Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/971558-ed66-4b83-8fa4-d4a4f34717f0/1/xkvPZC2iYf1g0OZ8ICOZVN8_vjg.roa
File: xkvPZC2iYf1g0OZ8ICOZVN8_vjg.roa (raw, json)
Hash identifier: EF0p8MqNBYzwTngaZSwsBPp8Yeul1Lx4Mi1ebzgz+yI=
Subject key identifier: C6:4B:CF:64:2D:A2:61:FD:60:D0:E6:7C:20:23:99:54:DF:3F:BE:38
Certificate issuer: /CN=e3ea14d1343b992506bee6c3d90e19a69798b018
Certificate serial: 0185715E96D2377928A232FB8EB97CD43332
Authority key identifier: E3:EA:14:D1:34:3B:99:25:06:BE:E6:C3:D9:0E:19:A6:97:98:B0:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4-oU0TQ7mSUGvubD2Q4ZppeYsBg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/971558-ed66-4b83-8fa4-d4a4f34717f0/1/xkvPZC2iYf1g0OZ8ICOZVN8_vjg.roa
Signing time: Mon 02 Jan 2023 07:25:02 +0000
ROA not before: Mon 02 Jan 2023 07:25:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44710
IP address blocks: 185.28.110.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:5e:96:d2:37:79:28:a2:32:fb:8e:b9:7c:d4:33:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3ea14d1343b992506bee6c3d90e19a69798b018
Validity
Not Before: Jan 2 07:25:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c64bcf642da261fd60d0e67c20239954df3fbe38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:31:63:21:d5:48:ec:fd:42:5b:3e:b2:f6:11:
88:3c:bf:74:74:69:ed:c9:64:e1:dc:43:b7:67:ca:
61:79:93:41:77:c6:cf:d4:99:83:0e:41:a0:aa:fe:
66:17:ad:e4:25:8f:bf:90:09:50:f5:20:7f:33:eb:
0f:b8:20:50:d8:5b:ce:e2:b7:a1:8d:5a:a7:83:16:
82:e6:8d:0e:cf:f0:45:23:90:08:8c:21:52:8d:04:
29:0f:bd:66:fe:60:51:76:4a:2b:c9:2d:69:90:bd:
3d:fd:fd:5b:e7:d4:72:fe:0d:a0:46:49:ce:75:37:
d0:d9:44:f2:98:bf:19:40:db:7a:92:ab:ac:f2:ff:
2a:96:7d:bc:3b:52:0b:96:27:08:50:92:c7:b5:aa:
9b:94:62:e0:cc:b4:c8:b6:19:bd:fe:9c:91:6c:2a:
99:f2:31:4f:00:6c:05:cf:d0:5a:af:11:92:7e:c5:
e7:74:f0:42:c3:3d:de:63:ef:5c:6c:62:05:18:a5:
52:36:03:a9:0a:12:5a:1c:b6:0d:61:b9:98:6a:8c:
10:3d:6a:1c:d0:63:a8:6d:f9:5b:6c:30:4d:12:e4:
f0:2e:6f:82:53:ee:b8:4e:b5:49:2b:64:35:e2:aa:
be:da:41:14:37:dc:36:22:05:8c:62:1f:8d:54:f5:
37:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:4B:CF:64:2D:A2:61:FD:60:D0:E6:7C:20:23:99:54:DF:3F:BE:38
X509v3 Authority Key Identifier:
keyid:E3:EA:14:D1:34:3B:99:25:06:BE:E6:C3:D9:0E:19:A6:97:98:B0:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4-oU0TQ7mSUGvubD2Q4ZppeYsBg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/971558-ed66-4b83-8fa4-d4a4f34717f0/1/xkvPZC2iYf1g0OZ8ICOZVN8_vjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/971558-ed66-4b83-8fa4-d4a4f34717f0/1/4-oU0TQ7mSUGvubD2Q4ZppeYsBg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.110.0/24
