Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/0219c1-a551-4b91-9ca3-032b3b614dd8/1/dJrlYCnQOae9XGVjmeRd9dKdv4w.roa
File: dJrlYCnQOae9XGVjmeRd9dKdv4w.roa (raw, json)
Hash identifier: aTofD1WS7WRzOJH2oeBtcwDSIC09slCrmdpzAge5k/U=
Subject key identifier: 74:9A:E5:60:29:D0:39:A7:BD:5C:65:63:99:E4:5D:F5:D2:9D:BF:8C
Certificate issuer: /CN=0f78ea46cc21d45ed61268d4a9f56732c85e2150
Certificate serial: 05F9588C
Authority key identifier: 0F:78:EA:46:CC:21:D4:5E:D6:12:68:D4:A9:F5:67:32:C8:5E:21:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D3jqRswh1F7WEmjUqfVnMsheIVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/0219c1-a551-4b91-9ca3-032b3b614dd8/1/dJrlYCnQOae9XGVjmeRd9dKdv4w.roa
Signing time: Sat 01 Jan 2022 01:02:12 +0000
ROA not before: Sat 01 Jan 2022 01:02:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201278
IP address blocks: 188.66.28.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100227212 (0x5f9588c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f78ea46cc21d45ed61268d4a9f56732c85e2150
Validity
Not Before: Jan 1 01:02:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=749ae56029d039a7bd5c656399e45df5d29dbf8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b3:da:d2:cb:ce:ea:ef:41:17:ca:6b:50:22:
fe:ee:e3:06:a4:8f:e4:ce:25:c6:74:81:43:5d:88:
32:10:a4:f9:ba:aa:a6:8d:f1:71:70:4b:dd:ae:37:
ed:37:3e:f5:37:e4:28:ce:46:63:d2:3e:5e:f4:7d:
78:92:3b:05:0a:4a:a8:48:93:b3:79:98:7d:1d:0b:
87:bf:21:e3:0e:ae:09:92:4f:91:86:03:f7:3c:ad:
d3:ed:26:77:83:96:1e:c4:a3:92:f3:fe:0b:a3:ac:
8d:dd:47:3e:07:73:a6:10:fc:be:bc:ec:c5:c3:56:
0a:6c:a8:03:80:1f:8f:db:67:2a:43:bc:3b:9d:68:
b3:93:85:4f:76:f8:87:25:05:97:d2:83:f8:c6:31:
a0:d9:e1:9e:1a:53:98:05:da:89:73:9d:06:17:57:
0f:91:77:4a:f9:94:25:d0:4d:66:68:ee:c1:9d:16:
21:f5:26:e3:5f:7d:b1:ab:bb:c5:89:70:bf:90:ff:
2a:e9:cb:12:04:cb:75:23:c1:fe:4f:60:12:9e:52:
aa:11:df:2f:1e:9d:ca:ed:92:b9:3b:88:04:96:19:
22:76:71:0f:c6:51:96:04:a4:bc:bc:ed:6b:56:d1:
df:52:5c:6c:8e:8c:b6:6c:ac:bc:87:a3:b5:66:e4:
fc:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:9A:E5:60:29:D0:39:A7:BD:5C:65:63:99:E4:5D:F5:D2:9D:BF:8C
X509v3 Authority Key Identifier:
keyid:0F:78:EA:46:CC:21:D4:5E:D6:12:68:D4:A9:F5:67:32:C8:5E:21:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D3jqRswh1F7WEmjUqfVnMsheIVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/0219c1-a551-4b91-9ca3-032b3b614dd8/1/dJrlYCnQOae9XGVjmeRd9dKdv4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/0219c1-a551-4b91-9ca3-032b3b614dd8/1/D3jqRswh1F7WEmjUqfVnMsheIVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.66.28.0/22
