Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/b97294-2802-4d05-9155-1098d6d88de8/1/iHPWh5_OQfXI5cksQdYq57lzxSo.roa
File: iHPWh5_OQfXI5cksQdYq57lzxSo.roa (raw, json)
Hash identifier: 9txEEyLJl/hcnYeVWK7N/BhmcDjULD5EijzPaFqrzKk=
Subject key identifier: 88:73:D6:87:9F:CE:41:F5:C8:E5:C9:2C:41:D6:2A:E7:B9:73:C5:2A
Certificate issuer: /CN=13ea78b28f054f72f5226ae3ec454980ed2a10c9
Certificate serial: 03B2B6C5
Authority key identifier: 13:EA:78:B2:8F:05:4F:72:F5:22:6A:E3:EC:45:49:80:ED:2A:10:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E-p4so8FT3L1Imrj7EVJgO0qEMk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/b97294-2802-4d05-9155-1098d6d88de8/1/iHPWh5_OQfXI5cksQdYq57lzxSo.roa
Signing time: Sat 01 Jan 2022 14:58:47 +0000
ROA not before: Sat 01 Jan 2022 14:58:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8517
IP address blocks: 161.9.128.0/17 maxlen: 24
161.9.255.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62043845 (0x3b2b6c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13ea78b28f054f72f5226ae3ec454980ed2a10c9
Validity
Not Before: Jan 1 14:58:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8873d6879fce41f5c8e5c92c41d62ae7b973c52a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:a6:12:ec:43:f6:35:45:be:5b:3d:f4:49:d6:
86:ed:0a:bd:fb:2e:b9:a9:16:c6:fd:06:91:15:cb:
26:09:c7:67:bc:30:e4:bb:1d:5e:ea:ae:89:79:76:
f1:ee:ad:27:01:ad:06:89:67:df:29:aa:ff:e6:13:
40:50:be:b6:7c:3b:05:fe:33:8a:9b:aa:71:0f:9d:
53:9e:c6:6a:4a:8c:0b:8b:23:e5:e2:73:4b:df:a9:
17:65:a3:19:e0:02:22:af:b9:e9:91:d3:5e:56:85:
f2:4a:63:32:66:47:ab:76:eb:32:c9:72:18:3e:e6:
ca:b6:e2:88:03:43:c4:4b:ab:55:17:da:76:27:aa:
8a:87:1b:74:44:bb:7e:2d:24:bf:0d:4f:b3:8d:0d:
5e:73:47:43:c2:bf:53:41:4d:cf:40:4c:87:61:7f:
1f:c4:13:a4:ba:06:35:a6:7d:42:12:91:a1:f8:f5:
d4:1d:bf:32:8b:ac:1a:ab:bf:55:55:2b:40:dd:21:
bb:7f:65:9e:45:8c:de:7a:18:10:5f:cf:2b:8e:e4:
77:31:f6:59:a4:32:45:6c:94:37:66:7c:a4:10:bb:
7e:4b:18:68:fb:69:49:d5:04:f8:d4:f5:5e:27:06:
44:7d:cc:08:d3:97:59:3c:19:b6:74:5d:4a:85:25:
a3:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:73:D6:87:9F:CE:41:F5:C8:E5:C9:2C:41:D6:2A:E7:B9:73:C5:2A
X509v3 Authority Key Identifier:
keyid:13:EA:78:B2:8F:05:4F:72:F5:22:6A:E3:EC:45:49:80:ED:2A:10:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E-p4so8FT3L1Imrj7EVJgO0qEMk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/b97294-2802-4d05-9155-1098d6d88de8/1/iHPWh5_OQfXI5cksQdYq57lzxSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/b97294-2802-4d05-9155-1098d6d88de8/1/E-p4so8FT3L1Imrj7EVJgO0qEMk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
