Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/XPYbrQ-alS9cNGAj7kGN1eJf6kM.roa
File: XPYbrQ-alS9cNGAj7kGN1eJf6kM.roa (raw, json)
Hash identifier: Ol+r8oodwOiQq/iPzgvu2gW9rcLeZ5/IvK2Ob74u8/U=
Subject key identifier: 5C:F6:1B:AD:0F:9A:95:2F:5C:34:60:23:EE:41:8D:D5:E2:5F:EA:43
Certificate issuer: /CN=4474cf3e2fa892b5fdd3f30dc8275ee1062e1d06
Certificate serial: 039B38A4
Authority key identifier: 44:74:CF:3E:2F:A8:92:B5:FD:D3:F3:0D:C8:27:5E:E1:06:2E:1D:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RHTPPi-okrX90_MNyCde4QYuHQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/XPYbrQ-alS9cNGAj7kGN1eJf6kM.roa
Signing time: Sat 07 May 2022 15:06:28 +0000
ROA not before: Sat 07 May 2022 15:06:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41378
IP address blocks: 2.58.64.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60504228 (0x39b38a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4474cf3e2fa892b5fdd3f30dc8275ee1062e1d06
Validity
Not Before: May 7 15:06:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5cf61bad0f9a952f5c346023ee418dd5e25fea43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:61:36:f9:26:12:7d:88:80:4a:a7:c7:af:0c:
01:7e:e2:81:71:4b:0e:e1:e3:b5:05:c3:23:e4:30:
44:cc:6a:71:d4:41:04:94:8e:64:2b:1c:60:1f:07:
18:54:ae:ce:fd:66:55:67:76:2e:12:68:be:4b:ec:
89:d9:79:6d:a1:30:87:39:73:b4:a6:19:8b:20:ff:
64:1f:fb:94:e7:ac:e8:8d:54:fe:1a:db:6a:c2:a5:
60:cb:37:5f:7c:a7:15:d9:ca:8a:af:33:06:78:ea:
dc:21:29:4d:95:02:b3:83:0e:79:12:2f:7d:fe:59:
4c:b2:6a:e8:cd:ef:96:ea:4e:80:5c:f0:64:bf:ae:
c0:f3:a7:10:b6:56:2f:91:00:3d:ee:93:9b:ce:ef:
6f:ef:1b:e4:b8:87:5e:89:39:21:e5:76:12:5a:93:
7a:6f:f4:9c:6d:c4:fc:17:76:30:05:fd:e2:e6:ae:
a5:d3:aa:81:46:80:e5:20:9c:70:e2:ce:7a:fb:c5:
79:fb:f8:ba:8a:02:71:a5:16:45:56:e6:bc:2f:8e:
32:dd:91:59:51:9f:24:a4:51:9c:f2:d7:92:81:99:
2b:22:77:a3:32:7d:4a:f8:c3:c1:5d:02:9a:53:e4:
d3:ff:b7:37:d4:8d:c5:f8:c2:d9:91:08:ad:72:2b:
c2:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:F6:1B:AD:0F:9A:95:2F:5C:34:60:23:EE:41:8D:D5:E2:5F:EA:43
X509v3 Authority Key Identifier:
keyid:44:74:CF:3E:2F:A8:92:B5:FD:D3:F3:0D:C8:27:5E:E1:06:2E:1D:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RHTPPi-okrX90_MNyCde4QYuHQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/XPYbrQ-alS9cNGAj7kGN1eJf6kM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/RHTPPi-okrX90_MNyCde4QYuHQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.64.0/23
Signature Algorithm: sha256WithRSAEncryption
