Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/49d050-dace-45ec-8139-9e71f6a84801/1/XzG78zNw6OinIKor4tv-Tnb05dM.roa
File: XzG78zNw6OinIKor4tv-Tnb05dM.roa (raw, json)
Hash identifier: mIerpoXNktwm/MzNEUb5qyzaGEk8Qru9FUsDP4RyF3s=
Subject key identifier: 5F:31:BB:F3:33:70:E8:E8:A7:20:AA:2B:E2:DB:FE:4E:76:F4:E5:D3
Certificate issuer: /CN=c04ede1e7bf67199e7ab6f5ed0049e9608317362
Certificate serial: 05A8BA14
Authority key identifier: C0:4E:DE:1E:7B:F6:71:99:E7:AB:6F:5E:D0:04:9E:96:08:31:73:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wE7eHnv2cZnnq29e0ASelggxc2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/49d050-dace-45ec-8139-9e71f6a84801/1/XzG78zNw6OinIKor4tv-Tnb05dM.roa
Signing time: Tue 04 Jan 2022 10:08:13 +0000
ROA not before: Tue 04 Jan 2022 10:08:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51188
IP address blocks: 185.166.28.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94943764 (0x5a8ba14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c04ede1e7bf67199e7ab6f5ed0049e9608317362
Validity
Not Before: Jan 4 10:08:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5f31bbf33370e8e8a720aa2be2dbfe4e76f4e5d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:98:2c:bc:4d:a3:f6:9d:9a:f9:bb:cd:49:06:
02:89:ed:b2:33:70:28:87:22:6d:4e:ad:73:16:bf:
8c:91:ae:01:c2:db:5f:fd:b9:1b:d0:f6:db:8f:b0:
77:17:e2:9f:07:70:25:7c:79:4d:a9:05:69:e0:1c:
3d:a0:38:ca:0c:d0:96:04:31:eb:f4:b9:c9:58:b8:
a7:e3:b1:81:f7:36:b8:7e:c0:42:4e:f8:61:c9:c1:
9b:d4:d1:d4:f8:16:fd:54:bd:c8:c3:a2:61:16:30:
5a:b5:62:7c:ea:31:fd:f7:b7:22:df:81:8c:80:6d:
9b:e0:a4:fc:fa:1e:e1:1d:cb:19:0a:98:13:c3:4a:
b6:ea:63:4e:13:23:ea:0c:3f:de:53:b4:25:1d:a8:
91:5f:45:0f:87:47:83:28:2e:a1:c4:fa:89:20:76:
cf:c5:96:9d:d1:8e:e5:fb:63:0b:f0:30:c6:0e:68:
48:a1:e6:dc:40:1a:78:99:fb:7a:17:88:e4:74:c4:
d0:93:59:2c:69:62:51:89:9b:aa:41:61:e2:ce:b9:
53:b1:0f:ca:04:76:cc:f6:fb:aa:8c:70:48:54:83:
0f:10:28:70:c2:10:02:1f:31:8d:f9:0a:d9:8f:9f:
7f:2f:a3:7f:94:b0:f3:e4:41:ec:53:a8:e2:31:c8:
3d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:31:BB:F3:33:70:E8:E8:A7:20:AA:2B:E2:DB:FE:4E:76:F4:E5:D3
X509v3 Authority Key Identifier:
keyid:C0:4E:DE:1E:7B:F6:71:99:E7:AB:6F:5E:D0:04:9E:96:08:31:73:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wE7eHnv2cZnnq29e0ASelggxc2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/49d050-dace-45ec-8139-9e71f6a84801/1/XzG78zNw6OinIKor4tv-Tnb05dM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/49d050-dace-45ec-8139-9e71f6a84801/1/wE7eHnv2cZnnq29e0ASelggxc2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.28.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:ab:0f:b2:f7:d7:61:54:f9:dc:b1:02:4d:e1:40:6e:71:be:
81:97:85:56:c1:b0:59:25:36:9a:7a:69:c4:26:cf:10:11:c5:
a9:37:b3:41:be:7a:cb:5b:b6:88:7d:0f:9c:05:44:14:3b:3a:
50:a0:59:36:07:c3:31:a0:66:2c:60:b8:dd:33:8e:b8:e8:fa:
33:13:8f:a7:00:cc:f1:04:ac:ce:a8:1f:19:83:d0:e2:79:c3:
92:f3:9b:8c:1b:f3:d3:0b:1d:d9:49:cb:68:fb:17:1f:89:47:
d5:a5:61:9b:87:1e:49:a3:6e:ff:0c:f3:70:55:eb:a9:5a:b7:
ca:75:13:b8:bd:a5:4d:bf:ff:a6:88:d9:f2:84:81:9e:e6:ce:
8f:4c:a8:f6:0b:c5:5f:6e:63:32:f1:51:0b:5a:41:3d:b0:39:
9b:a5:12:e8:9c:5c:d9:8d:39:e0:06:5a:3a:a4:df:29:dd:66:
05:89:1f:a7:13:b0:63:4c:2f:42:06:33:4b:13:c7:aa:a4:9b:
12:72:d5:97:79:21:89:99:b3:a9:e0:0f:5b:31:d7:ee:e6:4a:
98:fd:2a:6a:3d:f1:3a:2e:f3:c5:44:a1:72:4a:ce:21:a8:e8:
5d:95:93:89:58:c5:3e:50:56:c9:78:02:ed:14:60:c7:a1:94:
2e:43:f5:ab
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBai6FDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MDRlZGUxZTdiZjY3MTk5ZTdhYjZmNWVkMDA0OWU5NjA4MzE3MzYyMB4XDTIyMDEw
NDEwMDgxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWYzMWJiZjMzMzcw
ZThlOGE3MjBhYTJiZTJkYmZlNGU3NmY0ZTVkMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ+YLLxNo/admvm7zUkGAontsjNwKIcibU6tcxa/jJGuAcLb
X/25G9D224+wdxfinwdwJXx5TakFaeAcPaA4ygzQlgQx6/S5yVi4p+Oxgfc2uH7A
Qk74YcnBm9TR1PgW/VS9yMOiYRYwWrVifOox/fe3It+BjIBtm+Ck/Poe4R3LGQqY
E8NKtupjThMj6gw/3lO0JR2okV9FD4dHgyguocT6iSB2z8WWndGO5ftjC/Awxg5o
SKHm3EAaeJn7eheI5HTE0JNZLGliUYmbqkFh4s65U7EPygR2zPb7qoxwSFSDDxAo
cMIQAh8xjfkK2Y+ffy+jf5Sw8+RB7FOo4jHIPVMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRfMbvzM3Do6Kcgqivi2/5OdvTl0zAfBgNVHSMEGDAWgBTATt4ee/Zxmeer
b17QBJ6WCDFzYjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3dFN2VIbnYyY1pubnEyOWUwQVNlbGdneGMySS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvNDlkMDUwLWRhY2UtNDVlYy04MTM5LTllNzFmNmE4NDgwMS8x
L1h6Rzc4ek53Nk9pbklLb3I0dHYtVG5iMDVkTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
NDlkMDUwLWRhY2UtNDVlYy04MTM5LTllNzFmNmE4NDgwMS8xL3dFN2VIbnYyY1pu
bnEyOWUwQVNlbGdneGMySS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmmHDANBgkqhkiG9w0BAQsFAAOC
AQEAoqsPsvfXYVT53LECTeFAbnG+gZeFVsGwWSU2mnppxCbPEBHFqTezQb56y1u2
iH0PnAVEFDs6UKBZNgfDMaBmLGC43TOOuOj6MxOPpwDM8QSszqgfGYPQ4nnDkvOb
jBvz0wsd2UnLaPsXH4lH1aVhm4ceSaNu/wzzcFXrqVq3ynUTuL2lTb//pojZ8oSB
nubOj0yo9gvFX25jMvFRC1pBPbA5m6US6Jxc2Y054AZaOqTfKd1mBYkfpxOwY0wv
QgYzSxPHqqSbEnLVl3khiZmzqeAPWzHX7uZKmP0qaj3xOi7zxUShckrOIajoXZWT
iVjFPlBWyXgC7RRgx6GULkP1qw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:32 2024 by rpki-client on console-ams.rpki-client.org