Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/139b38-5b24-407d-b17e-4ca35430dca3/1/XIPKcNSFJYaqppUH7jjc_HoHPH8.roa
File: XIPKcNSFJYaqppUH7jjc_HoHPH8.roa (raw, json)
Hash identifier: 6BNJuvt5jRrGniiOcGC9T80NElNCkDo+sO/3BENpLBk=
Subject key identifier: 5C:83:CA:70:D4:85:25:86:AA:A6:95:07:EE:38:DC:FC:7A:07:3C:7F
Certificate issuer: /CN=80a333d13dc915f4fbfb61b25a4877e9138e7f1d
Certificate serial: 089F8BA8
Authority key identifier: 80:A3:33:D1:3D:C9:15:F4:FB:FB:61:B2:5A:48:77:E9:13:8E:7F:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gKMz0T3JFfT7-2GyWkh36ROOfx0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/139b38-5b24-407d-b17e-4ca35430dca3/1/XIPKcNSFJYaqppUH7jjc_HoHPH8.roa
Signing time: Sat 01 Jan 2022 06:52:06 +0000
ROA not before: Sat 01 Jan 2022 06:52:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209123
IP address blocks: 2.58.88.0/22 maxlen: 24
2a09:e340::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 144673704 (0x89f8ba8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80a333d13dc915f4fbfb61b25a4877e9138e7f1d
Validity
Not Before: Jan 1 06:52:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c83ca70d4852586aaa69507ee38dcfc7a073c7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:80:13:3f:34:df:f5:ee:bb:fe:fb:e1:80:d4:
ff:89:1e:38:bc:21:d6:39:ae:31:b1:d5:f1:51:76:
7f:9b:1e:c6:d8:3b:40:26:d7:88:68:37:10:25:1f:
14:2a:b4:9b:39:65:d9:4c:01:56:9d:4a:50:22:25:
ed:11:66:58:0f:c8:a4:4a:37:6c:06:39:61:3b:05:
e3:12:10:12:0f:75:a6:5c:ff:50:22:f0:9c:a4:fd:
5e:ae:52:d7:8b:79:c6:88:73:84:fd:8c:08:1a:12:
31:ce:93:1b:24:ec:12:ae:c0:53:78:48:92:30:c4:
52:60:84:c4:9f:47:f6:3b:4c:73:07:e8:64:e5:77:
1a:62:6d:a0:db:9b:bb:b5:7a:3e:fd:3c:7a:a7:fb:
f9:17:ba:3c:9f:96:4c:0a:49:fa:c0:1b:45:82:c8:
28:ae:bc:ea:6c:e3:b2:30:d9:f6:64:7d:34:22:f7:
55:e7:fc:95:c3:a8:f3:88:05:ac:13:7f:f8:40:19:
ab:b3:99:bb:4e:4a:c9:c6:a4:e3:45:87:71:ce:e8:
e1:53:35:19:8a:22:79:9c:69:aa:97:f2:8b:d9:3f:
68:c0:b3:ce:87:96:12:15:31:73:b8:19:c6:9f:91:
40:7c:14:9e:63:7d:0b:ea:2f:06:ef:e1:5e:35:57:
30:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:83:CA:70:D4:85:25:86:AA:A6:95:07:EE:38:DC:FC:7A:07:3C:7F
X509v3 Authority Key Identifier:
keyid:80:A3:33:D1:3D:C9:15:F4:FB:FB:61:B2:5A:48:77:E9:13:8E:7F:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gKMz0T3JFfT7-2GyWkh36ROOfx0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/139b38-5b24-407d-b17e-4ca35430dca3/1/XIPKcNSFJYaqppUH7jjc_HoHPH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/139b38-5b24-407d-b17e-4ca35430dca3/1/gKMz0T3JFfT7-2GyWkh36ROOfx0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.88.0/22
