Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/3f4e58-d58d-47de-92f7-e89fff97762c/1/H96AkFlIxrbK0nTIKiQou5_t1nE.roa
File: H96AkFlIxrbK0nTIKiQou5_t1nE.roa (raw, json)
Hash identifier: AsSiSV6ZRQ09gPGpqVRlicprVA02oKyUJASASXc9L1w=
Subject key identifier: 1F:DE:80:90:59:48:C6:B6:CA:D2:74:C8:2A:24:28:BB:9F:ED:D6:71
Certificate issuer: /CN=b1b5ab262ff281556743318f78ceaeb49f8bd1be
Certificate serial: 1BC058BC
Authority key identifier: B1:B5:AB:26:2F:F2:81:55:67:43:31:8F:78:CE:AE:B4:9F:8B:D1:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sbWrJi_ygVVnQzGPeM6utJ-L0b4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/3f4e58-d58d-47de-92f7-e89fff97762c/1/H96AkFlIxrbK0nTIKiQou5_t1nE.roa
Signing time: Sat 01 Jan 2022 10:56:05 +0000
ROA not before: Sat 01 Jan 2022 10:56:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200183
IP address blocks: 185.28.78.0/24 maxlen: 24
185.28.77.0/24 maxlen: 24
185.28.76.0/24 maxlen: 24
185.28.79.0/24 maxlen: 24
2a02:ce80:2::/48 maxlen: 48
2a02:ce80::/48 maxlen: 48
2a02:ce80:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 465590460 (0x1bc058bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1b5ab262ff281556743318f78ceaeb49f8bd1be
Validity
Not Before: Jan 1 10:56:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1fde80905948c6b6cad274c82a2428bb9fedd671
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:4e:cd:a4:ba:66:34:c0:8a:6a:23:56:ec:32:
de:76:49:d4:f8:cf:1b:d6:d7:be:95:6f:8d:98:75:
6a:5a:f6:58:93:a2:33:8f:2d:22:a4:36:26:95:32:
85:96:9d:4e:3e:a3:de:21:ca:e6:15:7c:4e:10:5c:
40:a0:91:b8:3a:b8:20:43:a2:df:05:68:36:92:db:
d3:ea:8f:40:9f:cb:d9:19:33:77:eb:db:46:d7:87:
49:87:50:b5:8c:7d:84:c9:08:3e:34:ef:41:61:ca:
03:98:6a:91:a4:d2:3d:6c:a9:0e:08:02:ef:80:bd:
5f:6d:ce:e0:d4:af:dd:dd:9b:cd:4f:0b:19:29:29:
d4:93:10:90:d6:db:db:3e:2a:88:7e:fa:46:30:24:
38:86:b7:90:50:a2:bc:c9:0d:c9:5b:80:f0:9f:3e:
e4:a1:46:07:28:1c:4d:71:48:34:88:3a:8d:08:b1:
d1:22:52:44:ab:62:a3:d2:3e:65:9a:af:63:01:50:
16:6c:cf:80:bb:be:9a:e4:2d:65:68:99:b9:ba:8f:
eb:d2:53:df:af:34:0d:04:f2:cf:11:19:bc:47:4e:
0e:22:98:36:04:b3:d9:e7:5b:e5:b0:44:84:ca:13:
ac:a1:46:75:e4:49:6b:c5:b7:65:1c:c2:13:42:9d:
bd:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:DE:80:90:59:48:C6:B6:CA:D2:74:C8:2A:24:28:BB:9F:ED:D6:71
X509v3 Authority Key Identifier:
keyid:B1:B5:AB:26:2F:F2:81:55:67:43:31:8F:78:CE:AE:B4:9F:8B:D1:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sbWrJi_ygVVnQzGPeM6utJ-L0b4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/3f4e58-d58d-47de-92f7-e89fff97762c/1/H96AkFlIxrbK0nTIKiQou5_t1nE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/3f4e58-d58d-47de-92f7-e89fff97762c/1/sbWrJi_ygVVnQzGPeM6utJ-L0b4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.76.0/22
