Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/97e4e5-0247-46ba-83ca-3268ae9096dc/1/28GD-ySQal2noH2-v-M0O780SEE.roa
File: 28GD-ySQal2noH2-v-M0O780SEE.roa (raw, json)
Hash identifier: reaWrhW+Bc6VkWKlkpfnGX+eRjpuQOmEP/eJnLjnOys=
Subject key identifier: DB:C1:83:FB:24:90:6A:5D:A7:A0:7D:BE:BF:E3:34:3B:BF:34:48:41
Certificate issuer: /CN=c7f6ad83f25c2886a25857fb515d4559527c46f7
Certificate serial: 01835ACC5ADB78BC8829294D17A841F6F59E
Authority key identifier: C7:F6:AD:83:F2:5C:28:86:A2:58:57:FB:51:5D:45:59:52:7C:46:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x_atg_JcKIaiWFf7UV1FWVJ8Rvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/97e4e5-0247-46ba-83ca-3268ae9096dc/1/28GD-ySQal2noH2-v-M0O780SEE.roa
Signing time: Tue 20 Sep 2022 12:08:05 +0000
ROA not before: Tue 20 Sep 2022 12:08:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47207
IP address blocks: 93.157.0.0/21 maxlen: 24
195.5.163.0/24 maxlen: 24
2001:67c:54::/48 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:5a:cc:5a:db:78:bc:88:29:29:4d:17:a8:41:f6:f5:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7f6ad83f25c2886a25857fb515d4559527c46f7
Validity
Not Before: Sep 20 12:08:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dbc183fb24906a5da7a07dbebfe3343bbf344841
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b2:d4:c2:3b:44:84:e7:55:1e:21:8a:c1:26:
70:21:39:e6:c4:ab:bc:7b:d3:a1:5a:b0:bb:31:df:
10:5b:4a:1a:8d:b7:44:98:7e:9a:19:64:92:fc:7d:
5f:8b:70:f6:16:86:6a:c7:f2:c3:34:ba:c4:a5:5c:
b2:d5:35:55:99:5b:05:34:60:ba:f5:2b:92:60:c1:
3c:c2:42:ec:45:9d:b0:a1:8b:04:f5:a0:7a:71:d0:
e8:47:9a:e1:96:71:53:1a:90:53:e0:08:74:f0:34:
90:c1:1d:71:a6:d8:21:2e:19:fc:0e:d7:2e:84:d8:
29:63:d6:ab:97:99:30:f6:8b:04:d2:45:26:fd:94:
91:d2:52:df:4b:08:92:f3:09:04:22:31:98:b6:d8:
8f:c0:0a:ce:99:71:18:60:2c:91:36:16:29:be:8f:
3a:7c:77:15:b7:76:b0:a6:a1:19:03:29:68:99:1d:
5b:71:97:ae:f4:e2:50:7f:ae:d4:50:b9:0c:19:de:
c0:37:36:8c:d7:6a:ee:7a:b3:0f:22:54:24:3d:6d:
1a:4a:3f:c1:ff:8b:89:bf:f8:37:eb:7b:88:d4:89:
60:77:8f:48:1d:04:cc:40:d0:d4:86:ee:09:2d:01:
fc:a4:d7:0b:b4:b9:ac:ee:cd:b6:d5:b4:b7:e5:79:
24:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:C1:83:FB:24:90:6A:5D:A7:A0:7D:BE:BF:E3:34:3B:BF:34:48:41
X509v3 Authority Key Identifier:
keyid:C7:F6:AD:83:F2:5C:28:86:A2:58:57:FB:51:5D:45:59:52:7C:46:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x_atg_JcKIaiWFf7UV1FWVJ8Rvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/97e4e5-0247-46ba-83ca-3268ae9096dc/1/28GD-ySQal2noH2-v-M0O780SEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/97e4e5-0247-46ba-83ca-3268ae9096dc/1/x_atg_JcKIaiWFf7UV1FWVJ8Rvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.157.0.0/21
