Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/cf10db-7582-4553-bf1b-17911594ae51/1/28rHrmWMuIxjREFlS-TQKdAh26I.roa
File: 28rHrmWMuIxjREFlS-TQKdAh26I.roa (raw, json)
Hash identifier: 2OH5tiHoufO3PbmhonxgNrYE4DVkhau2SVTIyA0MYOk=
Subject key identifier: DB:CA:C7:AE:65:8C:B8:8C:63:44:41:65:4B:E4:D0:29:D0:21:DB:A2
Certificate issuer: /CN=babc1ecc17f660d5bd89e16167b9d5031bf6a0cb
Certificate serial: 0188BF01771F877BDF3A174938DA83F79072
Authority key identifier: BA:BC:1E:CC:17:F6:60:D5:BD:89:E1:61:67:B9:D5:03:1B:F6:A0:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/urwezBf2YNW9ieFhZ7nVAxv2oMs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/cf10db-7582-4553-bf1b-17911594ae51/1/28rHrmWMuIxjREFlS-TQKdAh26I.roa
Signing time: Thu 15 Jun 2023 12:22:04 +0000
ROA not before: Thu 15 Jun 2023 12:22:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199697
IP address blocks: 193.37.158.0/25 maxlen: 25
2a12:6040::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:bf:01:77:1f:87:7b:df:3a:17:49:38:da:83:f7:90:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=babc1ecc17f660d5bd89e16167b9d5031bf6a0cb
Validity
Not Before: Jun 15 12:22:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dbcac7ae658cb88c634441654be4d029d021dba2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:df:f6:7d:c4:42:42:a4:11:a1:e3:6e:12:9e:
4f:6c:26:73:c5:ac:a1:d0:bf:60:df:99:25:32:5c:
a9:87:3f:1e:00:2e:14:13:2a:a0:56:e5:be:57:3a:
32:b3:95:66:41:57:94:d0:cf:c1:cc:e4:a5:0c:16:
02:cc:56:37:6a:fa:86:7b:b0:9e:dc:da:f7:4d:b0:
37:36:64:e2:e2:65:37:53:c6:7e:52:f5:40:52:5d:
7b:3a:a0:c4:b9:54:5c:c1:7f:84:7f:19:ca:4d:31:
8f:33:cd:5c:26:56:57:da:80:a0:1c:46:05:d3:fc:
e0:8a:e9:0c:5a:bf:a7:2d:ca:b5:34:99:c9:b3:2b:
7e:13:43:be:e8:7c:f1:02:09:cc:3f:cc:3e:a9:f4:
c5:0b:ba:f4:0e:99:bd:57:15:d3:c6:d4:71:c2:40:
f1:01:a6:f5:d2:60:45:d2:e4:b8:90:43:23:dc:45:
71:e9:a6:e1:5a:8d:c5:5e:fe:f1:b2:4d:d0:04:b1:
84:64:ee:21:f0:60:0c:de:f0:98:7b:11:d3:df:37:
05:42:3d:5f:20:30:56:95:16:70:93:06:80:85:98:
ab:7c:f0:c2:c4:00:b5:78:08:8b:ca:72:09:d0:d0:
39:74:c8:3f:63:ef:c7:46:91:66:f5:8b:28:72:c3:
59:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:CA:C7:AE:65:8C:B8:8C:63:44:41:65:4B:E4:D0:29:D0:21:DB:A2
X509v3 Authority Key Identifier:
keyid:BA:BC:1E:CC:17:F6:60:D5:BD:89:E1:61:67:B9:D5:03:1B:F6:A0:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/urwezBf2YNW9ieFhZ7nVAxv2oMs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/cf10db-7582-4553-bf1b-17911594ae51/1/28rHrmWMuIxjREFlS-TQKdAh26I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/cf10db-7582-4553-bf1b-17911594ae51/1/urwezBf2YNW9ieFhZ7nVAxv2oMs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.37.158.0/25
