Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/d19fc2-8949-4fe6-931b-1c4bb58ab720/1/1jPVCxYaPnaPTq99hL-tQKI2J8o.roa
File: 1jPVCxYaPnaPTq99hL-tQKI2J8o.roa (raw, json)
Hash identifier: f9deWAXFx/TfQQU/du5mCuKOTpxXk7Pk+SpgON9zN4I=
Subject key identifier: D6:33:D5:0B:16:1A:3E:76:8F:4E:AF:7D:84:BF:AD:40:A2:36:27:CA
Certificate issuer: /CN=4a8e68702ef5d48c4f2b072d9cb473e62b87b3e4
Certificate serial: 1338EFCB
Authority key identifier: 4A:8E:68:70:2E:F5:D4:8C:4F:2B:07:2D:9C:B4:73:E6:2B:87:B3:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/So5ocC711IxPKwctnLRz5iuHs-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/d19fc2-8949-4fe6-931b-1c4bb58ab720/1/1jPVCxYaPnaPTq99hL-tQKI2J8o.roa
Signing time: Sat 01 Jan 2022 05:01:46 +0000
ROA not before: Sat 01 Jan 2022 05:01:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 196763
IP address blocks: 5.28.47.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 322498507 (0x1338efcb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a8e68702ef5d48c4f2b072d9cb473e62b87b3e4
Validity
Not Before: Jan 1 05:01:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d633d50b161a3e768f4eaf7d84bfad40a23627ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:cb:01:28:35:a7:82:cd:38:00:4b:e8:50:fa:
5f:a5:a8:67:f9:ed:3f:5c:63:20:f4:4d:4a:c7:78:
44:88:9d:ac:8e:f6:11:07:04:75:49:7e:bd:9d:b3:
9d:44:45:d2:2e:67:ad:bc:61:7e:52:b6:0a:e7:74:
40:cd:64:ee:58:0c:37:4a:1f:d2:32:05:ab:84:be:
f7:39:af:54:0c:3f:af:4a:4d:b8:c6:49:52:b4:2f:
46:d0:61:1e:74:aa:6e:db:35:93:14:a7:26:e3:4e:
bf:ae:76:00:51:17:39:18:09:9f:95:0a:93:13:6f:
2b:56:de:05:c9:c7:35:79:d2:59:88:c4:1c:c1:b7:
aa:a9:08:8c:04:7a:49:fb:ee:01:c8:07:c5:00:83:
c2:d2:e9:a7:0d:d4:28:af:69:55:68:84:ca:0a:c3:
bd:ec:38:f1:a2:a6:4f:28:3e:14:5b:d5:1f:c9:08:
0b:07:ac:87:d5:87:e4:99:02:80:3f:a6:00:dc:88:
ff:7e:69:92:b8:f9:db:9a:84:a9:fd:0a:60:32:44:
68:53:ca:5a:dd:24:50:f6:09:02:90:da:5f:f8:4c:
13:47:a4:82:cb:b3:1c:b5:1e:d7:88:0b:06:b9:e6:
ac:30:df:48:5c:d5:88:01:89:d6:03:53:06:5b:60:
e4:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:33:D5:0B:16:1A:3E:76:8F:4E:AF:7D:84:BF:AD:40:A2:36:27:CA
X509v3 Authority Key Identifier:
keyid:4A:8E:68:70:2E:F5:D4:8C:4F:2B:07:2D:9C:B4:73:E6:2B:87:B3:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/So5ocC711IxPKwctnLRz5iuHs-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/d19fc2-8949-4fe6-931b-1c4bb58ab720/1/1jPVCxYaPnaPTq99hL-tQKI2J8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/d19fc2-8949-4fe6-931b-1c4bb58ab720/1/So5ocC711IxPKwctnLRz5iuHs-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.28.47.0/24
