Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/b130b5-5fcc-4196-9075-5eff73e89fbb/1/vb8B_2cO1_BKNLhSE2F8Dc6kCtk.roa
File: vb8B_2cO1_BKNLhSE2F8Dc6kCtk.roa (raw, json)
Hash identifier: X8zr6kLQ+uu4BAsPGddTEnHcqkfbQFnNFmqRAtUkIjw=
Subject key identifier: BD:BF:01:FF:67:0E:D7:F0:4A:34:B8:52:13:61:7C:0D:CE:A4:0A:D9
Certificate issuer: /CN=c8e50ca17134837a50d3063d43d443385abe6f49
Certificate serial: 05A1FEB1
Authority key identifier: C8:E5:0C:A1:71:34:83:7A:50:D3:06:3D:43:D4:43:38:5A:BE:6F:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yOUMoXE0g3pQ0wY9Q9RDOFq-b0k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/b130b5-5fcc-4196-9075-5eff73e89fbb/1/vb8B_2cO1_BKNLhSE2F8Dc6kCtk.roa
Signing time: Sat 01 Jan 2022 14:08:08 +0000
ROA not before: Sat 01 Jan 2022 14:08:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 27630
IP address blocks: 193.28.106.0/24 maxlen: 24
193.28.57.0/24 maxlen: 24
193.28.60.0/24 maxlen: 24
193.28.93.0/24 maxlen: 24
2a10:3680::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94502577 (0x5a1feb1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8e50ca17134837a50d3063d43d443385abe6f49
Validity
Not Before: Jan 1 14:08:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bdbf01ff670ed7f04a34b85213617c0dcea40ad9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:76:a5:d3:ab:5c:25:f2:bf:7c:60:e3:ef:99:
6b:3b:a5:ad:02:28:f4:34:6e:d6:34:2c:10:4a:c3:
f1:23:ab:87:df:d9:9d:3c:f0:da:bc:27:63:c1:51:
33:7d:84:28:78:25:76:22:10:c2:18:f0:df:26:b1:
b7:4c:f9:a7:db:55:91:5c:af:35:8b:30:bd:07:cc:
ff:39:c9:15:77:84:f0:a2:b4:41:c5:fb:02:c2:9c:
59:aa:35:14:bf:90:0b:3f:27:e6:6c:80:81:73:20:
bd:9b:0a:04:db:66:81:db:40:1b:23:7f:65:2f:d0:
cf:b3:35:52:0f:f8:5b:a6:0a:99:59:b9:60:5c:2e:
8c:d1:59:15:ee:0d:7d:ba:32:af:17:3e:d4:74:c6:
af:2b:81:2f:a9:36:bf:9d:c0:b5:e7:33:35:75:23:
6f:1c:1b:3d:16:f7:66:a4:fa:f3:ca:37:77:60:c5:
47:03:66:32:b5:aa:f8:41:23:e5:72:d4:ca:09:1f:
ad:04:f6:b4:bf:a6:f9:88:ca:0d:f0:e3:b9:6a:eb:
6e:80:af:54:fa:09:fd:c5:c9:10:d3:50:97:60:18:
93:24:ef:58:7f:4a:f2:4c:15:7b:5d:8f:12:b9:0f:
99:4b:6f:d9:fa:d3:40:5d:be:8b:4c:fd:67:50:31:
20:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:BF:01:FF:67:0E:D7:F0:4A:34:B8:52:13:61:7C:0D:CE:A4:0A:D9
X509v3 Authority Key Identifier:
keyid:C8:E5:0C:A1:71:34:83:7A:50:D3:06:3D:43:D4:43:38:5A:BE:6F:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yOUMoXE0g3pQ0wY9Q9RDOFq-b0k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/b130b5-5fcc-4196-9075-5eff73e89fbb/1/vb8B_2cO1_BKNLhSE2F8Dc6kCtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/b130b5-5fcc-4196-9075-5eff73e89fbb/1/yOUMoXE0g3pQ0wY9Q9RDOFq-b0k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.28.57.0/24
