Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/bf7a28-bf1e-4835-beed-b3d86aa43bc5/1/wrwe_yoK5XE0QiBlnEJDh0qmaFw.roa
File: wrwe_yoK5XE0QiBlnEJDh0qmaFw.roa (raw, json)
Hash identifier: tXIgwHu7AD+n9SONe6Us/J1WPvp6qtgTLanrB4iqE6o=
Subject key identifier: C2:BC:1E:FF:2A:0A:E5:71:34:42:20:65:9C:42:43:87:4A:A6:68:5C
Certificate issuer: /CN=cb20606de730456edd7335cc882cbdf4396f3460
Certificate serial: 33D3C804
Authority key identifier: CB:20:60:6D:E7:30:45:6E:DD:73:35:CC:88:2C:BD:F4:39:6F:34:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yyBgbecwRW7dczXMiCy99DlvNGA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/bf7a28-bf1e-4835-beed-b3d86aa43bc5/1/wrwe_yoK5XE0QiBlnEJDh0qmaFw.roa
Signing time: Sat 01 Jan 2022 05:52:07 +0000
ROA not before: Sat 01 Jan 2022 05:52:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44914
IP address blocks: 78.28.0.0/19 maxlen: 19
78.28.32.0/19 maxlen: 19
78.28.32.0/21 maxlen: 21
78.28.40.0/21 maxlen: 21
188.125.128.0/20 maxlen: 20
188.125.144.0/22 maxlen: 22
188.125.148.0/22 maxlen: 22
188.125.152.0/22 maxlen: 22
188.125.157.0/24 maxlen: 24
78.28.58.0/23 maxlen: 23
78.28.56.0/23 maxlen: 23
78.28.62.0/23 maxlen: 23
78.28.60.0/22 maxlen: 22
2a02:e88:8000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 869517316 (0x33d3c804)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb20606de730456edd7335cc882cbdf4396f3460
Validity
Not Before: Jan 1 05:52:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c2bc1eff2a0ae571344220659c4243874aa6685c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:78:7b:51:53:66:d5:cd:70:da:97:26:34:f7:
f3:11:07:2d:09:77:75:84:2e:01:ed:68:94:f4:5f:
75:b5:69:06:1a:85:06:81:e1:45:2f:a0:1f:c2:16:
f5:46:92:2a:ee:a2:a6:db:9b:ba:dd:2f:f8:8e:1a:
0d:5a:e7:dd:58:77:50:44:07:1c:14:7a:90:cf:a4:
3b:d9:2f:37:96:4b:4c:b0:e1:10:a5:54:c7:2f:a1:
01:e9:b4:8a:15:bb:68:d9:c2:74:5b:1a:af:9d:82:
a4:5a:ab:35:74:1b:c0:bf:50:30:8d:3e:60:bf:db:
d2:5c:99:e7:4c:54:c5:c4:fc:3e:16:11:32:a5:91:
56:68:38:8d:7b:1c:e9:bd:70:1f:08:ce:ba:64:b8:
61:31:e0:20:e2:7d:02:08:f1:a1:19:c6:a3:24:35:
0f:c7:dc:8f:98:ae:23:6e:e5:09:54:0e:58:0f:15:
0f:85:ee:ab:ce:db:fb:9b:54:df:6d:a9:8b:f7:99:
db:65:c7:4e:3e:2c:6f:0e:f2:e5:76:22:a8:6f:00:
6e:53:97:70:d1:e7:45:0f:3b:87:ad:a8:fa:ba:67:
48:a1:14:53:e5:11:65:aa:ed:9f:28:7d:b4:d3:2f:
29:3a:f4:f5:3b:7f:f1:f7:a9:a8:b8:5a:a9:86:aa:
d0:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:BC:1E:FF:2A:0A:E5:71:34:42:20:65:9C:42:43:87:4A:A6:68:5C
X509v3 Authority Key Identifier:
keyid:CB:20:60:6D:E7:30:45:6E:DD:73:35:CC:88:2C:BD:F4:39:6F:34:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yyBgbecwRW7dczXMiCy99DlvNGA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/bf7a28-bf1e-4835-beed-b3d86aa43bc5/1/wrwe_yoK5XE0QiBlnEJDh0qmaFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/bf7a28-bf1e-4835-beed-b3d86aa43bc5/1/yyBgbecwRW7dczXMiCy99DlvNGA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.28.0.0/18
