Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/DkuTrqwz5h3th05BaU4pSRGepHo.roa
File: DkuTrqwz5h3th05BaU4pSRGepHo.roa (raw, json)
Hash identifier: UjnBOUmyQ6ZTJCC1b26uVSG/d4xSheZB2DbGQLZKfK8=
Subject key identifier: 0E:4B:93:AE:AC:33:E6:1D:ED:87:4E:41:69:4E:29:49:11:9E:A4:7A
Certificate issuer: /CN=22f344a63dcb70e89057deb8e2761dc45165881a
Certificate serial: 02C1C06F
Authority key identifier: 22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/DkuTrqwz5h3th05BaU4pSRGepHo.roa
Signing time: Sat 01 Jan 2022 11:58:03 +0000
ROA not before: Sat 01 Jan 2022 11:58:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9009
IP address blocks: 85.28.56.0/22 maxlen: 22
85.28.60.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46252143 (0x2c1c06f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f344a63dcb70e89057deb8e2761dc45165881a
Validity
Not Before: Jan 1 11:58:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0e4b93aeac33e61ded874e41694e2949119ea47a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:14:ba:57:21:61:69:76:7c:03:21:ae:b4:64:
b9:96:33:28:99:92:c2:18:e1:9f:ab:47:54:22:cc:
0f:8e:9f:25:e9:8a:47:92:2a:2b:ba:cb:9c:8a:fa:
36:e9:e9:e0:d4:4a:4a:5b:b2:90:bc:e0:5d:e9:b4:
cc:59:ec:ad:7d:ba:73:e4:70:bf:ff:8c:11:53:98:
a2:ab:a8:5b:a6:40:a3:3c:a1:6b:ef:e4:0a:4a:c1:
e1:e3:2f:b6:37:4b:6d:7d:eb:fc:c2:12:12:3f:c5:
2c:90:f4:bf:9e:7b:cc:eb:43:e5:ef:e3:cb:d5:6d:
a6:6b:02:11:1d:45:29:10:48:0b:61:45:13:94:b6:
5f:26:fa:a4:5b:b2:cf:37:93:82:68:6f:ec:88:20:
35:95:f0:d2:20:87:c2:83:be:89:40:4e:84:a4:f1:
ba:3c:42:8f:9d:b1:98:43:6b:9e:eb:cd:99:f5:4e:
b6:97:cd:90:bf:e5:7b:01:45:ed:d0:bc:09:bb:c2:
b2:1a:4d:52:7f:6d:63:13:99:0d:58:83:1e:ea:4e:
da:fb:f5:67:ea:ab:28:b9:ef:0d:5e:0a:7a:7b:a2:
7c:b8:1d:e2:ff:f1:a7:5c:d5:ca:14:5f:3f:cd:b5:
72:6d:0d:60:b1:8d:3e:fa:96:ed:c3:12:25:bc:a2:
8f:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:4B:93:AE:AC:33:E6:1D:ED:87:4E:41:69:4E:29:49:11:9E:A4:7A
X509v3 Authority Key Identifier:
keyid:22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/DkuTrqwz5h3th05BaU4pSRGepHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.28.56.0/21
Signature Algorithm: sha256WithRSAEncryption
ae:30:b0:d9:b3:64:93:95:42:fe:34:33:d7:f4:fe:0e:74:fd:
67:5d:d7:89:20:d2:09:8e:21:74:83:29:43:1b:10:06:f1:07:
c6:af:a4:c4:5c:34:5e:d1:53:08:1e:3d:f9:41:2e:c2:f6:0a:
28:64:b0:2b:11:24:7a:46:83:5e:5b:c7:c1:06:14:f6:a1:ec:
39:47:8b:ef:86:9f:60:74:65:7d:19:3f:74:d7:15:02:95:4c:
0f:5a:d0:60:d2:52:5a:f9:0d:ed:73:fc:73:f7:4d:25:4d:7d:
03:9b:01:b7:e8:a5:53:0d:68:34:8d:eb:f5:6c:b1:ac:fc:14:
88:7b:6d:b6:71:8f:31:3c:d2:fd:52:aa:5a:1c:1a:a8:b7:cd:
c0:a0:e9:9e:50:1c:2f:9d:65:fe:37:6a:85:69:3e:69:b9:b6:
9c:c4:18:b5:c0:ff:a2:74:21:c3:15:60:10:7a:64:74:c7:9a:
72:e3:6e:31:ea:51:da:a4:d2:b5:95:56:df:9f:3d:d0:ea:10:
a0:68:5c:b4:e7:f0:a3:24:73:53:db:cb:6a:23:90:05:99:61:
8e:62:e9:f3:22:20:b1:c0:36:29:10:76:d9:c8:d8:7a:0d:5f:
65:d7:2d:c7:0b:94:44:72:42:fa:0f:f0:29:b4:bb:43:ed:7c:
50:be:37:74
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAsHAbzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmYzNDRhNjNkY2I3MGU4OTA1N2RlYjhlMjc2MWRjNDUxNjU4ODFhMB4XDTIyMDEw
MTExNTgwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGU0YjkzYWVhYzMz
ZTYxZGVkODc0ZTQxNjk0ZTI5NDkxMTllYTQ3YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMcUulchYWl2fAMhrrRkuZYzKJmSwhjhn6tHVCLMD46fJemK
R5IqK7rLnIr6Nunp4NRKSluykLzgXem0zFnsrX26c+Rwv/+MEVOYoquoW6ZAozyh
a+/kCkrB4eMvtjdLbX3r/MISEj/FLJD0v557zOtD5e/jy9VtpmsCER1FKRBIC2FF
E5S2Xyb6pFuyzzeTgmhv7IggNZXw0iCHwoO+iUBOhKTxujxCj52xmENrnuvNmfVO
tpfNkL/lewFF7dC8CbvCshpNUn9tYxOZDViDHupO2vv1Z+qrKLnvDV4KenuifLgd
4v/xp1zVyhRfP821cm0NYLGNPvqW7cMSJbyij5UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQOS5OurDPmHe2HTkFpTilJEZ6kejAfBgNVHSMEGDAWgBQi80SmPctw6JBX
3rjidh3EUWWIGjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0l2TkVwajNMY09pUVY5NjQ0bllkeEZGbGlCby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjYvNTM2MGU3LWYwMmEtNDczNy05OWM3LWZlYmI2NGI1ZTE2NC8x
L0RrdVRycXd6NWgzdGgwNUJhVTRwU1JHZXBIby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYv
NTM2MGU3LWYwMmEtNDczNy05OWM3LWZlYmI2NGI1ZTE2NC8xL0l2TkVwajNMY09p
UVY5NjQ0bllkeEZGbGlCby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA1UcODANBgkqhkiG9w0BAQsFAAOC
AQEArjCw2bNkk5VC/jQz1/T+DnT9Z13XiSDSCY4hdIMpQxsQBvEHxq+kxFw0XtFT
CB49+UEuwvYKKGSwKxEkekaDXlvHwQYU9qHsOUeL74afYHRlfRk/dNcVApVMD1rQ
YNJSWvkN7XP8c/dNJU19A5sBt+ilUw1oNI3r9WyxrPwUiHtttnGPMTzS/VKqWhwa
qLfNwKDpnlAcL51l/jdqhWk+abm2nMQYtcD/onQhwxVgEHpkdMeacuNuMepR2qTS
tZVW35890OoQoGhctOfwoyRzU9vLaiOQBZlhjmLp8yIgscA2KRB22cjYeg1fZdct
xwuURHJC+g/wKbS7Q+18UL43dA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:38 2023 by rpki-client on console-fra.rpki-client.org