Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8112ff-b216-406f-8f59-72a082cdb182/1/brJCpCOGKdYUQRNXXwOgZwC3xY4.roa
File: brJCpCOGKdYUQRNXXwOgZwC3xY4.roa (raw, json)
Hash identifier: rIIVT2bv61XGdtLtO43/oHF7QQ8xca2cmTL3kZ+5wu8=
Subject key identifier: 6E:B2:42:A4:23:86:29:D6:14:41:13:57:5F:03:A0:67:00:B7:C5:8E
Certificate issuer: /CN=aace6725a0a0ddd1680480a83785d2cd57bf6ab0
Certificate serial: 0186E537D5A0000A9DBE597AC36C7ED1D2B7
Authority key identifier: AA:CE:67:25:A0:A0:DD:D1:68:04:80:A8:37:85:D2:CD:57:BF:6A:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qs5nJaCg3dFoBICoN4XSzVe_arA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8112ff-b216-406f-8f59-72a082cdb182/1/brJCpCOGKdYUQRNXXwOgZwC3xY4.roa
Signing time: Wed 15 Mar 2023 12:21:27 +0000
ROA not before: Wed 15 Mar 2023 12:21:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200443
IP address blocks: 46.28.236.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e5:37:d5:a0:00:0a:9d:be:59:7a:c3:6c:7e:d1:d2:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aace6725a0a0ddd1680480a83785d2cd57bf6ab0
Validity
Not Before: Mar 15 12:21:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6eb242a4238629d6144113575f03a06700b7c58e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2c:aa:55:45:5d:13:61:ef:19:a9:d5:e9:83:
28:e5:a3:1e:44:88:a1:72:7c:6e:6e:70:1a:6e:44:
33:61:1d:78:74:26:c6:26:e8:53:2b:66:44:5f:85:
66:44:7a:8c:9e:26:ee:3a:81:91:ba:ce:28:d0:c0:
63:77:36:ce:2a:e6:0c:fc:cf:cb:bf:f3:6d:ed:48:
3c:c6:2b:7d:0f:4d:cb:33:83:8c:a4:ad:80:05:ae:
ff:38:9f:20:de:c1:ec:d6:ca:38:bd:65:f9:fb:64:
c7:14:67:fd:64:00:9c:03:3f:eb:06:98:7a:c3:e5:
f1:6d:09:1e:4a:5e:0c:7e:fb:31:c2:61:a0:29:7c:
37:3d:f4:1f:ec:b9:3b:ec:e5:8f:3b:23:4f:37:4a:
42:c1:cd:ef:63:75:10:e7:1e:7f:38:f8:7c:ac:76:
af:f3:c7:19:20:96:e1:1d:de:96:c7:63:94:51:ce:
cb:60:54:db:8f:23:ae:75:a5:9e:5c:2f:b3:d3:a3:
cb:ea:d8:26:58:81:db:87:7d:c2:68:80:18:2d:38:
c5:d3:03:c7:b8:55:92:5e:38:2c:ef:b5:3e:e0:8e:
ae:38:29:da:3b:a4:1a:0a:74:0c:17:25:07:40:46:
33:37:4c:41:fa:0f:9f:57:ee:21:82:1a:04:93:3d:
3b:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:B2:42:A4:23:86:29:D6:14:41:13:57:5F:03:A0:67:00:B7:C5:8E
X509v3 Authority Key Identifier:
keyid:AA:CE:67:25:A0:A0:DD:D1:68:04:80:A8:37:85:D2:CD:57:BF:6A:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qs5nJaCg3dFoBICoN4XSzVe_arA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8112ff-b216-406f-8f59-72a082cdb182/1/brJCpCOGKdYUQRNXXwOgZwC3xY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8112ff-b216-406f-8f59-72a082cdb182/1/qs5nJaCg3dFoBICoN4XSzVe_arA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.236.0/24
