Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/3c02f6-7c41-49bb-b9de-b69dce7547a1/1/itD0BCEa4reVGnPdma75PJIcle4.roa
File: itD0BCEa4reVGnPdma75PJIcle4.roa (raw, json)
Hash identifier: B4WxjvbsLDPfjY/y5Y4wi/3TOBlamJLNItn5GmlzmFA=
Subject key identifier: 8A:D0:F4:04:21:1A:E2:B7:95:1A:73:DD:99:AE:F9:3C:92:1C:95:EE
Certificate issuer: /CN=16cde139ae0573b0a4dda93e77b57ff27f9beba1
Certificate serial: 0401CE3B
Authority key identifier: 16:CD:E1:39:AE:05:73:B0:A4:DD:A9:3E:77:B5:7F:F2:7F:9B:EB:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fs3hOa4Fc7Ck3ak-d7V_8n-b66E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/3c02f6-7c41-49bb-b9de-b69dce7547a1/1/itD0BCEa4reVGnPdma75PJIcle4.roa
Signing time: Sat 01 Jan 2022 15:01:14 +0000
ROA not before: Sat 01 Jan 2022 15:01:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8220
IP address blocks: 155.45.128.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67227195 (0x401ce3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16cde139ae0573b0a4dda93e77b57ff27f9beba1
Validity
Not Before: Jan 1 15:01:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8ad0f404211ae2b7951a73dd99aef93c921c95ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:55:1f:39:4c:ce:04:ec:a7:4b:46:94:bc:73:
81:44:ae:ca:da:f9:b7:8e:c8:93:dc:a8:ed:6d:95:
d9:47:32:98:19:1b:ba:c4:b5:d8:c1:fb:d5:78:93:
14:93:b2:7f:5b:00:14:21:e0:55:e2:60:74:99:06:
8c:3e:41:e7:d4:40:9e:63:10:b3:10:0a:d3:f9:75:
0f:2c:78:a2:e8:71:af:a2:66:76:a3:2d:c3:ce:9b:
5a:88:3c:59:53:3f:78:d1:8e:fa:50:34:41:04:47:
8f:c7:d0:b0:73:c1:60:83:86:b2:fb:c0:d8:60:c7:
b2:2c:10:2c:3f:d0:ed:af:7c:d2:f7:66:08:23:64:
fd:2c:99:14:48:5d:c9:b3:57:76:5f:03:54:e6:ef:
c8:9c:9e:b9:7d:b9:39:a4:75:cb:5d:c6:8b:fb:d5:
ab:0f:28:62:fd:fa:b7:4c:b2:91:36:be:e7:21:7b:
fd:d9:27:16:df:6d:d2:bf:d5:c5:67:4f:db:64:d1:
df:f0:59:e0:08:34:ef:46:b6:45:95:db:19:db:8e:
79:07:72:21:96:5c:a5:79:41:32:6f:3f:41:8f:3d:
e0:87:bf:f7:d4:36:91:21:a1:b6:6b:c9:6c:e8:4e:
7d:da:42:f6:43:bc:d2:33:e6:23:8f:23:74:a3:bc:
f7:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:D0:F4:04:21:1A:E2:B7:95:1A:73:DD:99:AE:F9:3C:92:1C:95:EE
X509v3 Authority Key Identifier:
keyid:16:CD:E1:39:AE:05:73:B0:A4:DD:A9:3E:77:B5:7F:F2:7F:9B:EB:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fs3hOa4Fc7Ck3ak-d7V_8n-b66E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/3c02f6-7c41-49bb-b9de-b69dce7547a1/1/itD0BCEa4reVGnPdma75PJIcle4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/3c02f6-7c41-49bb-b9de-b69dce7547a1/1/Fs3hOa4Fc7Ck3ak-d7V_8n-b66E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.45.128.0/24
