Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/28AWQ4C_SZSctY9NgezzUSb8Flk.roa
File: 28AWQ4C_SZSctY9NgezzUSb8Flk.roa (raw, json)
Hash identifier: jtwnINfbG0R8P9QGI6ekYBpVI5gpjgwPcrSjcpSgcrs=
Subject key identifier: DB:C0:16:43:80:BF:49:94:9C:B5:8F:4D:81:EC:F3:51:26:FC:16:59
Certificate issuer: /CN=b9df156ee18b6958d4306b6311b4a086763eff62
Certificate serial: 0185706775220C7438F6AC5336C36E8E3203
Authority key identifier: B9:DF:15:6E:E1:8B:69:58:D4:30:6B:63:11:B4:A0:86:76:3E:FF:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ud8VbuGLaVjUMGtjEbSghnY-_2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/28AWQ4C_SZSctY9NgezzUSb8Flk.roa
Signing time: Mon 02 Jan 2023 02:55:06 +0000
ROA not before: Mon 02 Jan 2023 02:55:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12779
IP address blocks: 86.105.14.0/24 maxlen: 24
2a0c:79c0:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:75:22:0c:74:38:f6:ac:53:36:c3:6e:8e:32:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9df156ee18b6958d4306b6311b4a086763eff62
Validity
Not Before: Jan 2 02:55:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dbc0164380bf49949cb58f4d81ecf35126fc1659
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:8a:75:4f:9a:79:3f:07:39:0d:55:d2:3c:5a:
f1:ba:f1:8a:e0:6f:ee:aa:d1:f8:3f:81:0b:31:21:
8e:35:cd:be:ab:df:af:1c:5f:42:aa:66:da:31:57:
59:d3:54:e8:0c:46:79:d3:c3:c5:84:9d:dd:ea:91:
a4:7a:2f:f6:1a:cc:19:4d:da:42:47:5c:3f:4b:70:
1f:58:31:be:56:be:7f:59:30:68:ea:63:11:f4:ec:
78:60:ed:e7:ab:bd:bb:fd:25:2c:6e:d3:1a:a5:73:
9a:7c:60:9c:76:55:b1:a8:6e:68:9d:bd:63:d5:ee:
0d:c5:36:2b:97:5d:e3:8b:3b:dd:15:7b:a3:98:63:
b0:96:fb:8f:83:7b:48:5d:16:7c:a0:84:f3:9e:b2:
c6:5b:89:77:25:d1:11:0b:f7:98:aa:a1:2f:6e:bc:
48:aa:bb:a0:83:04:e3:7c:2d:b7:eb:ce:f4:ec:5e:
19:c2:3e:ed:93:8a:6d:7e:54:5d:5d:f2:30:d8:f5:
db:61:27:d7:a1:bf:0c:54:5a:a8:6d:df:85:1b:78:
78:8f:e8:ca:80:07:9d:76:ee:20:bc:35:9d:37:bd:
42:60:4c:63:58:c8:b6:37:11:63:24:3f:5e:fe:d4:
13:bf:72:7c:be:c9:3d:70:ff:22:d1:93:2c:0c:72:
e3:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:C0:16:43:80:BF:49:94:9C:B5:8F:4D:81:EC:F3:51:26:FC:16:59
X509v3 Authority Key Identifier:
keyid:B9:DF:15:6E:E1:8B:69:58:D4:30:6B:63:11:B4:A0:86:76:3E:FF:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ud8VbuGLaVjUMGtjEbSghnY-_2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/28AWQ4C_SZSctY9NgezzUSb8Flk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/d6461f-17e3-4986-a5f6-72a4b3a9bb44/1/ud8VbuGLaVjUMGtjEbSghnY-_2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.14.0/24
IPv6:
2a0c:79c0:2::/48
