Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/ffcb25-145e-4ef8-9046-4ec1abe085ef/1/xMPbnvp-n1Dxvx6KHo6JcB0h3zU.roa
File: xMPbnvp-n1Dxvx6KHo6JcB0h3zU.roa (raw, json)
Hash identifier: nLAQ2RrQ+TMcQwpaMAFzWZJYU5bvjOmS0CiwYS7fzQA=
Subject key identifier: C4:C3:DB:9E:FA:7E:9F:50:F1:BF:1E:8A:1E:8E:89:70:1D:21:DF:35
Certificate issuer: /CN=f2b98f584bc1234780a2c47fc88324d49ee0e6f4
Certificate serial: 0185704BE18B136AEEE6B53255FD27E4D499
Authority key identifier: F2:B9:8F:58:4B:C1:23:47:80:A2:C4:7F:C8:83:24:D4:9E:E0:E6:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8rmPWEvBI0eAosR_yIMk1J7g5vQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/ffcb25-145e-4ef8-9046-4ec1abe085ef/1/xMPbnvp-n1Dxvx6KHo6JcB0h3zU.roa
Signing time: Mon 02 Jan 2023 02:24:59 +0000
ROA not before: Mon 02 Jan 2023 02:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8220
IP address blocks: 46.28.184.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:e1:8b:13:6a:ee:e6:b5:32:55:fd:27:e4:d4:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2b98f584bc1234780a2c47fc88324d49ee0e6f4
Validity
Not Before: Jan 2 02:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4c3db9efa7e9f50f1bf1e8a1e8e89701d21df35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:d9:3b:3a:bd:8c:a5:49:1a:07:c5:6f:cd:af:
46:fb:42:89:35:5a:9f:31:75:23:5b:f1:b5:84:56:
f9:dc:d1:0b:bd:86:b1:52:71:99:1d:ca:12:5b:ed:
4b:38:cd:82:e9:c2:78:54:86:d1:ad:32:2b:e2:f7:
9c:03:5f:ee:27:eb:d7:c2:15:60:e5:13:7e:92:e9:
02:3a:f6:86:db:98:2a:00:66:04:f3:06:a9:e0:2f:
bf:dc:c3:48:dd:fb:63:80:37:2f:d5:df:1f:5d:b8:
e5:6c:0f:9a:33:ba:5a:fd:61:be:11:1f:5f:b1:64:
6b:3a:5a:6e:cc:53:cf:72:6d:01:79:64:81:79:72:
f7:f2:61:36:e5:ca:f3:72:1f:59:57:d5:9a:3c:b8:
12:52:f5:cc:0a:a4:c9:f1:75:45:10:e1:ad:2d:75:
37:69:6a:a8:5d:ba:58:9e:e4:b3:33:e5:6c:80:6d:
41:93:e7:90:d4:52:67:6d:7a:cb:9c:4a:d6:4c:47:
93:71:a4:e6:31:d4:54:62:a8:19:9f:f8:77:35:b4:
ca:0d:9f:86:40:45:b0:a8:dc:99:89:93:24:85:99:
7d:54:ca:f7:13:7f:c6:80:24:2f:de:46:c7:65:81:
54:ba:62:60:f2:35:b1:97:a6:91:77:e4:31:f0:e7:
47:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:C3:DB:9E:FA:7E:9F:50:F1:BF:1E:8A:1E:8E:89:70:1D:21:DF:35
X509v3 Authority Key Identifier:
keyid:F2:B9:8F:58:4B:C1:23:47:80:A2:C4:7F:C8:83:24:D4:9E:E0:E6:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8rmPWEvBI0eAosR_yIMk1J7g5vQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/ffcb25-145e-4ef8-9046-4ec1abe085ef/1/xMPbnvp-n1Dxvx6KHo6JcB0h3zU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/ffcb25-145e-4ef8-9046-4ec1abe085ef/1/8rmPWEvBI0eAosR_yIMk1J7g5vQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.184.0/24
