Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/6788f7-d58f-4835-8522-984a08898459/1/I8V-XHjfvbR_lMxku4DuEwwhB-o.roa
File: I8V-XHjfvbR_lMxku4DuEwwhB-o.roa (raw, json)
Hash identifier: uxwEqlCSJwVVL4NWr/tRfb1gJh+o4/+E9bpyPDqHTlo=
Subject key identifier: 23:C5:7E:5C:78:DF:BD:B4:7F:94:CC:64:BB:80:EE:13:0C:21:07:EA
Certificate issuer: /CN=0012b9dc976d7ce807e46fea4936c726b0c4a206
Certificate serial: 0147FA
Authority key identifier: 00:12:B9:DC:97:6D:7C:E8:07:E4:6F:EA:49:36:C7:26:B0:C4:A2:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ABK53JdtfOgH5G_qSTbHJrDEogY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/6788f7-d58f-4835-8522-984a08898459/1/I8V-XHjfvbR_lMxku4DuEwwhB-o.roa
Signing time: Wed 13 Apr 2022 10:03:42 +0000
ROA not before: Wed 13 Apr 2022 10:03:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 217.28.128.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83962 (0x147fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0012b9dc976d7ce807e46fea4936c726b0c4a206
Validity
Not Before: Apr 13 10:03:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=23c57e5c78dfbdb47f94cc64bb80ee130c2107ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:25:b8:7e:be:6e:7a:75:03:dd:8e:5c:fe:c9:
3e:4f:75:2c:97:cd:b5:4b:b8:18:81:a5:70:70:7c:
21:68:05:dc:11:15:81:f7:2d:a8:e3:ec:0a:a4:55:
48:b8:52:7f:ff:23:3a:01:e2:8a:2d:ae:30:4d:5a:
f1:77:2a:9b:aa:cc:01:99:2d:4c:e2:9a:25:63:9e:
61:32:c7:07:8e:07:d1:92:e0:53:e0:ed:ea:a0:5c:
6f:21:02:41:ea:1d:03:84:4e:41:92:45:d7:c4:6c:
ac:fe:b5:a5:b2:da:2e:02:79:28:e5:f2:4b:a0:e9:
54:08:55:46:c9:2f:24:c6:bd:55:e7:3f:63:95:47:
b3:55:fc:4c:85:4a:41:16:58:67:c5:a6:5e:2c:02:
38:9c:2a:23:e0:36:60:ee:59:61:67:f9:94:41:98:
60:5c:82:f6:e9:b2:e2:59:61:14:54:6b:c1:66:2d:
95:9d:38:aa:7f:b7:e7:94:fb:ee:a1:dc:3d:dd:00:
76:b5:df:00:34:2e:bb:a2:c7:ab:fb:16:86:3c:8a:
71:29:8a:b9:eb:6d:35:bd:08:21:6d:d2:fc:00:4b:
57:01:6b:fd:8b:02:40:92:6f:f4:a7:b6:ef:3b:c2:
d4:c8:ea:36:b1:18:e9:d5:76:5c:af:e3:73:7b:13:
02:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:C5:7E:5C:78:DF:BD:B4:7F:94:CC:64:BB:80:EE:13:0C:21:07:EA
X509v3 Authority Key Identifier:
keyid:00:12:B9:DC:97:6D:7C:E8:07:E4:6F:EA:49:36:C7:26:B0:C4:A2:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ABK53JdtfOgH5G_qSTbHJrDEogY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/6788f7-d58f-4835-8522-984a08898459/1/I8V-XHjfvbR_lMxku4DuEwwhB-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/6788f7-d58f-4835-8522-984a08898459/1/ABK53JdtfOgH5G_qSTbHJrDEogY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.28.128.0/24