IPv6:
2a09:e340::/29
Signature Algorithm: sha256WithRSAEncryption
99:71:87:c0:2a:87:e0:68:99:7a:de:c7:88:bd:3d:98:d4:7b:
00:8d:f3:0d:62:b4:b2:29:74:4a:bb:ec:b7:4e:e5:4e:37:fc:
cf:67:22:79:e7:f5:9a:9e:b6:4b:60:2f:4f:8b:f6:f6:84:d2:
3f:ff:d8:28:6b:a7:68:3e:c6:de:5c:6e:6f:37:69:30:14:0b:
95:af:c7:e1:9c:ba:f8:a2:fd:88:50:0d:1c:01:92:e4:c0:68:
a8:5a:03:88:13:4d:94:1e:8f:5b:4f:b0:b1:5a:2b:d5:ba:5c:
5a:4c:e3:ed:da:3d:a1:7b:f5:6f:b6:5c:1e:4a:71:24:36:f4:
53:ee:e8:20:e5:91:fb:5e:a8:41:10:66:a8:6c:70:0e:5c:8e:
fa:1e:68:5b:de:df:41:bc:c1:74:c1:14:a7:16:eb:22:43:b4:
87:a3:51:18:5f:55:53:8a:50:ff:a5:94:4a:87:24:5f:9e:e2:
50:c3:3d:3f:80:04:40:a2:11:21:ff:bc:8e:c6:d3:90:ba:5f:
88:e8:1b:7b:d0:27:c3:27:7b:c2:2b:e9:51:e1:58:52:15:13:
c7:e3:fa:49:d6:09:30:af:32:24:3c:f8:63:35:55:cb:8a:c9:
04:46:b1:fc:8e:82:e6:d4:f3:3a:ed:bf:e6:03:b2:b8:2b:7c:
21:55:5d:dc
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECJ+LqDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MGEzMzNkMTNkYzkxNWY0ZmJmYjYxYjI1YTQ4NzdlOTEzOGU3ZjFkMB4XDTIyMDEw
MTA2NTIwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWM4M2NhNzBkNDg1
MjU4NmFhYTY5NTA3ZWUzOGRjZmM3YTA3M2M3ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKSAEz803/Xuu/774YDU/4keOLwh1jmuMbHV8VF2f5sextg7
QCbXiGg3ECUfFCq0mzll2UwBVp1KUCIl7RFmWA/IpEo3bAY5YTsF4xIQEg91plz/
UCLwnKT9Xq5S14t5xohzhP2MCBoSMc6TGyTsEq7AU3hIkjDEUmCExJ9H9jtMcwfo
ZOV3GmJtoNubu7V6Pv08eqf7+Re6PJ+WTApJ+sAbRYLIKK686mzjsjDZ9mR9NCL3
Vef8lcOo84gFrBN/+EAZq7OZu05Kycak40WHcc7o4VM1GYoieZxpqpfyi9k/aMCz
zoeWEhUxc7gZxp+RQHwUnmN9C+ovBu/hXjVXMLkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRcg8pw1IUlhqqmlQfuONz8egc8fzAfBgNVHSMEGDAWgBSAozPRPckV9Pv7
YbJaSHfpE45/HTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dLTXowVDNKRmZUNy0yR3lXa2gzNlJPT2Z4MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODIvMTM5YjM4LTViMjQtNDA3ZC1iMTdlLTRjYTM1NDMwZGNhMy8x
L1hJUEtjTlNGSllhcXBwVUg3ampjX0hvSFBIOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODIv
MTM5YjM4LTViMjQtNDA3ZC1iMTdlLTRjYTM1NDMwZGNhMy8xL2dLTXowVDNKRmZU
Ny0yR3lXa2gzNlJPT2Z4MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAgI6WDANBAIAAjAHAwUDKgnjQDAN
BgkqhkiG9w0BAQsFAAOCAQEAmXGHwCqH4GiZet7HiL09mNR7AI3zDWK0sil0Srvs
t07lTjf8z2cieef1mp62S2AvT4v29oTSP//YKGunaD7G3lxubzdpMBQLla/H4Zy6
+KL9iFANHAGS5MBoqFoDiBNNlB6PW0+wsVor1bpcWkzj7do9oXv1b7ZcHkpxJDb0
U+7oIOWR+16oQRBmqGxwDlyO+h5oW97fQbzBdMEUpxbrIkO0h6NRGF9VU4pQ/6WU
SockX57iUMM9P4AEQKIRIf+8jsbTkLpfiOgbe9Anwyd7wivpUeFYUhUTx+P6SdYJ
MK8yJDz4YzVVy4rJBEax/I6C5tTzOu2/5gOyuCt8IVVd3A==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:58 2023 by rpki-client on console.sobornost.net