Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/124ac8-fa93-4c23-bd62-5b4aff7a6398/1/XAgbhQbbvtz56ZhT-0I-HBU7c04.roa
File: XAgbhQbbvtz56ZhT-0I-HBU7c04.roa (raw, json)
Hash identifier: uDcvdg3AkAiyZXNV1cpFSEkcYLYvwKVS0ZBAgOktipE=
Subject key identifier: 5C:08:1B:85:06:DB:BE:DC:F9:E9:98:53:FB:42:3E:1C:15:3B:73:4E
Certificate issuer: /CN=1ebe3e521407f597f255f3fb4e0b569c32083552
Certificate serial: 058A8048
Authority key identifier: 1E:BE:3E:52:14:07:F5:97:F2:55:F3:FB:4E:0B:56:9C:32:08:35:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hr4-UhQH9ZfyVfP7TgtWnDIINVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/124ac8-fa93-4c23-bd62-5b4aff7a6398/1/XAgbhQbbvtz56ZhT-0I-HBU7c04.roa
Signing time: Sat 01 Jan 2022 09:00:15 +0000
ROA not before: Sat 01 Jan 2022 09:00:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43346
IP address blocks: 78.31.2.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92962888 (0x58a8048)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ebe3e521407f597f255f3fb4e0b569c32083552
Validity
Not Before: Jan 1 09:00:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c081b8506dbbedcf9e99853fb423e1c153b734e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:69:04:a4:36:66:2c:50:ae:71:0d:5e:a8:fc:
34:b4:a0:7c:39:ff:a5:ee:8e:42:48:1d:7f:41:b1:
4a:70:88:b4:a2:e1:13:f2:f2:65:09:b2:27:85:d2:
9a:0e:8d:32:eb:07:f3:a9:62:16:f4:18:6d:e0:9e:
db:3c:82:f1:69:88:dd:2f:00:97:98:30:61:3d:3d:
80:3e:3f:d0:98:4f:df:ce:c0:c4:00:ef:04:85:5f:
82:0e:a6:c5:0a:a8:40:9e:a4:18:9a:4c:3f:53:95:
ba:b1:21:9a:ca:c9:86:9e:72:a8:29:0c:83:d6:6d:
59:ff:33:54:dd:ca:69:1d:2e:59:c7:40:48:b7:58:
37:c1:26:eb:f1:71:a0:df:18:9e:d2:34:7d:79:1f:
48:46:f3:ea:fb:b7:47:6e:de:69:a6:6c:d4:ff:0d:
ea:27:f8:d3:54:bc:e6:02:f5:3b:40:e5:06:d3:28:
4d:a2:e2:8e:38:55:80:bb:ec:bc:31:cf:9c:c3:53:
bc:0a:b9:50:1c:c1:8d:62:4c:23:1d:1e:5d:49:8c:
e5:da:97:bf:a6:a7:b4:19:c2:de:c1:c4:36:0a:46:
ae:ba:4f:50:72:9b:9f:d1:7e:07:f1:af:e6:0d:c0:
97:d8:b5:f3:f6:de:1d:fe:0d:2e:46:99:e8:96:72:
4d:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:08:1B:85:06:DB:BE:DC:F9:E9:98:53:FB:42:3E:1C:15:3B:73:4E
X509v3 Authority Key Identifier:
keyid:1E:BE:3E:52:14:07:F5:97:F2:55:F3:FB:4E:0B:56:9C:32:08:35:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hr4-UhQH9ZfyVfP7TgtWnDIINVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/124ac8-fa93-4c23-bd62-5b4aff7a6398/1/XAgbhQbbvtz56ZhT-0I-HBU7c04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/124ac8-fa93-4c23-bd62-5b4aff7a6398/1/Hr4-UhQH9ZfyVfP7TgtWnDIINVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.2.0/23
