Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/b89704-4fd2-4e07-a039-66f56ef9ce26/1/I8Wrd9oXiyMkexgvY5hGKdKovr8.roa
File: I8Wrd9oXiyMkexgvY5hGKdKovr8.roa (raw, json)
Hash identifier: eKAaYoQavUs3HN+HOdA3E+NBDyeikB9WWT2mKURz3m4=
Subject key identifier: 23:C5:AB:77:DA:17:8B:23:24:7B:18:2F:63:98:46:29:D2:A8:BE:BF
Certificate issuer: /CN=88a780738b853acffbabdb23914c50e36421f773
Certificate serial: 01856F9DD59EB31B999C5533ABC54E53152C
Authority key identifier: 88:A7:80:73:8B:85:3A:CF:FB:AB:DB:23:91:4C:50:E3:64:21:F7:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iKeAc4uFOs_7q9sjkUxQ42Qh93M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/b89704-4fd2-4e07-a039-66f56ef9ce26/1/I8Wrd9oXiyMkexgvY5hGKdKovr8.roa
Signing time: Sun 01 Jan 2023 23:14:52 +0000
ROA not before: Sun 01 Jan 2023 23:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200678
IP address blocks: 185.247.28.0/22 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:d5:9e:b3:1b:99:9c:55:33:ab:c5:4e:53:15:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88a780738b853acffbabdb23914c50e36421f773
Validity
Not Before: Jan 1 23:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23c5ab77da178b23247b182f63984629d2a8bebf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:fe:24:24:1a:a5:59:9b:15:61:9d:1e:89:80:
aa:4e:fd:7e:ee:10:ff:8b:d5:9d:96:fd:7a:26:55:
e7:22:fa:d0:3b:93:e9:ef:aa:91:24:17:dd:79:02:
fd:23:fd:be:b5:e9:6b:2c:55:48:ad:80:3e:66:00:
be:1e:cf:33:0e:70:e1:4a:d4:44:6f:1d:9c:70:25:
a4:9a:6b:8b:9d:c8:8a:f9:31:15:44:fb:ab:1d:d5:
62:5d:4b:2c:92:2b:1e:a9:e6:c9:6c:4e:f5:cf:78:
30:73:bc:34:38:73:56:0f:10:e7:01:25:4b:3f:de:
f6:72:9f:33:42:02:d0:0e:0d:c9:ac:f1:a1:f1:23:
b2:82:8c:1c:ae:9b:6a:1e:28:e1:31:32:88:47:eb:
47:c7:83:28:43:05:c2:3d:79:f0:b1:d6:9f:7e:80:
f7:74:a2:c0:cf:00:c0:44:aa:27:42:2e:1f:de:c7:
27:cd:09:66:de:7c:dd:33:b1:69:f0:8a:53:6c:68:
63:67:f4:22:65:22:f6:48:c0:a3:03:46:cb:5a:68:
7a:5b:80:0c:35:ee:35:0b:4f:86:f3:a2:45:9c:3f:
d3:71:66:12:16:dd:97:43:90:98:16:3e:22:3a:43:
56:a4:38:a4:79:08:95:1a:0c:77:2e:b0:5a:1d:74:
ed:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:C5:AB:77:DA:17:8B:23:24:7B:18:2F:63:98:46:29:D2:A8:BE:BF
X509v3 Authority Key Identifier:
keyid:88:A7:80:73:8B:85:3A:CF:FB:AB:DB:23:91:4C:50:E3:64:21:F7:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iKeAc4uFOs_7q9sjkUxQ42Qh93M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/b89704-4fd2-4e07-a039-66f56ef9ce26/1/I8Wrd9oXiyMkexgvY5hGKdKovr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/b89704-4fd2-4e07-a039-66f56ef9ce26/1/iKeAc4uFOs_7q9sjkUxQ42Qh93M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.247.28.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:77:74:61:6b:06:cd:21:84:8b:87:93:56:78:14:c5:1f:00:
