Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/94f5c8-b41c-485a-b3db-7d8cb53dc086/1/C5BMXT6HhdyimnTeaqeOm3IBEoY.roa
File: C5BMXT6HhdyimnTeaqeOm3IBEoY.roa (raw, json)
Hash identifier: 4bzzNxcyXdhjYfzF/ClB9jmiFBsUVp49XUC6GZrUTcY=
Subject key identifier: 0B:90:4C:5D:3E:87:85:DC:A2:9A:74:DE:6A:A7:8E:9B:72:01:12:86
Certificate issuer: /CN=67670683062cd8b35c1b760218a789b908cb4c8d
Certificate serial: 023B28A4
Authority key identifier: 67:67:06:83:06:2C:D8:B3:5C:1B:76:02:18:A7:89:B9:08:CB:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z2cGgwYs2LNcG3YCGKeJuQjLTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/94f5c8-b41c-485a-b3db-7d8cb53dc086/1/C5BMXT6HhdyimnTeaqeOm3IBEoY.roa
Signing time: Sat 01 Jan 2022 11:02:30 +0000
ROA not before: Sat 01 Jan 2022 11:02:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31726
IP address blocks: 185.102.28.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 37431460 (0x23b28a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67670683062cd8b35c1b760218a789b908cb4c8d
Validity
Not Before: Jan 1 11:02:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0b904c5d3e8785dca29a74de6aa78e9b72011286
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:66:2e:18:36:d8:9f:aa:ed:b7:2c:f7:1a:65:
db:19:3b:04:3f:d9:93:c6:a7:2c:49:32:b1:d6:ff:
3a:7e:b8:d1:74:62:b9:21:a9:f3:f7:2c:8d:e6:b4:
88:57:eb:2d:4e:ae:b7:64:0f:f2:c6:3c:e7:c6:c1:
59:35:de:5c:88:53:c0:e6:d6:59:35:ca:b2:48:30:
b2:0d:be:db:a3:54:d0:25:4e:34:af:61:fb:fc:fc:
95:1d:30:69:60:2e:0d:0c:e9:e1:f0:e9:f3:46:5d:
37:a1:bd:6f:e8:dc:bf:a5:d1:e2:ba:9d:d5:8d:68:
5d:9a:c6:74:3a:51:9e:75:dd:4d:5e:5f:22:54:30:
30:86:44:35:be:a1:a1:8f:c4:48:02:65:c3:a5:de:
9e:1d:fa:c6:4d:2e:d1:fb:8e:da:9d:fa:ab:c6:24:
b5:45:e2:1f:60:05:d9:35:07:0c:ca:f2:bc:92:5a:
e4:18:f0:85:0b:1a:2b:0d:d7:e5:d6:e3:50:f2:1d:
6c:a9:09:8c:ae:04:83:00:a4:9b:b3:63:a3:3e:62:
32:8f:37:cd:d1:67:92:30:aa:05:b5:ef:e5:93:d7:
10:e3:89:70:b0:16:a8:d8:85:01:6c:2a:60:4b:bd:
3b:68:f3:75:ca:56:62:ce:f5:6a:1b:e5:77:b5:c5:
5a:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:90:4C:5D:3E:87:85:DC:A2:9A:74:DE:6A:A7:8E:9B:72:01:12:86
X509v3 Authority Key Identifier:
keyid:67:67:06:83:06:2C:D8:B3:5C:1B:76:02:18:A7:89:B9:08:CB:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z2cGgwYs2LNcG3YCGKeJuQjLTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/94f5c8-b41c-485a-b3db-7d8cb53dc086/1/C5BMXT6HhdyimnTeaqeOm3IBEoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/94f5c8-b41c-485a-b3db-7d8cb53dc086/1/Z2cGgwYs2LNcG3YCGKeJuQjLTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.102.28.0/22
