Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/xiQyezEoVbHScaZ5QffXbkgUd-4.roa
File: xiQyezEoVbHScaZ5QffXbkgUd-4.roa (raw, json)
Hash identifier: /rVXzCLhyos4B4ql6ugTUNQry98EoKC+7L0RHlyAKZM=
Subject key identifier: C6:24:32:7B:31:28:55:B1:D2:71:A6:79:41:F7:D7:6E:48:14:77:EE
Certificate issuer: /CN=ba60a4d874d9601c8142c352f80c56a43276cd47
Certificate serial: 0922E686
Authority key identifier: BA:60:A4:D8:74:D9:60:1C:81:42:C3:52:F8:0C:56:A4:32:76:CD:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/umCk2HTZYByBQsNS-AxWpDJ2zUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/xiQyezEoVbHScaZ5QffXbkgUd-4.roa
Signing time: Mon 28 Mar 2022 15:00:34 +0000
ROA not before: Mon 28 Mar 2022 15:00:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39560
IP address blocks: 2.58.114.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 153282182 (0x922e686)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba60a4d874d9601c8142c352f80c56a43276cd47
Validity
Not Before: Mar 28 15:00:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c624327b312855b1d271a67941f7d76e481477ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:38:6c:54:83:c6:a8:5f:fe:87:cd:79:6e:9d:
7e:88:ad:5a:78:13:3b:95:0c:9d:a2:1e:f9:5a:6b:
06:e2:68:f9:88:30:ca:d9:fe:1e:d1:f2:62:96:48:
cd:da:ee:92:07:8d:f9:ba:c5:9b:0b:40:25:d2:1f:
c7:ff:d0:87:d2:2b:7f:7b:82:be:0f:69:cf:82:e8:
37:cb:f9:f2:bc:4f:08:ec:33:a1:1c:de:91:05:ad:
ec:79:59:43:8c:7c:bc:84:0e:ce:32:d0:46:0e:1b:
ba:5d:6b:62:06:87:82:e3:dc:37:0a:38:f1:15:51:
c0:10:8d:50:fb:4a:ff:e0:be:1c:25:39:0f:7c:10:
bf:7e:b4:b3:05:d5:27:94:d6:dc:9b:8e:5c:20:96:
5e:6c:35:7a:bc:cd:ce:b0:bc:4b:64:29:a7:43:41:
c3:fd:2c:63:f7:e3:05:53:a3:ff:fa:85:e3:39:61:
dd:80:c0:d9:ff:bd:8e:a9:9b:cb:bd:cb:ee:e9:03:
38:2b:26:91:34:fe:a5:f1:38:d3:7a:36:3d:9e:b9:
27:d0:f9:2c:98:bd:2f:fa:95:25:ac:bd:2a:b0:e5:
08:cb:83:7c:f6:26:b4:58:6e:be:ad:8a:a9:a1:b6:
59:b2:19:48:48:35:db:27:b3:b3:54:15:df:23:00:
4b:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:24:32:7B:31:28:55:B1:D2:71:A6:79:41:F7:D7:6E:48:14:77:EE
X509v3 Authority Key Identifier:
keyid:BA:60:A4:D8:74:D9:60:1C:81:42:C3:52:F8:0C:56:A4:32:76:CD:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/umCk2HTZYByBQsNS-AxWpDJ2zUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/xiQyezEoVbHScaZ5QffXbkgUd-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/umCk2HTZYByBQsNS-AxWpDJ2zUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.114.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:2a:24:27:b7:ed:bd:59:c0:5f:b9:e8:98:f7:10:05:77:eb:
51:67:3e:fc:4d:46:45:77:3f:c9:a0:1e:0b:3a:00:62:80:f7:
81:0e:0a:ee:bb:ca:66:c4:0a:f8:ef:5c:cb:d8:34:ce:24:11:
bf:bd:fa:74:c0:05:28:19:c2:81:6a:86:5a:62:fb:a4:11:dd:
2f:ab:80:85:61:93:c0:5f:a5:51:8a:64:64:15:ed:3e:a8:8d:
b4:8c:80:d0:a5:8d:39:c5:51:54:71:a3:7c:e8:b8:b7:af:d3:
55:6b:f4:bf:ec:b5:bc:7a:e5:02:52:29:58:67:b9:17:2f:e8:
ec:06:5e:47:32:6b:d0:5a:42:e3:58:0e:8b:5c:ec:40:54:ad:
35:25:ed:77:e5:60:4c:13:bc:24:80:d2:f4:44:b0:ba:58:d4:
04:7c:4b:95:e1:fd:c6:6f:44:64:0e:12:14:2c:90:3c:63:47:
6a:ca:b9:94:b4:70:a8:ea:2e:e0:3f:3f:b6:10:28:ae:f7:38:
f2:d7:68:95:54:8c:0c:1c:62:86:3d:d5:92:86:18:57:4e:8d:
2b:3c:5e:00:3b:f2:10:39:23:f4:30:8a:fa:1d:49:af:55:12:
e4:0c:b3:9d:5a:a6:d1:91:f0:cf:4d:76:2c:db:f9:c9:9a:c1:
6c:a9:bf:50
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECSLmhjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YTYwYTRkODc0ZDk2MDFjODE0MmMzNTJmODBjNTZhNDMyNzZjZDQ3MB4XDTIyMDMy
ODE1MDAzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzYyNDMyN2IzMTI4
NTViMWQyNzFhNjc5NDFmN2Q3NmU0ODE0NzdlZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALI4bFSDxqhf/ofNeW6dfoitWngTO5UMnaIe+VprBuJo+Ygw
ytn+HtHyYpZIzdrukgeN+brFmwtAJdIfx//Qh9Irf3uCvg9pz4LoN8v58rxPCOwz
oRzekQWt7HlZQ4x8vIQOzjLQRg4bul1rYgaHguPcNwo48RVRwBCNUPtK/+C+HCU5
D3wQv360swXVJ5TW3JuOXCCWXmw1erzNzrC8S2Qpp0NBw/0sY/fjBVOj//qF4zlh
3YDA2f+9jqmby73L7ukDOCsmkTT+pfE403o2PZ65J9D5LJi9L/qVJay9KrDlCMuD
fPYmtFhuvq2KqaG2WbIZSEg12yezs1QV3yMAS+kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTGJDJ7MShVsdJxpnlB99duSBR37jAfBgNVHSMEGDAWgBS6YKTYdNlgHIFC
w1L4DFakMnbNRzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VtQ2sySFRaWUJ5QlFzTlMtQXhXcERKMnpVYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTgvMjhjYjVjLTI5OGYtNGQ4Yi04MTViLWU1YTM3NzhiZTNhZC8x
L3hpUXllekVvVmJIU2NhWjVRZmZYYmtnVWQtNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgv
MjhjYjVjLTI5OGYtNGQ4Yi04MTViLWU1YTM3NzhiZTNhZC8xL3VtQ2sySFRaWUJ5
QlFzTlMtQXhXcERKMnpVYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAI6cjANBgkqhkiG9w0BAQsFAAOC
AQEAnSokJ7ftvVnAX7nomPcQBXfrUWc+/E1GRXc/yaAeCzoAYoD3gQ4K7rvKZsQK
+O9cy9g0ziQRv736dMAFKBnCgWqGWmL7pBHdL6uAhWGTwF+lUYpkZBXtPqiNtIyA
0KWNOcVRVHGjfOi4t6/TVWv0v+y1vHrlAlIpWGe5Fy/o7AZeRzJr0FpC41gOi1zs
QFStNSXtd+VgTBO8JIDS9ESwuljUBHxLleH9xm9EZA4SFCyQPGNHasq5lLRwqOou
4D8/thAorvc48tdolVSMDBxihj3VkoYYV06NKzxeADvyEDkj9DCK+h1Jr1US5Ayz
nVqm0ZHwz012LNv5yZrBbKm/UA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:08 2024 by rpki-client on console-fra.rpki-client.org