Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/971558-ed66-4b83-8fa4-d4a4f34717f0/1/0gxoCpHrHhDCRzuijsxKBwvQ9I4.roa
File: 0gxoCpHrHhDCRzuijsxKBwvQ9I4.roa (raw, json)
Hash identifier: KG03/ow3g88yY53REHnx+uiUzcIETXbIgYGEmIRCCeE=
Subject key identifier: D2:0C:68:0A:91:EB:1E:10:C2:47:3B:A2:8E:CC:4A:07:0B:D0:F4:8E
Certificate issuer: /CN=e3ea14d1343b992506bee6c3d90e19a69798b018
Certificate serial: 0185715E95C48C01BD3A68C56E5635676C53
Authority key identifier: E3:EA:14:D1:34:3B:99:25:06:BE:E6:C3:D9:0E:19:A6:97:98:B0:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4-oU0TQ7mSUGvubD2Q4ZppeYsBg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/971558-ed66-4b83-8fa4-d4a4f34717f0/1/0gxoCpHrHhDCRzuijsxKBwvQ9I4.roa
Signing time: Mon 02 Jan 2023 07:25:02 +0000
ROA not before: Mon 02 Jan 2023 07:25:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12773
IP address blocks: 185.28.109.0/24 maxlen: 24
185.28.111.0/24 maxlen: 24
185.28.108.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:5e:95:c4:8c:01:bd:3a:68:c5:6e:56:35:67:6c:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3ea14d1343b992506bee6c3d90e19a69798b018
Validity
Not Before: Jan 2 07:25:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d20c680a91eb1e10c2473ba28ecc4a070bd0f48e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:e7:e1:e3:f9:18:e6:aa:d8:ba:f8:8f:e4:42:
66:72:a9:6c:53:2b:d8:7a:b8:de:70:c4:be:4d:3e:
ba:37:e1:e4:25:18:a1:5c:84:d5:06:0b:4a:2d:44:
4c:41:c8:77:96:0c:e6:25:ef:e0:b1:75:2b:51:b5:
81:c3:39:32:74:3f:51:73:23:8c:a3:61:3d:e8:44:
ce:0c:24:93:81:33:22:f5:6d:59:82:5f:48:8f:ee:
ef:02:17:70:cc:63:5f:17:03:76:f7:25:91:dd:d0:
ce:3b:53:53:84:22:d9:fd:0a:05:1c:7e:b3:66:21:
58:e2:40:c1:a1:37:2a:36:a4:f4:5e:74:43:05:04:
dc:60:62:1c:f2:89:ce:2d:6d:91:cd:39:07:92:54:
e3:7b:98:f5:d7:6d:09:28:19:b7:e9:4a:44:ae:cf:
39:6a:d9:1d:c6:95:59:b6:e5:55:0a:0b:ac:87:7d:
63:71:ec:58:42:c0:14:4a:28:6f:63:20:84:82:04:
a4:3f:81:0c:1b:42:f1:19:53:d4:b6:0b:0e:01:d7:
06:cc:93:81:16:0a:81:1a:e5:fc:5e:94:da:5b:15:
e5:73:4d:89:8f:87:1b:a2:67:7c:b0:87:c1:8d:c4:
cc:74:25:51:71:c9:71:2c:e1:3c:a4:2b:26:2f:50:
fc:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:0C:68:0A:91:EB:1E:10:C2:47:3B:A2:8E:CC:4A:07:0B:D0:F4:8E
X509v3 Authority Key Identifier:
keyid:E3:EA:14:D1:34:3B:99:25:06:BE:E6:C3:D9:0E:19:A6:97:98:B0:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4-oU0TQ7mSUGvubD2Q4ZppeYsBg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/971558-ed66-4b83-8fa4-d4a4f34717f0/1/0gxoCpHrHhDCRzuijsxKBwvQ9I4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/971558-ed66-4b83-8fa4-d4a4f34717f0/1/4-oU0TQ7mSUGvubD2Q4ZppeYsBg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.108.0/23
