Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/88c995-ede0-4cc4-a66d-25baa8230fcb/1/bZORdrUp-q9ZpGNTnvhBXJeHQ_M.roa
File: bZORdrUp-q9ZpGNTnvhBXJeHQ_M.roa (raw, json)
Hash identifier: HDotMAgGMzAb2KI2VXsFXeR7K42LdK/+cfTWHkQyjWI=
Subject key identifier: 6D:93:91:76:B5:29:FA:AF:59:A4:63:53:9E:F8:41:5C:97:87:43:F3
Certificate issuer: /CN=fbbf4d59cbd978ae1127c67fd22f04c62ff837cf
Certificate serial: 095E945B
Authority key identifier: FB:BF:4D:59:CB:D9:78:AE:11:27:C6:7F:D2:2F:04:C6:2F:F8:37:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-79NWcvZeK4RJ8Z_0i8Exi_4N88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/88c995-ede0-4cc4-a66d-25baa8230fcb/1/bZORdrUp-q9ZpGNTnvhBXJeHQ_M.roa
Signing time: Sat 01 Jan 2022 10:01:30 +0000
ROA not before: Sat 01 Jan 2022 10:01:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51800
IP address blocks: 217.28.80.0/21 maxlen: 21
217.28.88.0/21 maxlen: 21
2a02:28a8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 157193307 (0x95e945b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbbf4d59cbd978ae1127c67fd22f04c62ff837cf
Validity
Not Before: Jan 1 10:01:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6d939176b529faaf59a463539ef8415c978743f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e1:fd:c1:89:1b:ca:cc:f1:7d:b9:91:03:37:
5d:18:ec:d0:ae:8e:4c:0c:50:a2:e6:5c:fb:7c:41:
39:e6:8f:b2:29:af:7f:7b:5a:7b:d4:89:ac:c4:49:
37:ce:61:7d:2f:eb:ca:79:c0:fd:f7:9c:92:c9:d2:
94:3b:50:aa:c9:8d:b7:94:c0:95:ff:d2:38:a8:19:
04:44:54:7b:bb:04:ad:8b:98:ac:6f:bf:80:0b:72:
e2:73:46:91:99:0d:2a:7e:1a:8f:8c:73:c2:12:87:
9b:74:ff:ab:dd:08:bf:00:7b:5e:a4:92:54:94:bb:
8d:cd:cc:c9:f0:e3:2b:c3:d1:ff:ed:c3:91:a1:01:
06:2c:7b:cd:08:25:f9:34:7f:23:49:73:c7:3e:50:
b3:41:c8:4d:40:4a:63:17:31:bc:5e:24:42:a8:98:
1a:76:de:b4:be:91:03:bd:61:3c:c8:7e:f7:73:b3:
f2:45:fd:ef:3c:59:71:4f:67:ab:25:f1:d5:3d:0b:
03:52:e6:cd:de:a4:0c:9c:1d:6c:47:ab:cd:bc:22:
4b:9e:07:38:54:15:21:e3:a4:13:b3:21:49:53:9b:
a9:e4:14:eb:96:4c:f0:98:af:00:4f:85:1b:85:b8:
cd:d0:0a:cc:b4:6f:28:2e:42:a6:2e:f3:ba:ac:dc:
45:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:93:91:76:B5:29:FA:AF:59:A4:63:53:9E:F8:41:5C:97:87:43:F3
X509v3 Authority Key Identifier:
keyid:FB:BF:4D:59:CB:D9:78:AE:11:27:C6:7F:D2:2F:04:C6:2F:F8:37:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-79NWcvZeK4RJ8Z_0i8Exi_4N88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/88c995-ede0-4cc4-a66d-25baa8230fcb/1/bZORdrUp-q9ZpGNTnvhBXJeHQ_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/88c995-ede0-4cc4-a66d-25baa8230fcb/1/1-79NWcvZeK4RJ8Z_0i8Exi_4N88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.28.80.0/20
