Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/35cb5c-93a5-4bf1-ba1d-1ca9d259e2ad/1/cIRst_ZwrXjZcMCWVennEXtimDs.roa
File: cIRst_ZwrXjZcMCWVennEXtimDs.roa (raw, json)
Hash identifier: qvGBKLG5XgBeDAXcE+PWUXe6Mt8UDw+73Q/qquKrmog=
Subject key identifier: 70:84:6C:B7:F6:70:AD:78:D9:70:C0:96:55:E9:E7:11:7B:62:98:3B
Certificate issuer: /CN=5406af804ef5a636f464e71a8d41e8d401a7f697
Certificate serial: 018412E55C39B73EC464616448A4C14EA46E
Authority key identifier: 54:06:AF:80:4E:F5:A6:36:F4:64:E7:1A:8D:41:E8:D4:01:A7:F6:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VAavgE71pjb0ZOcajUHo1AGn9pc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/35cb5c-93a5-4bf1-ba1d-1ca9d259e2ad/1/cIRst_ZwrXjZcMCWVennEXtimDs.roa
Signing time: Wed 26 Oct 2022 06:05:31 +0000
ROA not before: Wed 26 Oct 2022 06:05:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201755
IP address blocks: 2.58.104.0/24 maxlen: 24
2.58.105.0/24 maxlen: 24
2.58.107.0/24 maxlen: 24
2.58.106.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:12:e5:5c:39:b7:3e:c4:64:61:64:48:a4:c1:4e:a4:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5406af804ef5a636f464e71a8d41e8d401a7f697
Validity
Not Before: Oct 26 06:05:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=70846cb7f670ad78d970c09655e9e7117b62983b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f0:0e:3f:00:04:fc:6a:3f:b6:12:3d:71:f7:
ac:91:c8:7e:30:ef:7f:ad:4e:c3:a4:8a:72:43:dc:
b1:79:8d:7d:0b:ab:fb:08:25:41:57:fa:06:ab:e8:
bc:0f:7e:52:eb:ab:c4:5d:65:4a:f7:72:37:cf:2f:
d8:89:cc:19:4c:af:e5:bf:65:ec:82:f3:51:49:7d:
8b:d6:7c:ac:12:82:de:41:e8:65:ef:9c:bb:3e:22:
d9:4b:a0:e0:2c:c5:04:92:95:2c:9d:2d:8e:37:ae:
a3:29:42:1d:73:63:9d:b8:a7:ce:15:e4:a2:8b:4f:
de:16:3b:19:02:57:66:dc:c8:4e:6b:5f:b0:98:b3:
0b:4b:83:07:66:0f:33:f0:db:d7:7e:1f:f2:b7:b9:
6a:35:e1:15:e9:b9:b2:b8:9b:9e:4c:01:05:09:93:
5e:68:5f:19:61:05:ba:9c:a5:3c:f9:29:b1:c1:47:
2b:ed:c6:6c:5b:5e:a2:e8:d3:5a:c3:c2:7b:91:68:
4a:87:cd:10:49:b4:64:d3:02:c3:fa:9e:25:e1:1d:
71:57:b5:69:1d:1b:1b:51:73:b3:57:50:ca:b0:33:
b7:e6:29:58:a1:6d:b6:98:c8:18:22:33:2e:74:a3:
7c:81:a3:63:5c:5b:a6:d9:96:c9:b4:f3:fd:6e:04:
41:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:84:6C:B7:F6:70:AD:78:D9:70:C0:96:55:E9:E7:11:7B:62:98:3B
X509v3 Authority Key Identifier:
keyid:54:06:AF:80:4E:F5:A6:36:F4:64:E7:1A:8D:41:E8:D4:01:A7:F6:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VAavgE71pjb0ZOcajUHo1AGn9pc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/35cb5c-93a5-4bf1-ba1d-1ca9d259e2ad/1/cIRst_ZwrXjZcMCWVennEXtimDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/35cb5c-93a5-4bf1-ba1d-1ca9d259e2ad/1/VAavgE71pjb0ZOcajUHo1AGn9pc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.104.0/22
