Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/37fb4a-5c96-4d17-86a0-ebb63a454a91/1/28XEoAmdkgtKl-R47cnH3qkaGxM.roa
File: 28XEoAmdkgtKl-R47cnH3qkaGxM.roa (raw, json)
Hash identifier: sVBfYwL5gYaTEWvT5Rhmud2qDPUPyr2jdI9t5uOuQC8=
Subject key identifier: DB:C5:C4:A0:09:9D:92:0B:4A:97:E4:78:ED:C9:C7:DE:A9:1A:1B:13
Certificate issuer: /CN=c1c05ece6c908ad8882513da3a25a160703bb7f6
Certificate serial: 01856C1CBDEAE1F679765B7EC01C2C612DAB
Authority key identifier: C1:C0:5E:CE:6C:90:8A:D8:88:25:13:DA:3A:25:A1:60:70:3B:B7:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wcBezmyQitiIJRPaOiWhYHA7t_Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/37fb4a-5c96-4d17-86a0-ebb63a454a91/1/28XEoAmdkgtKl-R47cnH3qkaGxM.roa
Signing time: Sun 01 Jan 2023 06:55:00 +0000
ROA not before: Sun 01 Jan 2023 06:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 680
IP address blocks: 141.4.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:bd:ea:e1:f6:79:76:5b:7e:c0:1c:2c:61:2d:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1c05ece6c908ad8882513da3a25a160703bb7f6
Validity
Not Before: Jan 1 06:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dbc5c4a0099d920b4a97e478edc9c7dea91a1b13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b5:22:e8:c5:ef:f2:63:3c:bc:35:9d:60:6c:
5e:f1:61:ac:32:df:78:ce:34:7a:dc:b1:21:48:31:
64:c6:d4:e5:15:50:f8:ff:08:d0:c6:7e:3a:9e:45:
45:c6:95:d6:b6:93:20:9c:89:e7:af:26:49:8a:df:
5c:45:06:9c:76:fc:44:25:73:e4:3a:ef:d0:2d:d0:
26:8e:be:39:1c:33:8f:9d:65:e8:50:a8:ec:06:de:
be:ff:92:8c:c8:e2:c8:df:c1:29:e2:5f:24:48:d4:
fc:92:3b:cb:56:90:ad:75:43:eb:f6:76:ac:17:b8:
e0:8d:b7:69:72:ca:45:8c:18:ab:fe:9b:f1:18:34:
8e:87:15:5d:43:6b:40:85:d1:72:a6:84:6a:0d:b4:
f7:8c:4c:6f:e0:e7:f0:34:4e:c9:ba:a2:d4:24:2d:
7b:df:aa:45:34:51:00:eb:69:cc:19:e4:40:8c:25:
a2:78:20:14:5b:5f:10:7a:90:da:52:e3:d2:d4:dc:
11:ef:7e:a4:5c:35:78:9d:89:0e:02:38:f9:07:ea:
56:ba:c9:e9:b4:b7:76:c7:a5:24:ea:9e:44:fd:85:
28:f2:2d:29:85:b4:45:f6:87:00:5d:4b:e2:fb:13:
56:9a:e0:99:c8:34:9c:51:9c:66:3c:79:1d:7c:a7:
a6:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:C5:C4:A0:09:9D:92:0B:4A:97:E4:78:ED:C9:C7:DE:A9:1A:1B:13
X509v3 Authority Key Identifier:
keyid:C1:C0:5E:CE:6C:90:8A:D8:88:25:13:DA:3A:25:A1:60:70:3B:B7:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wcBezmyQitiIJRPaOiWhYHA7t_Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/37fb4a-5c96-4d17-86a0-ebb63a454a91/1/28XEoAmdkgtKl-R47cnH3qkaGxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/37fb4a-5c96-4d17-86a0-ebb63a454a91/1/wcBezmyQitiIJRPaOiWhYHA7t_Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.4.0.0/16
