Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/66bd4b-1e56-4b46-8bab-d38a7660b51e/1/TI_RcSz3p2nodI_OsrV6q37TVgc.roa
File: TI_RcSz3p2nodI_OsrV6q37TVgc.roa (raw, json)
Hash identifier: bYBHiiBG1pO7TdG4unNhB3r+wKOqQVPrT5d9v1VGPT0=
Subject key identifier: 4C:8F:D1:71:2C:F7:A7:69:E8:74:8F:CE:B2:B5:7A:AB:7E:D3:56:07
Certificate issuer: /CN=46815ca15d72a5a696f8bcdf486f5801966772bb
Certificate serial: 07DF3262
Authority key identifier: 46:81:5C:A1:5D:72:A5:A6:96:F8:BC:DF:48:6F:58:01:96:67:72:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RoFcoV1ypaaW-LzfSG9YAZZncrs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/66bd4b-1e56-4b46-8bab-d38a7660b51e/1/TI_RcSz3p2nodI_OsrV6q37TVgc.roa
Signing time: Sat 01 Jan 2022 10:54:21 +0000
ROA not before: Sat 01 Jan 2022 10:54:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60607
IP address blocks: 185.28.160.0/24 maxlen: 24
185.28.161.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 132067938 (0x7df3262)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46815ca15d72a5a696f8bcdf486f5801966772bb
Validity
Not Before: Jan 1 10:54:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4c8fd1712cf7a769e8748fceb2b57aab7ed35607
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:85:4d:bb:c8:59:a0:0b:e9:cc:b3:15:bf:2c:
03:05:f1:d4:7f:33:2c:0c:c6:1e:bd:49:a2:13:b7:
ab:58:4c:85:ef:4c:08:9f:a3:7f:9f:ed:f6:18:81:
e8:9e:50:9a:8d:0e:f8:76:9e:9c:05:1e:10:d1:50:
37:e9:6b:17:2d:11:63:77:5b:e7:69:00:4d:61:08:
01:ad:c9:c1:67:73:69:31:41:ba:09:4d:72:8e:22:
81:01:18:79:fa:3b:fb:07:3f:33:d4:b5:05:8b:02:
00:64:c4:ae:b1:48:2d:8c:59:5c:d4:21:8d:74:b2:
19:a0:82:2c:ae:4e:b7:dd:70:8a:15:62:f4:d9:00:
a2:fc:55:bd:3e:68:8a:ef:81:c9:a7:e5:91:39:3d:
92:6d:80:38:67:ac:1a:35:ac:e9:4b:69:20:fc:6d:
8b:da:f3:fd:64:09:64:67:37:b5:50:d6:79:79:a1:
7e:ae:e8:99:47:f5:27:70:da:bd:38:bc:82:e5:43:
11:bc:64:b2:7b:f5:3e:5b:7d:f0:d0:5e:f0:04:3b:
db:aa:3f:b6:cf:7a:43:2b:d8:a2:17:dd:31:29:fd:
90:a7:22:5f:02:5a:98:a3:65:93:10:6c:e7:b3:f4:
6e:29:c3:e0:cd:37:e9:a9:55:75:06:be:a7:f2:bb:
40:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:8F:D1:71:2C:F7:A7:69:E8:74:8F:CE:B2:B5:7A:AB:7E:D3:56:07
X509v3 Authority Key Identifier:
keyid:46:81:5C:A1:5D:72:A5:A6:96:F8:BC:DF:48:6F:58:01:96:67:72:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RoFcoV1ypaaW-LzfSG9YAZZncrs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/66bd4b-1e56-4b46-8bab-d38a7660b51e/1/TI_RcSz3p2nodI_OsrV6q37TVgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/66bd4b-1e56-4b46-8bab-d38a7660b51e/1/RoFcoV1ypaaW-LzfSG9YAZZncrs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.160.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:e2:26:07:a0:c7:04:4f:45:7e:03:6a:a7:fe:af:25:c6:8f:
