Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/f9342c-57a9-48f3-9e67-8a3d8dc358eb/1/iRgzZPCTi1NfI0MUTFWOOhcdw7c.roa
File: iRgzZPCTi1NfI0MUTFWOOhcdw7c.roa (raw, json)
Hash identifier: v/Z2Q4wbEB4g10g0z4cpHDJmWXvjImtCXGclKiGjX08=
Subject key identifier: 89:18:33:64:F0:93:8B:53:5F:23:43:14:4C:55:8E:3A:17:1D:C3:B7
Certificate issuer: /CN=4285821bb7a8445efbf433d4c19890a7fa949fa8
Certificate serial: 0185703961E51EE3B5C30ED3750428A011B6
Authority key identifier: 42:85:82:1B:B7:A8:44:5E:FB:F4:33:D4:C1:98:90:A7:FA:94:9F:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QoWCG7eoRF779DPUwZiQp_qUn6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/f9342c-57a9-48f3-9e67-8a3d8dc358eb/1/iRgzZPCTi1NfI0MUTFWOOhcdw7c.roa
Signing time: Mon 02 Jan 2023 02:04:46 +0000
ROA not before: Mon 02 Jan 2023 02:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3356
IP address blocks: 139.28.192.0/22 maxlen: 22
139.28.192.0/23 maxlen: 23
139.28.194.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:61:e5:1e:e3:b5:c3:0e:d3:75:04:28:a0:11:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4285821bb7a8445efbf433d4c19890a7fa949fa8
Validity
Not Before: Jan 2 02:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89183364f0938b535f2343144c558e3a171dc3b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:86:63:5d:fd:98:53:13:64:cb:53:f2:b9:49:
6d:1b:3f:63:76:7f:0c:ab:7b:4a:bc:2d:2b:7e:da:
dd:84:3b:4e:24:60:db:b8:a1:17:ba:4c:b1:05:43:
67:4b:63:59:3f:a2:d5:49:17:23:fa:64:7d:6f:eb:
76:b2:30:da:41:60:39:48:9b:68:d7:d4:a6:11:a4:
f5:60:64:b8:91:a4:e3:a2:06:0f:69:82:56:24:fe:
a7:d6:48:9b:06:fd:b5:44:b8:80:d5:cd:04:5d:71:
c3:84:14:78:7f:fe:dc:42:81:c4:94:d5:34:26:7e:
2d:f5:84:e9:f3:96:54:0c:78:e7:3e:d1:d0:b6:45:
bb:40:7c:ec:1f:28:03:02:39:fb:bb:14:d7:5e:dd:
60:4e:90:6e:b5:45:0a:bf:49:69:7e:7b:4b:31:2a:
ac:98:ea:ca:67:a4:1f:b5:6e:56:2f:df:de:fa:54:
49:51:1c:c0:a1:32:ae:1d:70:21:d2:d2:40:fd:75:
f8:39:0d:51:3f:88:28:26:4c:d1:8a:7f:41:7e:b2:
fd:79:15:d1:70:8f:f4:31:93:6e:da:a5:7f:d5:95:
7e:87:be:51:ca:1b:cd:3b:b9:4e:75:86:79:8c:02:
f0:66:87:f3:9f:ec:70:9c:69:fe:79:d4:d2:84:ab:
50:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:18:33:64:F0:93:8B:53:5F:23:43:14:4C:55:8E:3A:17:1D:C3:B7
X509v3 Authority Key Identifier:
keyid:42:85:82:1B:B7:A8:44:5E:FB:F4:33:D4:C1:98:90:A7:FA:94:9F:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QoWCG7eoRF779DPUwZiQp_qUn6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/f9342c-57a9-48f3-9e67-8a3d8dc358eb/1/iRgzZPCTi1NfI0MUTFWOOhcdw7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/f9342c-57a9-48f3-9e67-8a3d8dc358eb/1/QoWCG7eoRF779DPUwZiQp_qUn6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.192.0/22