Signature Algorithm: sha256WithRSAEncryption
89:ef:3c:0d:bd:74:f6:f6:2c:fc:26:68:36:ec:6d:ff:21:92:
c1:54:e2:97:5c:7c:bb:04:4b:24:46:ea:9f:5c:45:89:2b:3e:
a6:f1:e2:55:5d:8d:8b:aa:5e:f0:8f:76:9c:9e:59:f2:5c:a9:
b2:4e:30:56:a0:7a:52:f5:80:f6:3b:fa:fa:34:62:78:f9:68:
1a:90:17:0a:ef:f0:5d:51:3c:5d:d7:88:91:47:8a:7d:ab:f8:
5f:91:e9:f0:a9:01:88:9e:51:04:14:1c:62:e5:40:d1:cf:9e:
a3:e8:16:54:cd:17:9e:9d:d9:92:42:19:3b:cf:8f:27:93:10:
66:9c:64:a2:2c:0c:09:19:33:51:40:69:27:22:49:13:2e:06:
6d:4f:c9:0e:8e:11:b2:d1:54:a8:eb:39:23:31:8a:f5:d3:82:
2d:e4:03:55:9d:f0:f4:68:fa:51:f6:39:67:38:bb:93:aa:c6:
81:c5:1c:7f:e0:97:73:4d:0c:64:d8:c8:fe:3a:9a:42:ad:78:
bb:b4:88:b8:31:04:60:e4:b6:a6:d7:5e:0a:44:23:8a:cb:6f:
2b:76:49:4b:a5:c9:ee:3c:c8:85:a7:3e:a9:e1:1b:b4:be:0c:
74:72:72:82:f1:84:3a:72:56:06:85:50:45:6b:df:e1:48:f5:
d9:ef:42:b1
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAUf6MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDAw
MTJiOWRjOTc2ZDdjZTgwN2U0NmZlYTQ5MzZjNzI2YjBjNGEyMDYwHhcNMjIwNDEz
MTAwMzQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyM2M1N2U1Yzc4ZGZi
ZGI0N2Y5NGNjNjRiYjgwZWUxMzBjMjEwN2VhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA5SW4fr5uenUD3Y5c/sk+T3Usl821S7gYgaVwcHwhaAXcERWB
9y2o4+wKpFVIuFJ//yM6AeKKLa4wTVrxdyqbqswBmS1M4polY55hMscHjgfRkuBT
4O3qoFxvIQJB6h0DhE5BkkXXxGys/rWlstouAnko5fJLoOlUCFVGyS8kxr1V5z9j
lUezVfxMhUpBFlhnxaZeLAI4nCoj4DZg7llhZ/mUQZhgXIL26bLiWWEUVGvBZi2V
nTiqf7fnlPvuodw93QB2td8ANC67oser+xaGPIpxKYq56201vQghbdL8AEtXAWv9
iwJAkm/0p7bvO8LUyOo2sRjp1XZcr+NzexMCuQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFCPFflx43720f5TMZLuA7hMMIQfqMB8GA1UdIwQYMBaAFAASudyXbXzoB+Rv
6kk2xyawxKIGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
QUJLNTNKZHRmT2dINUdfcVNUYkhKckRFb2dZLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC84NS82Nzg4ZjctZDU4Zi00ODM1LTg1MjItOTg0YTA4ODk4NDU5LzEv
SThWLVhIamZ2YlJfbE14a3U0RHVFd3doQi1vLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS82
Nzg4ZjctZDU4Zi00ODM1LTg1MjItOTg0YTA4ODk4NDU5LzEvQUJLNTNKZHRmT2dI
NUdfcVNUYkhKckRFb2dZLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RyAMA0GCSqGSIb3DQEBCwUAA4IB
AQCJ7zwNvXT29iz8Jmg27G3/IZLBVOKXXHy7BEskRuqfXEWJKz6m8eJVXY2Lql7w
j3acnlnyXKmyTjBWoHpS9YD2O/r6NGJ4+WgakBcK7/BdUTxd14iRR4p9q/hfkenw
qQGInlEEFBxi5UDRz56j6BZUzReendmSQhk7z48nkxBmnGSiLAwJGTNRQGknIkkT
LgZtT8kOjhGy0VSo6zkjMYr104It5ANVnfD0aPpR9jlnOLuTqsaBxRx/4JdzTQxk
2Mj+OppCrXi7tIi4MQRg5Lam114KRCOKy28rdklLpcnuPMiFpz6p4Ru0vgx0cnKC
8YQ6clYGhVBFa9/hSPXZ70Kx
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:28 2023 by rpki-client on console-ams.rpki-client.org