Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/y2H6mCfBIWehhl5vP91NdQXsfGo.roa
File: y2H6mCfBIWehhl5vP91NdQXsfGo.roa (raw, json)
Hash identifier: yL2JrB1t2jZZTKGzFJ282k1fcDgId359bW9nOSDhiUk=
Subject key identifier: CB:61:FA:98:27:C1:21:67:A1:86:5E:6F:3F:DD:4D:75:05:EC:7C:6A
Certificate issuer: /CN=22f344a63dcb70e89057deb8e2761dc45165881a
Certificate serial: 0374433C
Authority key identifier: 22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/y2H6mCfBIWehhl5vP91NdQXsfGo.roa
Signing time: Fri 18 Mar 2022 09:35:08 +0000
ROA not before: Fri 18 Mar 2022 09:35:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9009
IP address blocks: 85.28.56.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57951036 (0x374433c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f344a63dcb70e89057deb8e2761dc45165881a
Validity
Not Before: Mar 18 09:35:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cb61fa9827c12167a1865e6f3fdd4d7505ec7c6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:0a:f7:49:65:0d:41:62:70:65:f0:d6:e1:e0:
92:d0:7b:d0:8d:7e:17:bb:9a:90:ff:3e:cb:5d:64:
7a:b8:24:c9:66:d1:68:ff:b7:a3:71:a7:e2:48:93:
c3:95:c2:1f:02:00:78:21:2e:41:37:42:fe:f0:a1:
0b:be:61:90:c1:79:62:4d:69:3e:2e:6e:2b:e0:f5:
46:2f:55:17:c0:b9:97:61:91:09:96:f8:2b:bd:70:
f5:22:7a:13:a3:a3:b2:bd:4a:82:04:61:e5:c1:e0:
31:0c:ee:9f:a3:ca:87:59:7b:b5:15:ce:1c:86:e7:
85:e5:6c:23:1a:99:06:39:ee:c5:b5:86:75:28:39:
d2:17:6f:d4:00:64:92:c9:41:ff:1b:e7:f5:41:00:
b7:dc:52:42:2b:7e:21:fa:c4:99:49:ae:4d:64:18:
54:2c:0b:83:77:2b:1d:2c:5f:69:6f:dc:35:25:7f:
4f:e0:9e:4a:10:10:44:7c:6f:dd:1a:1c:4b:bb:4b:
39:9c:96:78:05:03:10:f3:f9:d7:c8:2c:74:86:3a:
c2:fe:d6:b0:eb:a1:c9:13:4a:b5:e9:25:ff:8f:54:
da:dd:f1:26:65:d2:70:63:63:06:32:73:e7:8c:97:
b9:7a:6e:33:eb:d8:9d:08:17:ef:69:48:76:9c:43:
ab:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:61:FA:98:27:C1:21:67:A1:86:5E:6F:3F:DD:4D:75:05:EC:7C:6A
X509v3 Authority Key Identifier:
keyid:22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/y2H6mCfBIWehhl5vP91NdQXsfGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.28.56.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:5c:d4:4d:0d:af:ce:e2:53:79:ba:96:3f:bb:f4:7a:e1:38:
d6:00:8d:7d:ca:1c:89:af:9b:2f:33:56:64:56:10:e9:8d:f1:
8e:22:2a:f6:2d:ee:86:10:b7:f5:31:21:33:aa:67:28:60:93:
ae:d0:58:84:6d:45:75:36:93:3b:61:8c:bc:98:0c:b0:fd:ef:
19:92:df:22:e1:e6:84:9a:7e:3c:66:b0:50:b2:b4:c3:da:6d:
94:f5:96:7a:09:d9:cb:4c:9e:ba:e7:ef:60:3c:94:52:92:84:
7c:12:92:47:00:90:ac:8f:eb:eb:be:45:e0:0b:c0:18:9e:3c:
ad:c0:0f:9f:d9:ac:85:66:f4:83:74:25:3f:75:cc:cb:19:03:
0f:85:85:62:e3:40:12:ab:59:1f:d8:92:d7:6c:a9:15:60:ba:
78:5b:66:fb:ba:57:7d:8e:f3:4b:51:3b:ea:f3:27:6d:0f:94:
72:a7:72:9b:05:88:a9:72:82:b9:60:67:9b:e3:75:74:cb:4b:
39:a6:3c:2e:d0:1f:b0:6c:88:7f:92:fd:f0:90:83:53:1b:94:
bb:5a:6c:44:9b:a2:bc:c4:f5:92:6e:60:28:bb:64:97:9d:5d:
90:ab:27:a8:a0:74:9b:27:aa:82:c9:94:77:79:f5:69:de:df:
3c:3a:c2:c0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA3RDPDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmYzNDRhNjNkY2I3MGU4OTA1N2RlYjhlMjc2MWRjNDUxNjU4ODFhMB4XDTIyMDMx
ODA5MzUwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2I2MWZhOTgyN2Mx
MjE2N2ExODY1ZTZmM2ZkZDRkNzUwNWVjN2M2YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL8K90llDUFicGXw1uHgktB70I1+F7uakP8+y11kergkyWbR
aP+3o3Gn4kiTw5XCHwIAeCEuQTdC/vChC75hkMF5Yk1pPi5uK+D1Ri9VF8C5l2GR
CZb4K71w9SJ6E6Ojsr1KggRh5cHgMQzun6PKh1l7tRXOHIbnheVsIxqZBjnuxbWG
dSg50hdv1ABkkslB/xvn9UEAt9xSQit+IfrEmUmuTWQYVCwLg3crHSxfaW/cNSV/
T+CeShAQRHxv3RocS7tLOZyWeAUDEPP518gsdIY6wv7WsOuhyRNKtekl/49U2t3x
JmXScGNjBjJz54yXuXpuM+vYnQgX72lIdpxDqw0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTLYfqYJ8EhZ6GGXm8/3U11Bex8ajAfBgNVHSMEGDAWgBQi80SmPctw6JBX
3rjidh3EUWWIGjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0l2TkVwajNMY09pUVY5NjQ0bllkeEZGbGlCby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjYvNTM2MGU3LWYwMmEtNDczNy05OWM3LWZlYmI2NGI1ZTE2NC8x
L3kySDZtQ2ZCSVdlaGhsNXZQOTFOZFFYc2ZHby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYv
NTM2MGU3LWYwMmEtNDczNy05OWM3LWZlYmI2NGI1ZTE2NC8xL0l2TkVwajNMY09p
UVY5NjQ0bllkeEZGbGlCby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlUcODANBgkqhkiG9w0BAQsFAAOC
AQEAPVzUTQ2vzuJTebqWP7v0euE41gCNfcocia+bLzNWZFYQ6Y3xjiIq9i3uhhC3
9TEhM6pnKGCTrtBYhG1FdTaTO2GMvJgMsP3vGZLfIuHmhJp+PGawULK0w9ptlPWW
egnZy0yeuufvYDyUUpKEfBKSRwCQrI/r675F4AvAGJ48rcAPn9mshWb0g3QlP3XM
yxkDD4WFYuNAEqtZH9iS12ypFWC6eFtm+7pXfY7zS1E76vMnbQ+UcqdymwWIqXKC
uWBnm+N1dMtLOaY8LtAfsGyIf5L98JCDUxuUu1psRJuivMT1km5gKLtkl51dkKsn
qKB0myeqgsmUd3n1ad7fPDrCwA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:32 2023 by rpki-client on console-ams.rpki-client.org