161.9.128.0/17
Signature Algorithm: sha256WithRSAEncryption
0f:51:e6:c8:b6:b1:13:bb:4c:a8:97:38:0a:d3:d3:5d:56:67:
99:e1:67:56:21:4e:a8:e7:e2:85:ea:c1:21:b9:38:2d:bb:45:
5d:97:0a:19:35:16:61:b6:a2:d1:d5:bd:d0:62:47:96:25:f6:
ba:bd:20:08:fa:c9:ea:aa:38:8b:0d:83:52:cc:76:bd:83:cb:
9f:a5:ee:4f:29:14:85:84:97:06:79:dd:53:54:7f:bd:bb:fb:
23:32:9f:1c:cf:0d:97:2b:cf:9a:d9:2e:d1:1b:5a:b4:9b:d7:
5c:10:6d:e7:01:f3:3e:39:66:db:41:1e:28:03:53:8b:40:32:
45:43:37:5e:22:ac:07:5d:53:ee:d6:a2:64:1c:63:ce:26:03:
9a:a4:19:f9:23:dc:2e:17:b7:3a:37:ba:ad:d3:01:fc:ec:ed:
a3:12:c2:02:a7:c3:7d:79:aa:45:e0:7e:0e:fe:79:87:66:78:
83:08:7e:1c:d8:f3:57:d0:cb:e3:90:68:46:a1:a4:f5:7f:e0:
5b:25:48:a4:f4:85:46:2a:fe:ea:4f:2f:a2:a6:d2:97:6c:45:
26:33:73:f4:70:a9:f4:ad:a3:71:54:15:40:da:42:32:55:a0:
d3:b3:5f:5d:21:af:e1:30:48:4b:90:4b:5b:da:5b:9d:11:d7:
2b:92:a2:be
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA7K2xTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
M2VhNzhiMjhmMDU0ZjcyZjUyMjZhZTNlYzQ1NDk4MGVkMmExMGM5MB4XDTIyMDEw
MTE0NTg0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODg3M2Q2ODc5ZmNl
NDFmNWM4ZTVjOTJjNDFkNjJhZTdiOTczYzUyYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOemEuxD9jVFvls99EnWhu0KvfsuuakWxv0GkRXLJgnHZ7ww
5LsdXuquiXl28e6tJwGtBoln3ymq/+YTQFC+tnw7Bf4zipuqcQ+dU57GakqMC4sj
5eJzS9+pF2WjGeACIq+56ZHTXlaF8kpjMmZHq3brMslyGD7myrbiiANDxEurVRfa
dieqiocbdES7fi0kvw1Ps40NXnNHQ8K/U0FNz0BMh2F/H8QTpLoGNaZ9QhKRofj1
1B2/MousGqu/VVUrQN0hu39lnkWM3noYEF/PK47kdzH2WaQyRWyUN2Z8pBC7fksY
aPtpSdUE+NT1XicGRH3MCNOXWTwZtnRdSoUlo0MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSIc9aHn85B9cjlySxB1irnuXPFKjAfBgNVHSMEGDAWgBQT6niyjwVPcvUi
auPsRUmA7SoQyTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0UtcDRzbzhGVDNMMUltcmo3RVZKZ08wcUVNay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmEvYjk3Mjk0LTI4MDItNGQwNS05MTU1LTEwOThkNmQ4OGRlOC8x
L2lIUFdoNV9PUWZYSTVja3NRZFlxNTdsenhTby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEv
Yjk3Mjk0LTI4MDItNGQwNS05MTU1LTEwOThkNmQ4OGRlOC8xL0UtcDRzbzhGVDNM
MUltcmo3RVZKZ08wcUVNay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB6EJgDANBgkqhkiG9w0BAQsFAAOC
AQEAD1HmyLaxE7tMqJc4CtPTXVZnmeFnViFOqOfiherBIbk4LbtFXZcKGTUWYbai
0dW90GJHliX2ur0gCPrJ6qo4iw2DUsx2vYPLn6XuTykUhYSXBnndU1R/vbv7IzKf
HM8NlyvPmtku0RtatJvXXBBt5wHzPjlm20EeKANTi0AyRUM3XiKsB11T7taiZBxj
ziYDmqQZ+SPcLhe3Oje6rdMB/OztoxLCAqfDfXmqReB+Dv55h2Z4gwh+HNjzV9DL
45BoRqGk9X/gWyVIpPSFRir+6k8voqbSl2xFJjNz9HCp9K2jcVQVQNpCMlWg07Nf
XSGv4TBIS5BLW9pbnRHXK5Kivg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:07 2023 by rpki-client on console-ams.rpki-client.org