Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/ikV2eviMthvLpyU87sJjm67EWds.roa
File: ikV2eviMthvLpyU87sJjm67EWds.roa (raw, json)
Hash identifier: DOBe2DUagSeG6KMWBENkk89MG+xRsx2D3aHtZXUNdvc=
Subject key identifier: 8A:45:76:7A:F8:8C:B6:1B:CB:A7:25:3C:EE:C2:63:9B:AE:C4:59:DB
Certificate issuer: /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial: 01852C97D5831DB949917E659FF5C09CEF6C
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/ikV2eviMthvLpyU87sJjm67EWds.roa
Signing time: Mon 19 Dec 2022 22:53:46 +0000
ROA not before: Mon 19 Dec 2022 22:53:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52035
IP address blocks: 158.41.24.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2c:97:d5:83:1d:b9:49:91:7e:65:9f:f5:c0:9c:ef:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18101772248996b87d90840c2d27d62549458173
Validity
Not Before: Dec 19 22:53:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8a45767af88cb61bcba7253ceec2639baec459db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:fd:c2:cb:7b:94:7d:d7:52:be:1e:13:ae:39:
ef:eb:88:da:4b:f1:75:72:0b:44:30:c2:c2:34:66:
7a:b6:85:0a:ce:ad:13:94:9b:df:59:5d:3e:cb:ae:
d0:82:98:6e:ef:aa:e6:d9:52:f0:94:cf:f6:90:28:
f6:bc:5e:25:b4:5c:a7:cd:77:0a:6b:6c:db:bc:dd:
8c:53:3e:0e:c9:62:79:68:38:54:53:75:3b:47:1c:
d5:a2:4f:09:cf:1f:e8:c9:bb:0a:66:75:a6:0b:d1:
3b:41:ee:e2:bf:75:ec:fb:c6:76:fb:b9:a7:77:44:
c9:6a:8b:10:a5:92:c3:45:48:ea:c6:68:b1:d3:6e:
75:f9:ee:3c:1d:95:35:5c:66:7c:24:28:4a:33:94:
fb:53:ce:c6:72:0b:6b:d1:ec:6d:8e:ba:7c:2c:3a:
7d:49:63:27:4d:56:ca:ed:eb:ca:22:ff:78:8d:1d:
df:37:ea:8d:8c:7e:17:a2:56:b3:69:99:e9:c3:e1:
2b:d4:13:a8:7a:3d:58:d4:30:45:71:b7:17:d9:36:
52:5f:b4:2a:d4:1a:55:a6:d7:a8:c7:52:18:5c:a9:
2c:84:bf:4b:3d:36:48:b2:ae:b5:df:14:ed:99:0e:
ad:01:05:1e:0d:c3:16:ca:24:42:ca:db:21:fc:a2:
7f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:45:76:7A:F8:8C:B6:1B:CB:A7:25:3C:EE:C2:63:9B:AE:C4:59:DB
X509v3 Authority Key Identifier:
keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/ikV2eviMthvLpyU87sJjm67EWds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.41.24.0/21
Signature Algorithm: sha256WithRSAEncryption
99:4e:fe:6c:19:d3:ac:30:28:2a:76:3e:15:ad:92:54:77:59:
70:5e:df:4b:5b:34:ea:e5:02:ba:60:75:12:e7:9c:5e:66:49:
a8:51:41:a4:3a:c5:8b:9b:c9:fb:ef:66:10:32:a1:67:1e:1c:
0e:72:69:a5:ff:c5:40:1c:bc:d6:c3:df:96:0d:82:90:7d:74:
9a:d2:e4:9d:d5:d7:b7:e3:ce:d7:56:89:71:6c:a1:51:bc:bc:
84:9d:b8:1a:13:b2:d2:f1:3f:75:30:14:f9:28:39:bd:ab:ad:
58:b6:ae:78:50:c7:ba:2c:2a:7b:cc:8b:41:67:81:51:cb:da:
47:80:a5:b9:65:91:37:9e:69:6a:99:18:b4:00:d9:8e:f4:33:
8e:76:b9:e7:13:b4:94:6c:7c:6b:69:ce:1a:72:db:03:6e:f7:
c0:01:70:c3:2c:9c:1f:6f:03:b6:67:23:fd:2c:bc:72:e5:3e:
65:f4:91:3f:ff:f2:4d:c9:e0:8e:b4:e0:05:e6:fa:2d:70:b6:
df:e4:3d:76:8d:65:04:75:de:b9:a8:65:08:ca:ce:da:67:d0:
0b:16:ca:c0:9e:9f:d2:3d:47:96:47:a7:13:f8:07:f3:d9:96:
e4:87:11:3a:fc:67:f3:ab:11:02:e3:77:81:0c:d9:68:8e:09:
6a:4c:5b:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUsl9WDHblJkX5ln/XAnO9sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MTAxNzcyMjQ4OTk2Yjg3ZDkwODQwYzJkMjdkNjI1NDk0
NTgxNzMwHhcNMjIxMjE5MjI1MzQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTQ1NzY3YWY4OGNiNjFiY2JhNzI1M2NlZWMyNjM5YmFlYzQ1OWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoP3Cy3uUfddSvh4Trjnv64jaS/F1
cgtEMMLCNGZ6toUKzq0TlJvfWV0+y67Qgphu76rm2VLwlM/2kCj2vF4ltFynzXcK
a2zbvN2MUz4OyWJ5aDhUU3U7RxzVok8Jzx/oybsKZnWmC9E7Qe7iv3Xs+8Z2+7mn
d0TJaosQpZLDRUjqxmix0251+e48HZU1XGZ8JChKM5T7U87Gcgtr0extjrp8LDp9
SWMnTVbK7evKIv94jR3fN+qNjH4XolazaZnpw+Er1BOoej1Y1DBFcbcX2TZSX7Qq
1BpVpteox1IYXKkshL9LPTZIsq613xTtmQ6tAQUeDcMWyiRCytsh/KJ/LQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIpFdnr4jLYby6clPO7CY5uuxFnbMB8GA1UdIwQY
MBaAFBgQF3IkiZa4fZCEDC0n1iVJRYFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQt
M2NjODVhZDNjMTkwLzEvaWtWMmV2aU10aHZMcHlVODdzSmptNjdFV2RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQtM2NjODVhZDNjMTkw
LzEvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnikYMA0G
CSqGSIb3DQEBCwUAA4IBAQCZTv5sGdOsMCgqdj4VrZJUd1lwXt9LWzTq5QK6YHUS
55xeZkmoUUGkOsWLm8n772YQMqFnHhwOcmml/8VAHLzWw9+WDYKQfXSa0uSd1de3
487XVolxbKFRvLyEnbgaE7LS8T91MBT5KDm9q61Ytq54UMe6LCp7zItBZ4FRy9pH
gKW5ZZE3nmlqmRi0ANmO9DOOdrnnE7SUbHxrac4actsDbvfAAXDDLJwfbwO2ZyP9
LLxy5T5l9JE///JNyeCOtOAF5votcLbf5D12jWUEdd65qGUIys7aZ9ALFsrAnp/S
PUeWR6cT+Afz2ZbkhxE6/GfzqxEC43eBDNlojglqTFvG
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:16 2023 by rpki-client on console-ams.rpki-client.org