:18:7c:fe:66:0f:
1a:32:63:dd:64:c3:b5:f6:c9:32:35:4e:15:77:f9:
5d:e6:22:6b:ea:9e:28:f1:df:c9:3a:cb:cc:d6:38:
29:80:28:d8:28:09:d6:92:e5:55:6d:e5:97:c9:df:
da:0f:9c:d0:db:b2:e7:f0:e4:d2:d3:0e:65:39:ad:
64:87:25:30:dd:59:0a:ac:d1:46:50:e5:0f:89:3f:
bd:f5:f8:80:38:ff:3a:b3:40:e9:ff:ce:3a:26:6e:
61:88:c9:31:17:3b:fa:1e:0f:c9:ce:d5:99:ff:b6:
8d:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:D9:87:E1:E9:8B:BD:B1:9B:9D:F6:5A:67:CB:91:F7:F0:69:36:53
X509v3 Authority Key Identifier:
keyid:AC:FB:BC:A8:52:B9:57:38:59:09:F6:BD:28:8C:DF:36:3F:21:8B:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rPu8qFK5VzhZCfa9KIzfNj8hiwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/5247b3-6067-436d-ae19-cba722ecb2db/1/tNmH4emLvbGbnfZaZ8uR9_BpNlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/5247b3-6067-436d-ae19-cba722ecb2db/1/rPu8qFK5VzhZCfa9KIzfNj8hiwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.28.0/22
Signature Algorithm: sha256WithRSAEncryption
71:3b:33:9e:1e:b6:78:48:18:7b:ef:be:de:4c:c2:84:2d:91:
e4:7c:e4:e6:5e:a5:b9:16:17:95:5c:82:4f:a2:a7:86:db:f1:
e3:d2:07:d1:e9:9a:de:97:5e:c4:b5:ec:f7:4f:50:6f:e6:41:
1e:85:b0:31:84:81:39:7f:a0:11:cd:53:12:57:0e:da:8d:ab:
b8:b4:ea:18:16:e5:a0:e8:ba:6d:4a:f9:b1:a5:bc:64:94:88:
22:72:f2:60:10:99:56:28:1a:6c:68:13:d7:6c:3f:a0:17:96:
2e:8d:99:e0:6a:04:7b:a9:b6:1b:bd:8f:2c:29:02:30:29:15:
27:dc:d6:ee:31:59:b1:63:48:ae:72:ca:d0:75:d9:88:48:73:
7b:5e:7e:bb:11:dd:a3:9e:7d:c0:46:b1:c2:7a:7d:ce:62:8d:
0e:a3:d9:0e:ff:bd:71:5a:61:b5:e3:1f:b4:b2:98:e5:1c:05:
29:e8:b4:67:8c:e7:ec:c2:6f:41:6f:0b:64:f9:06:21:7f:96:
7b:c3:44:4b:96:b7:4c:59:4a:2b:47:49:19:e2:e0:17:b7:77:
85:a5:b4:cb:f0:d1:c3:3a:62:84:a3:46:2a:2a:fb:09:53:01:
7b:a8:cd:fa:93:a6:39:ef:d8:41:23:b6:ed:26:38:bb:b1:3e:
63:cc:b5:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx3o948i34P/txy6k8PE5/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjZmJiY2E4NTJiOTU3Mzg1OTA5ZjZiZDI4OGNkZjM2M2Yy
MThiMDYwHhcNMjMwMTAyMDk0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGQ5ODdlMWU5OGJiZGIxOWI5ZGY2NWE2N2NiOTFmN2YwNjkzNjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIst/8bPTSFfcDcH4MbJ1c/M+DTw
7Li8YCKcQZ2KXUnDXjQovyv7gXh8ffXJVmVfEufS2Gtg8UuaAIAOBA8x6oLY9Tzg
pdHCjrZ+3j9hsYg2juJQswn0ooqobhyyGAd3te5V2UphJ853rpb8F0sySW6XmYn8
MR0yshjkfgTI0p6w1WC/EzJ8Efi8CkbGu+FAGHz+Zg8aMmPdZMO19skyNU4Vd/ld
5iJr6p4o8d/JOsvM1jgpgCjYKAnWkuVVbeWXyd/aD5zQ27Ln8OTS0w5lOa1khyUw
3VkKrNFGUOUPiT+99fiAOP86s0Dp/846Jm5hiMkxFzv6Hg/JztWZ/7aNPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLTZh+Hpi72xm532WmfLkffwaTZTMB8GA1UdIwQY
MBaAFKz7vKhSuVc4WQn2vSiM3zY/IYsGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclB1OHFGSzVWemhaQ2ZhOUtJemZOajhoaXdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS81MjQ3YjMtNjA2Ny00MzZkLWFlMTkt
Y2JhNzIyZWNiMmRiLzEvdE5tSDRlbUx2YkdibmZaYVo4dVI5X0JwTmxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS81MjQ3YjMtNjA2Ny00MzZkLWFlMTktY2JhNzIyZWNiMmRi
LzEvclB1OHFGSzVWemhaQ2ZhOUtJemZOajhoaXdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWUcMA0G
CSqGSIb3DQEBCwUAA4IBAQBxOzOeHrZ4SBh7777eTMKELZHkfOTmXqW5FheVXIJP
oqeG2/Hj0gfR6Zrel17Etez3T1Bv5kEehbAxhIE5f6ARzVMSVw7ajau4tOoYFuWg
6LptSvmxpbxklIgicvJgEJlWKBpsaBPXbD+gF5YujZngagR7qbYbvY8sKQIwKRUn
3NbuMVmxY0iucsrQddmISHN7Xn67Ed2jnn3ARrHCen3OYo0Oo9kO/71xWmG14x+0
spjlHAUp6LRnjOfswm9Bbwtk+QYhf5Z7w0RLlrdMWUorR0kZ4uAXt3eFpbTL8NHD
OmKEo0YqKvsJUwF7qM36k6Y579hBI7btJji7sT5jzLXH
-----END CERTIFICATE-----
Generated at Wed Apr 23 06:54:27 2025 by rpki-client