Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/eD3I1SjzxGCMdTCgalriPG2r8iw.roa
File: eD3I1SjzxGCMdTCgalriPG2r8iw.roa (raw, json)
Hash identifier: zGIysK5UnITRv4V2gYzYppHq2/rDOeN4iPWOztdHpSs=
Subject key identifier: 78:3D:C8:D5:28:F3:C4:60:8C:75:30:A0:6A:5A:E2:3C:6D:AB:F2:2C
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 0ACA4FA5
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/eD3I1SjzxGCMdTCgalriPG2r8iw.roa
Signing time: Sat 01 Jan 2022 03:02:36 +0000
ROA not before: Sat 01 Jan 2022 03:02:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210599
IP address blocks: 185.88.172.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 181030821 (0xaca4fa5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jan 1 03:02:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=783dc8d528f3c4608c7530a06a5ae23c6dabf22c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:77:e1:e7:e9:d6:b6:8a:04:92:03:4a:e2:52:
bd:5e:57:24:50:ad:66:41:1d:c4:ed:62:ff:9f:02:
45:91:c8:eb:2d:54:54:86:88:f9:d1:e8:5e:55:39:
b3:7e:71:e0:79:c0:c7:8f:e4:f1:23:e3:5b:1e:ff:
31:08:f1:b9:05:08:6d:16:b9:f0:0b:5b:e7:32:28:
6c:b8:9e:5c:ce:40:70:c2:46:eb:9f:88:e3:34:6d:
54:65:80:3c:96:5e:dc:e4:ee:ce:71:b7:23:d0:fd:
d5:a6:8b:89:5c:53:42:93:2c:48:22:f2:70:b3:0b:
e9:d6:96:ce:12:bd:de:d1:39:c8:ba:49:43:d2:93:
fb:c7:a6:ac:cd:63:3e:0b:71:ee:13:8f:ea:2a:f3:
03:ac:74:c5:f7:0b:d6:73:06:79:41:d7:a7:1a:e3:
65:93:2a:4f:8c:15:bf:49:c4:4e:72:71:f1:31:e2:
c5:36:29:fe:4a:73:a1:5f:ea:54:06:08:29:61:7b:
2f:06:89:9e:eb:4e:dd:a6:e6:c1:53:dd:22:c8:9c:
29:34:64:a2:16:d4:00:60:3f:65:a7:6b:00:f2:a7:
30:09:8a:b5:2b:51:bb:40:e2:24:0b:95:69:3e:dc:
de:ea:a4:d8:34:5d:41:d0:ee:36:2a:ea:ec:36:b1:
8c:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:3D:C8:D5:28:F3:C4:60:8C:75:30:A0:6A:5A:E2:3C:6D:AB:F2:2C
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/eD3I1SjzxGCMdTCgalriPG2r8iw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.172.0/24
Signature Algorithm: sha256WithRSAEncryption
47:a1:ac:9f:f2:2b:22:38:8b:22:2b:45:a7:7e:c6:38:df:f3:
9c:cc:0c:6d:5c:eb:94:e7:29:65:ea:08:36:6a:d8:a2:16:89:
be:2c:1c:6f:7e:55:35:5f:de:7d:e1:cc:62:d6:ea:9b:7c:e7:
34:35:6f:2a:fc:a8:34:ca:6e:1e:f1:84:67:54:e8:c0:f0:e9:
1e:b7:fe:73:68:ac:cd:97:66:a6:ca:c2:94:02:ff:e9:ad:f2:
7d:34:fa:26:6d:75:a2:d5:74:e1:dc:cc:d0:ec:fa:5d:9f:17:
b6:c4:45:0f:62:f2:b9:2d:3b:40:67:2f:32:76:a8:d1:64:1f:
ed:10:21:6d:e5:48:40:c5:e7:7a:5a:0b:9e:22:16:7b:47:b3:
7f:01:ae:4b:06:68:e1:11:fb:cd:b4:ff:82:8d:f9:bb:04:79:
16:2d:cf:59:0f:96:87:43:57:3d:2e:03:f4:67:58:b9:c0:1d:
ec:f3:af:19:82:7b:11:b4:5b:08:1b:6e:f3:d0:49:f5:f8:1e:
ec:ce:9f:d8:5b:cc:80:6c:fb:55:13:4e:f9:36:32:d9:43:b4:
a4:eb:3f:14:d2:55:15:93:2d:47:84:c2:c5:7a:ec:e7:b9:f5:
53:a8:a9:40:18:c4:47:59:69:b6:2b:ce:1f:0e:a4:f8:b8:06:
a4:53:0e:17
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECspPpTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NjE2YzQxOTUxNTJlZmZlZGJmN2IzYWZlZTJhYTcyZTE5MDkwZTRkMB4XDTIyMDEw
MTAzMDIzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzgzZGM4ZDUyOGYz
YzQ2MDhjNzUzMGEwNmE1YWUyM2M2ZGFiZjIyYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJR34efp1raKBJIDSuJSvV5XJFCtZkEdxO1i/58CRZHI6y1U
VIaI+dHoXlU5s35x4HnAx4/k8SPjWx7/MQjxuQUIbRa58Atb5zIobLieXM5AcMJG
65+I4zRtVGWAPJZe3OTuznG3I9D91aaLiVxTQpMsSCLycLML6daWzhK93tE5yLpJ
Q9KT+8emrM1jPgtx7hOP6irzA6x0xfcL1nMGeUHXpxrjZZMqT4wVv0nETnJx8THi
xTYp/kpzoV/qVAYIKWF7LwaJnutO3abmwVPdIsicKTRkohbUAGA/ZadrAPKnMAmK
tStRu0DiJAuVaT7c3uqk2DRdQdDuNirq7DaxjIECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR4PcjVKPPEYIx1MKBqWuI8bavyLDAfBgNVHSMEGDAWgBTGFsQZUVLv/tv3
s6/uKqcuGQkOTTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hoYkVHVkZTN183Yjk3T3Y3aXFuTGhrSkRrMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDcvYWQ2NTIxLWQzYTktNGIxMy1iZTY5LTM5ZmRiOTg2ZjA1OS8x
L2VEM0kxU2p6eEdDTWRUQ2dhbHJpUEcycjhpdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcv
YWQ2NTIxLWQzYTktNGIxMy1iZTY5LTM5ZmRiOTg2ZjA1OS8xL3hoYkVHVkZTN183
Yjk3T3Y3aXFuTGhrSkRrMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALlYrDANBgkqhkiG9w0BAQsFAAOC
AQEAR6Gsn/IrIjiLIitFp37GON/znMwMbVzrlOcpZeoINmrYohaJviwcb35VNV/e
feHMYtbqm3znNDVvKvyoNMpuHvGEZ1TowPDpHrf+c2iszZdmpsrClAL/6a3yfTT6
Jm11otV04dzM0Oz6XZ8XtsRFD2LyuS07QGcvMnao0WQf7RAhbeVIQMXneloLniIW
e0ezfwGuSwZo4RH7zbT/go35uwR5Fi3PWQ+Wh0NXPS4D9GdYucAd7POvGYJ7EbRb
CBtu89BJ9fge7M6f2FvMgGz7VRNO+TYy2UO0pOs/FNJVFZMtR4TCxXrs57n1U6ip
QBjER1lptivOHw6k+LgGpFMOFw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:24 2024 by rpki-client on console-ams.rpki-client.org