Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/almkfAJSUoX8qOelBaoe6Vni3LE.roa
File: almkfAJSUoX8qOelBaoe6Vni3LE.roa (raw, json)
Hash identifier: Mc3Bkn+tOJNLal553yblSwsFezesqfBiG9ugJxV77/c=
Subject key identifier: 6A:59:A4:7C:02:52:52:85:FC:A8:E7:A5:05:AA:1E:E9:59:E2:DC:B1
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 139E64AC
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/almkfAJSUoX8qOelBaoe6Vni3LE.roa
Signing time: Tue 04 Jan 2022 16:54:44 +0000
ROA not before: Tue 04 Jan 2022 16:54:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203950
IP address blocks: 45.128.20.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 329147564 (0x139e64ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 4 16:54:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6a59a47c02525285fca8e7a505aa1ee959e2dcb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:44:59:40:4d:08:54:75:35:db:13:82:d6:c8:
89:0a:e1:17:de:46:9b:6e:98:98:63:7d:89:d8:6a:
86:63:31:35:be:32:c7:2d:e9:e3:8c:a0:63:eb:0b:
55:f2:04:bf:11:d5:fd:50:a6:2d:d3:12:0a:dc:d2:
46:48:07:13:d0:25:62:9a:41:ac:a2:44:12:92:21:
ff:82:45:cc:7d:81:33:bb:ab:06:39:7e:9c:42:25:
08:d4:3c:d7:34:94:b0:93:fd:b2:fa:83:0f:8a:4f:
a5:f5:c6:c4:71:10:c2:3f:4a:61:e8:67:87:37:b4:
42:a5:ed:ff:67:30:06:10:8d:ef:33:04:ca:7b:dc:
50:a4:83:f7:c1:6a:bc:45:45:45:f1:ff:0c:22:66:
96:49:3b:24:9f:54:8a:ed:80:b7:43:82:c8:6b:a4:
01:f8:35:f9:26:b5:e6:7f:6a:5b:53:3a:87:32:2d:
d5:dc:02:cd:9b:61:8b:20:12:d9:aa:07:d6:82:d5:
c1:e7:67:ea:21:52:32:ab:17:ab:d5:68:2f:74:87:
d7:ca:42:e9:50:ed:f3:78:51:7b:88:b7:75:5d:b7:
50:05:dc:f3:a1:49:55:9a:70:4d:aa:f2:51:26:cd:
b5:4d:d6:f7:fc:47:60:3e:a8:49:f1:00:70:e1:3f:
23:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:59:A4:7C:02:52:52:85:FC:A8:E7:A5:05:AA:1E:E9:59:E2:DC:B1
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/almkfAJSUoX8qOelBaoe6Vni3LE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.20.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:0a:fb:c8:bc:fe:c0:9d:59:7e:27:a4:2b:3f:00:11:3d:7d:
53:63:0d:63:ac:3e:26:a0:f3:82:db:50:0f:33:34:f9:b1:63:
21:29:41:da:5e:65:6e:d2:87:15:50:1e:6d:6e:9b:7f:32:ba:
be:75:19:84:23:f2:0c:bd:16:30:c0:0e:2f:63:0f:2b:2a:e5:
c4:a1:c8:d2:23:aa:c9:b9:cb:69:f8:b2:78:c2:ec:90:48:b9:
ba:f5:dc:74:13:0b:d4:dd:1e:6c:f9:45:5d:76:4e:e8:f6:4b:
8e:00:0a:29:e6:99:3e:ca:50:72:79:32:13:0f:40:11:0d:9a:
75:ac:e6:32:3d:83:44:cc:ee:19:78:7c:40:16:39:eb:e8:8f:
03:64:ca:94:f8:4b:db:ce:1a:aa:6d:5d:46:87:6d:2c:0d:1a:
ab:b8:bb:f3:64:0d:62:fd:65:1f:f4:e9:5c:dd:eb:5a:56:c4:
54:70:a0:d5:fa:96:78:9d:4e:72:f4:30:ee:d0:65:c3:c6:e2:
60:34:d7:eb:88:b2:6a:b9:56:88:87:ea:16:df:8f:46:47:07:
f9:f2:39:85:ca:85:71:76:30:c2:7f:12:68:4b:7a:55:9b:94:
ad:eb:73:13:65:6f:3b:2e:dc:53:05:d1:5e:ab:e1:28:47:ff:
f3:d5:47:cc
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEE55krDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDEw
NDE2NTQ0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmE1OWE0N2MwMjUy
NTI4NWZjYThlN2E1MDVhYTFlZTk1OWUyZGNiMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALNEWUBNCFR1NdsTgtbIiQrhF95Gm26YmGN9idhqhmMxNb4y
xy3p44ygY+sLVfIEvxHV/VCmLdMSCtzSRkgHE9AlYppBrKJEEpIh/4JFzH2BM7ur
Bjl+nEIlCNQ81zSUsJP9svqDD4pPpfXGxHEQwj9KYehnhze0QqXt/2cwBhCN7zME
ynvcUKSD98FqvEVFRfH/DCJmlkk7JJ9Uiu2At0OCyGukAfg1+Sa15n9qW1M6hzIt
1dwCzZthiyAS2aoH1oLVwedn6iFSMqsXq9VoL3SH18pC6VDt83hRe4i3dV23UAXc
86FJVZpwTaryUSbNtU3W9/xHYD6oSfEAcOE/I+sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRqWaR8AlJShfyo56UFqh7pWeLcsTAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
L2FsbWtmQUpTVW9YOHFPZWxCYW9lNlZuaTNMRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2AFDANBgkqhkiG9w0BAQsFAAOC
AQEAsgr7yLz+wJ1ZfiekKz8AET19U2MNY6w+JqDzgttQDzM0+bFjISlB2l5lbtKH
FVAebW6bfzK6vnUZhCPyDL0WMMAOL2MPKyrlxKHI0iOqybnLafiyeMLskEi5uvXc
dBML1N0ebPlFXXZO6PZLjgAKKeaZPspQcnkyEw9AEQ2adazmMj2DRMzuGXh8QBY5
6+iPA2TKlPhL284aqm1dRodtLA0aq7i782QNYv1lH/TpXN3rWlbEVHCg1fqWeJ1O
cvQw7tBlw8biYDTX64iyarlWiIfqFt+PRkcH+fI5hcqFcXYwwn8SaEt6VZuUretz
E2VvOy7cUwXRXqvhKEf/89VHzA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:50 2023 by rpki-client on console-fra.rpki-client.org