188.125.128.0-188.125.155.255
188.125.157.0/24
IPv6:
2a02:e88:8000::/48
Signature Algorithm: sha256WithRSAEncryption
66:78:e9:4f:e8:3b:89:bc:27:2c:5e:bf:f4:9d:88:26:a0:69:
2f:6f:94:15:79:88:15:ab:16:c0:e9:26:af:70:50:61:8b:a2:
f8:66:e7:85:ad:d1:54:dd:6c:ed:82:49:67:1b:74:b7:06:bc:
22:93:30:02:ab:d5:44:33:be:c2:16:3d:7d:91:b9:88:4e:62:
77:de:69:20:1e:1e:8a:62:99:42:cc:67:2b:5b:be:a9:bb:23:
03:3b:1d:36:ea:43:18:8f:36:4c:7e:47:6a:73:e1:8b:05:f7:
e8:68:14:be:ae:58:91:e3:99:e2:fd:a7:81:8f:48:75:3c:19:
9e:aa:1e:97:2f:ec:ee:b6:d5:55:e3:d6:b0:3a:37:06:a0:a8:
27:e1:49:83:00:76:95:54:c2:80:6a:46:40:fc:97:2b:07:50:
32:b5:22:7a:e1:94:66:d3:78:b9:93:69:1b:c9:1c:be:3d:00:
8f:2d:a6:d0:bb:a5:7c:87:25:22:9b:b3:e8:e7:89:63:60:94:
e2:41:02:2c:67:22:b5:c0:4c:7d:19:8b:73:bb:d7:8f:0f:01:
61:fc:bf:4f:41:ed:bd:4a:e7:38:a5:68:77:97:30:f4:01:71:
c9:69:3f:5b:a9:f7:c4:f5:da:33:2b:fc:11:a5:79:2f:b4:c5:
ab:02:9f:d4
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgIEM9PIBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YjIwNjA2ZGU3MzA0NTZlZGQ3MzM1Y2M4ODJjYmRmNDM5NmYzNDYwMB4XDTIyMDEw
MTA1NTIwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzJiYzFlZmYyYTBh
ZTU3MTM0NDIyMDY1OWM0MjQzODc0YWE2Njg1YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKd4e1FTZtXNcNqXJjT38xEHLQl3dYQuAe1olPRfdbVpBhqF
BoHhRS+gH8IW9UaSKu6iptubut0v+I4aDVrn3Vh3UEQHHBR6kM+kO9kvN5ZLTLDh
EKVUxy+hAem0ihW7aNnCdFsar52CpFqrNXQbwL9QMI0+YL/b0lyZ50xUxcT8PhYR
MqWRVmg4jXsc6b1wHwjOumS4YTHgIOJ9AgjxoRnGoyQ1D8fcj5iuI27lCVQOWA8V
D4Xuq87b+5tU322pi/eZ22XHTj4sbw7y5XYiqG8AblOXcNHnRQ87h62o+rpnSKEU
U+URZartnyh9tNMvKTr09Tt/8fepqLhaqYaq0M8CAwEAAaOCAi4wggIqMB0GA1Ud
DgQWBBTCvB7/KgrlcTRCIGWcQkOHSqZoXDAfBgNVHSMEGDAWgBTLIGBt5zBFbt1z
NcyILL30OW80YDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3l5QmdiZWN3Ulc3ZGN6WE1pQ3k5OURsdk5HQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTQvYmY3YTI4LWJmMWUtNDgzNS1iZWVkLWIzZDg2YWE0M2JjNS8x
L3dyd2VfeW9LNVhFMFFpQmxuRUpEaDBxbWFGdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTQv
YmY3YTI4LWJmMWUtNDgzNS1iZWVkLWIzZDg2YWE0M2JjNS8xL3l5QmdiZWN3Ulc3
ZGN6WE1pQ3k5OURsdk5HQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBE
BggrBgEFBQcBBwEB/wQ1MDMwIAQCAAEwGgMEBk4cADAMAwQHvH2AAwQCvH2YAwQA
vH2dMA8EAgACMAkDBwAqAg6IgAAwDQYJKoZIhvcNAQELBQADggEBAGZ46U/oO4m8
Jyxev/SdiCagaS9vlBV5iBWrFsDpJq9wUGGLovhm54Wt0VTdbO2CSWcbdLcGvCKT
MAKr1UQzvsIWPX2RuYhOYnfeaSAeHopimULMZytbvqm7IwM7HTbqQxiPNkx+R2pz
4YsF9+hoFL6uWJHjmeL9p4GPSHU8GZ6qHpcv7O621VXj1rA6NwagqCfhSYMAdpVU
woBqRkD8lysHUDK1InrhlGbTeLmTaRvJHL49AI8tptC7pXyHJSKbs+jniWNglOJB
AixnIrXATH0Zi3O7148PAWH8v09B7b1K5zilaHeXMPQBcclpP1up98T12jMr/BGl
eS+0xasCn9Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:29 2024 by rpki-client on console-ams.rpki-client.org