Signature Algorithm: sha256WithRSAEncryption
60:5a:87:47:15:ec:44:d8:e3:ea:bd:88:80:2f:eb:41:8b:da:
23:c2:4b:f8:63:57:ce:bc:90:87:43:07:91:7b:2e:3c:c8:59:
0d:44:50:1f:87:c4:88:ab:f1:cd:0e:8e:93:d6:eb:a3:82:4e:
67:60:1a:19:8d:6c:98:2f:a1:24:68:b8:1b:84:7c:1b:fa:95:
44:20:0e:fd:d3:29:b0:f0:bc:51:e2:e5:7e:c8:0a:73:fc:91:
41:85:fa:62:a7:e8:23:ed:0a:e3:d2:cc:fd:73:e1:73:08:b7:
5d:50:34:26:8f:c4:5e:84:10:20:88:38:f2:14:2a:34:0a:82:
f8:c8:b9:1f:20:c4:70:11:da:a2:51:53:91:55:af:f5:6f:fc:
9d:f9:ed:04:ce:98:6a:bf:87:9b:9d:71:77:2c:f6:24:e7:62:
75:9a:6f:d6:f1:fa:5a:bc:d1:ea:37:95:62:26:78:5d:8a:5f:
d4:93:03:ee:85:8b:fd:59:9f:dc:f9:b1:03:c8:d4:22:cb:3a:
ca:fc:16:5c:e4:c3:5d:20:68:25:8d:bb:03:c3:cb:12:7a:87:
ad:17:1c:c7:d7:19:fe:6d:f3:ce:02:f1:eb:2a:9d:22:d2:2d:
cb:a7:25:49:04:e7:15:6c:12:a9:1c:3c:92:17:e5:fe:87:d6:
96:bc:a5:9c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBAHOOzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NmNkZTEzOWFlMDU3M2IwYTRkZGE5M2U3N2I1N2ZmMjdmOWJlYmExMB4XDTIyMDEw
MTE1MDExNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGFkMGY0MDQyMTFh
ZTJiNzk1MWE3M2RkOTlhZWY5M2M5MjFjOTVlZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK9VHzlMzgTsp0tGlLxzgUSuytr5t47Ik9yo7W2V2UcymBkb
usS12MH71XiTFJOyf1sAFCHgVeJgdJkGjD5B59RAnmMQsxAK0/l1Dyx4ouhxr6Jm
dqMtw86bWog8WVM/eNGO+lA0QQRHj8fQsHPBYIOGsvvA2GDHsiwQLD/Q7a980vdm
CCNk/SyZFEhdybNXdl8DVObvyJyeuX25OaR1y13Gi/vVqw8oYv36t0yykTa+5yF7
/dknFt9t0r/VxWdP22TR3/BZ4Ag070a2RZXbGduOeQdyIZZcpXlBMm8/QY894Ie/
99Q2kSGhtmvJbOhOfdpC9kO80jPmI48jdKO891UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSK0PQEIRrit5Uac92Zrvk8khyV7jAfBgNVHSMEGDAWgBQWzeE5rgVzsKTd
qT53tX/yf5vroTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZzM2hPYTRGYzdDazNhay1kN1ZfOG4tYjY2RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTkvM2MwMmY2LTdjNDEtNDliYi1iOWRlLWI2OWRjZTc1NDdhMS8x
L2l0RDBCQ0VhNHJlVkduUGRtYTc1UEpJY2xlNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkv
M2MwMmY2LTdjNDEtNDliYi1iOWRlLWI2OWRjZTc1NDdhMS8xL0ZzM2hPYTRGYzdD
azNhay1kN1ZfOG4tYjY2RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJstgDANBgkqhkiG9w0BAQsFAAOC
AQEAYFqHRxXsRNjj6r2IgC/rQYvaI8JL+GNXzryQh0MHkXsuPMhZDURQH4fEiKvx
zQ6Ok9bro4JOZ2AaGY1smC+hJGi4G4R8G/qVRCAO/dMpsPC8UeLlfsgKc/yRQYX6
YqfoI+0K49LM/XPhcwi3XVA0Jo/EXoQQIIg48hQqNAqC+Mi5HyDEcBHaolFTkVWv
9W/8nfntBM6Yar+Hm51xdyz2JOdidZpv1vH6WrzR6jeVYiZ4XYpf1JMD7oWL/Vmf
3PmxA8jUIss6yvwWXOTDXSBoJY27A8PLEnqHrRccx9cZ/m3zzgLx6yqdItIty6cl
SQTnFWwSqRw8khfl/ofWlrylnA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:49 2023 by rpki-client on console-ams.rpki-client.org