83:9f:94:ab:d2:1c:e9:e1:c0:87:24:7e:50:c2:a1:2d:8c:8a:
24:fc:80:1f:a6:46:02:e3:18:4a:35:11:b7:88:2c:71:5d:dc:
6b:55:33:47:49:c4:83:51:b9:0b:cc:42:34:bc:24:0d:fb:65:
b5:63:f5:db:90:93:24:fd:28:78:37:e0:5a:60:7d:8a:ef:25:
22:01:31:13:04:3b:0b:10:3b:74:59:fd:ae:88:a9:cc:6a:12:
56:ba:53:98:76:75:c2:ea:d1:ff:89:ac:47:2b:5e:73:67:eb:
86:85:2a:f6:a8:6a:ac:94:24:d8:2d:19:71:2e:e6:61:90:67:
15:8a:51:13:c7:5a:83:42:c0:00:ca:fd:de:b4:25:d7:5b:4d:
9d:c9:44:40:d0:e6:47:99:3e:03:12:cf:dd:57:77:f0:d1:77:
d2:4e:24:2a:10:8d:c0:75:1b:59:24:fa:d7:05:b3:67:2c:34:
ba:a4:1d:83:7a:dd:d6:88:2a:a8:20:55:2b:3f:2e:97:e0:8b:
51:1e:96:91:59:97:14:cd:22:2c:21:be:bc:e7:aa:ea:85:d8:
1f:1a:ef:3a:3c:b9:f8:a8:90:8b:f5:39:89:bf:93:38:50:d8:
84:b2:a8:38:ac:be:56:b5:ed:57:0b:48:af:9d:73:74:0c:9e:
89:b6:72:36
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA5s4pDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NDc0Y2YzZTJmYTg5MmI1ZmRkM2YzMGRjODI3NWVlMTA2MmUxZDA2MB4XDTIyMDUw
NzE1MDYyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWNmNjFiYWQwZjlh
OTUyZjVjMzQ2MDIzZWU0MThkZDVlMjVmZWE0MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKxhNvkmEn2IgEqnx68MAX7igXFLDuHjtQXDI+QwRMxqcdRB
BJSOZCscYB8HGFSuzv1mVWd2LhJovkvsidl5baEwhzlztKYZiyD/ZB/7lOes6I1U
/hrbasKlYMs3X3ynFdnKiq8zBnjq3CEpTZUCs4MOeRIvff5ZTLJq6M3vlupOgFzw
ZL+uwPOnELZWL5EAPe6Tm87vb+8b5LiHXok5IeV2ElqTem/0nG3E/Bd2MAX94uau
pdOqgUaA5SCccOLOevvFefv4uooCcaUWRVbmvC+OMt2RWVGfJKRRnPLXkoGZKyJ3
ozJ9SvjDwV0CmlPk0/+3N9SNxfjC2ZEIrXIrwnkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRc9hutD5qVL1w0YCPuQY3V4l/qQzAfBgNVHSMEGDAWgBREdM8+L6iStf3T
8w3IJ17hBi4dBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JIVFBQaS1va3JYOTBfTU55Q2RlNFFZdUhRWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDMvZTIwYmExLTZhZTgtNGI0My1hNzA5LTc1NDVjMDRlMTU3OC8x
L1hQWWJyUS1hbFM5Y05HQWo3a0dOMWVKZjZrTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMv
ZTIwYmExLTZhZTgtNGI0My1hNzA5LTc1NDVjMDRlMTU3OC8xL1JIVFBQaS1va3JY
OTBfTU55Q2RlNFFZdUhRWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAQI6QDANBgkqhkiG9w0BAQsFAAOC
AQEAg5+Uq9Ic6eHAhyR+UMKhLYyKJPyAH6ZGAuMYSjURt4gscV3ca1UzR0nEg1G5
C8xCNLwkDftltWP125CTJP0oeDfgWmB9iu8lIgExEwQ7CxA7dFn9roipzGoSVrpT
mHZ1wurR/4msRytec2frhoUq9qhqrJQk2C0ZcS7mYZBnFYpRE8dag0LAAMr93rQl
11tNnclEQNDmR5k+AxLP3Vd38NF30k4kKhCNwHUbWST61wWzZyw0uqQdg3rd1ogq
qCBVKz8ul+CLUR6WkVmXFM0iLCG+vOeq6oXYHxrvOjy5+KiQi/U5ib+TOFDYhLKo
OKy+VrXtVwtIr51zdAyeibZyNg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:23 2023 by rpki-client on console-ams.rpki-client.org