Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/8aKJr0SxLNtFr08Kywpz9zmkFq4.roa
File: 8aKJr0SxLNtFr08Kywpz9zmkFq4.roa (raw, json)
Hash identifier: QcMmvMn2+cxb2S2unorZO9XgDNDrN4eA7mVKf2vHA8E=
Subject key identifier: F1:A2:89:AF:44:B1:2C:DB:45:AF:4F:0A:CB:0A:73:F7:39:A4:16:AE
Certificate issuer: /CN=22f344a63dcb70e89057deb8e2761dc45165881a
Certificate serial: 0444B8D2
Authority key identifier: 22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/8aKJr0SxLNtFr08Kywpz9zmkFq4.roa
Signing time: Fri 17 Jun 2022 08:18:43 +0000
ROA not before: Fri 17 Jun 2022 08:18:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209372
IP address blocks: 85.28.57.0/24 maxlen: 24
85.28.58.0/24 maxlen: 24
85.28.56.0/24 maxlen: 24
85.28.59.0/24 maxlen: 24
85.28.60.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 71612626 (0x444b8d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f344a63dcb70e89057deb8e2761dc45165881a
Validity
Not Before: Jun 17 08:18:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f1a289af44b12cdb45af4f0acb0a73f739a416ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:5c:f9:d9:48:aa:d7:30:aa:7d:c1:71:dc:ea:
6c:f9:f7:d6:b0:5d:56:4e:b0:ff:17:4c:44:0a:e3:
28:7a:e3:02:53:f7:7a:3e:71:25:74:27:e3:74:64:
07:28:b4:68:27:81:7b:45:2d:da:0d:1b:08:25:6f:
a0:ea:bc:c4:fb:63:1a:cb:8a:1e:a3:b5:0d:3a:73:
8d:9c:06:e1:71:7f:24:24:8a:de:5a:71:52:04:32:
c8:e4:4e:c5:43:bb:d2:bf:bf:7d:a2:fe:7b:00:3c:
c6:0e:9f:e8:f5:e5:d5:8d:a5:8d:bb:8c:f2:42:85:
e7:e3:ae:e9:b6:85:9c:80:9a:de:33:e5:d7:14:4f:
4d:07:0e:e8:d0:53:06:a7:13:b3:f0:d4:a3:e8:38:
b1:0d:fd:27:56:4e:52:52:35:1d:7b:06:79:c2:ae:
df:81:9e:d0:16:9c:55:6e:63:11:02:e6:bf:cf:69:
30:17:0c:4a:e4:da:b3:45:09:09:3f:8d:bb:71:57:
c0:6b:f3:07:cb:85:7b:f9:ed:0d:b6:b5:77:42:8d:
f7:78:44:b9:52:9f:5d:9e:ef:bc:41:6c:20:d9:da:
96:7e:eb:e5:cc:aa:61:fa:2f:01:53:55:3d:3b:ce:
3c:bc:80:2d:44:06:3d:c1:5a:bf:4b:1e:85:a7:f7:
ab:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:A2:89:AF:44:B1:2C:DB:45:AF:4F:0A:CB:0A:73:F7:39:A4:16:AE
X509v3 Authority Key Identifier:
keyid:22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/8aKJr0SxLNtFr08Kywpz9zmkFq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.28.56.0/21
Signature Algorithm: sha256WithRSAEncryption
1c:91:c9:bd:74:91:34:37:60:70:0e:c8:56:ff:a2:5a:d6:9b:
5d:bd:65:46:39:40:a9:9b:ba:71:ee:d6:1c:36:50:90:26:dc:
ae:92:94:11:08:4e:d0:08:27:ff:3d:2d:a4:7b:02:30:55:ce:
b9:45:43:f3:ec:89:f0:03:53:1e:48:06:ae:62:7f:f5:50:1b:
70:8a:f2:3a:27:7b:a6:8e:ed:5d:32:47:a0:16:b7:e6:47:f2:
38:0f:ef:91:44:fe:e8:d3:5c:cc:ba:f0:ee:f2:35:71:98:94:
ba:b1:c9:03:da:a2:ec:85:fb:f5:69:8e:3f:ca:8d:34:b2:1a:
0d:75:22:57:88:8b:96:2b:44:3c:fb:cf:de:61:6e:dc:65:e3:
88:4c:e5:dc:b9:c0:a0:fd:9c:cd:4d:fc:76:84:13:8a:0d:cf:
11:a4:f8:67:b3:a4:48:ad:1f:6c:07:fb:6c:6b:ca:c1:cd:d0:
82:b4:dc:6c:f3:1f:07:ec:32:13:ac:85:1f:ab:fc:cd:03:46:
b6:59:94:8a:f7:fd:ff:c6:70:7f:14:e3:09:cc:c3:09:e5:38:
d3:e8:fd:fd:50:a8:a5:8d:a8:87:a2:67:c4:d8:e2:de:01:d0:
1f:c6:a3:de:e3:47:8d:ff:44:c0:ed:d9:01:49:cd:17:26:9e:
3a:cb:25:36
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBES40jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmYzNDRhNjNkY2I3MGU4OTA1N2RlYjhlMjc2MWRjNDUxNjU4ODFhMB4XDTIyMDYx
NzA4MTg0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjFhMjg5YWY0NGIx
MmNkYjQ1YWY0ZjBhY2IwYTczZjczOWE0MTZhZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK1c+dlIqtcwqn3BcdzqbPn31rBdVk6w/xdMRArjKHrjAlP3
ej5xJXQn43RkByi0aCeBe0Ut2g0bCCVvoOq8xPtjGsuKHqO1DTpzjZwG4XF/JCSK
3lpxUgQyyOROxUO70r+/faL+ewA8xg6f6PXl1Y2ljbuM8kKF5+Ou6baFnICa3jPl
1xRPTQcO6NBTBqcTs/DUo+g4sQ39J1ZOUlI1HXsGecKu34Ge0BacVW5jEQLmv89p
MBcMSuTas0UJCT+Nu3FXwGvzB8uFe/ntDba1d0KN93hEuVKfXZ7vvEFsINnaln7r
5cyqYfovAVNVPTvOPLyALUQGPcFav0sehaf3q3ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTxoomvRLEs20WvTwrLCnP3OaQWrjAfBgNVHSMEGDAWgBQi80SmPctw6JBX
3rjidh3EUWWIGjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0l2TkVwajNMY09pUVY5NjQ0bllkeEZGbGlCby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjYvNTM2MGU3LWYwMmEtNDczNy05OWM3LWZlYmI2NGI1ZTE2NC8x
LzhhS0pyMFN4TE50RnIwOEt5d3B6OXpta0ZxNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYv
NTM2MGU3LWYwMmEtNDczNy05OWM3LWZlYmI2NGI1ZTE2NC8xL0l2TkVwajNMY09p
UVY5NjQ0bllkeEZGbGlCby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA1UcODANBgkqhkiG9w0BAQsFAAOC
AQEAHJHJvXSRNDdgcA7IVv+iWtabXb1lRjlAqZu6ce7WHDZQkCbcrpKUEQhO0Agn
/z0tpHsCMFXOuUVD8+yJ8ANTHkgGrmJ/9VAbcIryOid7po7tXTJHoBa35kfyOA/v
kUT+6NNczLrw7vI1cZiUurHJA9qi7IX79WmOP8qNNLIaDXUiV4iLlitEPPvP3mFu
3GXjiEzl3LnAoP2czU38doQTig3PEaT4Z7OkSK0fbAf7bGvKwc3QgrTcbPMfB+wy
E6yFH6v8zQNGtlmUivf9/8ZwfxTjCczDCeU40+j9/VCopY2oh6JnxNji3gHQH8aj
3uNHjf9EwO3ZAUnNFyaeOsslNg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:32 2023 by rpki-client on console-ams.rpki-client.org