Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/_4desqjZ9leY0zOX_u3-sDqUdDM.roa
File: _4desqjZ9leY0zOX_u3-sDqUdDM.roa (raw, json)
Hash identifier: ex9HunZ4C46NIg6SutJ9USQ63pjUMuaDMiXfCxO4CYs=
Subject key identifier: FF:87:5E:B2:A8:D9:F6:57:98:D3:33:97:FE:ED:FE:B0:3A:94:74:33
Certificate issuer: /CN=22a5d84053e2b0c313af1e3ba5102466a5f79678
Certificate serial: 018708FF12815BE12210869832662BA48938
Authority key identifier: 22:A5:D8:40:53:E2:B0:C3:13:AF:1E:3B:A5:10:24:66:A5:F7:96:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/_4desqjZ9leY0zOX_u3-sDqUdDM.roa
Signing time: Wed 22 Mar 2023 11:05:46 +0000
ROA not before: Wed 22 Mar 2023 11:05:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 270119
IP address blocks: 155.204.136.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:08:ff:12:81:5b:e1:22:10:86:98:32:66:2b:a4:89:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22a5d84053e2b0c313af1e3ba5102466a5f79678
Validity
Not Before: Mar 22 11:05:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff875eb2a8d9f65798d33397feedfeb03a947433
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:7b:76:55:a2:12:f2:d8:00:5f:a0:a6:52:f3:
8e:a3:24:a8:0b:e0:a9:f5:e8:b9:c6:3c:09:e7:d6:
8d:bc:e1:91:57:a0:fe:51:34:8f:bc:a2:2a:11:87:
86:1e:ab:be:9f:8a:d0:c1:45:2c:4b:76:f6:05:25:
c5:ae:c6:21:89:39:31:84:4b:80:7d:d7:c7:40:a3:
3a:9e:bb:ab:fc:a9:76:30:77:8e:12:39:c7:5e:eb:
ea:a0:c8:b6:d1:e3:cf:6a:3c:8e:5b:d7:1c:f5:2a:
28:b4:08:fd:90:45:6f:d5:82:2e:2a:ea:5d:6d:8b:
ad:80:bf:5e:81:69:ea:4f:45:30:30:f7:dd:46:38:
77:36:f1:b6:34:29:97:f4:ca:e4:07:46:a4:b4:12:
85:17:ee:4e:17:31:8e:a7:01:7f:65:9b:41:2a:9e:
d6:80:2d:ed:74:8d:09:b3:7c:5e:f9:d7:24:5e:97:
72:76:40:b4:b3:d6:4b:9e:8c:de:d2:87:b8:0d:e9:
1c:71:01:30:9e:39:c0:94:7b:b7:06:ce:e7:ae:f7:
bf:bd:42:d1:8f:c8:c0:f0:24:b7:35:62:a1:a6:a5:
34:68:b6:8c:2b:b0:1f:f4:00:4b:2a:09:5d:25:90:
41:ea:63:c0:15:19:e8:9f:44:18:84:f3:a9:b8:d9:
24:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:87:5E:B2:A8:D9:F6:57:98:D3:33:97:FE:ED:FE:B0:3A:94:74:33
X509v3 Authority Key Identifier:
keyid:22:A5:D8:40:53:E2:B0:C3:13:AF:1E:3B:A5:10:24:66:A5:F7:96:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/_4desqjZ9leY0zOX_u3-sDqUdDM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/IqXYQFPisMMTrx47pRAkZqX3lng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.204.136.0/21
Signature Algorithm: sha256WithRSAEncryption
93:64:36:ad:a9:33:48:fa:f2:b7:f0:00:b3:9d:99:24:48:c1:
c0:f3:95:fc:33:51:76:00:22:6b:c6:d1:aa:02:d8:fa:4e:3c:
bc:50:3e:66:b9:6e:aa:2f:8c:bb:51:b5:5b:14:02:04:2e:c1:
86:34:f8:a9:35:d0:58:a2:c1:91:1d:51:92:19:49:b5:5b:ba:
45:7e:9b:b3:14:70:f2:7f:6d:d2:41:6f:19:48:a2:14:77:2a:
a3:a5:ff:04:9f:98:b8:48:a3:da:8b:3d:dc:3f:0b:82:c2:92:
de:89:7e:12:31:82:9f:ac:5a:ae:fb:82:80:4c:b6:90:e2:94:
54:2f:05:10:f0:68:b7:a6:a8:57:a4:76:21:36:7a:bb:e9:de:
dd:4f:02:c5:bc:cf:b2:e3:7e:76:2b:86:09:e4:7e:c8:9f:db:
1f:cf:6c:ae:27:16:a7:f5:7b:ec:46:19:7f:17:53:f0:9a:d1:
82:a0:4d:af:6b:54:b5:c0:94:60:7a:95:04:1d:da:84:9d:de:
76:95:c3:69:bf:22:74:f0:2c:f2:69:68:21:0c:0e:f2:36:23:
80:1b:11:f7:e2:32:f5:8a:27:cd:5b:79:a8:11:8c:27:f8:d8:
9c:79:e0:1a:2c:4b:47:58:64:f7:ac:cb:64:2a:7d:a9:7b:5c:
73:14:47:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcI/xKBW+EiEIaYMmYrpIk4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYTVkODQwNTNlMmIwYzMxM2FmMWUzYmE1MTAyNDY2YTVm
Nzk2NzgwHhcNMjMwMzIyMTEwNTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjg3NWViMmE4ZDlmNjU3OThkMzMzOTdmZWVkZmViMDNhOTQ3NDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHt2VaIS8tgAX6CmUvOOoySoC+Cp
9ei5xjwJ59aNvOGRV6D+UTSPvKIqEYeGHqu+n4rQwUUsS3b2BSXFrsYhiTkxhEuA
fdfHQKM6nrur/Kl2MHeOEjnHXuvqoMi20ePPajyOW9cc9SootAj9kEVv1YIuKupd
bYutgL9egWnqT0UwMPfdRjh3NvG2NCmX9MrkB0aktBKFF+5OFzGOpwF/ZZtBKp7W
gC3tdI0Js3xe+dckXpdydkC0s9ZLnoze0oe4DekccQEwnjnAlHu3Bs7nrve/vULR
j8jA8CS3NWKhpqU0aLaMK7Af9ABLKgldJZBB6mPAFRnon0QYhPOpuNkkzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP+HXrKo2fZXmNMzl/7t/rA6lHQzMB8GA1UdIwQY
MBaAFCKl2EBT4rDDE68eO6UQJGal95Z4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXFYWVFGUGlzTU1Ucng0N3BSQWtacVgzbG5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9lM2ZiN2QtZGQ0Yi00ZDg1LWIwOGUt
NTkxY2FmNTM2ZWNjLzEvXzRkZXNxalo5bGVZMHpPWF91My1zRHFVZERNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9lM2ZiN2QtZGQ0Yi00ZDg1LWIwOGUtNTkxY2FmNTM2ZWNj
LzEvSXFYWVFGUGlzTU1Ucng0N3BSQWtacVgzbG5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDm8yIMA0G
CSqGSIb3DQEBCwUAA4IBAQCTZDatqTNI+vK38ACznZkkSMHA85X8M1F2ACJrxtGq
Atj6Tjy8UD5muW6qL4y7UbVbFAIELsGGNPipNdBYosGRHVGSGUm1W7pFfpuzFHDy
f23SQW8ZSKIUdyqjpf8En5i4SKPaiz3cPwuCwpLeiX4SMYKfrFqu+4KATLaQ4pRU
LwUQ8Gi3pqhXpHYhNnq76d7dTwLFvM+y4352K4YJ5H7In9sfz2yuJxan9XvsRhl/
F1PwmtGCoE2va1S1wJRgepUEHdqEnd52lcNpvyJ08CzyaWghDA7yNiOAGxH34jL1
iifNW3moEYwn+NiceeAaLEtHWGT3rMtkKn2pe1xzFEdr
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:13:55 2025 by rpki-client