Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/28mgyjN18FMYyXZE6DI4eqjNUiM.roa
File: 28mgyjN18FMYyXZE6DI4eqjNUiM.roa (raw, json)
Hash identifier: 1Yq1kzJ3q+os905wiifNAXghgBi4pcc2aQ57ycDRtWk=
Subject key identifier: DB:C9:A0:CA:33:75:F0:53:18:C9:76:44:E8:32:38:7A:A8:CD:52:23
Certificate issuer: /CN=1f61aa5d1befd7a0fe3e4dfe3aa8da73efcfba34
Certificate serial: 01856DD41A8049E4E841A035B50525471B06
Authority key identifier: 1F:61:AA:5D:1B:EF:D7:A0:FE:3E:4D:FE:3A:A8:DA:73:EF:CF:BA:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2GqXRvv16D-Pk3-Oqjac-_PujQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/28mgyjN18FMYyXZE6DI4eqjNUiM.roa
Signing time: Sun 01 Jan 2023 14:54:54 +0000
ROA not before: Sun 01 Jan 2023 14:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 133973
IP address blocks: 45.95.205.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d4:1a:80:49:e4:e8:41:a0:35:b5:05:25:47:1b:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f61aa5d1befd7a0fe3e4dfe3aa8da73efcfba34
Validity
Not Before: Jan 1 14:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dbc9a0ca3375f05318c97644e832387aa8cd5223
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:eb:f9:8d:0f:2e:03:f5:bd:ce:60:63:cb:1e:
3f:bd:9e:3e:63:e2:08:48:b0:36:0b:86:87:5a:3b:
bd:a9:34:7b:71:8c:72:e6:1f:6f:ab:32:56:fb:5a:
a6:95:d5:7a:89:cb:45:bc:94:27:50:4a:6a:7a:88:
3f:99:5f:59:ad:6c:38:39:83:b8:0c:9c:c9:5c:86:
f7:67:e3:af:40:f7:ca:8c:6f:7d:23:f7:3b:72:8b:
dc:28:0b:03:f6:3c:e6:99:be:95:08:5f:cd:79:d3:
1c:00:61:db:3a:6b:6a:87:73:32:18:da:c5:1c:26:
0d:cc:8a:ba:d3:50:f7:d6:e8:a1:bc:7f:c3:ae:0f:
16:d8:46:b6:eb:2e:ee:6d:36:c4:2d:f6:1b:4c:e1:
83:0a:bc:e8:76:a4:cd:a7:55:c3:2a:c5:d1:37:73:
d6:11:fd:60:d6:a3:b6:74:c3:c4:94:8b:c5:8c:a1:
5a:6b:93:50:0a:aa:28:70:b6:0a:f0:47:72:39:b8:
70:76:4b:72:01:2b:3a:9b:ec:27:49:41:2d:88:5d:
e8:da:b6:78:f6:d8:3d:e0:39:62:06:2f:42:0c:6a:
bc:73:17:64:eb:3b:09:34:8e:b8:75:31:da:1c:95:
87:ff:58:b5:f5:95:05:bd:0c:2f:07:4d:9a:3b:45:
75:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:C9:A0:CA:33:75:F0:53:18:C9:76:44:E8:32:38:7A:A8:CD:52:23
X509v3 Authority Key Identifier:
keyid:1F:61:AA:5D:1B:EF:D7:A0:FE:3E:4D:FE:3A:A8:DA:73:EF:CF:BA:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2GqXRvv16D-Pk3-Oqjac-_PujQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/28mgyjN18FMYyXZE6DI4eqjNUiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/H2GqXRvv16D-Pk3-Oqjac-_PujQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.205.0/24
