Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/A5lhk76n0s5Wl1YXbTZbzEIwmL4.roa
File: A5lhk76n0s5Wl1YXbTZbzEIwmL4.roa (raw, json)
Hash identifier: TL7I4ZGy5Hr3AW/8RICOxzaxJu3Ak/+fjRCYP82yzxI=
Subject key identifier: 03:99:61:93:BE:A7:D2:CE:56:97:56:17:6D:36:5B:CC:42:30:98:BE
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 0184A8AA7DDD810D3AFDD01AB1B6E8BFB6F2
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/A5lhk76n0s5Wl1YXbTZbzEIwmL4.roa
Signing time: Thu 24 Nov 2022 08:04:16 +0000
ROA not before: Thu 24 Nov 2022 08:04:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 159.148.224.0/23 maxlen: 23
85.254.42.0/23 maxlen: 23
85.254.64.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a8:aa:7d:dd:81:0d:3a:fd:d0:1a:b1:b6:e8:bf:b6:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Nov 24 08:04:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=03996193bea7d2ce569756176d365bcc423098be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:38:40:27:63:df:f0:d3:14:24:9b:00:7e:98:
46:54:c6:7e:9f:28:86:ab:66:4b:e0:c8:4b:0b:dd:
a4:f0:0b:58:02:53:51:0a:c8:c1:1e:df:e8:92:c5:
63:76:78:e5:79:fe:91:d1:99:ca:6d:7e:4d:e2:2e:
ec:76:b6:88:db:22:87:fa:92:33:29:4d:07:c3:89:
e2:a8:41:60:a0:b7:cf:7d:3c:89:91:7c:17:6d:d6:
0f:27:56:ca:92:cd:d4:51:9d:ba:50:84:76:8c:d8:
fe:eb:63:b7:1f:b5:f7:3c:40:55:c5:24:c8:b3:4a:
f5:1b:86:ba:2f:4b:c9:85:6e:df:98:de:0f:c2:89:
c2:2f:7a:90:7a:6b:5a:54:e9:38:24:db:cc:df:cb:
cf:0e:0f:f7:7b:18:e1:47:f5:6e:b5:03:9e:72:2e:
36:3c:01:e0:8f:c5:40:48:00:03:b9:19:89:86:e5:
b5:82:c8:e7:9f:bd:eb:87:5e:5b:9e:d2:55:72:4f:
38:7e:71:57:ad:63:3c:6f:1f:71:ff:01:b7:5f:e1:
ef:25:1f:e4:d4:f7:7c:77:6d:3e:42:0e:b8:8f:5f:
de:7c:76:1e:04:ac:99:bf:89:55:e9:9a:e1:78:f9:
41:f1:25:bd:24:08:b7:c0:de:4f:73:12:49:49:16:
14:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:99:61:93:BE:A7:D2:CE:56:97:56:17:6D:36:5B:CC:42:30:98:BE
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/A5lhk76n0s5Wl1YXbTZbzEIwmL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.42.0/23
85.254.64.0/23
159.148.224.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:82:fe:a4:6e:b2:da:2d:cc:19:f5:06:88:25:23:99:01:08:
5e:d8:e6:61:de:92:0d:a6:9f:9d:73:82:12:6e:18:87:f0:30:
c6:be:04:4a:27:97:ab:75:6c:b8:2c:39:2e:ab:87:be:ac:d5:
8a:03:57:df:21:cb:da:8c:ae:fb:13:28:c8:f4:4f:61:35:40:
7b:9b:9d:49:ae:e4:fa:ce:84:38:5e:12:62:ab:99:c3:83:4f:
71:6d:b9:81:46:e7:62:5a:85:f4:32:e6:09:5b:0a:e0:be:1e:
59:3a:4d:6f:87:5b:ae:7d:1c:ab:c0:59:f3:73:20:12:53:68:
04:ba:f9:1e:62:9d:73:1c:10:01:52:2f:60:73:ba:6c:8e:a8:
17:93:19:63:aa:1e:5b:11:28:ed:2e:70:d7:73:6f:36:b9:d5:
72:a6:48:ae:de:28:42:15:e7:ad:00:06:fa:fc:50:e1:f1:34:
1a:4a:dc:08:2e:2e:6f:be:9b:45:b2:32:54:89:0a:d0:c4:8d:
1a:33:9d:24:2a:94:2c:f8:67:fd:02:a6:e5:ad:31:72:11:b3:
3b:d9:96:b8:64:c2:63:61:cb:a3:dc:8c:fb:fb:2f:52:24:a7:
cf:67:55:f3:27:82:ab:9f:0a:29:0e:a9:c0:4a:9e:83:ca:2f:
06:93:e5:a5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYSoqn3dgQ06/dAasbbov7byMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjIxMTI0MDgwNDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzk5NjE5M2JlYTdkMmNlNTY5NzU2MTc2ZDM2NWJjYzQyMzA5OGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjhAJ2Pf8NMUJJsAfphGVMZ+nyiG
q2ZL4MhLC92k8AtYAlNRCsjBHt/oksVjdnjlef6R0ZnKbX5N4i7sdraI2yKH+pIz
KU0Hw4niqEFgoLfPfTyJkXwXbdYPJ1bKks3UUZ26UIR2jNj+62O3H7X3PEBVxSTI
s0r1G4a6L0vJhW7fmN4PwonCL3qQemtaVOk4JNvM38vPDg/3exjhR/VutQOeci42
PAHgj8VASAADuRmJhuW1gsjnn73rh15bntJVck84fnFXrWM8bx9x/wG3X+HvJR/k
1Pd8d20+Qg64j1/efHYeBKyZv4lV6ZrhePlB8SW9JAi3wN5PcxJJSRYUOwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAOZYZO+p9LOVpdWF202W8xCMJi+MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvQTVsaGs3Nm4wczVXbDFZWGJUWmJ6RUl3bUw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVf4qAwQB
Vf5AAwQBn5TgMA0GCSqGSIb3DQEBCwUAA4IBAQBegv6kbrLaLcwZ9QaIJSOZAQhe
2OZh3pINpp+dc4ISbhiH8DDGvgRKJ5erdWy4LDkuq4e+rNWKA1ffIcvajK77EyjI
9E9hNUB7m51JruT6zoQ4XhJiq5nDg09xbbmBRudiWoX0MuYJWwrgvh5ZOk1vh1uu
fRyrwFnzcyASU2gEuvkeYp1zHBABUi9gc7psjqgXkxljqh5bESjtLnDXc282udVy
pkiu3ihCFeetAAb6/FDh8TQaStwILi5vvptFsjJUiQrQxI0aM50kKpQs+Gf9Aqbl
rTFyEbM72Za4ZMJjYcuj3Iz7+y9SJKfPZ1XzJ4KrnwopDqnASp6Dyi8Gk+Wl
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:37 2023 by rpki-client on console-ams.rpki-client.org