2d:c6:82:58:1d:34:f9:f5:0f:75:d5:35:e1:28:4a:a7:5b:d1:
e3:c9:53:55:b3:ce:1a:6b:4d:ac:7d:4d:26:e4:2b:f6:e3:81:
ce:6c:e2:46:a4:bf:70:13:d3:9c:31:1e:09:d9:0a:23:47:4f:
a9:c3:65:70:0e:25:a9:10:9f:10:89:f4:cb:84:71:61:5d:a1:
c6:d8:cf:e3:00:ea:6b:d6:d9:f8:ad:25:a1:f1:47:d6:b4:d0:
16:59:5e:d4:de:bf:17:28:4b:be:70:60:a5:6f:f8:0c:df:05:
be:f9:98:83:be:9f:28:48:94:a5:6c:30:7a:23:35:f0:77:ff:
76:48:b3:d3:ac:65:6e:be:f4:69:3d:4f:54:61:1a:5a:32:17:
c5:4d:3a:3f:7a:d1:88:ae:68:91:94:ba:a0:b3:fd:c8:e8:1f:
cc:69:62:a2:78:de:63:70:85:59:85:2b:1d:7a:ac:95:bd:76:
29:38:14:ab:fc:a8:bc:7f:a9:e4:d1:50:0e:f6:b2:1e:f8:22:
c2:64:f3:65:40:a5:8e:88:4e:0e:28:cf:ff:3e:52:53:34:c2:
eb:3e:1b:a4:01:7d:93:7b:94:94:b1:7c:8b:27:7c:e5:d4:b1:
e7:6d:69:6c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB98yYjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NjgxNWNhMTVkNzJhNWE2OTZmOGJjZGY0ODZmNTgwMTk2Njc3MmJiMB4XDTIyMDEw
MTEwNTQyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGM4ZmQxNzEyY2Y3
YTc2OWU4NzQ4ZmNlYjJiNTdhYWI3ZWQzNTYwNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKuFTbvIWaAL6cyzFb8sAwXx1H8zLAzGHr1JohO3q1hMhe9M
CJ+jf5/t9hiB6J5Qmo0O+HaenAUeENFQN+lrFy0RY3db52kATWEIAa3JwWdzaTFB
uglNco4igQEYefo7+wc/M9S1BYsCAGTErrFILYxZXNQhjXSyGaCCLK5Ot91wihVi
9NkAovxVvT5oiu+ByaflkTk9km2AOGesGjWs6UtpIPxti9rz/WQJZGc3tVDWeXmh
fq7omUf1J3DavTi8guVDEbxksnv1Plt98NBe8AQ726o/ts96QyvYohfdMSn9kKci
XwJamKNlkxBs57P0binD4M036alVdQa+p/K7QFsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRMj9FxLPenaeh0j86ytXqrftNWBzAfBgNVHSMEGDAWgBRGgVyhXXKlppb4
vN9Ib1gBlmdyuzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JvRmNvVjF5cGFhVy1MemZTRzlZQVpabmNycy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTAvNjZiZDRiLTFlNTYtNGI0Ni04YmFiLWQzOGE3NjYwYjUxZS8x
L1RJX1JjU3ozcDJub2RJX09zclY2cTM3VFZnYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAv
NjZiZDRiLTFlNTYtNGI0Ni04YmFiLWQzOGE3NjYwYjUxZS8xL1JvRmNvVjF5cGFh
Vy1MemZTRzlZQVpabmNycy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbkcoDANBgkqhkiG9w0BAQsFAAOC
AQEAXOImB6DHBE9FfgNqp/6vJcaPLcaCWB00+fUPddU14ShKp1vR48lTVbPOGmtN
rH1NJuQr9uOBzmziRqS/cBPTnDEeCdkKI0dPqcNlcA4lqRCfEIn0y4RxYV2hxtjP
4wDqa9bZ+K0lofFH1rTQFlle1N6/FyhLvnBgpW/4DN8FvvmYg76fKEiUpWwweiM1
8Hf/dkiz06xlbr70aT1PVGEaWjIXxU06P3rRiK5okZS6oLP9yOgfzGlionjeY3CF
WYUrHXqslb12KTgUq/yovH+p5NFQDvayHvgiwmTzZUCljohODijP/z5SUzTC6z4b
pAF9k3uUlLF8iyd85dSx521pbA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:14 2024 by rpki-client on console-fra.rpki-client.org