Signature Algorithm: sha256WithRSAEncryption
be:05:4b:f1:78:8b:e2:0e:76:6f:9a:eb:8b:ab:7d:d7:2b:e6:
01:d6:c7:85:d7:7b:77:47:49:ff:2c:ca:f1:c0:30:bd:79:fe:
24:b1:cb:05:48:e0:a1:78:73:dd:d6:d2:7b:3b:50:7d:c8:33:
0b:21:8c:86:a4:74:b8:a1:46:12:83:ca:b2:ed:e2:f9:80:6f:
14:85:02:ed:a8:39:26:eb:8f:dc:7d:ca:9b:5d:da:26:7d:bb:
6b:f6:d6:f1:1f:15:b5:70:2f:84:3d:c1:ed:82:93:95:f0:ef:
92:7a:96:9e:9d:b1:9a:8e:eb:4d:97:35:25:89:0b:ff:f7:7e:
56:71:36:5b:3e:b4:5e:95:32:92:b3:4e:6d:02:e2:da:2b:e6:
ca:66:a9:29:57:4c:f9:52:cf:cd:c7:b4:40:57:72:88:4a:9c:
1e:a5:a9:ae:18:37:c7:0d:11:78:72:61:3f:39:84:cd:4e:0d:
f7:1d:ef:61:89:0e:20:05:fd:fc:bf:8c:5e:6b:81:40:a4:00:
df:99:6d:36:27:60:2d:af:43:46:eb:7c:38:19:99:62:f9:08:
9a:f4:55:77:67:29:9d:44:e8:82:24:c4:f8:80:e2:c8:31:08:
b3:39:58:b5:5f:64:05:49:5e:4d:89:55:09:0a:c4:13:0c:f5:
f9:b4:48:6d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEzjvyzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YThlNjg3MDJlZjVkNDhjNGYyYjA3MmQ5Y2I0NzNlNjJiODdiM2U0MB4XDTIyMDEw
MTA1MDE0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDYzM2Q1MGIxNjFh
M2U3NjhmNGVhZjdkODRiZmFkNDBhMjM2MjdjYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANvLASg1p4LNOABL6FD6X6WoZ/ntP1xjIPRNSsd4RIidrI72
EQcEdUl+vZ2znURF0i5nrbxhflK2Cud0QM1k7lgMN0of0jIFq4S+9zmvVAw/r0pN
uMZJUrQvRtBhHnSqbts1kxSnJuNOv652AFEXORgJn5UKkxNvK1beBcnHNXnSWYjE
HMG3qqkIjAR6SfvuAcgHxQCDwtLppw3UKK9pVWiEygrDvew48aKmTyg+FFvVH8kI
Cwesh9WH5JkCgD+mANyI/35pkrj525qEqf0KYDJEaFPKWt0kUPYJApDaX/hME0ek
gsuzHLUe14gLBrnmrDDfSFzViAGJ1gNTBltg5A0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTWM9ULFho+do9Or32Ev61AojYnyjAfBgNVHSMEGDAWgBRKjmhwLvXUjE8r
By2ctHPmK4ez5DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NvNW9jQzcxMUl4UEt3Y3RuTFJ6NWl1SHMtUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjIvZDE5ZmMyLTg5NDktNGZlNi05MzFiLTFjNGJiNThhYjcyMC8x
LzFqUFZDeFlhUG5hUFRxOTloTC10UUtJMko4by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjIv
ZDE5ZmMyLTg5NDktNGZlNi05MzFiLTFjNGJiNThhYjcyMC8xL1NvNW9jQzcxMUl4
UEt3Y3RuTFJ6NWl1SHMtUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAUcLzANBgkqhkiG9w0BAQsFAAOC
AQEAvgVL8XiL4g52b5rri6t91yvmAdbHhdd7d0dJ/yzK8cAwvXn+JLHLBUjgoXhz
3dbSeztQfcgzCyGMhqR0uKFGEoPKsu3i+YBvFIUC7ag5JuuP3H3Km13aJn27a/bW
8R8VtXAvhD3B7YKTlfDvknqWnp2xmo7rTZc1JYkL//d+VnE2Wz60XpUykrNObQLi
2ivmymapKVdM+VLPzce0QFdyiEqcHqWprhg3xw0ReHJhPzmEzU4N9x3vYYkOIAX9
/L+MXmuBQKQA35ltNidgLa9DRut8OBmZYvkImvRVd2cpnUTogiTE+IDiyDEIszlY
tV9kBUleTYlVCQrEEwz1+bRIbQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:29 2025 by rpki-client