Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/b000e2-67c3-46f7-8820-42e002dad9ae/1/jghlO1WKfWaUrPeQytAlIrAcFxs.roa
File: jghlO1WKfWaUrPeQytAlIrAcFxs.roa (raw, json)
Hash identifier: xp+wN/9py/wF3TRBp7tUbn2sYeAssEXGjA6mBgkAOHg=
Subject key identifier: 8E:08:65:3B:55:8A:7D:66:94:AC:F7:90:CA:D0:25:22:B0:1C:17:1B
Certificate issuer: /CN=34921598b6a261aa4c3e67144ac876033253e0aa
Certificate serial: 114A7162
Authority key identifier: 34:92:15:98:B6:A2:61:AA:4C:3E:67:14:4A:C8:76:03:32:53:E0:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJIVmLaiYapMPmcUSsh2AzJT4Ko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/b000e2-67c3-46f7-8820-42e002dad9ae/1/jghlO1WKfWaUrPeQytAlIrAcFxs.roa
Signing time: Sat 01 Jan 2022 02:01:44 +0000
ROA not before: Sat 01 Jan 2022 02:01:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39605
IP address blocks: 185.28.232.0/22 maxlen: 24
2a00:a320::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 290091362 (0x114a7162)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34921598b6a261aa4c3e67144ac876033253e0aa
Validity
Not Before: Jan 1 02:01:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8e08653b558a7d6694acf790cad02522b01c171b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:03:f5:f3:df:8b:7b:49:53:a5:0c:3a:28:2d:
a5:46:ac:cb:72:83:16:b8:49:16:76:44:08:e6:9b:
10:cf:42:4f:3e:a2:f3:b1:3e:58:fa:2c:94:ed:b0:
23:66:4c:90:32:db:58:6e:6c:14:d8:94:ad:ab:6a:
b6:0d:0c:fc:63:31:88:9e:2e:c3:89:22:3e:27:4c:
5d:ca:b5:d3:53:ec:fb:00:a8:43:43:cc:de:bd:f7:
66:91:fa:3b:62:fd:3b:e5:de:d5:f8:23:52:3d:3d:
56:dc:27:0d:df:53:d6:d9:70:a6:db:e7:78:e2:f7:
05:dc:53:d7:32:a4:76:a9:e8:7a:5e:a9:2f:de:83:
28:bf:93:b0:d8:c5:e6:85:57:47:73:be:6e:db:a6:
8d:8a:a3:0c:4f:4b:1e:f4:7a:24:8b:11:9a:11:ed:
c6:6f:ea:c3:4a:92:bd:46:52:18:50:06:df:f4:7b:
b8:28:7d:39:aa:cd:b2:f7:66:22:51:c5:a5:2a:db:
eb:b2:2e:f9:49:b6:d0:48:e6:03:5b:09:ef:13:d1:
4c:da:59:21:2b:71:14:6c:2a:3c:c2:2f:12:8c:7a:
35:1a:b7:33:78:74:79:2a:67:95:04:68:39:0b:e1:
90:15:0f:30:7c:2c:a5:58:13:a9:6f:47:6f:bd:ca:
9f:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:08:65:3B:55:8A:7D:66:94:AC:F7:90:CA:D0:25:22:B0:1C:17:1B
X509v3 Authority Key Identifier:
keyid:34:92:15:98:B6:A2:61:AA:4C:3E:67:14:4A:C8:76:03:32:53:E0:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJIVmLaiYapMPmcUSsh2AzJT4Ko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/b000e2-67c3-46f7-8820-42e002dad9ae/1/jghlO1WKfWaUrPeQytAlIrAcFxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/b000e2-67c3-46f7-8820-42e002dad9ae/1/NJIVmLaiYapMPmcUSsh2AzJT4Ko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.232.0/22