Signature Algorithm: sha256WithRSAEncryption
71:85:ee:2e:76:0f:30:02:32:77:5e:e4:f9:a0:2a:93:cf:99:
b6:89:19:dd:cf:d2:a1:43:fa:61:6b:0c:7e:b3:54:68:0c:c1:
c2:93:5e:0c:d0:8a:c8:ed:d8:fa:79:3f:e5:c3:88:53:d4:88:
ae:a2:16:4f:82:37:11:cd:2d:bb:0a:9e:22:62:e6:a5:cf:47:
98:79:e7:89:68:93:2f:91:ce:86:1f:19:7b:db:1e:33:c2:d5:
a1:98:95:de:2c:fc:79:ad:d3:5f:a5:4b:bb:c2:2b:a5:03:06:
a2:96:43:20:23:a3:d3:81:31:48:b7:19:9c:ab:66:d5:6d:6d:
73:6e:71:45:73:da:99:74:13:a1:f7:3a:d0:88:64:2d:48:d9:
a2:ae:78:0b:47:16:c8:bf:89:16:92:90:13:cc:9e:18:01:62:
4c:9a:59:a3:40:50:d5:7d:42:b5:6b:0b:4b:fb:4b:7a:58:d5:
21:78:27:79:31:88:7b:48:2c:d4:0a:88:0e:f1:61:d8:19:fb:
1d:d0:0b:ab:4d:1d:a7:cb:f3:13:c7:16:ca:fc:d7:db:8b:1b:
2e:0a:d2:d2:64:ef:b8:b7:02:b7:87:7b:30:5d:ed:81:a6:87:
95:f8:8e:ad:7a:9b:76:5e:73:0d:15:8f:59:cd:f8:b2:48:c7:
71:d9:61:74
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVwZ3UiDHQ49qxTNsNujjIDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZGYxNTZlZTE4YjY5NThkNDMwNmI2MzExYjRhMDg2NzYz
ZWZmNjIwHhcNMjMwMTAyMDI1NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmMwMTY0MzgwYmY0OTk0OWNiNThmNGQ4MWVjZjM1MTI2ZmMxNjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYp1T5p5Pwc5DVXSPFrxuvGK4G/u
qtH4P4ELMSGONc2+q9+vHF9CqmbaMVdZ01ToDEZ508PFhJ3d6pGkei/2GswZTdpC
R1w/S3AfWDG+Vr5/WTBo6mMR9Ox4YO3nq727/SUsbtMapXOafGCcdlWxqG5onb1j
1e4NxTYrl13jizvdFXujmGOwlvuPg3tIXRZ8oITznrLGW4l3JdERC/eYqqEvbrxI
qruggwTjfC2368707F4Zwj7tk4ptflRdXfIw2PXbYSfXob8MVFqobd+FG3h4j+jK
gAeddu4gvDWdN71CYExjWMi2NxFjJD9e/tQTv3J8vsk9cP8i0ZMsDHLjVwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNvAFkOAv0mUnLWPTYHs81Em/BZZMB8GA1UdIwQY
MBaAFLnfFW7hi2lY1DBrYxG0oIZ2Pv9iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWQ4VmJ1R0xhVmpVTUd0akViU2doblktXzJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9kNjQ2MWYtMTdlMy00OTg2LWE1ZjYt
NzJhNGIzYTliYjQ0LzEvMjhBV1E0Q19TWlNjdFk5TmdlenpVU2I4RmxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9kNjQ2MWYtMTdlMy00OTg2LWE1ZjYtNzJhNGIzYTliYjQ0
LzEvdWQ4VmJ1R0xhVmpVTUd0akViU2doblktXzJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAVmkOMA8E
AgACMAkDBwAqDHnAAAIwDQYJKoZIhvcNAQELBQADggEBAHGF7i52DzACMnde5Pmg
KpPPmbaJGd3P0qFD+mFrDH6zVGgMwcKTXgzQisjt2Pp5P+XDiFPUiK6iFk+CNxHN
LbsKniJi5qXPR5h554loky+RzoYfGXvbHjPC1aGYld4s/Hmt01+lS7vCK6UDBqKW
QyAjo9OBMUi3GZyrZtVtbXNucUVz2pl0E6H3OtCIZC1I2aKueAtHFsi/iRaSkBPM
nhgBYkyaWaNAUNV9QrVrC0v7S3pY1SF4J3kxiHtILNQKiA7xYdgZ+x3QC6tNHafL
8xPHFsr819uLGy4K0tJk77i3AreHezBd7YGmh5X4jq16m3Zecw0Vj1nN+LJIx3HZ
YXQ=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:34:11 2025 by rpki-client