Signature Algorithm: sha256WithRSAEncryption
72:21:58:24:13:3c:2b:56:d1:ae:ea:db:e7:cd:ad:b3:fd:1e:
51:a1:4e:60:55:9f:1e:d0:c0:82:1d:e1:2b:83:1b:67:ae:c7:
d7:27:52:5a:17:e4:e6:c2:a2:d7:bc:d5:2a:61:03:e2:e9:52:
e8:b2:7d:39:b2:18:54:98:1f:1b:c2:81:01:25:ff:74:85:c4:
9c:31:c2:aa:6c:82:e0:69:e9:84:e1:c4:f9:74:a6:fc:8b:7a:
96:aa:8e:44:e2:e1:1f:09:06:47:8c:ca:56:bb:bd:72:91:89:
a0:ae:08:0a:b9:09:9b:52:bc:1c:92:38:c4:df:70:a9:ce:a3:
87:0e:d7:06:4f:37:73:e2:5a:30:35:ca:2a:69:8e:1c:6c:33:
e1:4c:f1:56:89:6c:41:18:cc:58:6a:f1:25:15:67:fd:9d:5e:
ee:4d:7f:77:1f:67:2b:62:42:f3:18:23:c8:21:02:53:63:3f:
be:67:4d:c5:72:f3:98:46:8d:cc:2d:22:ce:c4:a5:3e:e7:e5:
88:0f:b7:32:4e:34:12:b7:9d:e4:54:19:55:cf:74:ea:0a:e2:
8f:ad:08:d2:2b:17:be:6e:f1:6b:1a:eb:1a:91:42:00:c9:b2:
9c:14:40:b8:a2:87:3d:eb:2b:8d:1b:7b:05:7d:1c:9d:32:2b:
75:ac:a1:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt1BqASeToQaA1tQUlRxsGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNjFhYTVkMWJlZmQ3YTBmZTNlNGRmZTNhYThkYTczZWZj
ZmJhMzQwHhcNMjMwMTAxMTQ1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmM5YTBjYTMzNzVmMDUzMThjOTc2NDRlODMyMzg3YWE4Y2Q1MjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAguv5jQ8uA/W9zmBjyx4/vZ4+Y+II
SLA2C4aHWju9qTR7cYxy5h9vqzJW+1qmldV6ictFvJQnUEpqeog/mV9ZrWw4OYO4
DJzJXIb3Z+OvQPfKjG99I/c7covcKAsD9jzmmb6VCF/NedMcAGHbOmtqh3MyGNrF
HCYNzIq601D31uihvH/Drg8W2Ea26y7ubTbELfYbTOGDCrzodqTNp1XDKsXRN3PW
Ef1g1qO2dMPElIvFjKFaa5NQCqoocLYK8EdyObhwdktyASs6m+wnSUEtiF3o2rZ4
9tg94DliBi9CDGq8cxdk6zsJNI64dTHaHJWH/1i19ZUFvQwvB02aO0V18QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNvJoMozdfBTGMl2ROgyOHqozVIjMB8GA1UdIwQY
MBaAFB9hql0b79eg/j5N/jqo2nPvz7o0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDJHcVhSdnYxNkQtUGszLU9xamFjLV9QdWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wYWQ0MTQtM2RmMS00YjM4LTg2OWUt
YzYyMWU4ZGY5NWZmLzEvMjhtZ3lqTjE4Rk1ZeVhaRTZESTRlcWpOVWlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wYWQ0MTQtM2RmMS00YjM4LTg2OWUtYzYyMWU4ZGY5NWZm
LzEvSDJHcVhSdnYxNkQtUGszLU9xamFjLV9QdWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALV/NMA0G
CSqGSIb3DQEBCwUAA4IBAQByIVgkEzwrVtGu6tvnza2z/R5RoU5gVZ8e0MCCHeEr
gxtnrsfXJ1JaF+TmwqLXvNUqYQPi6VLosn05shhUmB8bwoEBJf90hcScMcKqbILg
aemE4cT5dKb8i3qWqo5E4uEfCQZHjMpWu71ykYmgrggKuQmbUrwckjjE33CpzqOH
DtcGTzdz4lowNcoqaY4cbDPhTPFWiWxBGMxYavElFWf9nV7uTX93H2crYkLzGCPI
IQJTYz++Z03FcvOYRo3MLSLOxKU+5+WID7cyTjQSt53kVBlVz3TqCuKPrQjSKxe+
bvFrGusakUIAybKcFEC4ooc96yuNG3sFfRydMit1rKEx
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:36 2025 by rpki-client