IPv6:
2a00:a320::/32
Signature Algorithm: sha256WithRSAEncryption
2c:e1:20:3a:a9:80:89:1c:cc:b1:b8:6a:eb:a4:c6:fc:39:59:
37:c3:a8:60:ec:5e:b6:2f:78:67:36:88:67:6f:9c:fb:6a:bb:
bb:a8:41:46:4c:9a:01:08:f8:71:25:0c:68:6f:6f:85:da:d3:
47:f8:dd:9d:28:fa:71:b1:7a:ef:81:23:fd:3e:50:17:46:24:
74:6c:71:e5:e8:c4:af:28:a5:aa:d3:f2:43:e4:6d:14:5a:ef:
e6:ce:c6:7b:9b:36:03:34:9e:d4:37:42:a1:63:c2:7f:46:7b:
cb:2c:14:3b:47:04:f7:94:9c:b3:69:d6:5b:c9:72:4b:c5:c2:
1d:41:2b:c4:12:0a:e7:76:18:ef:6f:b7:2e:ae:58:20:cd:cb:
dd:d1:ca:27:48:be:42:88:bd:7a:4b:7c:35:74:61:1a:06:97:
52:af:96:40:35:68:85:91:82:5c:a6:30:39:49:87:9d:4d:10:
67:aa:c1:bf:e1:ad:ba:c3:60:80:97:67:67:79:a6:0c:42:75:
32:ec:3a:cc:44:3c:96:8a:3f:34:40:a1:c5:9c:0b:89:89:24:
24:bc:03:70:ca:c4:d4:fe:ba:aa:65:e8:de:77:18:b5:d6:1b:
c6:68:98:e0:15:41:20:b6:ce:5d:07:88:46:fb:69:8c:b9:87:
7b:5a:ff:52
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEEUpxYjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDkyMTU5OGI2YTI2MWFhNGMzZTY3MTQ0YWM4NzYwMzMyNTNlMGFhMB4XDTIyMDEw
MTAyMDE0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGUwODY1M2I1NThh
N2Q2Njk0YWNmNzkwY2FkMDI1MjJiMDFjMTcxYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL4D9fPfi3tJU6UMOigtpUasy3KDFrhJFnZECOabEM9CTz6i
87E+WPoslO2wI2ZMkDLbWG5sFNiUratqtg0M/GMxiJ4uw4kiPidMXcq101Ps+wCo
Q0PM3r33ZpH6O2L9O+Xe1fgjUj09VtwnDd9T1tlwptvneOL3BdxT1zKkdqnoel6p
L96DKL+TsNjF5oVXR3O+btumjYqjDE9LHvR6JIsRmhHtxm/qw0qSvUZSGFAG3/R7
uCh9OarNsvdmIlHFpSrb67Iu+Um20EjmA1sJ7xPRTNpZIStxFGwqPMIvEox6NRq3
M3h0eSpnlQRoOQvhkBUPMHwspVgTqW9Hb73Kn4sCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSOCGU7VYp9ZpSs95DK0CUisBwXGzAfBgNVHSMEGDAWgBQ0khWYtqJhqkw+
ZxRKyHYDMlPgqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05KSVZtTGFpWWFwTVBtY1VTc2gyQXpKVDRLby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWIvYjAwMGUyLTY3YzMtNDZmNy04ODIwLTQyZTAwMmRhZDlhZS8x
L2pnaGxPMVdLZldhVXJQZVF5dEFsSXJBY0Z4cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIv
YjAwMGUyLTY3YzMtNDZmNy04ODIwLTQyZTAwMmRhZDlhZS8xL05KSVZtTGFpWWFw
TVBtY1VTc2gyQXpKVDRLby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArkc6DANBAIAAjAHAwUAKgCjIDAN
BgkqhkiG9w0BAQsFAAOCAQEALOEgOqmAiRzMsbhq66TG/DlZN8OoYOxeti94ZzaI
Z2+c+2q7u6hBRkyaAQj4cSUMaG9vhdrTR/jdnSj6cbF674Ej/T5QF0YkdGxx5ejE
ryilqtPyQ+RtFFrv5s7Ge5s2AzSe1DdCoWPCf0Z7yywUO0cE95Scs2nWW8lyS8XC
HUErxBIK53YY72+3Lq5YIM3L3dHKJ0i+Qoi9ekt8NXRhGgaXUq+WQDVohZGCXKYw
OUmHnU0QZ6rBv+GtusNggJdnZ3mmDEJ1Muw6zEQ8loo/NEChxZwLiYkkJLwDcMrE
1P66qmXo3ncYtdYbxmiY4BVBILbOXQeIRvtpjLmHe1r/Ug==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:31 2024 by rpki-client on console-fra.rpki-client.org