Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/b89704-4fd2-4e07-a039-66f56ef9ce26/1/zGBeP_gbLX7q7IcW4jzbod6P2Lk.roa
File: zGBeP_gbLX7q7IcW4jzbod6P2Lk.roa (raw, json)
Hash identifier: dCTm8GEX6lvYsEMlS2SGQctxd8jzjSBxjMZdg6JsWjE=
Subject key identifier: CC:60:5E:3F:F8:1B:2D:7E:EA:EC:87:16:E2:3C:DB:A1:DE:8F:D8:B9
Certificate issuer: /CN=88a780738b853acffbabdb23914c50e36421f773
Certificate serial: 0A199CDB
Authority key identifier: 88:A7:80:73:8B:85:3A:CF:FB:AB:DB:23:91:4C:50:E3:64:21:F7:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iKeAc4uFOs_7q9sjkUxQ42Qh93M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/b89704-4fd2-4e07-a039-66f56ef9ce26/1/zGBeP_gbLX7q7IcW4jzbod6P2Lk.roa
Signing time: Sat 01 Jan 2022 11:01:22 +0000
ROA not before: Sat 01 Jan 2022 11:01:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39392
IP address blocks: 185.247.28.0/22 maxlen: 32
185.247.30.0/23 maxlen: 32
2a0d:b880::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 169450715 (0xa199cdb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88a780738b853acffbabdb23914c50e36421f773
Validity
Not Before: Jan 1 11:01:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cc605e3ff81b2d7eeaec8716e23cdba1de8fd8b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:43:db:d1:8a:86:02:a9:20:14:83:90:15:22:
04:b0:0f:e1:e4:7c:05:fa:0f:d5:cd:4d:a3:38:e6:
5f:54:c7:77:ac:46:ba:8b:b5:97:22:b7:eb:9f:ec:
af:83:c4:aa:cf:fb:97:3b:0d:1b:6f:76:e2:e4:c3:
45:e9:2d:33:5b:7a:d6:fd:ee:75:37:9c:57:43:ef:
f2:e9:bc:55:d6:41:60:49:43:59:01:99:c2:1a:e5:
55:ea:5b:a8:52:17:ab:16:8e:5a:aa:5e:4b:b1:33:
c8:6c:eb:71:c5:59:7b:de:1e:24:b1:92:91:a0:4a:
9d:60:9a:74:0d:48:b2:81:ef:7c:7d:0d:c1:af:73:
0e:f1:bf:2c:b1:a2:a3:f6:43:c7:32:48:f2:ce:72:
19:c2:7d:0d:47:8d:42:0a:b9:a3:fa:a0:e5:84:40:
b3:00:ab:76:59:49:d0:a4:a6:80:92:75:bd:f2:89:
f1:68:ba:10:ba:3b:d5:0a:57:eb:0c:83:46:29:fb:
71:f7:2b:ad:37:e1:dc:4a:a7:34:71:34:a1:c7:4d:
11:40:83:47:f5:f1:7a:a1:26:ae:d2:29:fd:53:7c:
bb:43:40:3e:dd:cf:8a:45:11:1d:bb:c8:dd:60:cd:
04:c1:80:f5:a8:b1:ea:d8:bc:26:4b:d5:fd:4b:0b:
27:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:60:5E:3F:F8:1B:2D:7E:EA:EC:87:16:E2:3C:DB:A1:DE:8F:D8:B9
X509v3 Authority Key Identifier:
keyid:88:A7:80:73:8B:85:3A:CF:FB:AB:DB:23:91:4C:50:E3:64:21:F7:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iKeAc4uFOs_7q9sjkUxQ42Qh93M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/b89704-4fd2-4e07-a039-66f56ef9ce26/1/zGBeP_gbLX7q7IcW4jzbod6P2Lk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/b89704-4fd2-4e07-a039-66f56ef9ce26/1/iKeAc4uFOs_7q9sjkUxQ42Qh93M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.247.28.0/22