Signature Algorithm: sha256WithRSAEncryption
78:15:ae:8f:55:90:48:61:c5:c0:50:da:0c:9f:2a:68:2d:39:
90:ad:2f:20:2c:47:ce:ee:47:5d:62:df:d0:7f:29:c7:bb:9e:
cc:e3:e0:f5:2c:89:05:0d:b6:db:0e:9d:44:72:93:82:e0:46:
75:f9:93:f6:b6:5a:70:17:5d:19:f6:ff:04:d4:22:42:c3:37:
17:3f:9f:a7:17:4c:b5:b9:5a:87:85:64:10:1f:59:b7:da:d4:
dd:77:5c:10:0c:f4:ca:85:b1:85:dd:00:f3:6e:5f:cc:61:1c:
13:47:e7:b3:af:b1:fc:ec:38:95:1d:7c:b6:82:fe:76:45:bb:
ca:64:06:2e:6b:7c:fb:81:2b:5b:0d:1e:ca:f4:a4:38:89:9b:
84:82:77:d4:e3:44:38:d0:92:63:81:71:f1:57:66:61:81:4a:
1e:17:e8:e0:d5:5a:19:01:c2:5b:5b:18:04:81:27:d4:2e:07:
e6:12:9e:8b:c2:3f:ad:b3:cf:dc:45:07:f7:93:82:be:38:44:
4c:cf:7f:fa:e5:9a:f0:84:99:9b:1e:ab:8b:5e:32:aa:70:e0:
7e:96:5f:cd:7e:48:23:18:a9:cc:9b:f1:4e:ad:bd:8d:22:6b:
06:88:9a:ef:e8:7b:2a:7d:5f:15:cd:8c:d3:15:c4:b2:0d:5e:
f2:85:c3:80
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVsHL3q4fZ5dlt+wBwsYS2rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYzA1ZWNlNmM5MDhhZDg4ODI1MTNkYTNhMjVhMTYwNzAz
YmI3ZjYwHhcNMjMwMTAxMDY1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmM1YzRhMDA5OWQ5MjBiNGE5N2U0NzhlZGM5YzdkZWE5MWExYjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurUi6MXv8mM8vDWdYGxe8WGsMt94
zjR63LEhSDFkxtTlFVD4/wjQxn46nkVFxpXWtpMgnInnryZJit9cRQacdvxEJXPk
Ou/QLdAmjr45HDOPnWXoUKjsBt6+/5KMyOLI38Ep4l8kSNT8kjvLVpCtdUPr9nas
F7jgjbdpcspFjBir/pvxGDSOhxVdQ2tAhdFypoRqDbT3jExv4OfwNE7JuqLUJC17
36pFNFEA62nMGeRAjCWieCAUW18QepDaUuPS1NwR736kXDV4nYkOAjj5B+pWusnp
tLd2x6Uk6p5E/YUo8i0phbRF9ocAXUvi+xNWmuCZyDScUZxmPHkdfKemVwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFNvFxKAJnZILSpfkeO3Jx96pGhsTMB8GA1UdIwQY
MBaAFMHAXs5skIrYiCUT2joloWBwO7f2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2NCZXpteVFpdGlJSlJQYU9pV2hZSEE3dF9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8zN2ZiNGEtNWM5Ni00ZDE3LTg2YTAt
ZWJiNjNhNDU0YTkxLzEvMjhYRW9BbWRrZ3RLbC1SNDdjbkgzcWthR3hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8zN2ZiNGEtNWM5Ni00ZDE3LTg2YTAtZWJiNjNhNDU0YTkx
LzEvd2NCZXpteVFpdGlJSlJQYU9pV2hZSEE3dF9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjQQwDQYJ
KoZIhvcNAQELBQADggEBAHgVro9VkEhhxcBQ2gyfKmgtOZCtLyAsR87uR11i39B/
Kce7nszj4PUsiQUNttsOnURyk4LgRnX5k/a2WnAXXRn2/wTUIkLDNxc/n6cXTLW5
WoeFZBAfWbfa1N13XBAM9MqFsYXdAPNuX8xhHBNH57OvsfzsOJUdfLaC/nZFu8pk
Bi5rfPuBK1sNHsr0pDiJm4SCd9TjRDjQkmOBcfFXZmGBSh4X6ODVWhkBwltbGASB
J9QuB+YSnovCP62zz9xFB/eTgr44REzPf/rlmvCEmZseq4teMqpw4H6WX81+SCMY
qcyb8U6tvY0iawaImu/oeyp9XxXNjNMVxLINXvKFw4A=
-----END CERTIFICATE-----
Generated at Sat Apr 12 20:16:25 2025 by rpki-client