Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/c8Gz5GC5g5_HjS5b6HSnrRQzDwM.roa
File: c8Gz5GC5g5_HjS5b6HSnrRQzDwM.roa (raw, json)
Hash identifier: +r36v4u5DBN7ZXRj32hbnO8ed3it0TAjmoV+zbJ12qk=
Subject key identifier: 73:C1:B3:E4:60:B9:83:9F:C7:8D:2E:5B:E8:74:A7:AD:14:33:0F:03
Certificate issuer: /CN=22f344a63dcb70e89057deb8e2761dc45165881a
Certificate serial: 02C537A9
Authority key identifier: 22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/c8Gz5GC5g5_HjS5b6HSnrRQzDwM.roa
Signing time: Sat 01 Jan 2022 11:58:05 +0000
ROA not before: Sat 01 Jan 2022 11:58:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213296
IP address blocks: 85.28.48.0/22 maxlen: 22
85.28.56.0/22 maxlen: 22
85.28.54.0/23 maxlen: 23
85.28.52.0/23 maxlen: 23
85.28.52.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46479273 (0x2c537a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f344a63dcb70e89057deb8e2761dc45165881a
Validity
Not Before: Jan 1 11:58:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=73c1b3e460b9839fc78d2e5be874a7ad14330f03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:e1:17:75:b3:4c:cd:eb:46:3f:44:43:64:98:
53:0a:1d:65:1e:a6:9a:91:53:3f:5f:c3:56:90:b0:
3d:00:34:de:3f:4a:66:22:7f:5d:79:5f:b8:20:01:
d5:ca:31:b0:34:b3:5c:09:d3:00:c5:0b:f1:c0:fa:
a2:24:66:7d:27:8a:95:8c:14:07:77:b6:7f:f9:5a:
9e:58:1d:5e:f1:7f:6e:43:a3:10:9a:e0:f0:a3:71:
0a:49:cd:c8:f9:7b:92:ce:3f:c1:a7:08:34:f0:ca:
d3:33:d1:fd:65:89:6d:d1:28:4d:16:5f:b3:f2:de:
e4:7b:6f:ec:98:07:b2:f1:c2:11:f0:a5:4e:57:53:
73:05:d9:ad:83:e1:5e:9a:80:1c:0a:c6:db:eb:ff:
24:47:e5:2e:b8:1d:52:2f:08:e1:cf:f5:cf:1e:51:
29:7a:ca:68:54:7f:a1:bc:9c:8f:ef:2d:c6:bb:54:
03:35:74:d1:5f:26:81:79:d3:3b:7d:33:6c:a6:b9:
80:bd:9f:cb:7f:24:1e:d2:e0:ab:5c:ba:5b:2a:ce:
00:09:0e:da:00:12:7b:d2:a7:65:ba:01:56:61:a6:
d9:be:9a:8b:92:8e:e5:05:92:3b:df:bf:e3:48:60:
fa:9c:0b:df:38:f5:a8:40:09:91:23:c4:da:da:b0:
f7:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:C1:B3:E4:60:B9:83:9F:C7:8D:2E:5B:E8:74:A7:AD:14:33:0F:03
X509v3 Authority Key Identifier:
keyid:22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/c8Gz5GC5g5_HjS5b6HSnrRQzDwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.28.48.0-85.28.59.255
Signature Algorithm: sha256WithRSAEncryption
c9:08:29:06:03:64:27:bd:7d:de:79:db:bd:9d:8b:6b:d3:b0:
d5:7b:da:82:f6:18:d8:46:e2:a3:0e:fd:c9:7a:91:76:6e:76:
f2:71:fc:a8:5f:9e:7d:d0:a4:df:3f:01:fd:ee:58:11:3a:28:
ec:38:41:e2:9a:11:33:e4:3e:b3:eb:06:83:55:a8:83:76:4e:
df:d9:cb:8b:8b:fb:ae:5c:46:be:6f:0c:fc:9c:ae:5b:3a:00:
7c:9a:db:4b:3d:da:4f:ef:a2:59:cd:76:48:7e:c5:9f:bb:9e:
b5:13:d9:47:87:16:b7:ce:30:9c:81:50:7b:8e:94:13:12:f9:
5b:43:10:93:28:2d:d0:32:76:58:94:f6:a8:84:51:3c:64:ae:
27:fb:81:2e:e4:66:7e:e0:0d:14:d5:2d:83:96:2b:c4:96:4c:
38:60:77:dc:bc:3a:10:c8:08:bd:14:2d:0e:c9:4e:ea:0e:21:
f3:70:73:5f:a1:3e:5b:98:a8:95:67:2e:a0:2a:92:d4:20:a4:
11:86:49:19:5c:f4:12:b2:ce:35:20:a7:4e:00:74:9e:84:5f:
75:b9:ce:6b:29:c2:32:d1:f4:f5:e9:a4:0a:c7:56:3c:6a:a2:
a5:61:d3:52:07:13:9a:4d:e9:2d:ce:7a:31:55:44:51:52:99:
06:77:34:25
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEAsU3qTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmYzNDRhNjNkY2I3MGU4OTA1N2RlYjhlMjc2MWRjNDUxNjU4ODFhMB4XDTIyMDEw
MTExNTgwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzNjMWIzZTQ2MGI5
ODM5ZmM3OGQyZTViZTg3NGE3YWQxNDMzMGYwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANfhF3WzTM3rRj9EQ2SYUwodZR6mmpFTP1/DVpCwPQA03j9K
ZiJ/XXlfuCAB1coxsDSzXAnTAMUL8cD6oiRmfSeKlYwUB3e2f/lanlgdXvF/bkOj
EJrg8KNxCknNyPl7ks4/wacINPDK0zPR/WWJbdEoTRZfs/Le5Htv7JgHsvHCEfCl
TldTcwXZrYPhXpqAHArG2+v/JEflLrgdUi8I4c/1zx5RKXrKaFR/obycj+8txrtU
AzV00V8mgXnTO30zbKa5gL2fy38kHtLgq1y6WyrOAAkO2gASe9KnZboBVmGm2b6a
i5KO5QWSO9+/40hg+pwL3zj1qEAJkSPE2tqw90ECAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBRzwbPkYLmDn8eNLlvodKetFDMPAzAfBgNVHSMEGDAWgBQi80SmPctw6JBX
3rjidh3EUWWIGjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0l2TkVwajNMY09pUVY5NjQ0bllkeEZGbGlCby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjYvNTM2MGU3LWYwMmEtNDczNy05OWM3LWZlYmI2NGI1ZTE2NC8x
L2M4R3o1R0M1ZzVfSGpTNWI2SFNuclJRekR3TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYv
NTM2MGU3LWYwMmEtNDczNy05OWM3LWZlYmI2NGI1ZTE2NC8xL0l2TkVwajNMY09p
UVY5NjQ0bllkeEZGbGlCby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQEVRwwAwQCVRw4MA0GCSqGSIb3
DQEBCwUAA4IBAQDJCCkGA2QnvX3eedu9nYtr07DVe9qC9hjYRuKjDv3JepF2bnby
cfyoX5590KTfPwH97lgROijsOEHimhEz5D6z6waDVaiDdk7f2cuLi/uuXEa+bwz8
nK5bOgB8mttLPdpP76JZzXZIfsWfu561E9lHhxa3zjCcgVB7jpQTEvlbQxCTKC3Q
MnZYlPaohFE8ZK4n+4Eu5GZ+4A0U1S2DlivElkw4YHfcvDoQyAi9FC0OyU7qDiHz
cHNfoT5bmKiVZy6gKpLUIKQRhkkZXPQSss41IKdOAHSehF91uc5rKcIy0fT16aQK
x1Y8aqKlYdNSBxOaTektznoxVURRUpkGdzQl
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:32 2023 by rpki-client on console-ams.rpki-client.org