Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/410d94-af78-4397-adfe-48d738c5947d/1/icxaiEx-Rjn1W9CfAH0I_woIZFM.roa
File: icxaiEx-Rjn1W9CfAH0I_woIZFM.roa (raw, json)
Hash identifier: f4GuzzyBypvR+nxSePjsEniO35y+Ykt3DVXmtMeVkkA=
Subject key identifier: 89:CC:5A:88:4C:7E:46:39:F5:5B:D0:9F:00:7D:08:FF:0A:08:64:53
Certificate issuer: /CN=99d3a2d6fad651678e96d24e24d19d71fe380409
Certificate serial: 01847A4614ACC81E350C9EBE446A3E7DDBA9
Authority key identifier: 99:D3:A2:D6:FA:D6:51:67:8E:96:D2:4E:24:D1:9D:71:FE:38:04:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mdOi1vrWUWeOltJOJNGdcf44BAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/410d94-af78-4397-adfe-48d738c5947d/1/icxaiEx-Rjn1W9CfAH0I_woIZFM.roa
Signing time: Tue 15 Nov 2022 07:52:03 +0000
ROA not before: Tue 15 Nov 2022 07:52:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13043
IP address blocks: 164.60.0.0/16 maxlen: 24
164.59.128.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7a:46:14:ac:c8:1e:35:0c:9e:be:44:6a:3e:7d:db:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99d3a2d6fad651678e96d24e24d19d71fe380409
Validity
Not Before: Nov 15 07:52:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=89cc5a884c7e4639f55bd09f007d08ff0a086453
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:58:4d:d6:10:02:1a:f2:4a:c2:fd:f5:23:1c:
cc:1d:57:71:71:27:33:29:32:6e:f0:7c:9f:c2:ca:
6b:04:83:13:1c:b6:8c:c4:9e:56:9b:92:4c:9b:39:
bd:0e:1e:61:95:e0:26:85:bb:02:b6:23:f8:8b:f5:
c6:a2:7e:ad:32:78:7b:c3:07:42:30:62:ef:68:c2:
2b:5e:93:ca:36:33:a0:79:93:bb:d2:81:1a:a5:b5:
20:af:c9:8d:27:c7:6f:eb:cf:a1:fc:02:52:89:e8:
4e:21:31:36:36:a6:2a:f6:da:ec:5c:e0:30:6c:96:
8d:bc:51:c4:cb:64:18:8d:df:a2:74:2f:4c:c6:02:
8f:25:36:e2:b2:eb:ee:04:7b:fb:15:e6:93:c3:1e:
63:d0:bc:44:2d:6f:3c:7d:9f:08:b1:47:29:fe:7c:
92:bd:04:32:3e:35:e5:b1:66:82:bd:ac:88:f5:8e:
8d:f7:4c:69:38:72:b3:e1:36:07:81:50:05:62:91:
0b:74:9b:31:c8:29:e6:96:1a:9c:b7:6b:3f:c8:ce:
44:05:dc:c2:bf:36:ba:66:28:6f:56:57:c4:ec:3b:
e7:61:ab:f3:cd:49:a7:71:ca:cb:1d:a1:55:d6:53:
7e:22:c2:11:ad:65:3c:d1:0f:b2:65:3d:7c:f1:fa:
99:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:CC:5A:88:4C:7E:46:39:F5:5B:D0:9F:00:7D:08:FF:0A:08:64:53
X509v3 Authority Key Identifier:
keyid:99:D3:A2:D6:FA:D6:51:67:8E:96:D2:4E:24:D1:9D:71:FE:38:04:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdOi1vrWUWeOltJOJNGdcf44BAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/410d94-af78-4397-adfe-48d738c5947d/1/icxaiEx-Rjn1W9CfAH0I_woIZFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/410d94-af78-4397-adfe-48d738c5947d/1/mdOi1vrWUWeOltJOJNGdcf44BAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.59.128.0/23
