Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/6a6nWX-4PjSY9ytfpSSoDN7Tgg0.roa
File: 6a6nWX-4PjSY9ytfpSSoDN7Tgg0.roa (raw, json)
Hash identifier: kgFXxGAoc9UDIH6b0UhxJ1YgWpou+cfDEvq2zxfu50Y=
Subject key identifier: E9:AE:A7:59:7F:B8:3E:34:98:F7:2B:5F:A5:24:A8:0C:DE:D3:82:0D
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01839DD4BE5FAA188A75D0EB196B478BFEC2
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/6a6nWX-4PjSY9ytfpSSoDN7Tgg0.roa
Signing time: Mon 03 Oct 2022 12:31:48 +0000
ROA not before: Mon 03 Oct 2022 12:31:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21700
IP address blocks: 159.148.114.0/24 maxlen: 24
159.148.125.0/24 maxlen: 24
159.148.148.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:9d:d4:be:5f:aa:18:8a:75:d0:eb:19:6b:47:8b:fe:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Oct 3 12:31:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e9aea7597fb83e3498f72b5fa524a80cded3820d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ca:de:09:16:80:b0:23:eb:d9:cd:8e:e5:97:
c4:12:a0:c2:d1:74:57:20:72:5e:9d:8e:a0:70:67:
9f:27:b1:5b:f7:7d:52:4f:d8:9f:4c:23:ee:93:88:
9a:8c:33:1c:b2:05:10:90:5c:89:c1:1f:40:b2:80:
7c:a6:14:34:0f:54:f5:96:a2:59:41:ff:a7:81:70:
53:34:e9:a8:d0:71:c6:70:03:7d:1e:a4:ec:a8:f0:
6a:a5:68:f1:dd:14:4e:7f:db:4e:77:16:8f:4e:d0:
dc:bb:4b:8f:0a:84:07:90:96:cc:65:a6:86:7b:be:
76:02:24:48:bf:a4:ab:32:57:62:12:c1:07:90:00:
69:af:45:d5:87:ba:cb:30:00:08:12:a2:97:9a:1f:
72:06:83:12:6f:e5:63:81:31:67:c4:01:d4:0b:00:
8f:b6:a0:f6:e0:35:31:19:e4:57:fe:af:62:0f:e5:
85:1c:7f:45:ec:65:2a:1b:8f:d5:4b:5f:ac:4f:e2:
d5:f6:70:b8:63:ad:3d:76:d2:09:19:83:fb:ff:c3:
24:79:65:a4:da:4b:9f:57:af:57:ed:2e:eb:b1:ac:
0a:34:52:ea:da:aa:97:6d:33:b0:bc:1c:8f:ab:73:
28:f3:3b:2e:3d:b4:7f:01:35:5c:e5:3d:49:57:f1:
48:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:AE:A7:59:7F:B8:3E:34:98:F7:2B:5F:A5:24:A8:0C:DE:D3:82:0D
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/6a6nWX-4PjSY9ytfpSSoDN7Tgg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.114.0/24
159.148.125.0/24
159.148.148.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:0a:57:25:27:14:57:01:96:40:51:28:c1:bf:93:86:60:d7:
4b:6f:04:34:1e:53:fe:65:f3:24:fd:c5:b1:a7:72:e8:85:98:
15:3c:78:7a:9f:42:f8:d5:ee:08:e0:86:dd:5d:f9:2d:62:0d:
61:dc:e6:eb:73:89:0c:f7:c3:4c:ec:f0:8a:8c:7b:ab:d9:1d:
46:60:45:9f:1e:b4:bb:8b:0a:75:bb:e4:f8:14:c1:0e:39:c2:
c0:09:ec:8c:a2:17:ae:71:08:87:a2:54:45:e9:b2:38:57:56:
e0:fb:d5:06:42:27:ca:a2:cb:12:93:23:89:a4:a8:d1:8b:9e:
9a:99:a9:27:43:05:a9:a4:8c:1f:e1:e1:09:d6:eb:b0:25:be:
9e:71:44:6f:cd:32:ec:a8:84:d7:dc:1e:33:a3:cc:b8:16:1a:
0c:11:e1:51:a5:b8:fb:b3:b4:52:f0:0d:41:26:65:83:6d:22:
36:1d:a8:59:11:63:43:fe:9c:ce:77:ab:f5:50:d4:1e:7f:49:
28:b6:f7:ff:b0:b7:86:94:01:14:a1:a2:ca:5d:84:64:68:50:
7a:59:06:ba:27:f0:d2:ba:e3:56:18:dd:fd:96:5b:53:bc:f2:
29:ce:4e:36:17:2b:c2:45:70:04:27:4c:ea:0e:5e:7e:a6:cb:
e7:a1:dc:2e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYOd1L5fqhiKddDrGWtHi/7CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjIxMDAzMTIzMTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWFlYTc1OTdmYjgzZTM0OThmNzJiNWZhNTI0YTgwY2RlZDM4MjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcreCRaAsCPr2c2O5ZfEEqDC0XRX
IHJenY6gcGefJ7Fb931ST9ifTCPuk4iajDMcsgUQkFyJwR9AsoB8phQ0D1T1lqJZ
Qf+ngXBTNOmo0HHGcAN9HqTsqPBqpWjx3RROf9tOdxaPTtDcu0uPCoQHkJbMZaaG
e752AiRIv6SrMldiEsEHkABpr0XVh7rLMAAIEqKXmh9yBoMSb+VjgTFnxAHUCwCP
tqD24DUxGeRX/q9iD+WFHH9F7GUqG4/VS1+sT+LV9nC4Y609dtIJGYP7/8MkeWWk
2kufV69X7S7rsawKNFLq2qqXbTOwvByPq3Mo8zsuPbR/ATVc5T1JV/FINQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOmup1l/uD40mPcrX6UkqAze04INMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvNmE2bldYLTRQalNZOXl0ZnBTU29ETjdUZ2cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAn5RyAwQA
n5R9AwQAn5SUMA0GCSqGSIb3DQEBCwUAA4IBAQBbClclJxRXAZZAUSjBv5OGYNdL
bwQ0HlP+ZfMk/cWxp3LohZgVPHh6n0L41e4I4IbdXfktYg1h3Obrc4kM98NM7PCK
jHur2R1GYEWfHrS7iwp1u+T4FMEOOcLACeyMoheucQiHolRF6bI4V1bg+9UGQifK
ossSkyOJpKjRi56amaknQwWppIwf4eEJ1uuwJb6ecURvzTLsqITX3B4zo8y4FhoM
EeFRpbj7s7RS8A1BJmWDbSI2HahZEWND/pzOd6v1UNQef0kotvf/sLeGlAEUoaLK
XYRkaFB6WQa6J/DSuuNWGN39lltTvPIpzk42FyvCRXAEJ0zqDl5+psvnodwu
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:37 2023 by rpki-client on console-ams.rpki-client.org