Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/1-e5IoBcA93EuQU2XQjznF_hJ-ZQ.roa
File: 1-e5IoBcA93EuQU2XQjznF_hJ-ZQ.roa (raw, json)
Hash identifier: lk7LeCQzvi5BfAwurbZUqBDwR4zoW8DKvRYm2k5g9jw=
Subject key identifier: F9:EE:48:A0:17:00:F7:71:2E:41:4D:97:42:3C:E7:17:F8:49:F9:94
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01839DD4C23DB3CD878F4CA615452D553B6A
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/1-e5IoBcA93EuQU2XQjznF_hJ-ZQ.roa
Signing time: Mon 03 Oct 2022 12:31:49 +0000
ROA not before: Mon 03 Oct 2022 12:31:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57844
IP address blocks: 159.148.109.0/24 maxlen: 24
159.148.234.0/24 maxlen: 24
159.148.26.0/24 maxlen: 24
159.148.58.0/24 maxlen: 24
159.148.66.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:9d:d4:c2:3d:b3:cd:87:8f:4c:a6:15:45:2d:55:3b:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Oct 3 12:31:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f9ee48a01700f7712e414d97423ce717f849f994
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:03:c8:65:1b:2b:dc:20:48:2f:7b:9c:a4:d2:
4a:4c:96:97:ce:57:8b:ad:79:15:7d:55:f8:2a:99:
60:0e:d7:2c:5b:ad:11:13:11:61:d6:be:74:82:ec:
9d:6b:12:90:4e:ea:11:75:2f:3d:41:01:a6:43:64:
74:b5:a5:00:92:e3:f2:e0:f6:a5:98:fa:15:6d:39:
c0:21:5b:c5:4f:0e:38:62:36:ec:89:4a:4a:35:4a:
c1:f0:d5:25:84:4a:b1:8d:b1:64:57:56:37:be:8e:
1b:9f:c1:39:99:16:00:0f:b7:f9:8d:54:28:94:4b:
c1:18:1a:2c:a3:6f:a0:56:00:24:ca:29:bc:5d:13:
1b:7f:41:72:95:ef:39:29:85:71:fb:a7:18:56:d1:
43:36:4b:a5:d8:9d:69:de:a2:5d:98:0e:5c:62:04:
b4:26:35:dd:53:11:cb:25:dd:74:16:33:a5:d7:f9:
79:6f:0b:c5:a6:2b:d2:a5:00:c3:67:14:db:8a:da:
9a:2b:df:d9:ef:7c:3c:1d:02:e6:52:07:be:c1:cd:
ee:66:7a:ba:1e:e5:90:06:61:f3:e9:ca:ae:3a:54:
85:4d:7b:03:48:55:0d:73:8e:76:db:2e:06:d0:cc:
da:bd:2a:5a:d4:ee:a2:29:86:39:76:55:8e:0b:0a:
85:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:EE:48:A0:17:00:F7:71:2E:41:4D:97:42:3C:E7:17:F8:49:F9:94
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/1-e5IoBcA93EuQU2XQjznF_hJ-ZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.26.0/24
159.148.58.0/24
159.148.66.0/24
159.148.109.0/24
159.148.234.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:f0:56:cc:6a:9f:0c:7e:b9:6c:3a:d6:23:68:a8:4b:8f:e5:
a6:40:b4:fc:00:d4:aa:51:d4:23:86:ec:ba:4b:f7:c9:a0:85:
60:79:9a:0b:33:74:f2:b7:f4:75:76:95:cf:43:74:95:b3:4f:
e8:4b:54:aa:d7:0b:a1:ef:0e:1e:15:e1:8d:88:61:68:bc:88:
ce:5b:3d:a3:f0:8c:c8:f3:6d:0f:97:93:13:c3:02:33:3a:36:
fc:00:4c:da:3f:20:30:59:99:17:c4:3d:6e:43:fe:8e:73:16:
7e:39:36:58:a2:bd:b6:cd:b2:80:54:7a:0c:77:ef:c0:2d:3f:
a6:31:e3:1b:07:3b:54:06:26:a6:04:ad:42:1e:c5:9a:da:40:
74:c1:59:00:87:ee:fb:bf:17:23:47:79:17:51:62:05:ec:0d:
a7:fe:09:2d:3f:13:77:3e:22:a6:d8:61:27:5d:f2:51:a9:fb:
64:af:d9:33:61:93:4c:7e:83:2a:0e:46:04:ae:ce:79:c6:a3:
e8:33:27:51:dc:bf:87:77:a7:a8:21:a4:8a:a8:f5:74:4d:1a:
b4:73:92:41:25:04:b9:b1:ae:c3:10:ad:93:44:32:ab:08:03:
71:65:00:32:cf:ae:5a:7a:0d:74:1a:4b:41:98:06:5a:13:eb:
6c:a1:a9:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYOd1MI9s82Hj0ymFUUtVTtqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjIxMDAzMTIzMTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWVlNDhhMDE3MDBmNzcxMmU0MTRkOTc0MjNjZTcxN2Y4NDlmOTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQPIZRsr3CBIL3ucpNJKTJaXzleL
rXkVfVX4KplgDtcsW60RExFh1r50guydaxKQTuoRdS89QQGmQ2R0taUAkuPy4Pal
mPoVbTnAIVvFTw44YjbsiUpKNUrB8NUlhEqxjbFkV1Y3vo4bn8E5mRYAD7f5jVQo
lEvBGBoso2+gVgAkyim8XRMbf0Fyle85KYVx+6cYVtFDNkul2J1p3qJdmA5cYgS0
JjXdUxHLJd10FjOl1/l5bwvFpivSpQDDZxTbitqaK9/Z73w8HQLmUge+wc3uZnq6
HuWQBmHz6cquOlSFTXsDSFUNc4522y4G0MzavSpa1O6iKYY5dlWOCwqFRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPnuSKAXAPdxLkFNl0I85xf4SfmUMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvMS1lNUlvQmNBOTNFdVFVMlhRanpuRl9oSi1aUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGUvMzU1NWZlLTEyY2QtNDAyYS1hODEwLTU1NTRkNmUxNjg2
Zi8xL3F3bFN5THFOcmJIVFRlYkdxVGhrcGduOFFldy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAJ+UGgME
AJ+UOgMEAJ+UQgMEAJ+UbQMEAJ+U6jANBgkqhkiG9w0BAQsFAAOCAQEAH/BWzGqf
DH65bDrWI2ioS4/lpkC0/ADUqlHUI4bsukv3yaCFYHmaCzN08rf0dXaVz0N0lbNP
6EtUqtcLoe8OHhXhjYhhaLyIzls9o/CMyPNtD5eTE8MCMzo2/ABM2j8gMFmZF8Q9
bkP+jnMWfjk2WKK9ts2ygFR6DHfvwC0/pjHjGwc7VAYmpgStQh7FmtpAdMFZAIfu
+78XI0d5F1FiBewNp/4JLT8Tdz4ipthhJ13yUan7ZK/ZM2GTTH6DKg5GBK7Oecaj
6DMnUdy/h3enqCGkiqj1dE0atHOSQSUEubGuwxCtk0QyqwgDcWUAMs+uWnoNdBpL
QZgGWhPrbKGp/w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:45 2023 by rpki-client on console-fra.rpki-client.org