Signature Algorithm: sha256WithRSAEncryption
53:0b:bf:1d:87:8e:fb:20:79:0d:57:b4:d3:4f:81:d1:49:b8:
93:23:d2:ff:48:46:e4:d3:cc:46:06:8d:d5:06:a8:36:d7:af:
9d:41:00:fb:0f:fd:ee:85:9b:3e:5b:db:29:63:bb:2b:23:92:
7d:2f:92:a5:03:80:49:d5:d9:3f:19:4c:65:e0:4d:a2:15:c2:
04:a2:83:24:be:b6:af:c9:43:f9:04:74:f1:62:60:a3:93:fd:
2e:13:f3:4f:5d:c3:d6:42:24:a9:a1:3a:54:d4:ca:6e:61:ae:
cb:e1:2f:05:d2:d5:01:6d:23:ec:01:b2:f4:32:ea:d1:1e:d7:
f8:61:b8:77:02:e4:bc:c7:73:e1:42:41:38:0b:6f:c6:e1:73:
e8:69:30:0e:35:74:b6:3e:e4:f9:df:e7:92:fb:0a:46:17:4e:
37:4b:fa:88:10:cc:34:44:c5:37:32:25:e0:3c:a9:58:42:67:
67:39:56:a3:b5:d4:8c:be:45:68:aa:88:10:d0:62:35:9e:f4:
64:e6:1d:c4:56:41:2c:84:a8:07:c7:f4:a1:6c:cb:d1:84:da:
b3:06:fe:9f:04:7d:5c:8d:0e:f7:c3:14:97:54:6b:ab:87:da:
8d:1d:b5:51:aa:e2:71:85:cc:e2:41:03:45:ba:60:04:5c:d5:
a6:2f:fb:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwS+GLE2ru5rUyVf0n5NSZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyYjk4ZjU4NGJjMTIzNDc4MGEyYzQ3ZmM4ODMyNGQ0OWVl
MGU2ZjQwHhcNMjMwMTAyMDIyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGMzZGI5ZWZhN2U5ZjUwZjFiZjFlOGExZThlODk3MDFkMjFkZjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9k7Or2MpUkaB8Vvza9G+0KJNVqf
MXUjW/G1hFb53NELvYaxUnGZHcoSW+1LOM2C6cJ4VIbRrTIr4vecA1/uJ+vXwhVg
5RN+kukCOvaG25gqAGYE8wap4C+/3MNI3ftjgDcv1d8fXbjlbA+aM7pa/WG+ER9f
sWRrOlpuzFPPcm0BeWSBeXL38mE25crzch9ZV9WaPLgSUvXMCqTJ8XVFEOGtLXU3
aWqoXbpYnuSzM+VsgG1Bk+eQ1FJnbXrLnErWTEeTcaTmMdRUYqgZn/h3NbTKDZ+G
QEWwqNyZiZMkhZl9VMr3E3/GgCQv3kbHZYFUumJg8jWxl6aRd+Qx8OdHCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMTD2576fp9Q8b8eih6OiXAdId81MB8GA1UdIwQY
MBaAFPK5j1hLwSNHgKLEf8iDJNSe4Ob0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHJtUFdFdkJJMGVBb3NSX3lJTWsxSjdnNXZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9mZmNiMjUtMTQ1ZS00ZWY4LTkwNDYt
NGVjMWFiZTA4NWVmLzEveE1QYm52cC1uMUR4dng2S0hvNkpjQjBoM3pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9mZmNiMjUtMTQ1ZS00ZWY4LTkwNDYtNGVjMWFiZTA4NWVm
LzEvOHJtUFdFdkJJMGVBb3NSX3lJTWsxSjdnNXZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALhy4MA0G
CSqGSIb3DQEBCwUAA4IBAQBTC78dh477IHkNV7TTT4HRSbiTI9L/SEbk08xGBo3V
Bqg216+dQQD7D/3uhZs+W9spY7srI5J9L5KlA4BJ1dk/GUxl4E2iFcIEooMkvrav
yUP5BHTxYmCjk/0uE/NPXcPWQiSpoTpU1MpuYa7L4S8F0tUBbSPsAbL0MurRHtf4
Ybh3AuS8x3PhQkE4C2/G4XPoaTAONXS2PuT53+eS+wpGF043S/qIEMw0RMU3MiXg
PKlYQmdnOVajtdSMvkVoqogQ0GI1nvRk5h3EVkEshKgHx/ShbMvRhNqzBv6fBH1c
jQ73wxSXVGurh9qNHbVRquJxhcziQQNFumAEXNWmL/tP
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:34:27 2025 by rpki-client