Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/gZkiR7sipka19SRnaevL8s5mPM0.roa
File: gZkiR7sipka19SRnaevL8s5mPM0.roa (raw, json)
Hash identifier: 4Xyiw1dvqTFwYEG83LlVvTFgTFCTvvd1vyGelB8xHP4=
Subject key identifier: 81:99:22:47:BB:22:A6:46:B5:F5:24:67:69:EB:CB:F2:CE:66:3C:CD
Certificate issuer: /CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Certificate serial: 35ED65D8
Authority key identifier: 20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/gZkiR7sipka19SRnaevL8s5mPM0.roa
Signing time: Sat 01 Jan 2022 03:02:12 +0000
ROA not before: Sat 01 Jan 2022 03:02:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25151
IP address blocks: 217.170.2.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 904750552 (0x35ed65d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Validity
Not Before: Jan 1 03:02:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=81992247bb22a646b5f5246769ebcbf2ce663ccd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:a3:9a:28:00:61:01:95:17:6b:bc:7a:4d:01:
e1:82:07:11:f9:ec:56:55:02:b2:87:9c:a2:c7:ff:
1d:ea:42:51:91:81:a3:55:71:b8:0d:c5:8c:35:43:
a5:8e:2c:dc:5f:8a:46:69:a6:59:38:c6:6e:d7:02:
84:7a:a4:5c:8a:c9:46:c8:1a:b5:6b:a0:f7:1f:68:
88:c6:50:84:8b:b7:93:09:df:a5:b7:06:86:5f:60:
a9:e5:40:af:7e:a9:a8:f1:89:87:7e:d6:ab:b4:ae:
74:f6:6a:32:63:6e:f5:76:8e:c3:ec:ca:26:5c:0c:
17:3a:55:df:04:05:98:62:09:04:90:9a:ea:b7:36:
ee:75:8a:37:34:65:73:f2:9c:cc:e3:87:53:fd:b9:
c3:08:cf:ec:51:10:ad:4b:7e:f1:f5:c9:f7:13:c9:
be:c2:2f:38:f3:2a:26:83:f2:4b:15:36:1b:5e:63:
00:3a:4f:24:57:d7:8c:f1:d9:f5:4d:e6:22:6e:23:
74:a3:fe:4a:88:25:c4:26:e2:c3:76:2d:f0:3a:0d:
05:cf:0f:9c:ca:0d:8b:7c:39:e5:36:98:26:40:3f:
09:fe:b2:e2:e6:d0:64:56:6c:19:66:c9:6e:8d:d6:
85:a8:1e:60:0b:7a:dd:16:26:9e:be:0e:fb:5c:d6:
f3:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:99:22:47:BB:22:A6:46:B5:F5:24:67:69:EB:CB:F2:CE:66:3C:CD
X509v3 Authority Key Identifier:
keyid:20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/gZkiR7sipka19SRnaevL8s5mPM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.170.2.0/23
Signature Algorithm: sha256WithRSAEncryption
0c:b1:73:80:30:2f:bf:0a:10:03:75:c6:ee:21:7a:47:04:dc:
0f:b3:59:91:80:cd:1b:01:d9:24:77:6d:42:af:7e:c8:d6:21:
d4:0c:ed:10:73:f8:dc:25:98:6b:5b:fa:85:df:77:12:6e:fa:
79:f7:fa:33:d6:a4:a9:39:e8:2d:a9:98:f3:e8:ff:49:60:8c:
52:ec:80:77:fe:77:da:5f:d7:15:e8:6e:b4:2c:fd:70:ff:1b:
f1:7e:07:b6:58:e0:2e:77:ef:3d:3e:9e:39:d0:8b:54:9d:8d:
2b:4f:02:42:e0:0c:69:c1:0c:e7:39:e6:20:ec:7d:af:38:49:
19:b0:1e:bc:18:99:a7:0c:46:5b:d0:29:f5:05:c6:6c:1f:e9:
2a:f1:f3:04:07:ee:7a:01:36:53:b2:5d:46:8a:ea:94:5c:ee:
cb:a9:82:18:d7:59:b5:aa:3e:a2:50:75:dc:ea:80:e4:71:79:
cf:c6:5c:98:8f:4c:05:78:f7:19:ba:02:5a:14:6f:61:29:29:
58:cd:d6:8b:6b:78:2a:60:aa:49:88:c6:3a:8a:06:e2:5c:13:
c4:4c:93:36:98:0e:b4:4f:76:65:dc:7c:08:22:63:73:74:b8:
1e:2a:4d:7b:1b:74:e0:52:85:18:c7:e5:ce:1a:cb:12:b2:71:
22:81:ac:ad
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENe1l2DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MDFmZTMwZmM2YjRiMGQwZjZkYjRlMWJmYmJkNTAxOTVkY2E1NzVjMB4XDTIyMDEw
MTAzMDIxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODE5OTIyNDdiYjIy
YTY0NmI1ZjUyNDY3NjllYmNiZjJjZTY2M2NjZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM6jmigAYQGVF2u8ek0B4YIHEfnsVlUCsoecosf/HepCUZGB
o1VxuA3FjDVDpY4s3F+KRmmmWTjGbtcChHqkXIrJRsgatWug9x9oiMZQhIu3kwnf
pbcGhl9gqeVAr36pqPGJh37Wq7SudPZqMmNu9XaOw+zKJlwMFzpV3wQFmGIJBJCa
6rc27nWKNzRlc/KczOOHU/25wwjP7FEQrUt+8fXJ9xPJvsIvOPMqJoPySxU2G15j
ADpPJFfXjPHZ9U3mIm4jdKP+SoglxCbiw3Yt8DoNBc8PnMoNi3w55TaYJkA/Cf6y
4ubQZFZsGWbJbo3WhageYAt63RYmnr4O+1zW8wUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSBmSJHuyKmRrX1JGdp68vyzmY8zTAfBgNVHSMEGDAWgBQgH+MPxrSw0Pbb
Thv7vVAZXcpXXDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lCX2pEOGEwc05EMjIwNGItNzFRR1YzS1Yxdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDMvOGQ4MGY5LTQ5NGUtNGFiYi05OTU2LWZjMTIxYzgwMGIzMC8x
L2daa2lSN3NpcGthMTlTUm5hZXZMOHM1bVBNMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDMv
OGQ4MGY5LTQ5NGUtNGFiYi05OTU2LWZjMTIxYzgwMGIzMC8xL0lCX2pEOGEwc05E
MjIwNGItNzFRR1YzS1Yxdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAdmqAjANBgkqhkiG9w0BAQsFAAOC
AQEADLFzgDAvvwoQA3XG7iF6RwTcD7NZkYDNGwHZJHdtQq9+yNYh1AztEHP43CWY
a1v6hd93Em76eff6M9akqTnoLamY8+j/SWCMUuyAd/532l/XFehutCz9cP8b8X4H
tljgLnfvPT6eOdCLVJ2NK08CQuAMacEM5znmIOx9rzhJGbAevBiZpwxGW9Ap9QXG
bB/pKvHzBAfuegE2U7JdRorqlFzuy6mCGNdZtao+olB13OqA5HF5z8ZcmI9MBXj3
GboCWhRvYSkpWM3Wi2t4KmCqSYjGOooG4lwTxEyTNpgOtE92Zdx8CCJjc3S4HipN
ext04FKFGMflzhrLErJxIoGsrQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:54 2023 by rpki-client on console-ams.rpki-client.org