Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/1HdL-uXpQ9upkv6kpCbjifE5Sz4.roa
File: 1HdL-uXpQ9upkv6kpCbjifE5Sz4.roa (raw, json)
Hash identifier: ni+JyLZaTYgUzttFIuymLXf/yCSPYypUvx8enMypt58=
Subject key identifier: D4:77:4B:FA:E5:E9:43:DB:A9:92:FE:A4:A4:26:E3:89:F1:39:4B:3E
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01839DD4C03CD6C19B3E672E3BCF01CDC9D4
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/1HdL-uXpQ9upkv6kpCbjifE5Sz4.roa
Signing time: Mon 03 Oct 2022 12:31:49 +0000
ROA not before: Mon 03 Oct 2022 12:31:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35478
IP address blocks: 159.148.216.0/24 maxlen: 24
159.148.218.0/24 maxlen: 24
159.148.222.0/24 maxlen: 24
159.148.195.0/24 maxlen: 24
159.148.204.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:9d:d4:c0:3c:d6:c1:9b:3e:67:2e:3b:cf:01:cd:c9:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Oct 3 12:31:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d4774bfae5e943dba992fea4a426e389f1394b3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:3a:aa:a6:d3:79:52:0f:31:e7:d3:7b:61:d6:
51:5e:74:49:85:7a:32:aa:cd:0d:04:c0:b7:3f:a3:
6b:a1:e5:6e:44:b3:b7:36:51:bf:ba:94:bd:bc:d3:
7f:27:6c:d7:d6:77:77:fa:42:bf:e9:ae:88:15:57:
2b:9e:b4:84:c3:c6:5a:71:7f:b0:1e:25:95:86:6f:
fc:b9:47:bd:a1:5b:a0:f5:ee:d7:5c:2f:1e:65:44:
26:70:a1:e4:06:d5:85:28:f4:d3:38:66:2e:73:22:
48:dc:46:27:1a:a2:ac:a6:01:3f:78:19:ab:3f:7d:
3c:74:1c:68:87:8c:a4:17:f1:63:ae:9b:df:d7:45:
c1:97:77:6e:3c:a9:9f:13:6d:1c:c8:06:c4:0e:9e:
9d:de:34:8c:8f:d8:5e:00:19:f9:4f:43:ba:01:7b:
01:32:8f:24:2a:ab:4c:c1:b3:f8:01:5c:d5:d1:cc:
88:44:0d:8c:0d:c2:e3:b1:8c:81:10:24:f4:b1:9b:
fc:59:05:5e:a5:fa:84:51:62:f0:30:03:5e:ae:fd:
26:2d:ff:f5:a0:c9:94:fd:25:70:c3:62:35:c8:54:
91:be:de:35:d3:e8:1b:83:1d:64:83:42:41:3d:21:
ee:33:45:01:5c:3e:ef:1f:35:ea:7a:9d:6f:e2:de:
aa:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:77:4B:FA:E5:E9:43:DB:A9:92:FE:A4:A4:26:E3:89:F1:39:4B:3E
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/1HdL-uXpQ9upkv6kpCbjifE5Sz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.195.0/24
159.148.204.0/24
159.148.216.0/24
159.148.218.0/24
159.148.222.0/24
Signature Algorithm: sha256WithRSAEncryption
52:7a:35:8d:8b:9b:39:6c:32:2f:be:20:18:96:f6:b9:86:b8:
14:6e:f8:3e:96:69:87:0e:ba:66:dd:d0:4f:41:03:77:99:dd:
05:43:9d:72:9b:e7:91:99:0a:09:e9:9d:49:ae:01:ad:8d:0f:
9e:48:51:c3:c0:17:a7:0c:12:2f:d5:47:5a:f5:ba:81:9c:ff:
a9:08:0a:bb:6f:45:0f:db:bd:bb:05:66:6c:31:b9:05:49:a6:
bb:0b:df:7b:43:c1:b6:63:3e:0d:21:44:9a:c0:31:4a:ca:11:
c4:c5:5f:b0:93:d2:19:8f:3b:85:90:68:6f:ca:35:d9:5b:d3:
e0:8a:61:05:7c:c4:9d:a6:fb:34:b7:0b:4b:1d:da:69:17:30:
c3:8b:98:08:60:6d:90:4c:28:84:72:a3:3f:de:e4:e5:5e:21:
0a:39:cf:89:f9:9d:68:08:f6:72:8d:a8:3e:1b:73:46:0a:f8:
49:db:5a:be:40:9b:83:14:b7:22:4f:2c:69:70:c8:0b:a8:5f:
af:8d:77:d3:58:70:25:67:f5:50:88:c1:e3:00:24:dc:ed:54:
25:80:f6:31:d4:cd:6f:53:16:7d:8f:77:01:64:79:30:d3:b9:
77:1e:06:01:a7:ed:e3:73:33:e7:38:10:bc:20:a0:b3:ce:86:
8b:84:c3:b9
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYOd1MA81sGbPmcuO88BzcnUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjIxMDAzMTIzMTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDc3NGJmYWU1ZTk0M2RiYTk5MmZlYTRhNDI2ZTM4OWYxMzk0YjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjqqptN5Ug8x59N7YdZRXnRJhXoy
qs0NBMC3P6NroeVuRLO3NlG/upS9vNN/J2zX1nd3+kK/6a6IFVcrnrSEw8ZacX+w
HiWVhm/8uUe9oVug9e7XXC8eZUQmcKHkBtWFKPTTOGYucyJI3EYnGqKspgE/eBmr
P308dBxoh4ykF/Fjrpvf10XBl3duPKmfE20cyAbEDp6d3jSMj9heABn5T0O6AXsB
Mo8kKqtMwbP4AVzV0cyIRA2MDcLjsYyBECT0sZv8WQVepfqEUWLwMANerv0mLf/1
oMmU/SVww2I1yFSRvt410+gbgx1kg0JBPSHuM0UBXD7vHzXqep1v4t6q2wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNR3S/rl6UPbqZL+pKQm44nxOUs+MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvMUhkTC11WHBROXVwa3Y2a3BDYmppZkU1U3o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAn5TDAwQA
n5TMAwQAn5TYAwQAn5TaAwQAn5TeMA0GCSqGSIb3DQEBCwUAA4IBAQBSejWNi5s5
bDIvviAYlva5hrgUbvg+lmmHDrpm3dBPQQN3md0FQ51ym+eRmQoJ6Z1JrgGtjQ+e
SFHDwBenDBIv1Uda9bqBnP+pCAq7b0UP2727BWZsMbkFSaa7C997Q8G2Yz4NIUSa
wDFKyhHExV+wk9IZjzuFkGhvyjXZW9PgimEFfMSdpvs0twtLHdppFzDDi5gIYG2Q
TCiEcqM/3uTlXiEKOc+J+Z1oCPZyjag+G3NGCvhJ21q+QJuDFLciTyxpcMgLqF+v
jXfTWHAlZ/VQiMHjACTc7VQlgPYx1M1vUxZ9j3cBZHkw07l3HgYBp+3jczPnOBC8
IKCzzoaLhMO5
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:37 2023 by rpki-client on console-ams.rpki-client.org