Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/CwqLYQJnt1pSh-t7zi_jHso8Ico.roa
File: CwqLYQJnt1pSh-t7zi_jHso8Ico.roa (raw, json)
Hash identifier: YKYgG5ZHmdCeAqbLncFb51/gbJ6oH21vIRGk2ByucfU=
Subject key identifier: 0B:0A:8B:61:02:67:B7:5A:52:87:EB:7B:CE:2F:E3:1E:CA:3C:21:CA
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 387956A9
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/CwqLYQJnt1pSh-t7zi_jHso8Ico.roa
Signing time: Sat 01 Jan 2022 05:54:14 +0000
ROA not before: Sat 01 Jan 2022 05:54:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20548
IP address blocks: 159.148.23.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 947476137 (0x387956a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 1 05:54:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0b0a8b610267b75a5287eb7bce2fe31eca3c21ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:75:46:66:e3:fc:84:33:9d:d5:80:f8:d3:20:
2b:75:ad:1b:e3:01:a3:2e:ca:19:26:da:2f:00:a5:
01:67:4c:4d:14:d6:06:23:78:57:09:a3:7b:59:72:
89:63:29:51:56:c9:2a:bf:d0:94:d0:a4:de:25:b8:
86:b2:b5:0d:23:b8:ef:77:68:37:8d:74:01:aa:d7:
35:53:75:05:8c:95:24:8a:64:a9:59:b9:c3:db:69:
d8:4f:22:70:ee:e4:61:9f:28:3d:e1:67:44:f8:72:
61:90:7f:74:5a:80:60:ce:93:c8:51:be:35:9c:f2:
74:61:3e:d1:1d:bb:94:63:ed:aa:94:04:d5:a4:3a:
39:1f:5a:6a:ec:a0:66:c7:2d:37:94:e4:8d:5f:f5:
c2:5f:73:69:d7:db:95:33:04:46:5d:5c:55:8e:27:
24:5e:9e:73:83:22:59:4a:79:33:8f:88:79:63:b2:
b6:9d:cc:ac:fc:1a:6a:1a:07:f7:79:6c:f5:85:76:
42:59:89:a2:b5:d2:c3:98:8e:4d:c4:78:17:8e:81:
6f:c5:79:53:99:87:37:38:23:ea:6f:32:48:7b:e8:
3e:17:de:7e:5a:c9:dd:c0:67:59:14:13:b8:0a:11:
9b:a6:cd:86:1e:32:7f:3a:06:e7:eb:fd:06:52:5c:
3e:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:0A:8B:61:02:67:B7:5A:52:87:EB:7B:CE:2F:E3:1E:CA:3C:21:CA
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/CwqLYQJnt1pSh-t7zi_jHso8Ico.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.23.0/24
Signature Algorithm: sha256WithRSAEncryption
41:59:b8:d9:3f:45:a3:8c:57:64:9e:55:23:c1:a4:bd:8e:79:
40:91:66:e5:27:1a:fe:bf:8b:77:e2:30:53:75:16:e7:19:3f:
b2:1e:44:61:04:bd:63:96:e8:26:98:95:52:b0:66:84:15:45:
a1:f0:92:79:e1:93:87:95:a6:6d:af:94:d7:23:58:bb:da:37:
ce:69:8d:8e:c3:87:43:03:bb:ab:35:bc:0b:1f:97:bd:ee:71:
09:13:e3:12:25:ad:cf:7b:3c:76:44:10:e8:da:98:41:25:af:
3c:e5:7d:94:f3:6c:d6:8e:b7:17:ad:be:e1:f1:44:c9:82:34:
17:de:5e:dd:21:ce:96:73:e1:6c:4f:0e:14:cc:47:76:7f:5d:
eb:71:18:5d:4d:5e:58:cf:c0:32:d2:9a:64:19:44:2c:a6:82:
76:e9:82:b3:0c:cd:c8:58:36:f6:fd:14:4a:9e:9e:bd:eb:f1:
e7:98:91:94:12:c9:6f:bd:63:45:f8:d1:60:dd:54:d4:bc:cc:
83:6f:5f:bd:54:4e:8b:d8:c1:ad:d1:22:02:90:94:ac:45:04:
06:ef:bb:0b:54:c3:f2:a8:47:1b:c3:7a:1c:ce:e6:ac:fb:6b:
da:f2:aa:22:35:ce:73:c7:73:ff:32:00:6e:3e:89:39:61:89:
27:5e:77:d1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOHlWqTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjA5NTJjOGJhOGRhZGIxZDM0ZGU2YzZhOTM4NjRhNjA5ZmM0MWVjMB4XDTIyMDEw
MTA1NTQxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGIwYThiNjEwMjY3
Yjc1YTUyODdlYjdiY2UyZmUzMWVjYTNjMjFjYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKB1Rmbj/IQzndWA+NMgK3WtG+MBoy7KGSbaLwClAWdMTRTW
BiN4Vwmje1lyiWMpUVbJKr/QlNCk3iW4hrK1DSO473doN410AarXNVN1BYyVJIpk
qVm5w9tp2E8icO7kYZ8oPeFnRPhyYZB/dFqAYM6TyFG+NZzydGE+0R27lGPtqpQE
1aQ6OR9aauygZsctN5TkjV/1wl9zadfblTMERl1cVY4nJF6ec4MiWUp5M4+IeWOy
tp3MrPwaahoH93ls9YV2QlmJorXSw5iOTcR4F46Bb8V5U5mHNzgj6m8ySHvoPhfe
flrJ3cBnWRQTuAoRm6bNhh4yfzoG5+v9BlJcPm8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQLCothAme3WlKH63vOL+MeyjwhyjAfBgNVHSMEGDAWgBSrCVLIuo2tsdNN
5sapOGSmCfxB7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3F3bFN5THFOcmJIVFRlYkdxVGhrcGduOFFldy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGUvMzU1NWZlLTEyY2QtNDAyYS1hODEwLTU1NTRkNmUxNjg2Zi8x
L0N3cUxZUUpudDFwU2gtdDd6aV9qSHNvOEljby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUv
MzU1NWZlLTEyY2QtNDAyYS1hODEwLTU1NTRkNmUxNjg2Zi8xL3F3bFN5THFOcmJI
VFRlYkdxVGhrcGduOFFldy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJ+UFzANBgkqhkiG9w0BAQsFAAOC
AQEAQVm42T9Fo4xXZJ5VI8GkvY55QJFm5Sca/r+Ld+IwU3UW5xk/sh5EYQS9Y5bo
JpiVUrBmhBVFofCSeeGTh5Wmba+U1yNYu9o3zmmNjsOHQwO7qzW8Cx+Xve5xCRPj
EiWtz3s8dkQQ6NqYQSWvPOV9lPNs1o63F62+4fFEyYI0F95e3SHOlnPhbE8OFMxH
dn9d63EYXU1eWM/AMtKaZBlELKaCdumCswzNyFg29v0USp6evevx55iRlBLJb71j
RfjRYN1U1LzMg29fvVROi9jBrdEiApCUrEUEBu+7C1TD8qhHG8N6HM7mrPtr2vKq
IjXOc8dz/zIAbj6JOWGJJ1530Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:45 2023 by rpki-client on console-fra.rpki-client.org