Signature Algorithm: sha256WithRSAEncryption
47:b5:67:7b:ce:38:74:0d:0e:84:75:ed:7c:75:41:19:3b:b7:
11:ad:fe:95:6d:d8:57:0b:67:7a:67:38:3d:84:2f:2d:64:5c:
5f:bf:83:af:b6:dd:21:75:0c:e3:5d:61:6d:02:c7:66:bc:09:
b7:03:0e:0f:b2:72:31:6c:3e:5f:66:fd:5b:8a:2b:1f:84:2c:
28:0b:e6:06:60:d7:d6:8a:e3:e8:0b:59:6e:c1:fc:83:63:72:
09:40:ae:af:b8:d7:0f:6d:50:6d:27:28:c5:99:54:5e:df:2e:
e0:b5:ca:83:72:7b:43:c4:1a:1e:4d:2c:e7:27:52:f1:65:09:
6f:cb:aa:d3:a2:07:cb:38:6b:ac:e0:83:d6:63:12:f3:1e:55:
3b:93:08:b6:71:15:ab:a9:af:2a:7c:c3:c6:02:6b:d7:9b:00:
f0:50:30:75:20:1e:11:a2:23:6d:e9:d2:e7:49:90:00:80:99:
77:68:94:c4:4c:6d:5e:a9:fd:12:13:65:2a:6c:5c:16:40:88:
15:b6:57:7b:84:ba:bd:2b:25:51:8f:de:11:ba:05:97:6e:26:
51:51:81:ed:bc:91:c8:bd:28:31:12:51:8d:c2:ab:b4:2d:76:
ca:8d:17:e2:4f:ed:60:8c:6e:ba:48:ad:06:5e:b7:90:2e:bf:
ef:18:db:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQS5Vw5tz7EZGFkSKTBTqRuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MDZhZjgwNGVmNWE2MzZmNDY0ZTcxYThkNDFlOGQ0MDFh
N2Y2OTcwHhcNMjIxMDI2MDYwNTMxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDg0NmNiN2Y2NzBhZDc4ZDk3MGMwOTY1NWU5ZTcxMTdiNjI5ODNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvAOPwAE/Go/thI9cfeskch+MO9/
rU7DpIpyQ9yxeY19C6v7CCVBV/oGq+i8D35S66vEXWVK93I3zy/YicwZTK/lv2Xs
gvNRSX2L1nysEoLeQehl75y7PiLZS6DgLMUEkpUsnS2ON66jKUIdc2OduKfOFeSi
i0/eFjsZAldm3MhOa1+wmLMLS4MHZg8z8NvXfh/yt7lqNeEV6bmyuJueTAEFCZNe
aF8ZYQW6nKU8+SmxwUcr7cZsW16i6NNaw8J7kWhKh80QSbRk0wLD+p4l4R1xV7Vp
HRsbUXOzV1DKsDO35ilYoW22mMgYIjMudKN8gaNjXFum2ZbJtPP9bgRBYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHCEbLf2cK142XDAllXp5xF7Ypg7MB8GA1UdIwQY
MBaAFFQGr4BO9aY29GTnGo1B6NQBp/aXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkFhdmdFNzFwamIwWk9jYWpVSG8xQUduOXBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zNWNiNWMtOTNhNS00YmYxLWJhMWQt
MWNhOWQyNTllMmFkLzEvY0lSc3RfWndyWGpaY01DV1Zlbm5FWHRpbURzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zNWNiNWMtOTNhNS00YmYxLWJhMWQtMWNhOWQyNTllMmFk
LzEvVkFhdmdFNzFwamIwWk9jYWpVSG8xQUduOXBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAjpoMA0G
CSqGSIb3DQEBCwUAA4IBAQBHtWd7zjh0DQ6Ede18dUEZO7cRrf6VbdhXC2d6Zzg9
hC8tZFxfv4Ovtt0hdQzjXWFtAsdmvAm3Aw4PsnIxbD5fZv1biisfhCwoC+YGYNfW
iuPoC1luwfyDY3IJQK6vuNcPbVBtJyjFmVRe3y7gtcqDcntDxBoeTSznJ1LxZQlv
y6rTogfLOGus4IPWYxLzHlU7kwi2cRWrqa8qfMPGAmvXmwDwUDB1IB4RoiNt6dLn
SZAAgJl3aJTETG1eqf0SE2UqbFwWQIgVtld7hLq9KyVRj94RugWXbiZRUYHtvJHI
vSgxElGNwqu0LXbKjRfiT+1gjG66SK0GXreQLr/vGNvj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:52 2024 by rpki-client on console-fra.rpki-client.org