Signature Algorithm: sha256WithRSAEncryption
63:63:37:fb:a4:88:6c:c7:0c:ab:2a:b6:2a:23:95:dc:23:e4:
ab:9b:3d:f5:16:35:46:6c:e7:c2:4a:fe:80:c6:a6:36:72:17:
ce:e2:c4:1c:18:09:e1:68:c9:78:31:cd:f6:e7:ee:fd:70:6b:
fe:de:e0:ee:b8:02:64:51:e1:14:49:84:ac:27:55:9a:2c:ee:
a1:1c:d3:f9:35:fb:a8:22:fa:7f:c7:cb:41:b6:d6:9b:59:21:
1f:3c:45:54:9f:0f:fe:a5:be:86:26:c0:c7:63:54:83:17:3f:
c4:58:dd:52:bb:f5:25:98:a2:78:8e:b9:ca:6f:95:02:8c:06:
c1:30:53:da:06:5d:49:cb:3b:9d:2c:67:af:6a:30:13:1a:cd:
53:4e:fb:8f:2b:c3:15:cf:50:66:1c:58:30:cb:5a:11:22:50:
f0:91:c9:a6:57:09:dc:a8:34:a7:47:2d:20:9d:4f:5e:3a:45:
f5:3b:7f:72:c8:b7:c7:30:bc:c0:a8:57:53:f4:4b:4f:b0:90:
31:8e:57:50:01:bb:32:59:18:1c:80:aa:1c:27:64:9f:c8:fd:
21:d6:5f:44:d3:f5:2d:70:8c:dc:26:e6:d7:81:61:d9:20:14:
d2:bb:62:e8:8a:b8:c8:42:45:bf:b0:be:f3:89:8e:fb:d6:10:
6a:04:54:d8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAjsopDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NzY3MDY4MzA2MmNkOGIzNWMxYjc2MDIxOGE3ODliOTA4Y2I0YzhkMB4XDTIyMDEw
MTExMDIzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGI5MDRjNWQzZTg3
ODVkY2EyOWE3NGRlNmFhNzhlOWI3MjAxMTI4NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMdmLhg22J+q7bcs9xpl2xk7BD/Zk8anLEkysdb/On640XRi
uSGp8/csjea0iFfrLU6ut2QP8sY858bBWTXeXIhTwObWWTXKskgwsg2+26NU0CVO
NK9h+/z8lR0waWAuDQzp4fDp80ZdN6G9b+jcv6XR4rqd1Y1oXZrGdDpRnnXdTV5f
IlQwMIZENb6hoY/ESAJlw6Xenh36xk0u0fuO2p36q8YktUXiH2AF2TUHDMryvJJa
5BjwhQsaKw3X5dbjUPIdbKkJjK4EgwCkm7Njoz5iMo83zdFnkjCqBbXv5ZPXEOOJ
cLAWqNiFAWwqYEu9O2jzdcpWYs71ahvld7XFWpcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQLkExdPoeF3KKadN5qp46bcgEShjAfBgNVHSMEGDAWgBRnZwaDBizYs1wb
dgIYp4m5CMtMjTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1oyY0dnd1lzMkxOY0czWUNHS2VKdVFqTFRJMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjYvOTRmNWM4LWI0MWMtNDg1YS1iM2RiLTdkOGNiNTNkYzA4Ni8x
L0M1Qk1YVDZIaGR5aW1uVGVhcWVPbTNJQkVvWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYv
OTRmNWM4LWI0MWMtNDg1YS1iM2RiLTdkOGNiNTNkYzA4Ni8xL1oyY0dnd1lzMkxO
Y0czWUNHS2VKdVFqTFRJMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlmHDANBgkqhkiG9w0BAQsFAAOC
AQEAY2M3+6SIbMcMqyq2KiOV3CPkq5s99RY1Rmznwkr+gMamNnIXzuLEHBgJ4WjJ
eDHN9ufu/XBr/t7g7rgCZFHhFEmErCdVmizuoRzT+TX7qCL6f8fLQbbWm1khHzxF
VJ8P/qW+hibAx2NUgxc/xFjdUrv1JZiieI65ym+VAowGwTBT2gZdScs7nSxnr2ow
ExrNU077jyvDFc9QZhxYMMtaESJQ8JHJplcJ3Kg0p0ctIJ1PXjpF9Tt/csi3xzC8
wKhXU/RLT7CQMY5XUAG7MlkYHICqHCdkn8j9IdZfRNP1LXCM3Cbm14Fh2SAU0rti
6Iq4yEJFv7C+84mO+9YQagRU2A==
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:19:31 2025 by rpki-client