Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/28IkC8GPgvwDdbXXbI5PrBOBRZU.roa
File: 28IkC8GPgvwDdbXXbI5PrBOBRZU.roa (raw, json)
Hash identifier: mUcHTspjWmgWqZez1VyeQ/KnaKyMWzeV7OjyKg62MRs=
Subject key identifier: DB:C2:24:0B:C1:8F:82:FC:03:75:B5:D7:6C:8E:4F:AC:13:81:45:95
Certificate issuer: /CN=38a37c24ddca347d713ed794d33cd4a81a8b498a
Certificate serial: 05DCA8C2
Authority key identifier: 38:A3:7C:24:DD:CA:34:7D:71:3E:D7:94:D3:3C:D4:A8:1A:8B:49:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKN8JN3KNH1xPteU0zzUqBqLSYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/28IkC8GPgvwDdbXXbI5PrBOBRZU.roa
Signing time: Sat 01 Jan 2022 11:54:32 +0000
ROA not before: Sat 01 Jan 2022 11:54:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34978
IP address blocks: 185.52.10.0/24 maxlen: 24
185.52.8.0/22 maxlen: 22
185.52.11.0/24 maxlen: 24
185.52.8.0/24 maxlen: 24
185.52.9.0/24 maxlen: 24
81.29.224.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98347202 (0x5dca8c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a37c24ddca347d713ed794d33cd4a81a8b498a
Validity
Not Before: Jan 1 11:54:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dbc2240bc18f82fc0375b5d76c8e4fac13814595
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:7b:50:e2:10:71:5d:b2:fe:65:28:c5:13:28:
cd:1d:03:b0:b9:a7:70:7f:13:3e:e5:e2:39:f0:65:
19:fb:2b:25:12:c6:7e:bd:6a:ff:73:09:35:c0:35:
d6:27:3f:6b:b9:65:7a:fe:85:80:5a:74:72:ac:6b:
08:3d:c6:f8:8a:8a:d7:85:16:94:ba:68:63:18:18:
55:42:6a:10:39:43:35:06:10:c8:29:78:28:46:26:
9e:6e:3e:25:63:11:2b:11:51:a5:af:75:93:8e:ac:
a4:48:df:b5:40:34:59:48:fb:f7:7c:b6:b2:61:23:
76:e8:8f:b4:82:3f:a3:c9:07:18:29:b0:03:ad:a7:
1b:42:8c:e7:ef:c3:ec:a2:5f:9d:83:73:c9:78:18:
ba:af:f6:5c:67:55:04:da:f7:06:d9:aa:c2:32:95:
bb:8c:f7:44:9b:c0:80:69:e8:20:6a:8e:56:e1:34:
6a:61:85:53:a7:c8:fa:41:7f:08:32:44:50:c9:dd:
9f:db:13:c8:1a:ac:21:89:55:7f:07:74:2e:df:08:
1e:a0:c3:50:e3:8f:8c:71:ac:e0:d3:e7:c8:df:60:
b1:b7:2a:ab:b8:99:3d:5f:3f:d7:44:2c:1d:37:88:
41:ba:bc:d6:ff:7f:6e:05:f5:9c:2f:bc:8d:5e:82:
63:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:C2:24:0B:C1:8F:82:FC:03:75:B5:D7:6C:8E:4F:AC:13:81:45:95
X509v3 Authority Key Identifier:
keyid:38:A3:7C:24:DD:CA:34:7D:71:3E:D7:94:D3:3C:D4:A8:1A:8B:49:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKN8JN3KNH1xPteU0zzUqBqLSYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/28IkC8GPgvwDdbXXbI5PrBOBRZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.29.224.0/20
185.52.8.0/22
Signature Algorithm: sha256WithRSAEncryption