193.28.60.0/24
193.28.93.0/24
193.28.106.0/24
IPv6:
2a10:3680::/29
Signature Algorithm: sha256WithRSAEncryption
ac:f1:f4:7e:b5:a0:a4:a9:94:57:a5:1c:a5:2e:bb:85:bd:11:
05:9b:7e:80:25:1f:0a:6e:1a:b6:ae:c2:67:1f:86:60:94:dd:
8c:85:47:a7:5b:fd:78:02:9c:e1:0d:99:bb:6c:97:b5:72:8a:
48:56:ad:04:42:48:87:02:7a:d0:04:26:1a:dc:9d:cf:5b:a5:
c6:2f:a4:aa:8d:35:73:67:6b:f4:dc:80:a1:da:14:5b:d5:d8:
6f:3e:9f:f0:f6:45:28:02:73:e3:d9:10:1b:e8:f6:4a:e6:95:
0c:3d:18:35:9a:0a:ec:4e:77:af:ed:2e:a7:af:6e:3e:e6:e6:
31:0d:e9:c8:88:a4:07:6f:8b:2a:94:95:bf:d0:13:91:ec:51:
ae:3b:1c:98:6b:89:89:44:04:7c:6b:dd:11:45:cb:a1:cf:c5:
59:76:28:29:94:69:e7:ae:6d:47:21:a5:d0:c1:19:ea:17:f4:
32:5a:a3:eb:b8:bf:b7:7a:3a:ad:f2:16:8d:05:5e:15:1c:e1:
05:71:1b:34:f3:63:42:8d:48:89:8c:9f:e6:e9:77:57:cc:41:
b0:2b:3e:d7:ae:0e:fd:70:f4:f6:f0:d3:56:e7:6b:9a:48:0e:
a9:28:b3:7a:67:cc:fb:1e:0e:1e:3f:3f:64:f1:9e:fc:2f:63:
4b:8b:b6:4a
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEBaH+sTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
OGU1MGNhMTcxMzQ4MzdhNTBkMzA2M2Q0M2Q0NDMzODVhYmU2ZjQ5MB4XDTIyMDEw
MTE0MDgwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmRiZjAxZmY2NzBl
ZDdmMDRhMzRiODUyMTM2MTdjMGRjZWE0MGFkOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJd2pdOrXCXyv3xg4++ZazulrQIo9DRu1jQsEErD8SOrh9/Z
nTzw2rwnY8FRM32EKHgldiIQwhjw3yaxt0z5p9tVkVyvNYswvQfM/znJFXeE8KK0
QcX7AsKcWao1FL+QCz8n5myAgXMgvZsKBNtmgdtAGyN/ZS/Qz7M1Ug/4W6YKmVm5
YFwujNFZFe4Nfboyrxc+1HTGryuBL6k2v53AteczNXUjbxwbPRb3ZqT688o3d2DF
RwNmMrWq+EEj5XLUygkfrQT2tL+m+YjKDfDjuWrrboCvVPoJ/cXJENNQl2AYkyTv
WH9K8kwVe12PErkPmUtv2frTQF2+i0z9Z1AxIOUCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBS9vwH/Zw7X8Eo0uFITYXwNzqQK2TAfBgNVHSMEGDAWgBTI5QyhcTSDelDT
Bj1D1EM4Wr5vSTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lPVU1vWEUwZzNwUTB3WTlROVJET0ZxLWIway5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTEvYjEzMGI1LTVmY2MtNDE5Ni05MDc1LTVlZmY3M2U4OWZiYi8x
L3ZiOEJfMmNPMV9CS05MaFNFMkY4RGM2a0N0ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTEv
YjEzMGI1LTVmY2MtNDE5Ni05MDc1LTVlZmY3M2U4OWZiYi8xL3lPVU1vWEUwZzNw
UTB3WTlROVJET0ZxLWIway5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAMEcOQMEAMEcPAMEAMEcXQMEAMEc
ajANBAIAAjAHAwUDKhA2gDANBgkqhkiG9w0BAQsFAAOCAQEArPH0frWgpKmUV6Uc
pS67hb0RBZt+gCUfCm4atq7CZx+GYJTdjIVHp1v9eAKc4Q2Zu2yXtXKKSFatBEJI
hwJ60AQmGtydz1ulxi+kqo01c2dr9NyAodoUW9XYbz6f8PZFKAJz49kQG+j2SuaV
DD0YNZoK7E53r+0up69uPubmMQ3pyIikB2+LKpSVv9ATkexRrjscmGuJiUQEfGvd
EUXLoc/FWXYoKZRp565tRyGl0MEZ6hf0Mlqj67i/t3o6rfIWjQVeFRzhBXEbNPNj
Qo1IiYyf5ul3V8xBsCs+164O/XD09vDTVudrmkgOqSizemfM+x4OHj8/ZPGe/C9j
S4u2Sg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:57 2024 by rpki-client on console-fra.rpki-client.org