164.60.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0a:17:de:06:3d:a2:b6:2d:87:0f:3a:1d:b0:08:e0:fd:e0:12:
2a:4f:fc:4e:a1:88:bc:4f:88:b8:3c:7a:c5:ae:f6:f1:e9:7f:
32:75:76:6f:39:6f:99:c4:f8:cf:fd:f8:24:08:3f:b6:00:bd:
61:c0:42:98:f8:91:d0:88:4a:4d:b0:58:4b:db:75:9c:c7:a5:
ce:69:ae:f8:eb:32:a4:b7:f3:17:27:fd:ff:a4:df:bc:c5:e3:
45:06:04:f5:47:6d:9f:05:95:80:9d:63:c9:42:26:35:93:a4:
e9:db:1e:99:90:a4:45:55:a9:cf:28:43:b0:9d:f9:47:a0:dd:
1f:66:04:d5:21:87:0d:e2:0b:73:92:ff:0b:bb:84:75:81:dd:
06:85:63:f2:01:1c:a1:41:97:ee:a1:4e:c7:51:e2:36:bd:f4:
ce:31:15:7f:80:53:1a:0e:4c:f5:85:62:ef:c4:4f:86:ad:fd:
f2:15:86:9d:09:74:45:f5:bd:5a:c2:9a:35:74:dc:28:dd:72:
33:f7:08:15:25:ea:92:fe:9d:b3:eb:2e:05:85:c4:b6:b5:98:
9f:d0:f4:6d:53:08:ae:a5:3f:2e:43:15:48:91:6d:cb:51:0c:
d7:db:58:dd:90:0f:e5:29:e7:1b:00:d4:92:e4:6c:42:77:84:
cd:d4:51:cb
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAYR6RhSsyB41DJ6+RGo+fdupMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZDNhMmQ2ZmFkNjUxNjc4ZTk2ZDI0ZTI0ZDE5ZDcxZmUz
ODA0MDkwHhcNMjIxMTE1MDc1MjAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWNjNWE4ODRjN2U0NjM5ZjU1YmQwOWYwMDdkMDhmZjBhMDg2NDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1hN1hACGvJKwv31IxzMHVdxcScz
KTJu8HyfwsprBIMTHLaMxJ5Wm5JMmzm9Dh5hleAmhbsCtiP4i/XGon6tMnh7wwdC
MGLvaMIrXpPKNjOgeZO70oEapbUgr8mNJ8dv68+h/AJSiehOITE2NqYq9trsXOAw
bJaNvFHEy2QYjd+idC9MxgKPJTbisuvuBHv7FeaTwx5j0LxELW88fZ8IsUcp/nyS
vQQyPjXlsWaCvayI9Y6N90xpOHKz4TYHgVAFYpELdJsxyCnmlhqct2s/yM5EBdzC
vza6ZihvVlfE7DvnYavzzUmnccrLHaFV1lN+IsIRrWU80Q+yZT188fqZWQIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFInMWohMfkY59VvQnwB9CP8KCGRTMB8GA1UdIwQY
MBaAFJnTotb61lFnjpbSTiTRnXH+OAQJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWRPaTF2cldVV2VPbHRKT0pOR2RjZjQ0QkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS80MTBkOTQtYWY3OC00Mzk3LWFkZmUt
NDhkNzM4YzU5NDdkLzEvaWN4YWlFeC1Sam4xVzlDZkFIMElfd29JWkZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS80MTBkOTQtYWY3OC00Mzk3LWFkZmUtNDhkNzM4YzU5NDdk
LzEvbWRPaTF2cldVV2VPbHRKT0pOR2RjZjQ0QkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwQBpDuAAwMA
pDwwDQYJKoZIhvcNAQELBQADggEBAAoX3gY9orYthw86HbAI4P3gEipP/E6hiLxP
iLg8esWu9vHpfzJ1dm85b5nE+M/9+CQIP7YAvWHAQpj4kdCISk2wWEvbdZzHpc5p
rvjrMqS38xcn/f+k37zF40UGBPVHbZ8FlYCdY8lCJjWTpOnbHpmQpEVVqc8oQ7Cd
+Ueg3R9mBNUhhw3iC3OS/wu7hHWB3QaFY/IBHKFBl+6hTsdR4ja99M4xFX+AUxoO
TPWFYu/ET4at/fIVhp0JdEX1vVrCmjV03CjdcjP3CBUl6pL+nbPrLgWFxLa1mJ/Q
9G1TCK6lPy5DFUiRbctRDNfbWN2QD+Up5xsA1JLkbEJ3hM3UUcs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:12 2023 by rpki-client on console-ams.rpki-client.org