62:69:60:6d:f4:a4:4d:c8:17:6d:15:9c:15:09:8d:57:52:95:
d4:a0:29:22:da:cb:62:ad:25:29:e3:04:ad:65:a9:59:e7:a2:
f9:fb:c6:86:ab:cd:ec:41:bb:7d:05:79:5b:b9:5c:b4:68:ea:
bc:b7:86:91:e0:b9:49:8e:b0:25:38:7c:62:53:0d:ad:9c:a8:
42:ce:37:d3:a6:fd:c5:ed:9c:16:2e:ea:e0:68:68:4b:0a:65:
29:b3:a7:01:58:9a:6e:2b:50:56:87:ad:2c:91:a0:41:ca:fa:
74:87:84:13:80:f6:c9:78:80:fe:fa:57:89:66:f9:a3:dd:6f:
c6:7f:a3:2e:a0:4e:96:77:d7:02:d6:c6:dd:b3:37:8d:5e:fb:
af:4e:1b:48:26:f2:71:85:d9:98:2e:18:8e:08:a0:d3:6b:16:
70:56:51:10:74:01:36:f9:88:38:fb:0c:ce:d3:1b:1f:e3:25:
62:c1:49:ad:b8:a0:13:1b:69:69:fd:3e:96:be:fb:b4:92:6e:
ba:ff:70:76:3a:d1:3c:d0:8b:1f:c6:0d:cd:a8:f9:13:e6:a1:
5c:03:40:09:61:dd:16:37:38:bc:20:1f:33:65:98:b4:e0:81:
0e:8d:c0:62:0c:a4:a7:96:3f:f8:80:95:26:95:37:04:74:d2:
b3:97:af:82
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBdyowjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
OGEzN2MyNGRkY2EzNDdkNzEzZWQ3OTRkMzNjZDRhODFhOGI0OThhMB4XDTIyMDEw
MTExNTQzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGJjMjI0MGJjMThm
ODJmYzAzNzViNWQ3NmM4ZTRmYWMxMzgxNDU5NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJV7UOIQcV2y/mUoxRMozR0DsLmncH8TPuXiOfBlGfsrJRLG
fr1q/3MJNcA11ic/a7llev6FgFp0cqxrCD3G+IqK14UWlLpoYxgYVUJqEDlDNQYQ
yCl4KEYmnm4+JWMRKxFRpa91k46spEjftUA0WUj793y2smEjduiPtII/o8kHGCmw
A62nG0KM5+/D7KJfnYNzyXgYuq/2XGdVBNr3BtmqwjKVu4z3RJvAgGnoIGqOVuE0
amGFU6fI+kF/CDJEUMndn9sTyBqsIYlVfwd0Lt8IHqDDUOOPjHGs4NPnyN9gsbcq
q7iZPV8/10QsHTeIQbq81v9/bgX1nC+8jV6CY0kCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTbwiQLwY+C/AN1tddsjk+sE4FFlTAfBgNVHSMEGDAWgBQ4o3wk3co0fXE+
15TTPNSoGotJijAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09LTjhKTjNLTkgxeFB0ZVUwenpVcUJxTFNZby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmUvMWUzM2MzLWQxOTctNDVmMi04MjhlLTQ0YTQ5ZDI2MzcwMC8x
LzI4SWtDOEdQZ3Z3RGRiWFhiSTVQckJPQlJaVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmUv
MWUzM2MzLWQxOTctNDVmMi04MjhlLTQ0YTQ5ZDI2MzcwMC8xL09LTjhKTjNLTkgx
eFB0ZVUwenpVcUJxTFNZby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEBFEd4AMEArk0CDANBgkqhkiG9w0B
AQsFAAOCAQEAYmlgbfSkTcgXbRWcFQmNV1KV1KApItrLYq0lKeMErWWpWeei+fvG
hqvN7EG7fQV5W7lctGjqvLeGkeC5SY6wJTh8YlMNrZyoQs4306b9xe2cFi7q4Gho
SwplKbOnAViabitQVoetLJGgQcr6dIeEE4D2yXiA/vpXiWb5o91vxn+jLqBOlnfX
AtbG3bM3jV77r04bSCbycYXZmC4Yjgig02sWcFZREHQBNvmIOPsMztMbH+MlYsFJ
rbigExtpaf0+lr77tJJuuv9wdjrRPNCLH8YNzaj5E+ahXANACWHdFjc4vCAfM2WY
tOCBDo3AYgykp5Y/+ICVJpU3BHTSs5evgg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:01 2024 by rpki-client on console-fra.rpki-client.org