Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/231914-032a-41ef-8975-9533a8491425/1/G83hjZCWLEzmYCr0zAMSm2AiAEQ.roa
File: G83hjZCWLEzmYCr0zAMSm2AiAEQ.roa (raw, json)
Hash identifier: BKbXFWAiqA/Xfhv+1izGxbQhQe0tm8j+W1c9LeoQ2bw=
Subject key identifier: 1B:CD:E1:8D:90:96:2C:4C:E6:60:2A:F4:CC:03:12:9B:60:22:00:44
Certificate issuer: /CN=225e7ba910679ece289a4678aadff0f9d2c1d1a1
Certificate serial: 068E0BEC
Authority key identifier: 22:5E:7B:A9:10:67:9E:CE:28:9A:46:78:AA:DF:F0:F9:D2:C1:D1:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Il57qRBnns4omkZ4qt_w-dLB0aE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/231914-032a-41ef-8975-9533a8491425/1/G83hjZCWLEzmYCr0zAMSm2AiAEQ.roa
Signing time: Sat 01 Jan 2022 10:02:52 +0000
ROA not before: Sat 01 Jan 2022 10:02:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39201
IP address blocks: 45.128.71.0/24 maxlen: 24
45.128.68.0/24 maxlen: 24
45.128.69.0/24 maxlen: 24
45.128.70.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 109972460 (0x68e0bec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=225e7ba910679ece289a4678aadff0f9d2c1d1a1
Validity
Not Before: Jan 1 10:02:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1bcde18d90962c4ce6602af4cc03129b60220044
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:33:ec:84:ab:62:ce:61:9b:b3:79:92:0c:51:
b5:68:df:d7:9c:33:74:b5:fa:d5:75:3b:f3:04:b3:
74:c3:05:15:3b:11:11:88:ec:fa:06:5f:93:96:65:
e5:1a:23:59:d7:02:94:c0:c9:60:66:52:b0:6f:02:
c4:be:df:61:47:13:85:fa:eb:7c:ed:0d:36:06:74:
d6:f8:3d:45:e5:b3:6f:64:9c:2e:78:1a:64:73:bb:
5c:d5:ad:0a:52:b8:d1:19:59:ee:63:ff:88:3a:a5:
4c:26:3e:34:32:cb:d2:7f:9d:93:6b:b4:a9:98:69:
81:c1:e3:e5:15:b8:93:d2:24:e6:34:ff:6f:66:5f:
b8:8f:f4:e3:09:b5:dd:80:4c:7c:81:b0:38:f9:96:
11:2c:9b:ee:4d:97:13:82:2a:86:a8:27:80:56:a3:
d3:d8:9a:c8:4d:9e:81:2e:a0:3c:43:ff:bf:34:01:
65:94:a1:e5:80:c0:29:a0:de:67:c6:b7:0e:35:5d:
ed:cd:6d:8f:8a:b9:bf:de:55:e7:e1:ca:45:93:67:
bf:5f:f5:ae:80:fe:ee:15:0d:63:89:78:3f:f9:7f:
7e:dc:be:e7:2d:70:54:50:54:63:b8:ab:c2:b4:ff:
b2:74:c2:93:a9:32:66:0d:fe:e2:0f:b4:93:f7:65:
6a:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:CD:E1:8D:90:96:2C:4C:E6:60:2A:F4:CC:03:12:9B:60:22:00:44
X509v3 Authority Key Identifier:
keyid:22:5E:7B:A9:10:67:9E:CE:28:9A:46:78:AA:DF:F0:F9:D2:C1:D1:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Il57qRBnns4omkZ4qt_w-dLB0aE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/231914-032a-41ef-8975-9533a8491425/1/G83hjZCWLEzmYCr0zAMSm2AiAEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/231914-032a-41ef-8975-9533a8491425/1/Il57qRBnns4omkZ4qt_w-dLB0aE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.68.0/22