Signature Algorithm: sha256WithRSAEncryption
45:5b:1c:fa:16:05:08:61:e5:88:4f:7f:02:8d:b5:62:6e:2a:
36:9a:ae:3d:15:a5:b8:df:26:a4:d6:22:37:d0:53:0c:23:ea:
3b:05:a4:d1:eb:19:7a:6a:53:14:ee:74:4e:d1:8a:67:f5:b1:
05:34:ae:a2:01:8d:85:de:f8:29:96:ae:57:80:1b:ba:04:40:
91:5e:10:de:c9:3a:63:ed:b9:98:9f:70:88:3f:d3:d8:6a:ab:
fb:a6:9e:f0:02:13:ca:ec:cb:92:5c:16:52:c1:50:53:c7:c5:
06:64:9c:a6:a3:38:f5:cc:e8:0e:0a:f0:7b:37:13:80:2d:f9:
3b:6d:1c:47:a9:9e:36:d0:49:1f:09:f0:a5:d5:94:22:a7:39:
4b:eb:51:5f:26:24:d6:06:db:08:da:c4:f3:b7:98:e9:ac:e9:
3a:47:a7:b9:00:84:1f:ce:19:0f:83:f6:38:5d:6c:8e:de:ce:
5b:37:1e:97:aa:b0:88:34:3e:0c:0e:f9:78:f1:31:25:1c:a2:
9c:d2:6c:08:20:5f:07:05:df:4d:83:f1:91:6c:28:86:30:1c:
d1:d7:de:b3:e6:9a:18:51:25:5a:4e:d7:d0:bd:17:4c:5b:9c:
00:33:31:a7:e8:ae:76:4e:1d:f8:e6:4d:2b:3c:38:e5:41:14:
f3:38:0a:19
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBflYjDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
Zjc4ZWE0NmNjMjFkNDVlZDYxMjY4ZDRhOWY1NjczMmM4NWUyMTUwMB4XDTIyMDEw
MTAxMDIxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzQ5YWU1NjAyOWQw
MzlhN2JkNWM2NTYzOTllNDVkZjVkMjlkYmY4YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKCz2tLLzurvQRfKa1Ai/u7jBqSP5M4lxnSBQ12IMhCk+bqq
po3xcXBL3a437Tc+9TfkKM5GY9I+XvR9eJI7BQpKqEiTs3mYfR0Lh78h4w6uCZJP
kYYD9zyt0+0md4OWHsSjkvP+C6Osjd1HPgdzphD8vrzsxcNWCmyoA4Afj9tnKkO8
O51os5OFT3b4hyUFl9KD+MYxoNnhnhpTmAXaiXOdBhdXD5F3SvmUJdBNZmjuwZ0W
IfUm4199sau7xYlwv5D/KunLEgTLdSPB/k9gEp5SqhHfLx6dyu2SuTuIBJYZInZx
D8ZRlgSkvLzta1bR31JcbI6MtmysvIejtWbk/K8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR0muVgKdA5p71cZWOZ5F310p2/jDAfBgNVHSMEGDAWgBQPeOpGzCHUXtYS
aNSp9WcyyF4hUDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0QzanFSc3doMUY3V0VtalVxZlZuTXNoZUlWQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmIvMDIxOWMxLWE1NTEtNGI5MS05Y2EzLTAzMmIzYjYxNGRkOC8x
L2RKcmxZQ25RT2FlOVhHVmptZVJkOWRLZHY0dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmIv
MDIxOWMxLWE1NTEtNGI5MS05Y2EzLTAzMmIzYjYxNGRkOC8xL0QzanFSc3doMUY3
V0VtalVxZlZuTXNoZUlWQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArxCHDANBgkqhkiG9w0BAQsFAAOC
AQEARVsc+hYFCGHliE9/Ao21Ym4qNpquPRWluN8mpNYiN9BTDCPqOwWk0esZempT
FO50TtGKZ/WxBTSuogGNhd74KZauV4AbugRAkV4Q3sk6Y+25mJ9wiD/T2Gqr+6ae
8AITyuzLklwWUsFQU8fFBmScpqM49czoDgrwezcTgC35O20cR6meNtBJHwnwpdWU
Iqc5S+tRXyYk1gbbCNrE87eY6azpOkenuQCEH84ZD4P2OF1sjt7OWzcel6qwiDQ+
DA75ePExJRyinNJsCCBfBwXfTYPxkWwohjAc0dfes+aaGFElWk7X0L0XTFucADMx
p+iudk4d+OZNKzw45UEU8zgKGQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:52 2024 by rpki-client on console-ams.rpki-client.org