Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/SZGwK2JmazivaBPxpz6YXAP2JZQ.roa
File: SZGwK2JmazivaBPxpz6YXAP2JZQ.roa (raw, json)
Hash identifier: wYVfSbBSoyMv355t9yknlEZGGmFmtVYInEFQen/riNI=
Subject key identifier: 49:91:B0:2B:62:66:6B:38:AF:68:13:F1:A7:3E:98:5C:03:F6:25:94
Certificate issuer: /CN=28164a5757fdd5725a60844f2ae7ef73b107a4c0
Certificate serial: 0185714C115C747261E233C13AB1E96BC561
Authority key identifier: 28:16:4A:57:57:FD:D5:72:5A:60:84:4F:2A:E7:EF:73:B1:07:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/SZGwK2JmazivaBPxpz6YXAP2JZQ.roa
Signing time: Mon 02 Jan 2023 07:04:48 +0000
ROA not before: Mon 02 Jan 2023 07:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206377
IP address blocks: 185.178.180.0/22 maxlen: 22
2a0a:6780::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:11:5c:74:72:61:e2:33:c1:3a:b1:e9:6b:c5:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28164a5757fdd5725a60844f2ae7ef73b107a4c0
Validity
Not Before: Jan 2 07:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4991b02b62666b38af6813f1a73e985c03f62594
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ed:cc:37:07:b1:ef:f1:32:a9:0a:6b:e7:7d:
41:b4:0a:72:17:f4:6f:2e:6a:6c:72:e8:ce:c4:f8:
d6:6f:0c:99:94:ce:e6:e2:c1:a8:22:1a:c3:ee:79:
53:e4:6e:1d:99:06:b4:48:8a:d5:13:b1:4a:97:65:
42:07:4f:4c:a3:48:77:d6:c4:77:cd:0d:cc:b5:10:
cf:c2:c0:5d:5d:85:5e:c5:35:47:aa:46:c2:63:99:
f7:c1:fd:84:38:c1:a2:66:5e:fa:f2:bf:2f:31:0b:
91:6d:eb:fa:c3:93:30:28:06:14:90:d7:8c:09:89:
41:f6:53:b8:ef:1b:38:55:68:d6:bf:ca:37:cc:75:
cd:77:d3:e3:67:b9:11:7b:77:56:93:ea:70:88:c1:
2a:27:0c:0b:6a:f2:0c:dd:99:50:90:32:b4:b8:5e:
30:b5:d9:52:c6:b9:52:9c:6c:3f:45:cc:5e:35:ee:
cc:76:e5:97:97:2a:16:a4:39:d7:c2:b4:33:17:65:
fe:88:d3:98:1c:cf:fd:03:8f:c5:b9:1b:f8:9c:3b:
06:27:20:cf:64:8c:2e:1e:f0:24:b5:25:ae:61:42:
00:00:78:49:c3:58:71:e9:60:41:20:95:ad:bf:e0:
e1:28:dc:c6:1c:7e:eb:00:4c:c8:db:62:f8:25:61:
33:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:91:B0:2B:62:66:6B:38:AF:68:13:F1:A7:3E:98:5C:03:F6:25:94
X509v3 Authority Key Identifier:
keyid:28:16:4A:57:57:FD:D5:72:5A:60:84:4F:2A:E7:EF:73:B1:07:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/SZGwK2JmazivaBPxpz6YXAP2JZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.178.180.0/22
IPv6:
2a0a:6780::/29
Signature Algorithm: sha256WithRSAEncryption
8a:f1:76:43:90:bc:4a:20:1c:ef:6b:a4:45:1f:ac:1a:1e:af:
fc:7b:d5:e2:a2:a9:10:8d:9d:ce:e2:b4:38:1b:98:3e:29:4c:
cf:a4:a5:20:17:05:cc:57:30:7e:89:c5:c9:47:f6:f0:26:f7:
3a:1f:86:b0:77:5e:08:35:31:f8:d5:fd:5d:7c:75:71:e6:29:
ee:64:5c:db:4d:10:13:d5:13:b9:a7:cd:e9:14:60:50:95:ee:
b8:58:c6:4b:ee:5a:7a:62:44:54:01:f9:dc:a8:53:b0:a2:ff:
b6:50:1a:69:66:6d:8f:09:4a:e5:3d:00:0c:7a:1f:4d:cd:ac:
63:c2:76:da:88:b7:1f:17:63:65:c8:99:35:95:a3:81:cd:71:
4c:0a:87:fd:28:ec:df:b9:c6:fe:6e:dd:7d:6b:8c:1a:c6:56:
de:9c:77:ba:d4:7c:b4:29:c0:8f:3e:86:de:a3:b3:13:b0:e8:
00:5d:6a:87:17:96:e4:e3:cf:24:7f:e5:da:ae:7c:3a:ad:a2:
c7:d3:fb:c6:f4:8e:10:05:c0:38:81:58:0e:02:bd:5a:4a:2b:
c7:4c:bf:60:35:0b:35:b5:f3:d3:2f:8b:4f:8e:e0:f4:1e:ec:
3b:1f:66:47:d6:fb:42:ff:0d:ba:66:e3:0c:f1:0f:fb:a7:f7:
e6:18:48:bd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxTBFcdHJh4jPBOrHpa8VhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTY0YTU3NTdmZGQ1NzI1YTYwODQ0ZjJhZTdlZjczYjEw
N2E0YzAwHhcNMjMwMTAyMDcwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTkxYjAyYjYyNjY2YjM4YWY2ODEzZjFhNzNlOTg1YzAzZjYyNTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+3MNwex7/EyqQpr531BtApyF/Rv
LmpscujOxPjWbwyZlM7m4sGoIhrD7nlT5G4dmQa0SIrVE7FKl2VCB09Mo0h31sR3
zQ3MtRDPwsBdXYVexTVHqkbCY5n3wf2EOMGiZl768r8vMQuRbev6w5MwKAYUkNeM
CYlB9lO47xs4VWjWv8o3zHXNd9PjZ7kRe3dWk+pwiMEqJwwLavIM3ZlQkDK0uF4w
tdlSxrlSnGw/RcxeNe7MduWXlyoWpDnXwrQzF2X+iNOYHM/9A4/FuRv4nDsGJyDP
ZIwuHvAktSWuYUIAAHhJw1hx6WBBIJWtv+DhKNzGHH7rAEzI22L4JWEz1wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEmRsCtiZms4r2gT8ac+mFwD9iWUMB8GA1UdIwQY
MBaAFCgWSldX/dVyWmCETyrn73OxB6TAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JaS1YxZjkxWEphWUlSUEt1ZnZjN0VIcE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85NTUzNWItZTYzMC00NTdmLThhMDEt
YWVhZTViYmMzOTIwLzEvU1pHd0sySm1heml2YUJQeHB6NllYQVAySlpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85NTUzNWItZTYzMC00NTdmLThhMDEtYWVhZTViYmMzOTIw
LzEvS0JaS1YxZjkxWEphWUlSUEt1ZnZjN0VIcE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubK0MA0E
AgACMAcDBQMqCmeAMA0GCSqGSIb3DQEBCwUAA4IBAQCK8XZDkLxKIBzva6RFH6wa
Hq/8e9XioqkQjZ3O4rQ4G5g+KUzPpKUgFwXMVzB+icXJR/bwJvc6H4awd14INTH4
1f1dfHVx5inuZFzbTRAT1RO5p83pFGBQle64WMZL7lp6YkRUAfncqFOwov+2UBpp
Zm2PCUrlPQAMeh9NzaxjwnbaiLcfF2NlyJk1laOBzXFMCof9KOzfucb+bt19a4wa
xlbenHe61Hy0KcCPPobeo7MTsOgAXWqHF5bk488kf+Xarnw6raLH0/vG9I4QBcA4
gVgOAr1aSivHTL9gNQs1tfPTL4tPjuD0Huw7H2ZH1vtC/w26ZuMM8Q/7p/fmGEi9
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:51:24 2025 by rpki-client