Signature Algorithm: sha256WithRSAEncryption
37:f6:0e:c5:cc:62:40:49:b5:f9:36:b7:ac:89:b3:d9:4b:aa:
6d:eb:4b:27:42:cd:66:76:9a:c6:7e:0d:1e:18:56:5a:e8:2a:
04:0e:48:09:aa:8a:7e:59:b1:99:48:39:40:3b:ee:0d:79:51:
d8:f0:9e:fc:a0:89:7f:31:f8:96:70:58:18:71:3f:4c:2d:4f:
e9:c2:07:20:a8:cd:27:2f:0c:34:6a:83:40:66:d8:e8:cf:b4:
38:13:b8:1e:e2:e8:fe:83:9c:77:ec:5e:8d:14:56:ad:b4:e2:
ee:23:7d:d2:ef:8a:0a:af:35:07:b7:0a:6d:ed:82:2c:4b:22:
30:75:1d:d8:d2:29:0a:e7:4e:7a:64:d3:bc:96:c1:b4:54:74:
c4:eb:ec:f6:94:50:85:b3:1a:c9:a7:8a:db:cf:d6:bc:2b:51:
4e:25:2d:f6:30:b1:33:5a:cb:f0:47:e4:04:86:e7:0b:dd:6c:
66:2b:7f:41:cf:c7:b2:8b:64:82:86:19:61:23:f5:2d:eb:65:
17:10:92:7a:cd:3c:aa:d1:58:f9:f6:01:16:5d:f1:83:c5:fc:
a4:a3:6c:9d:59:d3:e7:2b:8b:20:13:2a:65:ee:22:90:ae:c1:
bf:3a:2a:ab:e9:f7:2b:ad:1b:39:ec:dc:54:6b:cc:5c:84:7a:
ea:19:4c:53
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBo4L7DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MjVlN2JhOTEwNjc5ZWNlMjg5YTQ2NzhhYWRmZjBmOWQyYzFkMWExMB4XDTIyMDEw
MTEwMDI1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWJjZGUxOGQ5MDk2
MmM0Y2U2NjAyYWY0Y2MwMzEyOWI2MDIyMDA0NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANoz7ISrYs5hm7N5kgxRtWjf15wzdLX61XU78wSzdMMFFTsR
EYjs+gZfk5Zl5RojWdcClMDJYGZSsG8CxL7fYUcThfrrfO0NNgZ01vg9ReWzb2Sc
LngaZHO7XNWtClK40RlZ7mP/iDqlTCY+NDLL0n+dk2u0qZhpgcHj5RW4k9Ik5jT/
b2ZfuI/04wm13YBMfIGwOPmWESyb7k2XE4IqhqgngFaj09iayE2egS6gPEP/vzQB
ZZSh5YDAKaDeZ8a3DjVd7c1tj4q5v95V5+HKRZNnv1/1roD+7hUNY4l4P/l/fty+
5y1wVFBUY7irwrT/snTCk6kyZg3+4g+0k/dlaqsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQbzeGNkJYsTOZgKvTMAxKbYCIARDAfBgNVHSMEGDAWgBQiXnupEGeeziia
Rniq3/D50sHRoTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lsNTdxUkJubnM0b21rWjRxdF93LWRMQjBhRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODUvMjMxOTE0LTAzMmEtNDFlZi04OTc1LTk1MzNhODQ5MTQyNS8x
L0c4M2hqWkNXTEV6bVlDcjB6QU1TbTJBaUFFUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODUv
MjMxOTE0LTAzMmEtNDFlZi04OTc1LTk1MzNhODQ5MTQyNS8xL0lsNTdxUkJubnM0
b21rWjRxdF93LWRMQjBhRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2ARDANBgkqhkiG9w0BAQsFAAOC
AQEAN/YOxcxiQEm1+Ta3rImz2UuqbetLJ0LNZnaaxn4NHhhWWugqBA5ICaqKflmx
mUg5QDvuDXlR2PCe/KCJfzH4lnBYGHE/TC1P6cIHIKjNJy8MNGqDQGbY6M+0OBO4
HuLo/oOcd+xejRRWrbTi7iN90u+KCq81B7cKbe2CLEsiMHUd2NIpCudOemTTvJbB
tFR0xOvs9pRQhbMayaeK28/WvCtRTiUt9jCxM1rL8EfkBIbnC91sZit/Qc/Hsotk
goYZYSP1LetlFxCSes08qtFY+fYBFl3xg8X8pKNsnVnT5yuLIBMqZe4ikK7Bvzoq
q+n3K60bOezcVGvMXIR66hlMUw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:28 2023 by rpki-client on console-ams.rpki-client.org