Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/H6OYldbB6NaZMWeMmoq185uMLKU.roa
File: H6OYldbB6NaZMWeMmoq185uMLKU.roa (raw, json)
Hash identifier: EipXYVOauJtUMTJyFjVYO2zBguznbxWLf1DnlYjIIdg=
Subject key identifier: 1F:A3:98:95:D6:C1:E8:D6:99:31:67:8C:9A:8A:B5:F3:9B:8C:2C:A5
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 3889C749
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/H6OYldbB6NaZMWeMmoq185uMLKU.roa
Signing time: Sat 01 Jan 2022 05:54:23 +0000
ROA not before: Sat 01 Jan 2022 05:54:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59993
IP address blocks: 159.148.121.0/24 maxlen: 24
159.148.129.0/24 maxlen: 24
159.148.134.0/24 maxlen: 24
159.148.140.0/24 maxlen: 24
159.148.143.0/24 maxlen: 24
159.148.149.0/24 maxlen: 24
159.148.159.0/24 maxlen: 24
159.148.77.0/24 maxlen: 24
159.148.73.0/24 maxlen: 24
159.148.74.0/24 maxlen: 24
159.148.98.0/24 maxlen: 24
159.148.226.0/24 maxlen: 24
159.148.243.0/24 maxlen: 24
159.148.242.0/24 maxlen: 24
159.148.182.0/24 maxlen: 24
159.148.183.0/24 maxlen: 24
159.148.185.0/24 maxlen: 24
159.148.204.0/24 maxlen: 24
159.148.201.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 948553545 (0x3889c749)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 1 05:54:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1fa39895d6c1e8d69931678c9a8ab5f39b8c2ca5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:a7:7c:6a:84:4c:07:7f:85:98:df:dd:18:df:
50:fb:39:e2:24:49:fc:32:5f:ea:3c:a3:c1:5a:6f:
7e:d3:29:bf:21:1a:9d:ba:10:6f:82:1e:dd:9f:04:
ed:b2:98:89:91:87:85:83:0e:04:13:07:a3:d0:38:
22:73:80:0e:9d:ad:9a:64:c8:08:13:57:91:53:44:
0e:99:6a:b3:88:91:db:b2:90:e4:de:f7:91:d7:a6:
ba:f4:72:06:72:22:10:ad:4a:48:83:05:89:3e:43:
55:8b:6e:ae:d3:bd:ef:5e:ac:2c:9b:7c:5b:07:70:
ed:8c:1e:1b:3b:61:c3:63:e0:84:18:c1:b3:75:de:
29:3f:3a:c6:27:cc:b3:ac:63:93:dd:b5:b8:71:0a:
1b:c4:59:c1:22:2c:8c:b7:63:48:7e:ea:a3:44:d2:
b3:d4:bb:84:ec:9c:99:ec:35:5d:7b:b0:68:cd:dc:
15:e2:30:df:eb:6c:86:30:f6:90:b4:a2:5d:d0:1a:
65:20:af:d7:c7:4e:f5:56:98:3b:3e:46:42:45:88:
8d:2e:92:b1:68:6b:a3:11:a1:be:81:20:fb:7e:4a:
97:4b:1f:e1:93:be:6b:a2:0b:d9:61:18:46:ee:a9:
28:c3:49:e5:13:f5:79:15:6e:f9:4b:02:36:8d:a6:
8a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:A3:98:95:D6:C1:E8:D6:99:31:67:8C:9A:8A:B5:F3:9B:8C:2C:A5
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/H6OYldbB6NaZMWeMmoq185uMLKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.73.0-159.148.74.255
159.148.77.0/24
159.148.98.0/24
159.148.121.0/24
159.148.129.0/24
159.148.134.0/24
159.148.140.0/24
159.148.143.0/24
159.148.149.0/24
159.148.159.0/24
159.148.182.0/23
159.148.185.0/24
159.148.201.0/24
159.148.204.0/24
159.148.226.0/24
159.148.242.0/23
