Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/b7pIyMCpUxonVFfdvLMQUv94ZrY.roa
File: b7pIyMCpUxonVFfdvLMQUv94ZrY.roa (raw, json)
Hash identifier: K+Y0elHUtM4iXnRfaHEE8m9x33vFrAwfDy8HgbI6QJc=
Subject key identifier: 6F:BA:48:C8:C0:A9:53:1A:27:54:57:DD:BC:B3:10:52:FF:78:66:B6
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018BAF32659BE61C262C8E01F41A97EACCD6
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/b7pIyMCpUxonVFfdvLMQUv94ZrY.roa
Signing time: Wed 08 Nov 2023 13:49:57 +0000
ROA not before: Wed 08 Nov 2023 13:49:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 159.148.226.0/24 maxlen: 24
159.148.134.0/24 maxlen: 24
159.148.137.0/24 maxlen: 24
159.148.136.0/24 maxlen: 24
159.148.140.0/24 maxlen: 24
159.148.184.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:af:32:65:9b:e6:1c:26:2c:8e:01:f4:1a:97:ea:cc:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Nov 8 13:49:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6fba48c8c0a9531a275457ddbcb31052ff7866b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:36:90:24:bb:60:7c:ce:08:2c:59:e5:a6:5f:
9e:5f:09:0f:42:81:f1:53:55:51:4f:52:e8:1f:a0:
7f:68:3f:73:9d:2d:60:d8:2f:8d:16:02:af:3e:41:
4c:24:47:53:57:fc:04:41:62:36:09:08:45:9c:49:
2a:79:14:e8:7d:b6:7e:aa:38:83:cf:4c:cd:92:96:
86:c3:c0:0a:b0:74:d8:06:55:b9:70:e5:2e:45:c5:
37:9b:ed:e2:4c:44:ac:ac:cc:c2:38:3c:43:87:9a:
3e:4b:64:66:cd:bf:bc:7a:b9:22:2a:7e:3c:3d:2d:
e6:4d:d1:b4:ac:56:df:53:52:14:21:fc:a1:6b:64:
6f:80:d5:c2:67:5b:28:ad:b7:9a:da:fa:ca:e8:a7:
0c:61:78:a2:2c:a8:1e:92:d4:c6:ad:d4:7d:55:36:
c1:e1:75:a8:ca:67:a4:8e:e7:ae:57:f0:24:b1:50:
c6:4f:cd:1b:97:0a:47:c4:c6:bc:31:5a:87:d1:5d:
d2:3e:fc:be:61:10:ec:75:7b:c6:ae:0a:31:1e:d7:
82:01:7b:61:e0:0d:dd:dd:d3:c5:0c:96:db:f9:ed:
ca:cc:e6:5b:26:5b:65:cc:a4:4f:84:5b:ad:b1:67:
b1:4d:9b:a9:02:ec:1b:e2:aa:63:d6:d9:56:00:22:
0a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:BA:48:C8:C0:A9:53:1A:27:54:57:DD:BC:B3:10:52:FF:78:66:B6
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/b7pIyMCpUxonVFfdvLMQUv94ZrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.134.0/24
159.148.136.0/23
159.148.140.0/24
159.148.184.0/24
159.148.226.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:9c:f2:44:69:c9:2f:05:a2:1d:78:9e:95:9b:91:d3:b7:37:
92:9c:1a:e8:82:44:45:dd:17:ef:80:48:9b:e2:f7:26:2d:11:
51:fd:83:1f:13:5a:40:52:c5:eb:c4:af:68:de:6b:1b:c6:26:
c6:e3:d8:0c:8b:dc:cf:5d:37:9c:da:68:4f:0a:a7:f9:d1:79:
11:03:37:a1:af:73:47:ac:5b:37:f3:8d:50:c6:02:2a:fc:55:
9e:a5:31:ad:ab:0f:4e:75:ad:4c:a5:16:1f:d7:30:64:54:8c:
0a:b3:f5:67:8e:2e:05:5f:e4:02:89:c4:ae:6c:6b:e4:5a:7b:
40:1b:c4:e8:21:b2:9b:03:0d:96:53:26:2b:43:e3:18:12:06:
e4:da:e8:7b:60:8e:57:29:8c:09:29:a1:e6:e5:06:82:aa:49:
99:ba:f5:26:3e:a2:a0:c0:13:1c:40:5d:f0:cd:ba:98:08:86:
48:f1:09:c7:4b:03:6f:98:45:2c:53:3a:ca:53:0d:2a:47:8b:
80:8b:93:bd:35:13:2a:60:1f:60:01:45:c8:34:ee:23:cb:de:
bc:1b:95:86:83:92:b2:ea:8f:b4:e2:4c:b8:bc:bb:3d:77:1e:
92:ab:f9:b3:c7:90:53:15:34:16:34:45:34:36:fe:a6:e5:1f:
67:34:2b:ed
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYuvMmWb5hwmLI4B9BqX6szWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjMxMTA4MTM0OTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmJhNDhjOGMwYTk1MzFhMjc1NDU3ZGRiY2IzMTA1MmZmNzg2NmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzaQJLtgfM4ILFnlpl+eXwkPQoHx
U1VRT1LoH6B/aD9znS1g2C+NFgKvPkFMJEdTV/wEQWI2CQhFnEkqeRTofbZ+qjiD
z0zNkpaGw8AKsHTYBlW5cOUuRcU3m+3iTESsrMzCODxDh5o+S2Rmzb+8erkiKn48
PS3mTdG0rFbfU1IUIfyha2RvgNXCZ1sorbea2vrK6KcMYXiiLKgektTGrdR9VTbB
4XWoymekjueuV/AksVDGT80blwpHxMa8MVqH0V3SPvy+YRDsdXvGrgoxHteCAXth
4A3d3dPFDJbb+e3KzOZbJltlzKRPhFutsWexTZupAuwb4qpj1tlWACIKHwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFG+6SMjAqVMaJ1RX3byzEFL/eGa2MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvYjdwSXlNQ3BVeG9uVkZmZHZMTVFVdjk0WnJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAn5SGAwQB
n5SIAwQAn5SMAwQAn5S4AwQAn5TiMA0GCSqGSIb3DQEBCwUAA4IBAQAPnPJEackv
BaIdeJ6Vm5HTtzeSnBrogkRF3RfvgEib4vcmLRFR/YMfE1pAUsXrxK9o3msbxibG
49gMi9zPXTec2mhPCqf50XkRAzehr3NHrFs3841QxgIq/FWepTGtqw9Oda1MpRYf
1zBkVIwKs/Vnji4FX+QCicSubGvkWntAG8ToIbKbAw2WUyYrQ+MYEgbk2uh7YI5X
KYwJKaHm5QaCqkmZuvUmPqKgwBMcQF3wzbqYCIZI8QnHSwNvmEUsUzrKUw0qR4uA
i5O9NRMqYB9gAUXINO4jy968G5WGg5Ky6o+04ky4vLs9dx6Sq/mzx5BTFTQWNEU0
Nv6m5R9nNCvt
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:26:01 2025 by rpki-client