Signature Algorithm: sha256WithRSAEncryption
8f:1f:c4:68:8f:b7:02:aa:97:b4:50:fb:15:42:fd:05:e3:42:
c4:7c:0b:2b:c2:0a:c5:5b:8e:6b:11:67:7b:c2:b9:64:3f:a3:
37:f4:42:08:60:6e:e5:a6:43:70:55:a5:88:7f:a0:62:2b:94:
e2:de:6d:00:54:be:4e:f7:3a:f9:52:85:eb:5a:92:a3:e0:b7:
57:07:aa:95:76:81:81:22:46:57:a5:6f:08:98:26:22:8c:1f:
4f:5d:9a:f6:89:eb:73:95:01:58:d9:8d:d1:83:9f:56:02:e6:
be:05:9d:46:b9:09:73:b8:10:3d:9e:85:23:5b:ad:47:4b:6d:
31:7a:69:69:4e:26:f8:e0:ea:e4:2e:b5:f2:3d:57:d8:35:d3:
9c:af:93:f9:25:f9:b0:97:27:ec:c3:1b:b3:0f:b6:53:03:b2:
d6:d9:b9:66:f7:bc:e5:e6:21:c0:ab:9f:77:9a:90:06:52:0e:
27:2f:ce:04:57:a7:5d:3f:95:b9:e8:ef:90:d9:a4:09:e3:51:
27:f1:e9:0b:65:73:3b:b6:64:ae:b2:f0:3e:bd:9b:4c:53:cd:
8e:a9:22:d9:e1:7f:e4:6f:7b:fd:bd:cd:5f:9d:17:e2:92:af:
17:dd:8b:43:47:dd:5f:79:7e:06:41:1b:ce:f0:ec:33:65:6f:
c8:c9:59:49
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBYqASDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZWJlM2U1MjE0MDdmNTk3ZjI1NWYzZmI0ZTBiNTY5YzMyMDgzNTUyMB4XDTIyMDEw
MTA5MDAxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWMwODFiODUwNmRi
YmVkY2Y5ZTk5ODUzZmI0MjNlMWMxNTNiNzM0ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJNpBKQ2ZixQrnENXqj8NLSgfDn/pe6OQkgdf0GxSnCItKLh
E/LyZQmyJ4XSmg6NMusH86liFvQYbeCe2zyC8WmI3S8Al5gwYT09gD4/0JhP387A
xADvBIVfgg6mxQqoQJ6kGJpMP1OVurEhmsrJhp5yqCkMg9ZtWf8zVN3KaR0uWcdA
SLdYN8Em6/FxoN8YntI0fXkfSEbz6vu3R27eaaZs1P8N6if401S85gL1O0DlBtMo
TaLijjhVgLvsvDHPnMNTvAq5UBzBjWJMIx0eXUmM5dqXv6antBnC3sHENgpGrrpP
UHKbn9F+B/Gv5g3Al9i18/beHf4NLkaZ6JZyTdkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRcCBuFBtu+3PnpmFP7Qj4cFTtzTjAfBgNVHSMEGDAWgBQevj5SFAf1l/JV
8/tOC1acMgg1UjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hyNC1VaFFIOVpmeVZmUDdUZ3RXbkRJSU5WSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWUvMTI0YWM4LWZhOTMtNGMyMy1iZDYyLTViNGFmZjdhNjM5OC8x
L1hBZ2JoUWJidnR6NTZaaFQtMEktSEJVN2MwNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWUv
MTI0YWM4LWZhOTMtNGMyMy1iZDYyLTViNGFmZjdhNjM5OC8xL0hyNC1VaFFIOVpm
eVZmUDdUZ3RXbkRJSU5WSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAU4fAjANBgkqhkiG9w0BAQsFAAOC
AQEAjx/EaI+3AqqXtFD7FUL9BeNCxHwLK8IKxVuOaxFne8K5ZD+jN/RCCGBu5aZD
cFWliH+gYiuU4t5tAFS+Tvc6+VKF61qSo+C3VweqlXaBgSJGV6VvCJgmIowfT12a
9onrc5UBWNmN0YOfVgLmvgWdRrkJc7gQPZ6FI1utR0ttMXppaU4m+ODq5C618j1X
2DXTnK+T+SX5sJcn7MMbsw+2UwOy1tm5Zve85eYhwKufd5qQBlIOJy/OBFenXT+V
uejvkNmkCeNRJ/HpC2VzO7ZkrrLwPr2bTFPNjqki2eF/5G97/b3NX50X4pKvF92L
Q0fdX3l+BkEbzvDsM2VvyMlZSQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:17 2024 by rpki-client on console-ams.rpki-client.org