185.28.111.0/24
Signature Algorithm: sha256WithRSAEncryption
67:58:ce:2d:88:09:d9:bc:94:91:76:0e:0c:3f:e3:62:b9:b9:
0e:16:e2:b3:a5:c9:e1:84:f3:4a:09:6f:a3:7f:28:85:b0:b2:
07:bb:b4:95:3a:a8:08:d8:26:60:8a:9f:00:21:a1:bd:68:c3:
c2:26:2c:69:d6:2c:ee:85:61:cd:be:f0:5e:74:2d:56:87:d6:
07:68:bf:15:7f:92:b8:be:4d:55:23:d7:e4:50:ea:6a:94:f9:
b7:5f:62:90:ad:08:21:86:e1:c1:27:94:d1:24:ed:f8:c4:f4:
b6:33:40:4c:4e:ff:f0:59:ef:f2:df:46:95:7c:32:c7:99:d6:
39:9a:c5:ed:aa:5b:54:d7:80:4b:2e:23:94:72:3a:3d:83:1e:
2a:c9:3d:3c:63:91:a1:61:3a:66:f7:97:9d:b5:f1:af:9b:1a:
f2:74:f0:56:6c:8e:9f:60:e3:8d:60:05:08:4d:2d:d7:88:01:
57:f6:fa:d3:0e:52:27:d9:59:b7:f8:bd:61:b1:44:4a:98:65:
7b:c3:65:68:7f:b4:8f:b8:15:63:10:0f:cf:aa:13:4f:7b:5b:
4b:6d:3d:9e:90:2a:64:ba:f0:0e:34:79:9e:a4:73:ba:5e:9e:
22:42:dc:60:dd:da:88:ea:57:cb:92:a7:85:b4:aa:ae:a7:45:
88:c3:ff:1a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxXpXEjAG9OmjFblY1Z2xTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzZWExNGQxMzQzYjk5MjUwNmJlZTZjM2Q5MGUxOWE2OTc5
OGIwMTgwHhcNMjMwMTAyMDcyNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjBjNjgwYTkxZWIxZTEwYzI0NzNiYTI4ZWNjNGEwNzBiZDBmNDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOfh4/kY5qrYuviP5EJmcqlsUyvY
erjecMS+TT66N+HkJRihXITVBgtKLURMQch3lgzmJe/gsXUrUbWBwzkydD9RcyOM
o2E96ETODCSTgTMi9W1Zgl9Ij+7vAhdwzGNfFwN29yWR3dDOO1NThCLZ/QoFHH6z
ZiFY4kDBoTcqNqT0XnRDBQTcYGIc8onOLW2RzTkHklTje5j1120JKBm36UpErs85
atkdxpVZtuVVCgush31jcexYQsAUSihvYyCEggSkP4EMG0LxGVPUtgsOAdcGzJOB
FgqBGuX8XpTaWxXlc02Jj4cbomd8sIfBjcTMdCVRcclxLOE8pCsmL1D8IwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNIMaAqR6x4Qwkc7oo7MSgcL0PSOMB8GA1UdIwQY
MBaAFOPqFNE0O5klBr7mw9kOGaaXmLAYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNC1vVTBUUTdtU1VHdnViRDJRNFpwcGVZc0JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni85NzE1NTgtZWQ2Ni00YjgzLThmYTQt
ZDRhNGYzNDcxN2YwLzEvMGd4b0NwSHJIaERDUnp1aWpzeEtCd3ZROUk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni85NzE1NTgtZWQ2Ni00YjgzLThmYTQtZDRhNGYzNDcxN2Yw
LzEvNC1vVTBUUTdtU1VHdnViRDJRNFpwcGVZc0JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuRxsAwQA
uRxvMA0GCSqGSIb3DQEBCwUAA4IBAQBnWM4tiAnZvJSRdg4MP+NiubkOFuKzpcnh
hPNKCW+jfyiFsLIHu7SVOqgI2CZgip8AIaG9aMPCJixp1izuhWHNvvBedC1Wh9YH
aL8Vf5K4vk1VI9fkUOpqlPm3X2KQrQghhuHBJ5TRJO34xPS2M0BMTv/wWe/y30aV
fDLHmdY5msXtqltU14BLLiOUcjo9gx4qyT08Y5GhYTpm95edtfGvmxrydPBWbI6f
YOONYAUITS3XiAFX9vrTDlIn2Vm3+L1hsURKmGV7w2Vof7SPuBVjEA/PqhNPe1tL
bT2ekCpkuvAONHmepHO6Xp4iQtxg3dqI6lfLkqeFtKqup0WIw/8a
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:06 2025 by rpki-client