Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/3a5258-989d-400b-b7b7-454c93c065a0/1/vIMvQiZzfwx7GNvWwlmCDvsmJdc.roa
File: vIMvQiZzfwx7GNvWwlmCDvsmJdc.roa (raw, json)
Hash identifier: aHpBfyAdCukxYjMldmDeQsx6h/rc44WC29PQfgT76jc=
Subject key identifier: BC:83:2F:42:26:73:7F:0C:7B:18:DB:D6:C2:59:82:0E:FB:26:25:D7
Certificate issuer: /CN=d4edb5f6de72436148b35a59037f2334150ddb36
Certificate serial: 069C0659
Authority key identifier: D4:ED:B5:F6:DE:72:43:61:48:B3:5A:59:03:7F:23:34:15:0D:DB:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1O219t5yQ2FIs1pZA38jNBUN2zY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/3a5258-989d-400b-b7b7-454c93c065a0/1/vIMvQiZzfwx7GNvWwlmCDvsmJdc.roa
Signing time: Sat 01 Jan 2022 15:59:25 +0000
ROA not before: Sat 01 Jan 2022 15:59:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 559
IP address blocks: 153.109.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 110888537 (0x69c0659)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4edb5f6de72436148b35a59037f2334150ddb36
Validity
Not Before: Jan 1 15:59:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bc832f4226737f0c7b18dbd6c259820efb2625d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:c0:e6:75:9f:9d:65:62:40:26:21:a8:96:10:
e8:39:f3:0e:40:05:b7:f7:10:1d:e4:53:9c:ff:1c:
98:54:97:8f:7f:bc:ba:6a:83:e9:12:51:fd:ff:59:
4c:53:d4:12:9f:a0:8b:ff:43:0b:ef:89:9c:56:aa:
6b:58:86:74:52:df:87:24:74:fd:b4:5d:b5:0b:74:
93:9c:be:53:8a:c1:64:20:f4:fb:48:0f:30:6d:20:
c6:4d:df:cf:98:52:29:a7:07:94:10:fc:e2:5f:1b:
16:0f:f4:a4:d3:dc:4b:7f:f9:8a:80:ae:8b:59:35:
6b:c7:c2:1c:99:ef:56:65:de:14:f4:9f:0f:84:e7:
d5:03:aa:00:a9:89:69:ae:a5:86:6f:c4:fc:07:d6:
39:e5:bc:b1:fd:d6:33:a7:47:c9:b8:e3:4e:c4:3e:
d6:6a:9e:3e:c0:e1:e5:74:01:1d:3a:23:33:c4:23:
82:72:01:cf:dd:19:05:25:c7:77:b8:ca:15:de:4d:
3e:ea:52:44:20:12:b0:45:c7:c8:2e:d8:65:82:20:
bb:d3:28:2d:db:48:6f:75:fa:c6:82:55:76:11:6c:
83:2e:34:e1:0e:88:03:58:64:c5:9c:a0:a3:2a:29:
a5:6d:aa:08:26:0f:74:c8:9b:8c:28:87:1b:d0:8f:
ec:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:83:2F:42:26:73:7F:0C:7B:18:DB:D6:C2:59:82:0E:FB:26:25:D7
X509v3 Authority Key Identifier:
keyid:D4:ED:B5:F6:DE:72:43:61:48:B3:5A:59:03:7F:23:34:15:0D:DB:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1O219t5yQ2FIs1pZA38jNBUN2zY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3a5258-989d-400b-b7b7-454c93c065a0/1/vIMvQiZzfwx7GNvWwlmCDvsmJdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3a5258-989d-400b-b7b7-454c93c065a0/1/1O219t5yQ2FIs1pZA38jNBUN2zY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.109.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3b:d9:79:b5:b1:59:6a:bb:42:1d:83:6b:f6:4a:d2:ee:6e:ea:
4e:17:79:51:36:24:e3:e9:42:f6:ab:62:08:21:ee:0f:0a:ad:
92:7c:31:94:33:25:18:5e:ab:dd:c9:f5:bf:c2:d8:ae:fb:5e:
3f:7c:40:34:35:86:cc:60:a1:e2:f9:9e:b9:1d:e3:f3:99:7b:
b2:9f:77:e0:5d:7b:62:73:10:cb:f3:66:8f:8c:97:c3:f3:fc:
c0:a8:3a:80:e0:1a:db:d4:b3:e2:08:6c:f9:56:9d:0b:ed:80:
24:6f:00:0e:d5:ba:34:61:0b:00:fc:bf:fd:e7:d5:d2:5f:6f:
bf:9f:f2:64:a1:12:1b:36:b7:05:3c:06:c9:c3:87:9d:56:fe:
95:90:b4:54:63:37:81:86:22:af:be:56:88:34:f4:1c:58:c4:
71:3d:ea:2d:4d:af:f5:9d:44:c3:4f:94:61:d9:ae:49:14:29:
92:36:ee:82:8e:9b:a3:71:d1:09:7d:65:03:ea:ed:91:9e:2c:
cf:ff:ab:63:3f:06:16:2d:1c:38:0c:28:cc:c0:15:4b:6e:2f:
7d:07:de:c1:1f:19:dc:6e:15:a0:d3:ab:54:37:e3:08:1a:7f:
5a:21:df:44:ac:64:9a:19:66:2b:75:dd:d0:1c:97:e0:3f:21:
c9:f1:e0:43
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIEBpwGWTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NGVkYjVmNmRlNzI0MzYxNDhiMzVhNTkwMzdmMjMzNDE1MGRkYjM2MB4XDTIyMDEw
MTE1NTkyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmM4MzJmNDIyNjcz
N2YwYzdiMThkYmQ2YzI1OTgyMGVmYjI2MjVkNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPPA5nWfnWViQCYhqJYQ6DnzDkAFt/cQHeRTnP8cmFSXj3+8
umqD6RJR/f9ZTFPUEp+gi/9DC++JnFaqa1iGdFLfhyR0/bRdtQt0k5y+U4rBZCD0
+0gPMG0gxk3fz5hSKacHlBD84l8bFg/0pNPcS3/5ioCui1k1a8fCHJnvVmXeFPSf
D4Tn1QOqAKmJaa6lhm/E/AfWOeW8sf3WM6dHybjjTsQ+1mqePsDh5XQBHTojM8Qj
gnIBz90ZBSXHd7jKFd5NPupSRCASsEXHyC7YZYIgu9MoLdtIb3X6xoJVdhFsgy40
4Q6IA1hkxZygoyoppW2qCCYPdMibjCiHG9CP7IcCAwEAAaOCAggwggIEMB0GA1Ud
DgQWBBS8gy9CJnN/DHsY29bCWYIO+yYl1zAfBgNVHSMEGDAWgBTU7bX23nJDYUiz
WlkDfyM0FQ3bNjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFPMjE5dDV5UTJGSXMxcFpBMzhqTkJVTjJ6WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTgvM2E1MjU4LTk4OWQtNDAwYi1iN2I3LTQ1NGM5M2MwNjVhMC8x
L3ZJTXZRaVp6Znd4N0dOdld3bG1DRHZzbUpkYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTgv
M2E1MjU4LTk4OWQtNDAwYi1iN2I3LTQ1NGM5M2MwNjVhMC8xLzFPMjE5dDV5UTJG
SXMxcFpBMzhqTkJVTjJ6WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAe
BggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJltMA0GCSqGSIb3DQEBCwUAA4IB
AQA72Xm1sVlqu0Idg2v2StLubupOF3lRNiTj6UL2q2IIIe4PCq2SfDGUMyUYXqvd
yfW/wtiu+14/fEA0NYbMYKHi+Z65HePzmXuyn3fgXXticxDL82aPjJfD8/zAqDqA
4Brb1LPiCGz5Vp0L7YAkbwAO1bo0YQsA/L/959XSX2+/n/JkoRIbNrcFPAbJw4ed
Vv6VkLRUYzeBhiKvvlaINPQcWMRxPeotTa/1nUTDT5Rh2a5JFCmSNu6CjpujcdEJ
fWUD6u2RnizP/6tjPwYWLRw4DCjMwBVLbi99B97BHxncbhWg06tUN+MIGn9aId9E
rGSaGWYrdd3QHJfgPyHJ8eBD
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:46 2023 by rpki-client on console-ams.rpki-client.org