Signature Algorithm: sha256WithRSAEncryption
84:ff:75:df:de:e2:67:91:6b:d4:61:cb:23:4c:c6:d1:97:5a:
a0:f9:17:d5:40:f4:26:4b:1e:0a:46:c8:1c:4f:5f:3b:08:47:
a6:64:34:32:ec:e8:c5:b0:5f:5c:6b:2d:13:67:e7:cc:19:6c:
47:d5:ac:8d:bb:c3:11:c0:53:89:d6:9a:2f:16:16:a1:41:bd:
be:3c:0f:d7:a3:51:fb:4c:76:0f:e1:24:32:5c:98:27:ee:97:
94:1c:60:6a:04:bc:0c:87:85:e2:12:1b:64:0d:13:df:41:53:
f5:11:fa:3f:c6:ac:c8:e2:60:3a:88:59:d7:cf:3e:0d:c6:a6:
a4:78:13:4c:94:ff:ce:b1:91:b6:e4:d5:e4:a8:a5:de:38:48:
e7:06:81:54:3e:c2:49:1c:2a:dc:50:16:cd:00:3f:48:20:89:
1d:c7:89:f3:f3:2c:78:d1:b0:92:ee:ce:a4:b7:59:e9:d3:ed:
29:77:ea:b1:29:4f:ee:f1:a0:6d:e3:0f:10:7b:ec:14:89:12:
cc:52:3a:3b:1c:03:85:b4:d9:68:2e:f5:16:96:22:b4:80:bd:
ac:eb:c4:bd:48:a6:2b:fb:80:19:fc:a3:a4:1b:99:9c:27:83:
f2:0f:06:e2:6c:79:cf:26:f6:9f:ec:72:4b:a4:cc:6f:5e:6f:
f3:70:11:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwOWHlHuO1ww7TdQQooBG2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyODU4MjFiYjdhODQ0NWVmYmY0MzNkNGMxOTg5MGE3ZmE5
NDlmYTgwHhcNMjMwMTAyMDIwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTE4MzM2NGYwOTM4YjUzNWYyMzQzMTQ0YzU1OGUzYTE3MWRjM2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIZjXf2YUxNky1PyuUltGz9jdn8M
q3tKvC0rftrdhDtOJGDbuKEXukyxBUNnS2NZP6LVSRcj+mR9b+t2sjDaQWA5SJto
19SmEaT1YGS4kaTjogYPaYJWJP6n1kibBv21RLiA1c0EXXHDhBR4f/7cQoHElNU0
Jn4t9YTp85ZUDHjnPtHQtkW7QHzsHygDAjn7uxTXXt1gTpButUUKv0lpfntLMSqs
mOrKZ6QftW5WL9/e+lRJURzAoTKuHXAh0tJA/XX4OQ1RP4goJkzRin9BfrL9eRXR
cI/0MZNu2qV/1ZV+h75RyhvNO7lOdYZ5jALwZofzn+xwnGn+edTShKtQBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIkYM2Twk4tTXyNDFExVjjoXHcO3MB8GA1UdIwQY
MBaAFEKFghu3qERe+/Qz1MGYkKf6lJ+oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW9XQ0c3ZW9SRjc3OURQVXdaaVFwX3FVbjZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9mOTM0MmMtNTdhOS00OGYzLTllNjct
OGEzZDhkYzM1OGViLzEvaVJnelpQQ1RpMU5mSTBNVVRGV09PaGNkdzdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9mOTM0MmMtNTdhOS00OGYzLTllNjctOGEzZDhkYzM1OGVi
LzEvUW9XQ0c3ZW9SRjc3OURQVXdaaVFwX3FVbjZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCixzAMA0G
CSqGSIb3DQEBCwUAA4IBAQCE/3Xf3uJnkWvUYcsjTMbRl1qg+RfVQPQmSx4KRsgc
T187CEemZDQy7OjFsF9cay0TZ+fMGWxH1ayNu8MRwFOJ1povFhahQb2+PA/Xo1H7
THYP4SQyXJgn7peUHGBqBLwMh4XiEhtkDRPfQVP1Efo/xqzI4mA6iFnXzz4Nxqak
eBNMlP/OsZG25NXkqKXeOEjnBoFUPsJJHCrcUBbNAD9IIIkdx4nz8yx40bCS7s6k
t1np0+0pd+qxKU/u8aBt4w8Qe+wUiRLMUjo7HAOFtNloLvUWliK0gL2s68S9SKYr
+4AZ/KOkG5mcJ4PyDwbibHnPJvaf7HJLpMxvXm/zcBH2
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:31:06 2025 by rpki-client