IPv6:
2a02:ce80::-2a02:ce80:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4d:19:97:6a:1a:c5:ad:56:e5:e3:18:c2:6e:15:31:cc:f5:b7:
fd:3d:ef:b3:aa:3e:af:e7:38:de:d8:86:1a:8a:a3:1f:a2:d9:
d5:7a:2e:0e:65:8e:51:9b:0f:41:0b:4c:c3:da:e4:54:8d:76:
c4:9f:38:39:0a:35:6e:75:f5:5e:f6:61:d4:21:b0:60:9a:a4:
d9:c0:e8:8b:1d:92:50:56:33:a7:a7:23:c2:c7:b1:b0:c2:76:
e5:d3:6b:cb:91:55:6c:96:eb:ae:cb:57:fc:e2:86:f0:dc:b9:
11:cf:d6:45:b8:33:ae:1c:18:81:02:d1:20:a3:dd:f6:6d:4d:
cf:7f:a4:aa:bd:09:ae:33:67:a5:16:e5:52:4b:63:1f:83:3e:
0b:3e:37:e2:8c:fe:a0:6d:8b:8d:ef:54:3d:fb:f1:a8:80:c5:
75:d0:29:de:49:12:99:ce:a0:20:48:3f:27:1f:71:c1:b7:2d:
c0:3e:90:8b:ef:2b:63:d3:de:78:37:e6:db:7b:f3:6f:21:a5:
48:6c:3a:92:d8:7d:14:18:51:90:64:92:b7:87:f6:99:8b:79:
58:af:9e:38:f2:28:db:30:56:4b:d5:0d:58:f9:71:29:0a:f4:
2d:c7:b0:1d:f7:8c:b9:d5:d3:30:75:a4:31:c2:e4:dc:e4:2e:
0f:89:2c:fb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEG8BYvDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWI1YWIyNjJmZjI4MTU1Njc0MzMxOGY3OGNlYWViNDlmOGJkMWJlMB4XDTIyMDEw
MTEwNTYwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWZkZTgwOTA1OTQ4
YzZiNmNhZDI3NGM4MmEyNDI4YmI5ZmVkZDY3MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL5OzaS6ZjTAimojVuwy3nZJ1PjPG9bXvpVvjZh1alr2WJOi
M48tIqQ2JpUyhZadTj6j3iHK5hV8ThBcQKCRuDq4IEOi3wVoNpLb0+qPQJ/L2Rkz
d+vbRteHSYdQtYx9hMkIPjTvQWHKA5hqkaTSPWypDggC74C9X23O4NSv3d2bzU8L
GSkp1JMQkNbb2z4qiH76RjAkOIa3kFCivMkNyVuA8J8+5KFGBygcTXFINIg6jQix
0SJSRKtio9I+ZZqvYwFQFmzPgLu+muQtZWiZubqP69JT3680DQTyzxEZvEdODiKY
NgSz2edb5bBEhMoTrKFGdeRJa8W3ZRzCE0KdvRUCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBQf3oCQWUjGtsrSdMgqJCi7n+3WcTAfBgNVHSMEGDAWgBSxtasmL/KBVWdD
MY94zq60n4vRvjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NiV3JKaV95Z1ZWblF6R1BlTTZ1dEotTDBiNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTIvM2Y0ZTU4LWQ1OGQtNDdkZS05MmY3LWU4OWZmZjk3NzYyYy8x
L0g5NkFrRmxJeHJiSzBuVElLaVFvdTVfdDFuRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIv
M2Y0ZTU4LWQ1OGQtNDdkZS05MmY3LWU4OWZmZjk3NzYyYy8xL3NiV3JKaV95Z1ZW
blF6R1BlTTZ1dEotTDBiNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwDAQCAAEwBgMEArkcTDAYBAIAAjASMBADBQcqAs6A
AwcAKgLOgAACMA0GCSqGSIb3DQEBCwUAA4IBAQBNGZdqGsWtVuXjGMJuFTHM9bf9
Pe+zqj6v5zje2IYaiqMfotnVei4OZY5Rmw9BC0zD2uRUjXbEnzg5CjVudfVe9mHU
IbBgmqTZwOiLHZJQVjOnpyPCx7Gwwnbl02vLkVVsluuuy1f84obw3LkRz9ZFuDOu
HBiBAtEgo932bU3Pf6SqvQmuM2elFuVSS2Mfgz4LPjfijP6gbYuN71Q9+/GogMV1
0CneSRKZzqAgSD8nH3HBty3APpCL7ytj0954N+bbe/NvIaVIbDqS2H0UGFGQZJK3
h/aZi3lYr5448ijbMFZL1Q1Y+XEpCvQtx7Ad94y51dMwdaQxwuTc5C4PiSz7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:05 2024 by rpki-client on console-ams.rpki-client.org