Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Teghzprccp4moCsR7OvV9A8m_pY.roa
File: Teghzprccp4moCsR7OvV9A8m_pY.roa (raw, json)
Hash identifier: FqelJaifvUvXLMpY7167LHipyh2iWQ9eaBVUBEKPm94=
Subject key identifier: 4D:E8:21:CE:9A:DC:72:9E:26:A0:2B:11:EC:EB:D5:F4:0F:26:FE:96
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 39A955AA
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Teghzprccp4moCsR7OvV9A8m_pY.roa
Signing time: Fri 22 Apr 2022 14:42:07 +0000
ROA not before: Fri 22 Apr 2022 14:42:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 159.148.224.0/23 maxlen: 23
85.254.42.0/23 maxlen: 23
85.254.62.0/23 maxlen: 23
85.254.64.0/23 maxlen: 23
159.148.166.0/23 maxlen: 23
85.254.8.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 967398826 (0x39a955aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Apr 22 14:42:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4de821ce9adc729e26a02b11ecebd5f40f26fe96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:a1:96:7b:be:1d:85:01:07:32:cc:32:fe:bd:
c8:ae:86:99:51:06:c3:ef:d5:79:3d:e8:1f:e4:5d:
f1:b1:e5:64:fe:e0:19:00:93:a1:6c:34:c7:e5:03:
4c:6e:eb:ca:8e:14:45:ff:46:2e:76:86:16:5b:c1:
db:35:22:09:c2:be:77:50:5f:9c:be:09:ad:33:42:
21:1e:de:e0:9d:78:2b:03:83:e5:a6:e2:5d:10:54:
92:52:8f:89:51:a1:6b:68:05:6b:96:41:07:70:21:
33:9b:9b:e1:f0:92:d6:7e:3d:d0:f5:32:b1:07:ff:
29:2b:db:37:39:7e:48:7c:d0:39:2a:c5:2f:c6:b1:
6f:b8:e2:c6:a2:c2:81:9c:6f:fa:63:3e:d2:cb:de:
b1:11:49:11:e1:cb:c5:92:4b:97:a4:dc:77:28:fc:
86:9e:12:c9:03:f7:66:4f:f8:5e:e6:d0:ea:b4:7f:
97:90:d3:6b:7d:47:c5:ff:65:0f:a2:e1:f0:31:08:
8d:c8:81:10:2c:8b:e4:2a:0c:8f:b0:df:de:30:9b:
b7:1f:eb:f0:14:0f:49:53:5d:eb:27:f0:00:91:0f:
c4:a2:59:a9:f9:23:85:19:3d:87:e7:12:f8:90:02:
8d:cf:2b:85:16:22:e4:3c:a6:8d:0a:2f:bc:6e:59:
76:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:E8:21:CE:9A:DC:72:9E:26:A0:2B:11:EC:EB:D5:F4:0F:26:FE:96
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Teghzprccp4moCsR7OvV9A8m_pY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.8.0/21
85.254.42.0/23
85.254.62.0-85.254.65.255
159.148.166.0/23
159.148.224.0/23
Signature Algorithm: sha256WithRSAEncryption
b2:71:70:91:ef:ae:1c:71:2c:19:5c:c7:84:9c:b1:fb:5c:e1:
97:ef:9b:99:ef:b1:88:d3:f6:71:c8:23:75:97:15:78:59:41:
56:15:77:71:e7:b0:a6:39:37:00:51:c7:ec:d0:a7:d6:71:4e:
5f:e8:c4:b2:5e:3e:df:0c:aa:82:68:2c:53:17:89:36:48:89:
3b:50:93:d3:cb:84:cf:80:9c:07:bb:7e:94:ca:ea:bc:04:13:
4f:3a:b5:e9:ec:76:22:6f:6e:fa:55:79:96:09:e8:e9:49:46:
ea:6c:58:90:82:15:82:e7:ca:17:a3:99:c9:0b:36:8a:5d:ff:
57:88:17:df:64:e6:58:28:7c:c3:43:77:a9:50:01:db:c5:1b:
b6:82:38:9c:1a:be:99:5c:c5:57:28:85:ad:3f:34:97:31:0d:
ce:d4:eb:ac:48:88:b5:d9:69:30:86:c9:d1:e0:e5:a5:d0:44:
07:31:6f:4b:6c:1f:0c:91:d0:eb:c1:2e:a3:fd:30:c2:33:04:
5e:67:a1:ad:aa:e7:ba:53:82:76:a1:48:e3:ce:1e:4d:ec:b4:
c7:bc:04:23:05:79:e2:f4:2a:aa:82:66:9f:f5:09:24:dc:c0:
49:27:c0:ce:32:63:d6:d7:ce:6f:99:db:2b:50:3a:76:fc:55:
eb:16:8a:27
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIEOalVqjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjA5NTJjOGJhOGRhZGIxZDM0ZGU2YzZhOTM4NjRhNjA5ZmM0MWVjMB4XDTIyMDQy
MjE0NDIwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGRlODIxY2U5YWRj
NzI5ZTI2YTAyYjExZWNlYmQ1ZjQwZjI2ZmU5NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOmhlnu+HYUBBzLMMv69yK6GmVEGw+/VeT3oH+Rd8bHlZP7g
GQCToWw0x+UDTG7ryo4URf9GLnaGFlvB2zUiCcK+d1BfnL4JrTNCIR7e4J14KwOD
5abiXRBUklKPiVGha2gFa5ZBB3AhM5ub4fCS1n490PUysQf/KSvbNzl+SHzQOSrF
L8axb7jixqLCgZxv+mM+0svesRFJEeHLxZJLl6Tcdyj8hp4SyQP3Zk/4XubQ6rR/
l5DTa31Hxf9lD6Lh8DEIjciBECyL5CoMj7Df3jCbtx/r8BQPSVNd6yfwAJEPxKJZ
qfkjhRk9h+cS+JACjc8rhRYi5DymjQovvG5Zdl8CAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBRN6CHOmtxyniagKxHs69X0Dyb+ljAfBgNVHSMEGDAWgBSrCVLIuo2tsdNN
5sapOGSmCfxB7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3F3bFN5THFOcmJIVFRlYkdxVGhrcGduOFFldy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGUvMzU1NWZlLTEyY2QtNDAyYS1hODEwLTU1NTRkNmUxNjg2Zi8x
L1RlZ2h6cHJjY3A0bW9Dc1I3T3ZWOUE4bV9wWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUv
MzU1NWZlLTEyY2QtNDAyYS1hODEwLTU1NTRkNmUxNjg2Zi8xL3F3bFN5THFOcmJI
VFRlYkdxVGhrcGduOFFldy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wLAQCAAEwJgMEA1X+CAMEAVX+KjAMAwQBVf4+AwQB
Vf5AAwQBn5SmAwQBn5TgMA0GCSqGSIb3DQEBCwUAA4IBAQCycXCR764ccSwZXMeE
nLH7XOGX75uZ77GI0/ZxyCN1lxV4WUFWFXdx57CmOTcAUcfs0KfWcU5f6MSyXj7f
DKqCaCxTF4k2SIk7UJPTy4TPgJwHu36Uyuq8BBNPOrXp7HYib276VXmWCejpSUbq
bFiQghWC58oXo5nJCzaKXf9XiBffZOZYKHzDQ3epUAHbxRu2gjicGr6ZXMVXKIWt
PzSXMQ3O1OusSIi12WkwhsnR4OWl0EQHMW9LbB8MkdDrwS6j/TDCMwReZ6Gtque6
U4J2oUjjzh5N7LTHvAQjBXni9Cqqgmaf9Qkk3MBJJ8DOMmPW185vmdsrUDp2/FXr
Foon
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:37 2023 by rpki-client on console-ams.rpki-client.org