Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/Ii1SVAkBoVNz0LHZv0Wq_5vvkxk.roa
File: Ii1SVAkBoVNz0LHZv0Wq_5vvkxk.roa (raw, json)
Hash identifier: WNgGihbZM/vuEqzs3j3joU+sWtnajFkT19VhIszbmIg=
Subject key identifier: 22:2D:52:54:09:01:A1:53:73:D0:B1:D9:BF:45:AA:FF:9B:EF:93:19
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 01853018233669C866F1CD387C5D4D11E15E
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/Ii1SVAkBoVNz0LHZv0Wq_5vvkxk.roa
Signing time: Tue 20 Dec 2022 15:12:46 +0000
ROA not before: Tue 20 Dec 2022 15:12:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209632
IP address blocks: 139.28.188.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:30:18:23:36:69:c8:66:f1:cd:38:7c:5d:4d:11:e1:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Dec 20 15:12:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=222d52540901a15373d0b1d9bf45aaff9bef9319
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ee:31:e7:b9:c6:25:fa:f7:b0:28:31:b9:30:
57:a1:a8:98:70:55:47:c6:b1:85:26:98:96:31:0b:
16:f4:d7:cb:b3:b2:91:0f:f7:ad:1d:53:c0:7d:da:
39:89:72:1a:90:8c:04:a0:3d:fb:7d:6d:68:cf:0f:
49:cf:02:83:27:53:87:57:4a:68:7c:d4:7f:f8:86:
15:ba:c3:56:9b:4f:67:fd:ac:41:f3:df:e6:c9:bb:
e1:6e:ca:ca:6d:ba:d6:8a:89:9e:98:36:4e:b3:ed:
76:a7:fd:fa:fc:31:05:ee:35:be:72:b2:d4:76:df:
ae:4d:6d:fa:87:15:51:5f:44:d9:16:5f:dc:a9:57:
31:de:09:aa:a7:bc:f2:b6:70:81:87:c1:7b:70:b1:
89:3d:ee:29:9b:ed:5f:57:df:2f:c6:e4:02:c6:cc:
2e:54:68:80:8e:03:2f:fa:8d:1d:34:9d:01:73:b7:
71:38:c2:49:00:b9:1e:d7:81:fd:b0:1d:cb:39:62:
98:3b:0f:29:56:bc:bd:aa:1f:94:58:ed:16:fa:7a:
33:1a:05:45:3c:43:de:20:23:df:5f:f6:ab:1b:48:
80:82:b8:01:65:d2:fc:42:fe:1a:4f:59:18:f0:72:
40:96:fc:5f:29:08:75:6d:cf:8b:d0:bc:ee:89:70:
7b:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:2D:52:54:09:01:A1:53:73:D0:B1:D9:BF:45:AA:FF:9B:EF:93:19
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/Ii1SVAkBoVNz0LHZv0Wq_5vvkxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.188.0/22
Signature Algorithm: sha256WithRSAEncryption
34:bf:96:50:78:63:e5:57:8c:63:e1:5a:19:4f:d1:e3:92:8b:
d1:80:d1:e9:4f:8a:b3:02:b7:03:36:c8:dd:e1:19:af:ca:bf:
c6:73:be:09:cb:ec:2d:e2:51:d2:4e:99:08:39:99:53:5b:66:
75:aa:96:7e:ca:95:fa:8c:44:a3:83:48:5c:98:b8:86:7e:d2:
57:03:29:4f:79:1b:a8:8a:21:88:ae:ec:7a:32:d0:bb:66:0e:
d9:c4:6d:24:9c:3f:52:f7:ac:53:74:c5:31:c7:58:58:82:ff:
2c:b9:62:25:cb:0c:f4:90:52:ab:62:f7:67:fa:12:1b:fe:b8:
13:20:04:d8:a5:58:bd:77:79:72:bc:73:e7:ba:fe:bb:3a:90:
78:14:8a:0b:0e:f8:60:bd:2c:99:6f:bd:17:97:22:88:74:06:
8e:eb:da:89:bb:27:51:9f:7d:d6:6a:3a:d2:73:8d:c1:93:8f:
a4:ef:b9:d5:d5:24:96:64:ff:95:be:27:2e:5e:fc:07:80:eb:
87:7c:bf:b9:b1:46:43:06:ea:a1:6c:af:ff:15:5f:ad:89:bb:
d0:1b:1a:d8:fc:f9:f5:07:8c:f8:d1:7e:78:c8:de:09:1e:fc:
b3:7f:bb:c6:c2:86:e2:4c:04:2d:0e:b1:2c:7a:aa:3b:78:40:
05:5d:e0:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUwGCM2achm8c04fF1NEeFeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjIxMjIwMTUxMjQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjJkNTI1NDA5MDFhMTUzNzNkMGIxZDliZjQ1YWFmZjliZWY5MzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiO4x57nGJfr3sCgxuTBXoaiYcFVH
xrGFJpiWMQsW9NfLs7KRD/etHVPAfdo5iXIakIwEoD37fW1ozw9JzwKDJ1OHV0po
fNR/+IYVusNWm09n/axB89/mybvhbsrKbbrWiomemDZOs+12p/36/DEF7jW+crLU
dt+uTW36hxVRX0TZFl/cqVcx3gmqp7zytnCBh8F7cLGJPe4pm+1fV98vxuQCxswu
VGiAjgMv+o0dNJ0Bc7dxOMJJALke14H9sB3LOWKYOw8pVry9qh+UWO0W+nozGgVF
PEPeICPfX/arG0iAgrgBZdL8Qv4aT1kY8HJAlvxfKQh1bc+L0LzuiXB7EQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCItUlQJAaFTc9Cx2b9Fqv+b75MZMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvSWkxU1ZBa0JvVk56MExIWnYwV3FfNXZ2a3hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCixy8MA0G
CSqGSIb3DQEBCwUAA4IBAQA0v5ZQeGPlV4xj4VoZT9HjkovRgNHpT4qzArcDNsjd
4Rmvyr/Gc74Jy+wt4lHSTpkIOZlTW2Z1qpZ+ypX6jESjg0hcmLiGftJXAylPeRuo
iiGIrux6MtC7Zg7ZxG0knD9S96xTdMUxx1hYgv8suWIlywz0kFKrYvdn+hIb/rgT
IATYpVi9d3lyvHPnuv67OpB4FIoLDvhgvSyZb70XlyKIdAaO69qJuydRn33WajrS
c43Bk4+k77nV1SSWZP+VvicuXvwHgOuHfL+5sUZDBuqhbK//FV+tibvQGxrY/Pn1
B4z40X54yN4JHvyzf7vGwobiTAQtDrEseqo7eEAFXeBj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:36 2024 by rpki-client on console-fra.rpki-client.org