Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/dfc10c-f889-455a-82a0-b30408948cce/1/kh8pjfxT-QKSwcqzEFaebxw8X8Y.roa
File: kh8pjfxT-QKSwcqzEFaebxw8X8Y.roa (raw, json)
Hash identifier: 47xqkhTkGUK3UdO96TrahwFC7/WXVVrZSYPVL4I4jJI=
Subject key identifier: 92:1F:29:8D:FC:53:F9:02:92:C1:CA:B3:10:56:9E:6F:1C:3C:5F:C6
Certificate issuer: /CN=e37e5ff123ea7d2e83ce27520c987d037e649d03
Certificate serial: 018225B2AEDC222A064C6D167B16963A88E9
Authority key identifier: E3:7E:5F:F1:23:EA:7D:2E:83:CE:27:52:0C:98:7D:03:7E:64:9D:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/435f8SPqfS6DzidSDJh9A35knQM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/dfc10c-f889-455a-82a0-b30408948cce/1/kh8pjfxT-QKSwcqzEFaebxw8X8Y.roa
Signing time: Fri 22 Jul 2022 11:37:23 +0000
ROA not before: Fri 22 Jul 2022 11:37:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48927
IP address blocks: 178.215.228.0/22 maxlen: 24
2a0d:5440::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:25:b2:ae:dc:22:2a:06:4c:6d:16:7b:16:96:3a:88:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e37e5ff123ea7d2e83ce27520c987d037e649d03
Validity
Not Before: Jul 22 11:37:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=921f298dfc53f90292c1cab310569e6f1c3c5fc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:94:c0:a2:4d:d3:18:80:24:7d:1f:d4:3d:c9:
f1:31:5c:af:bd:99:e8:c8:09:c1:5e:0e:ed:a0:c1:
e9:bb:26:ab:34:da:09:a1:bb:80:98:d3:7b:59:8b:
a4:38:24:f4:a8:0d:b9:08:ab:49:8c:ea:a5:49:5f:
30:8c:e7:49:60:c5:77:f8:8f:45:4f:0f:57:6d:f5:
a4:d0:f4:a6:1f:c4:60:36:2f:80:80:61:b1:ed:31:
7f:4d:3e:4c:fa:d8:99:df:29:b7:ae:fb:55:6e:70:
26:f7:40:54:fd:85:ac:a1:82:d1:f9:74:23:21:53:
53:77:97:56:11:e2:e6:12:96:c9:87:e4:1a:7c:4f:
52:09:55:e6:44:20:0f:01:df:95:7b:48:fa:a5:cb:
79:b3:4a:c1:60:dc:77:fa:c2:67:a7:07:1a:ff:dc:
58:b0:d1:af:bb:53:b4:36:d7:cf:42:90:57:43:bd:
4c:62:8b:b2:e6:2b:8c:74:06:83:29:7f:8d:b5:25:
c4:1f:b1:ef:1d:30:f0:69:2b:e6:75:15:f8:89:83:
a8:cd:dd:d0:6c:71:61:24:70:9b:87:9a:08:e9:85:
c0:de:fe:e0:7b:15:68:01:92:80:f1:dc:92:04:c4:
86:1d:b8:95:5d:c6:b2:3b:14:7a:8d:08:ac:16:e6:
56:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:1F:29:8D:FC:53:F9:02:92:C1:CA:B3:10:56:9E:6F:1C:3C:5F:C6
X509v3 Authority Key Identifier:
keyid:E3:7E:5F:F1:23:EA:7D:2E:83:CE:27:52:0C:98:7D:03:7E:64:9D:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/435f8SPqfS6DzidSDJh9A35knQM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/dfc10c-f889-455a-82a0-b30408948cce/1/kh8pjfxT-QKSwcqzEFaebxw8X8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/dfc10c-f889-455a-82a0-b30408948cce/1/435f8SPqfS6DzidSDJh9A35knQM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.215.228.0/22