Signature Algorithm: sha256WithRSAEncryption
32:a9:b7:78:7d:fc:98:81:e5:35:dd:f1:76:af:b2:f9:d4:01:
0d:99:48:fb:9a:f2:d6:8c:bb:eb:5b:43:e9:60:10:a5:0d:b0:
24:1e:0f:01:89:1e:a0:f4:0d:fd:6a:a0:79:fb:30:e8:b3:69:
5a:4b:0c:4e:2b:17:21:bd:16:54:c5:9d:0a:59:a4:38:9d:11:
5c:cf:c7:1e:60:2d:ae:83:69:10:19:34:13:3e:84:9b:41:6f:
25:92:2b:0c:b0:cf:0e:45:b4:85:48:81:55:cf:31:25:fa:df:
02:9f:f3:71:8e:10:a9:99:a7:54:33:0d:a5:70:81:f8:31:93:
b8:ae:08:a4:79:f1:fd:a2:68:b3:36:c9:dd:72:da:5a:46:c8:
7a:b1:b5:3d:76:5e:b9:b7:51:82:d3:06:9e:99:97:29:9f:68:
27:e2:d1:50:51:92:11:a1:d4:9c:9a:ef:a4:0a:ce:42:29:07:
28:90:98:ad:e2:37:a8:9c:10:f2:79:80:a3:61:a5:01:4d:93:
1f:01:89:2c:7c:ec:c6:16:2c:31:aa:2f:e5:29:bb:2d:28:87:
dd:5a:c5:79:a5:5c:a1:63:dd:72:b6:b0:53:5e:30:9b:45:3a:
d7:51:e9:0c:b5:e5:cf:a0:4c:24:91:43:d2:25:05:e2:d6:6e:
94:66:65:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYblN9WgAAqdvll6w2x+0dK3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhY2U2NzI1YTBhMGRkZDE2ODA0ODBhODM3ODVkMmNkNTdi
ZjZhYjAwHhcNMjMwMzE1MTIyMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWIyNDJhNDIzODYyOWQ2MTQ0MTEzNTc1ZjAzYTA2NzAwYjdjNThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyyqVUVdE2HvGanV6YMo5aMeRIih
cnxubnAabkQzYR14dCbGJuhTK2ZEX4VmRHqMnibuOoGRus4o0MBjdzbOKuYM/M/L
v/Nt7Ug8xit9D03LM4OMpK2ABa7/OJ8g3sHs1so4vWX5+2THFGf9ZACcAz/rBph6
w+XxbQkeSl4MfvsxwmGgKXw3PfQf7Lk77OWPOyNPN0pCwc3vY3UQ5x5/OPh8rHav
88cZIJbhHd6Wx2OUUc7LYFTbjyOudaWeXC+z06PL6tgmWIHbh33CaIAYLTjF0wPH
uFWSXjgs77U+4I6uOCnaO6QaCnQMFyUHQEYzN0xB+g+fV+4hghoEkz07wwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG6yQqQjhinWFEETV18DoGcAt8WOMB8GA1UdIwQY
MBaAFKrOZyWgoN3RaASAqDeF0s1Xv2qwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXM1bkphQ2czZEZvQklDb040WFN6VmVfYXJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84MTEyZmYtYjIxNi00MDZmLThmNTkt
NzJhMDgyY2RiMTgyLzEvYnJKQ3BDT0dLZFlVUVJOWFh3T2dad0MzeFk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84MTEyZmYtYjIxNi00MDZmLThmNTktNzJhMDgyY2RiMTgy
LzEvcXM1bkphQ2czZEZvQklDb040WFN6VmVfYXJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALhzsMA0G
CSqGSIb3DQEBCwUAA4IBAQAyqbd4ffyYgeU13fF2r7L51AENmUj7mvLWjLvrW0Pp
YBClDbAkHg8BiR6g9A39aqB5+zDos2laSwxOKxchvRZUxZ0KWaQ4nRFcz8ceYC2u
g2kQGTQTPoSbQW8lkisMsM8ORbSFSIFVzzEl+t8Cn/NxjhCpmadUMw2lcIH4MZO4
rgikefH9omizNsndctpaRsh6sbU9dl65t1GC0waemZcpn2gn4tFQUZIRodScmu+k
Cs5CKQcokJit4jeonBDyeYCjYaUBTZMfAYksfOzGFiwxqi/lKbstKIfdWsV5pVyh
Y91ytrBTXjCbRTrXUekMteXPoEwkkUPSJQXi1m6UZmWu
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:39:19 2025 by rpki-client