Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/L8-fIaW8sdWFpwFqKdkTNsmWaU0.roa
File: L8-fIaW8sdWFpwFqKdkTNsmWaU0.roa (raw, json)
Hash identifier: R9N+ssp06wZTU6yr9b9GUvgXxkj8VVi8W9cCOSiT2XI=
Subject key identifier: 2F:CF:9F:21:A5:BC:B1:D5:85:A7:01:6A:29:D9:13:36:C9:96:69:4D
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 38770BB0
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/L8-fIaW8sdWFpwFqKdkTNsmWaU0.roa
Signing time: Sat 01 Jan 2022 05:54:12 +0000
ROA not before: Sat 01 Jan 2022 05:54:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15684
IP address blocks: 159.148.208.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 947325872 (0x38770bb0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 1 05:54:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2fcf9f21a5bcb1d585a7016a29d91336c996694d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:94:e0:3d:f0:64:56:7a:e8:b1:6b:bc:1a:04:
f3:a4:39:0f:97:50:d3:86:e1:56:d7:b5:63:25:72:
f9:38:c9:5b:a6:0a:94:f2:26:7d:ab:94:04:c2:84:
68:27:7f:86:86:be:e0:1b:0e:d4:33:48:d8:cd:36:
98:4f:44:d2:3b:10:a2:3c:20:e3:2e:2d:5e:3f:a1:
ae:74:b6:3b:9e:2c:88:aa:d6:43:37:15:2d:2f:55:
dd:4a:48:9a:90:79:50:0e:1d:6e:f2:4f:d8:46:fe:
87:d1:6a:85:74:d5:1a:ff:84:fa:44:f0:54:5a:f3:
e3:ff:43:a3:cc:00:ef:37:ea:4b:1e:f1:1b:40:f2:
5e:95:3c:ec:d8:df:8b:cf:05:17:1a:5f:91:df:13:
ea:44:63:b9:53:72:bd:a5:6e:33:79:7a:43:1a:13:
2b:19:e1:42:d1:45:62:8f:b8:66:d1:7b:b5:82:77:
4e:5d:0d:e0:4f:0e:77:45:87:cd:19:63:a7:fe:ca:
59:68:2a:3d:cb:c0:28:f7:83:68:32:e1:d3:61:1f:
b7:1a:50:dd:e7:fd:77:7d:c9:f3:35:f6:e7:04:9d:
92:8c:20:a0:c6:70:74:13:41:e0:d6:d9:3b:0e:ae:
34:e0:bf:ee:50:bc:ff:d6:e1:94:7e:83:92:a4:20:
70:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:CF:9F:21:A5:BC:B1:D5:85:A7:01:6A:29:D9:13:36:C9:96:69:4D
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/L8-fIaW8sdWFpwFqKdkTNsmWaU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.208.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:d0:81:cd:e9:d5:13:9a:f5:5a:ae:10:71:3d:88:58:d5:8c:
62:f2:53:15:e1:65:9b:26:e7:31:7c:dd:fb:bd:20:7b:5e:c6:
94:60:e6:6e:a4:78:1a:59:dc:45:34:40:81:e9:1f:2f:cf:6c:
f1:87:ee:bf:c2:54:19:a2:26:fd:42:69:cc:d0:cb:02:e1:94:
fc:d9:f8:ba:37:d2:64:74:76:94:44:89:f6:33:ce:b2:84:1f:
99:df:39:65:b6:c3:ec:74:5e:36:07:64:f7:47:4d:1a:e0:9f:
3a:21:21:57:ad:fd:fb:d6:91:e3:a3:43:64:5a:e5:41:dc:64:
28:36:51:b9:b4:ee:83:a6:2c:89:d6:a6:40:46:8d:5a:4b:6d:
ac:7c:e4:81:c4:94:91:66:5d:75:12:28:83:ba:70:1c:72:8e:
3b:96:10:20:c4:eb:7c:4e:8e:c4:e9:fd:7b:f7:02:ef:5d:d5:
5c:d3:fa:4d:7d:a9:9a:ef:29:54:16:7b:bf:24:b4:e3:77:1b:
8d:2c:c6:50:27:e7:d6:43:6b:ab:7b:a5:4d:ff:22:7f:c3:7b:
56:95:42:74:b6:1a:97:4c:7f:78:81:19:8f:c5:0c:dd:77:b3:
6c:37:04:2d:81:f5:09:1e:a9:3c:9a:89:2d:a3:8d:e8:a4:2b:
80:62:f5:55
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOHcLsDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjA5NTJjOGJhOGRhZGIxZDM0ZGU2YzZhOTM4NjRhNjA5ZmM0MWVjMB4XDTIyMDEw
MTA1NTQxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmZjZjlmMjFhNWJj
YjFkNTg1YTcwMTZhMjlkOTEzMzZjOTk2Njk0ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOCU4D3wZFZ66LFrvBoE86Q5D5dQ04bhVte1YyVy+TjJW6YK
lPImfauUBMKEaCd/hoa+4BsO1DNI2M02mE9E0jsQojwg4y4tXj+hrnS2O54siKrW
QzcVLS9V3UpImpB5UA4dbvJP2Eb+h9FqhXTVGv+E+kTwVFrz4/9Do8wA7zfqSx7x
G0DyXpU87Njfi88FFxpfkd8T6kRjuVNyvaVuM3l6QxoTKxnhQtFFYo+4ZtF7tYJ3
Tl0N4E8Od0WHzRljp/7KWWgqPcvAKPeDaDLh02EftxpQ3ef9d33J8zX25wSdkowg
oMZwdBNB4NbZOw6uNOC/7lC8/9bhlH6DkqQgcB0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQvz58hpbyx1YWnAWop2RM2yZZpTTAfBgNVHSMEGDAWgBSrCVLIuo2tsdNN
5sapOGSmCfxB7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3F3bFN5THFOcmJIVFRlYkdxVGhrcGduOFFldy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGUvMzU1NWZlLTEyY2QtNDAyYS1hODEwLTU1NTRkNmUxNjg2Zi8x
L0w4LWZJYVc4c2RXRnB3RnFLZGtUTnNtV2FVMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUv
MzU1NWZlLTEyY2QtNDAyYS1hODEwLTU1NTRkNmUxNjg2Zi8xL3F3bFN5THFOcmJI
VFRlYkdxVGhrcGduOFFldy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJ+U0DANBgkqhkiG9w0BAQsFAAOC
AQEAw9CBzenVE5r1Wq4QcT2IWNWMYvJTFeFlmybnMXzd+70ge17GlGDmbqR4Glnc
RTRAgekfL89s8Yfuv8JUGaIm/UJpzNDLAuGU/Nn4ujfSZHR2lESJ9jPOsoQfmd85
ZbbD7HReNgdk90dNGuCfOiEhV639+9aR46NDZFrlQdxkKDZRubTug6YsidamQEaN
WkttrHzkgcSUkWZddRIog7pwHHKOO5YQIMTrfE6OxOn9e/cC713VXNP6TX2pmu8p
VBZ7vyS043cbjSzGUCfn1kNrq3ulTf8if8N7VpVCdLYal0x/eIEZj8UM3XezbDcE
LYH1CR6pPJqJLaON6KQrgGL1VQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:37 2023 by rpki-client on console-ams.rpki-client.org