IPv6:
2a0d:5440::/29
Signature Algorithm: sha256WithRSAEncryption
89:26:fb:2d:aa:01:14:5f:ba:48:1f:bf:ab:53:ab:a9:05:bb:
77:20:5f:7e:77:d6:65:d2:96:c9:5d:15:40:d0:54:bf:e7:0f:
c7:c9:fb:56:73:ab:75:4d:90:e6:17:28:59:97:20:c2:f1:4c:
81:b8:32:3b:38:8e:9d:3f:2e:7d:df:1f:19:cc:28:84:39:7b:
28:85:54:c6:44:32:9c:c8:dd:cd:c4:43:4b:fb:36:66:0e:56:
c4:ec:67:8c:5d:16:3f:c8:ee:09:a0:96:18:9e:40:fe:b5:cc:
33:95:55:3f:aa:14:50:6e:e3:ef:09:9c:6d:8d:86:8c:fd:e8:
98:bb:77:a1:45:24:b7:82:ae:51:36:cb:fa:b2:8a:8e:72:a1:
e5:1f:03:18:cd:08:cd:3b:d6:e1:36:ef:5c:68:3c:46:bb:3d:
73:4b:6b:ff:da:21:85:56:66:6a:c7:d2:40:94:44:40:26:92:
f9:84:bf:4e:59:2a:83:e0:f8:fc:da:c1:a0:a3:96:40:ca:ce:
30:9f:d9:e9:b5:96:e7:43:d6:6a:5b:1c:fb:4e:9b:96:37:9e:
a3:04:b4:42:2e:37:77:69:73:0d:3e:b9:ae:88:0d:7f:91:2f:
69:dc:14:32:25:3e:8a:1f:8e:ac:99:6a:01:86:a0:2e:65:cb:
e9:d5:5e:9b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYIlsq7cIioGTG0WexaWOojpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzN2U1ZmYxMjNlYTdkMmU4M2NlMjc1MjBjOTg3ZDAzN2U2
NDlkMDMwHhcNMjIwNzIyMTEzNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjFmMjk4ZGZjNTNmOTAyOTJjMWNhYjMxMDU2OWU2ZjFjM2M1ZmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5TAok3TGIAkfR/UPcnxMVyvvZno
yAnBXg7toMHpuyarNNoJobuAmNN7WYukOCT0qA25CKtJjOqlSV8wjOdJYMV3+I9F
Tw9XbfWk0PSmH8RgNi+AgGGx7TF/TT5M+tiZ3ym3rvtVbnAm90BU/YWsoYLR+XQj
IVNTd5dWEeLmEpbJh+QafE9SCVXmRCAPAd+Ve0j6pct5s0rBYNx3+sJnpwca/9xY
sNGvu1O0NtfPQpBXQ71MYouy5iuMdAaDKX+NtSXEH7HvHTDwaSvmdRX4iYOozd3Q
bHFhJHCbh5oI6YXA3v7gexVoAZKA8dySBMSGHbiVXcayOxR6jQisFuZWtwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJIfKY38U/kCksHKsxBWnm8cPF/GMB8GA1UdIwQY
MBaAFON+X/Ej6n0ug84nUgyYfQN+ZJ0DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDM1ZjhTUHFmUzZEemlkU0RKaDlBMzVrblFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9kZmMxMGMtZjg4OS00NTVhLTgyYTAt
YjMwNDA4OTQ4Y2NlLzEva2g4cGpmeFQtUUtTd2NxekVGYWVieHc4WDhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9kZmMxMGMtZjg4OS00NTVhLTgyYTAtYjMwNDA4OTQ4Y2Nl
LzEvNDM1ZjhTUHFmUzZEemlkU0RKaDlBMzVrblFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCstfkMA0E
AgACMAcDBQMqDVRAMA0GCSqGSIb3DQEBCwUAA4IBAQCJJvstqgEUX7pIH7+rU6up
Bbt3IF9+d9Zl0pbJXRVA0FS/5w/HyftWc6t1TZDmFyhZlyDC8UyBuDI7OI6dPy59
3x8ZzCiEOXsohVTGRDKcyN3NxENL+zZmDlbE7GeMXRY/yO4JoJYYnkD+tcwzlVU/
qhRQbuPvCZxtjYaM/eiYu3ehRSS3gq5RNsv6soqOcqHlHwMYzQjNO9bhNu9caDxG
uz1zS2v/2iGFVmZqx9JAlERAJpL5hL9OWSqD4Pj82sGgo5ZAys4wn9nptZbnQ9Zq
Wxz7TpuWN56jBLRCLjd3aXMNPrmuiA1/kS9p3BQyJT6KH46smWoBhqAuZcvp1V6b
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:51 2023 by rpki-client on console-ams.rpki-client.org