IPv6:
2a0d:b880::/29
Signature Algorithm: sha256WithRSAEncryption
ac:60:80:15:ef:39:96:df:55:ac:b3:ef:97:e1:91:ab:98:00:
40:26:f1:a0:54:51:1a:24:4d:ab:01:d0:6a:cb:e0:95:d2:3b:
23:b1:f9:7f:8c:12:1a:0a:6a:ca:e1:4a:1b:59:12:6d:8f:bb:
1c:cd:e1:81:1b:11:70:30:79:a7:45:10:22:52:80:d1:f9:e4:
48:dd:78:f7:9e:d5:32:fc:bc:e7:5f:2b:69:d2:ac:4e:a0:bb:
1f:9e:76:3d:41:94:e5:2f:d0:97:ef:40:e0:25:dc:1f:81:62:
14:16:e4:2f:76:6d:5d:91:42:0a:c0:31:30:1e:e5:61:2e:fe:
75:ba:de:4d:f9:c1:b1:3f:1b:98:77:50:9d:57:79:66:57:83:
32:d8:a5:8f:50:d4:9b:78:54:b3:f0:07:b1:5c:66:32:08:82:
6f:14:af:88:07:43:54:b5:03:a8:1e:93:d1:c9:0b:07:ea:c1:
81:d7:cf:39:fa:33:f3:bc:ca:45:85:c9:cd:58:02:df:8e:90:
ca:4b:ec:90:2c:dc:47:f3:a6:dc:dc:68:2e:5a:c6:10:8f:89:
2e:b5:ff:40:07:0f:b0:6e:2c:b5:f9:1b:63:17:86:e8:c9:8a:
b8:f2:c5:49:fc:29:12:63:1c:34:01:59:90:9e:b8:ea:38:ca:
7c:dc:39:b2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEChmc2zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
OGE3ODA3MzhiODUzYWNmZmJhYmRiMjM5MTRjNTBlMzY0MjFmNzczMB4XDTIyMDEw
MTExMDEyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2M2MDVlM2ZmODFi
MmQ3ZWVhZWM4NzE2ZTIzY2RiYTFkZThmZDhiOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKhD29GKhgKpIBSDkBUiBLAP4eR8BfoP1c1NozjmX1THd6xG
uou1lyK365/sr4PEqs/7lzsNG2924uTDRektM1t61v3udTecV0Pv8um8VdZBYElD
WQGZwhrlVepbqFIXqxaOWqpeS7EzyGzrccVZe94eJLGSkaBKnWCadA1IsoHvfH0N
wa9zDvG/LLGio/ZDxzJI8s5yGcJ9DUeNQgq5o/qg5YRAswCrdllJ0KSmgJJ1vfKJ
8Wi6ELo71QpX6wyDRin7cfcrrTfh3EqnNHE0ocdNEUCDR/XxeqEmrtIp/VN8u0NA
Pt3PikURHbvI3WDNBMGA9aix6ti8JkvV/UsLJ2ECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTMYF4/+BstfurshxbiPNuh3o/YuTAfBgNVHSMEGDAWgBSIp4Bzi4U6z/ur
2yORTFDjZCH3czAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lLZUFjNHVGT3NfN3E5c2prVXhRNDJRaDkzTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGQvYjg5NzA0LTRmZDItNGUwNy1hMDM5LTY2ZjU2ZWY5Y2UyNi8x
L3pHQmVQX2diTFg3cTdJY1c0anpib2Q2UDJMay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGQv
Yjg5NzA0LTRmZDItNGUwNy1hMDM5LTY2ZjU2ZWY5Y2UyNi8xL2lLZUFjNHVGT3Nf
N3E5c2prVXhRNDJRaDkzTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArn3HDANBAIAAjAHAwUDKg24gDAN
BgkqhkiG9w0BAQsFAAOCAQEArGCAFe85lt9VrLPvl+GRq5gAQCbxoFRRGiRNqwHQ
asvgldI7I7H5f4wSGgpqyuFKG1kSbY+7HM3hgRsRcDB5p0UQIlKA0fnkSN14957V
Mvy8518radKsTqC7H552PUGU5S/Ql+9A4CXcH4FiFBbkL3ZtXZFCCsAxMB7lYS7+
dbreTfnBsT8bmHdQnVd5ZleDMtilj1DUm3hUs/AHsVxmMgiCbxSviAdDVLUDqB6T
0ckLB+rBgdfPOfoz87zKRYXJzVgC346QykvskCzcR/Om3NxoLlrGEI+JLrX/QAcP
sG4stfkbYxeG6MmKuPLFSfwpEmMcNAFZkJ646jjKfNw5sg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:42 2025 by rpki-client