Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/rghXiiiVnhdyaz7joLTl4K40yf0.roa
File: rghXiiiVnhdyaz7joLTl4K40yf0.roa (raw, json)
Hash identifier: BBkDcxwsaOEeLSGYJvha4MQ2fCPcTS/GUIrTXFQishA=
Subject key identifier: AE:08:57:8A:28:95:9E:17:72:6B:3E:E3:A0:B4:E5:E0:AE:34:C9:FD
Certificate issuer: /CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Certificate serial: 0184DFBBFA55E1B4B1DDFCBB4509F46CC3A2
Authority key identifier: 28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/rghXiiiVnhdyaz7joLTl4K40yf0.roa
Signing time: Mon 05 Dec 2022 00:42:29 +0000
ROA not before: Mon 05 Dec 2022 00:42:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 185.115.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:df:bb:fa:55:e1:b4:b1:dd:fc:bb:45:09:f4:6c:c3:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Validity
Not Before: Dec 5 00:42:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ae08578a28959e17726b3ee3a0b4e5e0ae34c9fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:7e:df:a9:b3:41:0a:80:08:8f:14:a1:ec:fd:
8c:6a:f6:c2:05:31:99:f1:58:ed:f6:6d:73:12:ce:
91:bd:f3:66:f6:93:b6:a0:2e:36:ca:30:dc:96:f8:
35:20:0f:2e:60:1a:b9:51:14:87:29:dc:68:04:fa:
04:0b:ef:9b:f6:ad:4c:b8:1d:01:f1:31:ee:c4:9f:
35:2e:05:3e:f7:c6:7e:38:13:ae:ee:83:37:d7:02:
ac:7a:88:61:8f:8f:a1:68:06:8d:e3:61:d4:11:9c:
74:0a:b4:96:7a:53:09:9e:6b:3c:ef:bc:cd:82:b1:
16:29:ce:11:3a:3c:76:62:86:8b:03:0d:f9:66:34:
12:ef:db:ca:1c:bc:d9:ae:52:24:0e:6c:ab:eb:c2:
e8:a9:e7:d4:32:7b:af:e0:50:2f:be:da:fa:c4:7f:
95:6d:57:67:82:57:12:65:c2:0a:24:4e:6b:39:0a:
b3:b6:05:17:4d:93:4e:7a:e8:20:51:ce:ac:37:29:
15:b4:0d:d3:1c:19:77:39:41:1b:35:70:4c:4d:01:
b3:5c:39:6d:bf:ba:ef:ea:58:dc:83:9e:97:76:c9:
10:a8:fb:5f:59:5e:0f:e5:da:73:17:d0:85:11:53:
e8:cc:04:90:45:1e:90:a6:eb:82:8c:6c:08:a8:2b:
44:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:08:57:8A:28:95:9E:17:72:6B:3E:E3:A0:B4:E5:E0:AE:34:C9:FD
X509v3 Authority Key Identifier:
keyid:28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/rghXiiiVnhdyaz7joLTl4K40yf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.115.207.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:43:4c:f0:83:31:69:89:bf:fa:2a:aa:d4:a2:49:3d:dd:ce:
74:3f:15:be:32:c3:94:87:29:6b:5b:64:38:f0:d8:49:0f:89:
91:35:7f:1c:e9:48:1e:08:d3:d8:b1:71:3e:92:67:01:c1:af:
60:6e:32:35:5e:61:50:7e:b7:58:5f:02:36:16:c3:7a:77:6e:
ab:7b:ee:a3:e0:91:1e:1c:84:06:b5:25:c7:20:58:a7:11:4f:
0b:bb:fe:8c:52:48:98:0f:9f:a2:66:f1:e5:e1:bb:01:30:de:
5c:be:b0:82:b5:ac:e2:2a:bf:28:88:b5:26:2d:1a:53:11:20:
59:e0:36:3e:c8:80:ca:f6:75:b5:6c:c7:71:ec:9d:2d:7e:40:
4d:e0:a0:6e:69:dd:9c:2f:97:a0:4b:7d:12:b6:ed:be:6a:88:
e5:19:87:cb:54:79:98:70:61:e4:41:59:60:81:78:c6:7c:2c:
7e:83:12:3a:87:e0:00:e4:f9:94:ff:a8:9a:2c:4c:6b:c5:3a:
f9:c6:51:ff:87:00:9d:5e:2a:53:f0:85:c1:4a:e8:64:60:b5:
53:57:b4:fb:13:27:8c:be:1f:e7:9c:38:03:70:90:8a:36:0b:
69:ce:98:46:52:fc:05:d8:84:47:a6:70:45:7d:de:31:66:a7:
f9:77:24:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTfu/pV4bSx3fy7RQn0bMOiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTA3YWI2OTIxZWY4Y2IyZGVjYTNlYjc2NjQ3OGNmZjNl
NWZjNmQwHhcNMjIxMjA1MDA0MjI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTA4NTc4YTI4OTU5ZTE3NzI2YjNlZTNhMGI0ZTVlMGFlMzRjOWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApn7fqbNBCoAIjxSh7P2MavbCBTGZ
8Vjt9m1zEs6RvfNm9pO2oC42yjDclvg1IA8uYBq5URSHKdxoBPoEC++b9q1MuB0B
8THuxJ81LgU+98Z+OBOu7oM31wKseohhj4+haAaN42HUEZx0CrSWelMJnms877zN
grEWKc4ROjx2YoaLAw35ZjQS79vKHLzZrlIkDmyr68LoqefUMnuv4FAvvtr6xH+V
bVdnglcSZcIKJE5rOQqztgUXTZNOeuggUc6sNykVtA3THBl3OUEbNXBMTQGzXDlt
v7rv6ljcg56XdskQqPtfWV4P5dpzF9CFEVPozASQRR6QpuuCjGwIqCtEawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK4IV4oolZ4Xcms+46C05eCuNMn9MB8GA1UdIwQY
MBaAFCgQeraSHvjLLeyj63ZkeM/z5fxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzIt
YzBmYjNlZjc2NDBlLzEvcmdoWGlpaVZuaGR5YXo3am9MVGw0SzQweWYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBl
LzEvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXPPMA0G
CSqGSIb3DQEBCwUAA4IBAQCMQ0zwgzFpib/6KqrUokk93c50PxW+MsOUhylrW2Q4
8NhJD4mRNX8c6UgeCNPYsXE+kmcBwa9gbjI1XmFQfrdYXwI2FsN6d26re+6j4JEe
HIQGtSXHIFinEU8Lu/6MUkiYD5+iZvHl4bsBMN5cvrCCtaziKr8oiLUmLRpTESBZ
4DY+yIDK9nW1bMdx7J0tfkBN4KBuad2cL5egS30Stu2+aojlGYfLVHmYcGHkQVlg
gXjGfCx+gxI6h+AA5PmU/6iaLExrxTr5xlH/hwCdXipT8IXBSuhkYLVTV7T7EyeM
vh/nnDgDcJCKNgtpzphGUvwF2IRHpnBFfd4xZqf5dyQ4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:47 2024 by rpki-client on console-fra.rpki-client.org