IPv6:
2a12:6040::/29
Signature Algorithm: sha256WithRSAEncryption
64:34:7f:28:3c:ca:08:70:ea:89:b0:8c:ee:77:68:69:f8:e9:
d6:64:0c:29:0d:db:17:04:66:a5:82:90:db:13:f4:35:d5:3e:
90:8f:c1:3b:2e:2b:f9:c8:8f:7f:88:05:c3:eb:60:e3:bf:76:
24:66:0b:31:68:62:ee:24:47:c3:5f:07:83:bd:15:4d:de:e7:
ee:e1:c1:ed:52:65:8a:e6:3e:f5:43:df:8d:1a:d2:d4:34:a4:
01:39:c1:ab:55:61:42:d6:ca:7e:e9:2e:a9:d9:34:c1:3a:31:
04:5c:1c:17:44:00:33:21:0f:46:f2:4c:d9:0b:0a:97:87:3e:
83:67:91:03:49:15:33:84:54:de:25:25:0d:33:4a:7f:be:d3:
6b:0c:f6:b8:19:db:f2:af:b3:21:59:a8:d0:3c:5b:79:84:e3:
ac:01:39:68:39:99:4c:e3:08:ce:57:99:81:9d:5f:1c:3d:01:
4c:84:2a:ef:da:da:d4:2c:de:81:41:79:31:61:1d:46:29:14:
52:f2:84:b7:26:5b:5b:d5:51:6c:a5:41:17:7c:b8:0b:03:4b:
24:75:38:15:81:1f:8b:47:ed:54:f6:f6:d8:52:60:7f:1b:13:
0b:ee:75:ee:1b:b6:65:5a:2f:7e:49:ca:52:85:82:f8:f8:93:
ef:9b:d0:47
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYi/AXcfh3vfOhdJONqD95ByMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYmMxZWNjMTdmNjYwZDViZDg5ZTE2MTY3YjlkNTAzMWJm
NmEwY2IwHhcNMjMwNjE1MTIyMjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmNhYzdhZTY1OGNiODhjNjM0NDQxNjU0YmU0ZDAyOWQwMjFkYmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApN/2fcRCQqQRoeNuEp5PbCZzxayh
0L9g35klMlyphz8eAC4UEyqgVuW+Vzoys5VmQVeU0M/BzOSlDBYCzFY3avqGe7Ce
3Nr3TbA3NmTi4mU3U8Z+UvVAUl17OqDEuVRcwX+EfxnKTTGPM81cJlZX2oCgHEYF
0/zgiukMWr+nLcq1NJnJsyt+E0O+6HzxAgnMP8w+qfTFC7r0Dpm9VxXTxtRxwkDx
Aab10mBF0uS4kEMj3EVx6abhWo3FXv7xsk3QBLGEZO4h8GAM3vCYexHT3zcFQj1f
IDBWlRZwkwaAhZirfPDCxAC1eAiLynIJ0NA5dMg/Y+/HRpFm9YsocsNZoQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFNvKx65ljLiMY0RBZUvk0CnQIduiMB8GA1UdIwQY
MBaAFLq8HswX9mDVvYnhYWe51QMb9qDLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXJ3ZXpCZjJZTlc5aWVGaFo3blZBeHYyb01zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9jZjEwZGItNzU4Mi00NTUzLWJmMWIt
MTc5MTE1OTRhZTUxLzEvMjhySHJtV011SXhqUkVGbFMtVFFLZEFoMjZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9jZjEwZGItNzU4Mi00NTUzLWJmMWItMTc5MTE1OTRhZTUx
LzEvdXJ3ZXpCZjJZTlc5aWVGaFo3blZBeHYyb01zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjANBAIAATAHAwUHwSWeADAN
BAIAAjAHAwUDKhJgQDANBgkqhkiG9w0BAQsFAAOCAQEAZDR/KDzKCHDqibCM7ndo
afjp1mQMKQ3bFwRmpYKQ2xP0NdU+kI/BOy4r+ciPf4gFw+tg4792JGYLMWhi7iRH
w18Hg70VTd7n7uHB7VJliuY+9UPfjRrS1DSkATnBq1VhQtbKfukuqdk0wToxBFwc
F0QAMyEPRvJM2QsKl4c+g2eRA0kVM4RU3iUlDTNKf77Tawz2uBnb8q+zIVmo0Dxb
eYTjrAE5aDmZTOMIzleZgZ1fHD0BTIQq79ra1CzegUF5MWEdRikUUvKEtyZbW9VR
bKVBF3y4CwNLJHU4FYEfi0ftVPb22FJgfxsTC+517hu2ZVovfknKUoWC+PiT75vQ
Rw==
-----END CERTIFICATE-----
Generated at Sun May 11 15:58:05 2025 by rpki-client