Signature Algorithm: sha256WithRSAEncryption
05:b2:f4:68:24:55:d0:03:d3:1a:c8:27:3a:dd:88:10:b5:06:
75:14:63:35:f5:8c:a9:27:f1:9b:17:72:d1:b1:55:b4:6a:ed:
b4:1f:66:bb:47:ff:79:c0:70:2c:ac:54:46:c0:32:93:53:a8:
4a:5f:06:c8:d9:06:c2:ed:e0:91:00:02:f4:4d:6f:f2:9f:a0:
de:08:bd:f0:2a:74:c0:c9:84:2e:e9:4b:fc:01:ba:30:8a:48:
e6:ec:14:63:f2:35:e3:77:66:35:fa:33:6a:63:c1:b9:88:b9:
81:59:94:d4:76:71:9a:cd:a4:bf:c7:24:99:16:cb:65:96:8e:
94:ae:5f:c1:04:d7:61:44:2e:9a:bf:ef:6f:5c:c6:10:ff:c3:
9b:eb:71:83:42:51:66:16:96:cf:72:d3:69:17:7b:bb:b0:3e:
86:26:f5:95:b2:49:d2:94:8b:ca:69:4e:0a:40:1f:b0:47:a3:
0b:b9:9a:8c:f8:af:65:d5:54:d6:9b:e8:3e:88:89:3a:98:32:
2f:21:97:26:66:e1:fd:6e:18:0e:69:fb:21:ba:76:79:a6:09:
7b:b9:cc:62:c2:ef:15:e8:a4:7a:4a:c6:45:51:2c:d6:79:44:
71:9a:b4:cd:cf:90:0c:11:de:f3:3e:c8:e3:44:aa:f6:71:b6:
b0:8a:43:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxXpbSN3koojL7jrl81DMyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzZWExNGQxMzQzYjk5MjUwNmJlZTZjM2Q5MGUxOWE2OTc5
OGIwMTgwHhcNMjMwMTAyMDcyNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjRiY2Y2NDJkYTI2MWZkNjBkMGU2N2MyMDIzOTk1NGRmM2ZiZTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzFjIdVI7P1CWz6y9hGIPL90dGnt
yWTh3EO3Z8pheZNBd8bP1JmDDkGgqv5mF63kJY+/kAlQ9SB/M+sPuCBQ2FvO4reh
jVqngxaC5o0Oz/BFI5AIjCFSjQQpD71m/mBRdkoryS1pkL09/f1b59Ry/g2gRknO
dTfQ2UTymL8ZQNt6kqus8v8qln28O1ILlicIUJLHtaqblGLgzLTIthm9/pyRbCqZ
8jFPAGwFz9BarxGSfsXndPBCwz3eY+9cbGIFGKVSNgOpChJaHLYNYbmYaowQPWoc
0GOobflbbDBNEuTwLm+CU+64TrVJK2Q14qq+2kEUN9w2IgWMYh+NVPU3cQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMZLz2QtomH9YNDmfCAjmVTfP744MB8GA1UdIwQY
MBaAFOPqFNE0O5klBr7mw9kOGaaXmLAYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNC1vVTBUUTdtU1VHdnViRDJRNFpwcGVZc0JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni85NzE1NTgtZWQ2Ni00YjgzLThmYTQt
ZDRhNGYzNDcxN2YwLzEveGt2UFpDMmlZZjFnME9aOElDT1pWTjhfdmpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni85NzE1NTgtZWQ2Ni00YjgzLThmYTQtZDRhNGYzNDcxN2Yw
LzEvNC1vVTBUUTdtU1VHdnViRDJRNFpwcGVZc0JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRxuMA0G
CSqGSIb3DQEBCwUAA4IBAQAFsvRoJFXQA9MayCc63YgQtQZ1FGM19YypJ/GbF3LR
sVW0au20H2a7R/95wHAsrFRGwDKTU6hKXwbI2QbC7eCRAAL0TW/yn6DeCL3wKnTA
yYQu6Uv8Abowikjm7BRj8jXjd2Y1+jNqY8G5iLmBWZTUdnGazaS/xySZFstllo6U
rl/BBNdhRC6av+9vXMYQ/8Ob63GDQlFmFpbPctNpF3u7sD6GJvWVsknSlIvKaU4K
QB+wR6MLuZqM+K9l1VTWm+g+iIk6mDIvIZcmZuH9bhgOafshunZ5pgl7ucxiwu8V
6KR6SsZFUSzWeURxmrTNz5AMEd7zPsjjRKr2cbawikOF
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:43 2025 by rpki-client