49:34:32:2e:37:6c:32:0d:a9:1a:d0:c0:61:e0:6d:47:3c:00:
b4:ae:16:63:64:97:bf:43:d3:c4:e2:9c:c5:e3:00:94:90:50:
e2:c0:fd:0c:73:00:02:d6:94:96:88:70:03:36:16:82:cb:f1:
8e:73:03:63:62:ae:0d:c3:c0:ac:ad:e7:9c:93:be:b7:09:42:
d8:ef:11:27:82:9f:26:77:7b:c6:0d:41:59:f9:c6:7c:c8:5d:
fd:eb:f4:e2:e3:fd:f2:3a:39:98:65:59:b7:78:2d:75:da:61:
cd:df:72:91:2c:a5:71:ec:c0:ad:cd:37:a2:dc:ae:06:2e:eb:
79:6f:8e:f2:50:76:ff:d7:01:8d:0e:85:53:f5:f9:1e:76:4d:
dd:d2:25:6c:78:43:30:38:5d:00:97:d7:e7:8a:a2:38:ed:cb:
c3:d2:97:f4:b3:20:92:a6:40:2e:7b:25:a5:05:b4:bd:b6:f2:
e7:24:82:d6:61:3e:cc:3f:eb:93:88:b6:06:71:79:fd:f5:01:
3c:63:3e:a7:fb:a5:88:b3:54:81:55:9e:31:6c:87:20:08:3b:
93:33:9d:91:9f:1d:df:0e:59:5c:ae:7b:d9:50:6c:0f:97:f1:
5a:f1:c7:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvndWesxuZnFUzq8VOUxUsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YTc4MDczOGI4NTNhY2ZmYmFiZGIyMzkxNGM1MGUzNjQy
MWY3NzMwHhcNMjMwMTAxMjMxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2M1YWI3N2RhMTc4YjIzMjQ3YjE4MmY2Mzk4NDYyOWQyYThiZWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2/4kJBqlWZsVYZ0eiYCqTv1+7hD/
i9Wdlv16JlXnIvrQO5Pp76qRJBfdeQL9I/2+telrLFVIrYA+ZgC+Hs8zDnDhStRE
bx2ccCWkmmuLnciK+TEVRPurHdViXUsskiseqebJbE71z3gwc7w0OHNWDxDnASVL
P972cp8zQgLQDg3JrPGh8SOygowcrptqHijhMTKIR+tHx4MoQwXCPXnwsdaffoD3
dKLAzwDARKonQi4f3scnzQlm3nzdM7Fp8IpTbGhjZ/QiZSL2SMCjA0bLWmh6W4AM
Ne41C0+G86JFnD/TcWYSFt2XQ5CYFj4iOkNWpDikeQiVGgx3LrBaHXTtiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCPFq3faF4sjJHsYL2OYRinSqL6/MB8GA1UdIwQY
MBaAFIingHOLhTrP+6vbI5FMUONkIfdzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUtlQWM0dUZPc183cTlzamtVeFE0MlFoOTNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9iODk3MDQtNGZkMi00ZTA3LWEwMzkt
NjZmNTZlZjljZTI2LzEvSThXcmQ5b1hpeU1rZXhndlk1aEdLZEtvdnI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9iODk3MDQtNGZkMi00ZTA3LWEwMzktNjZmNTZlZjljZTI2
LzEvaUtlQWM0dUZPc183cTlzamtVeFE0MlFoOTNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufccMA0G
CSqGSIb3DQEBCwUAA4IBAQChd3RhawbNIYSLh5NWeBTFHwBJNDIuN2wyDaka0MBh
4G1HPAC0rhZjZJe/Q9PE4pzF4wCUkFDiwP0McwAC1pSWiHADNhaCy/GOcwNjYq4N
w8Csreeck763CULY7xEngp8md3vGDUFZ+cZ8yF396/Ti4/3yOjmYZVm3eC112mHN
33KRLKVx7MCtzTei3K4GLut5b47yUHb/1wGNDoVT9fkedk3d0iVseEMwOF0Al9fn
iqI47cvD0pf0syCSpkAueyWlBbS9tvLnJILWYT7MP+uTiLYGcXn99QE8Yz6n+6WI
s1SBVZ4xbIcgCDuTM52Rnx3fDllcrnvZUGwPl/Fa8ceF
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:22:42 2025 by rpki-client