Signature Algorithm: sha256WithRSAEncryption
8f:2d:7f:99:66:c0:c4:f9:d3:a7:7c:21:37:83:58:6c:91:a7:
ef:c9:8d:a7:05:bd:0e:d0:94:ce:ee:7b:3f:41:96:19:e3:b3:
7e:48:71:ec:93:df:45:bf:f7:71:85:4d:a1:cc:e5:ff:67:6c:
4f:23:96:e3:3f:aa:bf:4f:76:1c:4b:d2:1c:40:04:5b:47:a0:
d3:15:32:af:14:ef:41:c2:48:49:79:a9:bd:1f:4e:1c:87:ef:
84:30:ed:b8:e3:16:2b:a9:be:82:88:6b:b0:0b:6a:23:f8:c3:
cf:2d:19:9a:79:fa:b1:ed:31:0e:36:b2:4d:8f:a6:d2:98:87:
dc:97:8e:b7:a5:e5:c4:f3:6e:ee:5d:5e:55:c1:52:d8:1f:5a:
a3:e7:94:c1:be:21:24:ca:45:5a:63:2b:b0:e9:15:b2:a1:3b:
39:31:c8:22:19:9d:64:32:79:5c:ec:97:02:91:64:98:ef:0a:
00:40:c6:ae:5b:e4:a1:b3:23:19:8e:68:9d:94:93:12:aa:c0:
80:26:ec:ea:43:9b:b0:db:af:28:70:8d:43:db:54:5c:0a:cb:
7c:33:64:1d:b6:39:66:85:f3:7c:b8:62:34:e2:f8:7a:61:2d:
4a:31:cc:48:c2:65:d4:33:2a:84:b2:6f:d5:b1:aa:79:8e:72:
7d:f2:1d:b9
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgIEOInHSTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjA5NTJjOGJhOGRhZGIxZDM0ZGU2YzZhOTM4NjRhNjA5ZmM0MWVjMB4XDTIyMDEw
MTA1NTQyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWZhMzk4OTVkNmMx
ZThkNjk5MzE2NzhjOWE4YWI1ZjM5YjhjMmNhNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANSnfGqETAd/hZjf3RjfUPs54iRJ/DJf6jyjwVpvftMpvyEa
nboQb4Ie3Z8E7bKYiZGHhYMOBBMHo9A4InOADp2tmmTICBNXkVNEDplqs4iR27KQ
5N73kdemuvRyBnIiEK1KSIMFiT5DVYturtO9716sLJt8Wwdw7YweGzthw2PghBjB
s3XeKT86xifMs6xjk921uHEKG8RZwSIsjLdjSH7qo0TSs9S7hOycmew1XXuwaM3c
FeIw3+tshjD2kLSiXdAaZSCv18dO9VaYOz5GQkWIjS6SsWhroxGhvoEg+35Kl0sf
4ZO+a6IL2WEYRu6pKMNJ5RP1eRVu+UsCNo2miokCAwEAAaOCAmwwggJoMB0GA1Ud
DgQWBBQfo5iV1sHo1pkxZ4yairXzm4wspTAfBgNVHSMEGDAWgBSrCVLIuo2tsdNN
5sapOGSmCfxB7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3F3bFN5THFOcmJIVFRlYkdxVGhrcGduOFFldy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGUvMzU1NWZlLTEyY2QtNDAyYS1hODEwLTU1NTRkNmUxNjg2Zi8x
L0g2T1lsZGJCNk5hWk1XZU1tb3ExODV1TUxLVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUv
MzU1NWZlLTEyY2QtNDAyYS1hODEwLTU1NTRkNmUxNjg2Zi8xL3F3bFN5THFOcmJI
VFRlYkdxVGhrcGduOFFldy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
gQYIKwYBBQUHAQcBAf8EcjBwMG4EAgABMGgwDAMEAJ+USQMEAJ+USgMEAJ+UTQME
AJ+UYgMEAJ+UeQMEAJ+UgQMEAJ+UhgMEAJ+UjAMEAJ+UjwMEAJ+UlQMEAJ+UnwME
AZ+UtgMEAJ+UuQMEAJ+UyQMEAJ+UzAMEAJ+U4gMEAZ+U8jANBgkqhkiG9w0BAQsF
AAOCAQEAjy1/mWbAxPnTp3whN4NYbJGn78mNpwW9DtCUzu57P0GWGeOzfkhx7JPf
Rb/3cYVNoczl/2dsTyOW4z+qv092HEvSHEAEW0eg0xUyrxTvQcJISXmpvR9OHIfv
hDDtuOMWK6m+gohrsAtqI/jDzy0Zmnn6se0xDjayTY+m0piH3JeOt6XlxPNu7l1e
VcFS2B9ao+eUwb4hJMpFWmMrsOkVsqE7OTHIIhmdZDJ5XOyXApFkmO8KAEDGrlvk
obMjGY5onZSTEqrAgCbs6kObsNuvKHCNQ9tUXArLfDNkHbY5ZoXzfLhiNOL4emEt
SjHMSMJl1DMqhLJv1bGqeY5yffIduQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:37 2023 by rpki-client on console-ams.rpki-client.org