195.5.163.0/24
IPv6:
2001:67c:54::/48
Signature Algorithm: sha256WithRSAEncryption
3e:58:ed:9c:28:6f:75:f8:c3:e6:67:b7:ae:70:2e:c3:43:9b:
88:89:73:80:dc:d8:4b:d0:02:93:a1:89:69:95:f3:c1:0c:48:
9b:60:99:3a:85:1e:9b:48:b4:f7:8d:1f:ee:07:5d:e5:8e:53:
ad:63:7a:61:41:6c:b2:84:e2:8e:97:de:80:0e:c1:77:3f:3b:
75:85:13:d9:cd:59:4c:4e:77:fa:b2:df:36:8b:59:c4:0f:40:
85:57:02:41:56:83:a4:23:b5:16:8c:7d:8e:f6:e1:da:b3:a3:
b1:a5:64:b5:2f:e2:cd:04:78:7f:ef:a0:3c:64:a5:d1:3f:72:
59:24:69:08:72:2a:6f:a8:10:b5:6d:f6:25:d8:ce:2c:60:24:
6f:b7:a0:76:94:30:ed:6f:d5:1a:d3:d6:d7:e5:5f:27:6e:a3:
05:b4:53:bf:33:b8:2a:f5:22:c5:8a:d8:7c:17:c7:a9:3b:a5:
b7:79:4b:5b:eb:d6:c1:2f:55:a5:bd:b5:cc:a2:97:8a:7f:df:
09:29:b2:77:c7:05:31:9f:c2:66:50:a9:b6:27:a6:82:a3:0d:
2a:ae:0c:20:8d:4a:e6:c6:85:65:1c:7c:01:06:9c:b6:4b:51:
02:9d:e3:08:ba:ca:61:df:ca:38:da:fc:f2:f3:c1:a8:c0:57:
d8:3c:d6:f5
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYNazFrbeLyIKSlNF6hB9vWeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3ZjZhZDgzZjI1YzI4ODZhMjU4NTdmYjUxNWQ0NTU5NTI3
YzQ2ZjcwHhcNMjIwOTIwMTIwODA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmMxODNmYjI0OTA2YTVkYTdhMDdkYmViZmUzMzQzYmJmMzQ0ODQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7LUwjtEhOdVHiGKwSZwITnmxKu8
e9OhWrC7Md8QW0oajbdEmH6aGWSS/H1fi3D2FoZqx/LDNLrEpVyy1TVVmVsFNGC6
9SuSYME8wkLsRZ2woYsE9aB6cdDoR5rhlnFTGpBT4Ah08DSQwR1xptghLhn8Dtcu
hNgpY9arl5kw9osE0kUm/ZSR0lLfSwiS8wkEIjGYttiPwArOmXEYYCyRNhYpvo86
fHcVt3awpqEZAylomR1bcZeu9OJQf67UULkMGd7ANzaM12ruerMPIlQkPW0aSj/B
/4uJv/g363uI1Ilgd49IHQTMQNDUhu4JLQH8pNcLtLms7s221bS35XkkDQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFNvBg/skkGpdp6B9vr/jNDu/NEhBMB8GA1UdIwQY
MBaAFMf2rYPyXCiGolhX+1FdRVlSfEb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveF9hdGdfSmNLSWFpV0ZmN1VWMUZXVko4UnZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi85N2U0ZTUtMDI0Ny00NmJhLTgzY2Et
MzI2OGFlOTA5NmRjLzEvMjhHRC15U1FhbDJub0gyLXYtTTBPNzgwU0VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi85N2U0ZTUtMDI0Ny00NmJhLTgzY2EtMzI2OGFlOTA5NmRj
LzEveF9hdGdfSmNLSWFpV0ZmN1VWMUZXVko4UnZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQDXZ0AAwQA
wwWjMA8EAgACMAkDBwAgAQZ8AFQwDQYJKoZIhvcNAQELBQADggEBAD5Y7Zwob3X4
w+Znt65wLsNDm4iJc4Dc2EvQApOhiWmV88EMSJtgmTqFHptItPeNH+4HXeWOU61j
emFBbLKE4o6X3oAOwXc/O3WFE9nNWUxOd/qy3zaLWcQPQIVXAkFWg6QjtRaMfY72
4dqzo7GlZLUv4s0EeH/voDxkpdE/clkkaQhyKm+oELVt9iXYzixgJG+3oHaUMO1v
1RrT1tflXyduowW0U78zuCr1IsWK2HwXx6k7pbd5S1vr1sEvVaW9tcyil4p/3wkp
snfHBTGfwmZQqbYnpoKjDSquDCCNSubGhWUcfAEGnLZLUQKd4wi6ymHfyjja/PLz
wajAV9g81vU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:38 2024 by rpki-client on console-fra.rpki-client.org