IPv6:
2a02:28a8::/32
Signature Algorithm: sha256WithRSAEncryption
84:09:fd:69:68:8b:f8:b1:68:ac:46:30:ba:3c:0d:9f:39:3a:
8c:d8:56:5f:65:47:12:f1:3c:8e:ee:a0:6d:70:7b:eb:be:f3:
64:2d:e7:8c:c4:50:91:5a:be:57:ba:d8:15:7c:8c:4b:23:ed:
72:db:58:24:a6:1a:91:b5:b1:d4:fd:60:f9:7d:51:c4:4b:7d:
9f:81:c7:b5:06:69:00:ad:c5:42:b7:e6:4d:ac:f5:a3:d8:2c:
4e:d7:8f:f5:76:8c:02:68:56:bc:7d:70:f3:44:a1:9d:b1:5e:
11:0b:2d:42:da:a6:e6:a7:dd:11:62:40:ec:57:cd:74:8d:33:
b6:a1:af:ac:58:cb:b5:f7:1e:e0:d3:22:1c:9e:6b:30:02:c9:
80:18:f4:d7:a0:82:e1:e0:b6:cd:af:20:ba:32:03:d2:82:08:
7f:12:82:29:1b:09:08:87:24:5c:f6:2c:eb:57:7c:63:a6:ec:
e5:30:94:6d:3f:cf:da:59:41:6a:dc:12:c4:fa:04:8c:2c:d7:
4f:4d:ed:3c:cd:6a:f6:2e:0d:33:16:c6:24:98:e9:f0:af:2b:
fb:01:97:f4:a2:36:26:5f:8f:05:0b:46:ea:e3:30:94:85:03:
bd:a2:34:20:60:bc:25:07:6f:3e:96:f2:10:10:b0:f0:66:4a:
ae:a8:36:93
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIECV6UWzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YmJmNGQ1OWNiZDk3OGFlMTEyN2M2N2ZkMjJmMDRjNjJmZjgzN2NmMB4XDTIyMDEw
MTEwMDEzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmQ5MzkxNzZiNTI5
ZmFhZjU5YTQ2MzUzOWVmODQxNWM5Nzg3NDNmMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALrh/cGJG8rM8X25kQM3XRjs0K6OTAxQouZc+3xBOeaPsimv
f3tae9SJrMRJN85hfS/rynnA/fecksnSlDtQqsmNt5TAlf/SOKgZBERUe7sErYuY
rG+/gAty4nNGkZkNKn4aj4xzwhKHm3T/q90IvwB7XqSSVJS7jc3MyfDjK8PR/+3D
kaEBBix7zQgl+TR/I0lzxz5Qs0HITUBKYxcxvF4kQqiYGnbetL6RA71hPMh+93Oz
8kX97zxZcU9nqyXx1T0LA1Lmzd6kDJwdbEerzbwiS54HOFQVIeOkE7MhSVObqeQU
65ZM8JivAE+FG4W4zdAKzLRvKC5Cpi7zuqzcRUMCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBRtk5F2tSn6r1mkY1Oe+EFcl4dD8zAfBgNVHSMEGDAWgBT7v01Zy9l4rhEn
xn/SLwTGL/g3zzAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtNzlOV2N2WmVLNFJKOFpfMGk4RXhpXzROODguY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzM0Lzg4Yzk5NS1lZGUwLTRjYzQtYTY2ZC0yNWJhYTgyMzBmY2Iv
MS9iWk9SZHJVcC1xOVpwR05UbnZoQlhKZUhRX00ucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzM0
Lzg4Yzk5NS1lZGUwLTRjYzQtYTY2ZC0yNWJhYTgyMzBmY2IvMS8xLTc5Tldjdlpl
SzRSSjhaXzBpOEV4aV80Tjg4LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2RxQMA0EAgACMAcDBQAqAiio
MA0GCSqGSIb3DQEBCwUAA4IBAQCECf1paIv4sWisRjC6PA2fOTqM2FZfZUcS8TyO
7qBtcHvrvvNkLeeMxFCRWr5XutgVfIxLI+1y21gkphqRtbHU/WD5fVHES32fgce1
BmkArcVCt+ZNrPWj2CxO14/1dowCaFa8fXDzRKGdsV4RCy1C2qbmp90RYkDsV810
jTO2oa+sWMu19x7g0yIcnmswAsmAGPTXoILh4LbNryC6MgPSggh/EoIpGwkIhyRc
9izrV3xjpuzlMJRtP8/aWUFq3BLE+gSMLNdPTe08zWr2Lg0zFsYkmOnwryv7AZf0
ojYmX48FC0bq4zCUhQO9ojQgYLwlB28+lvIQELDwZkquqDaT
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:58 2025 by rpki-client