Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/YuXDzmJZ1LddD3t6sNqPDbEBPAI.roa
File: YuXDzmJZ1LddD3t6sNqPDbEBPAI.roa (raw, json)
Hash identifier: ZGxwrxl6SZo7kwV0mU8xwzhpvvSSC6KwSJUr0LDu3WE=
Subject key identifier: 62:E5:C3:CE:62:59:D4:B7:5D:0F:7B:7A:B0:DA:8F:0D:B1:01:3C:02
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 388CA576
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/YuXDzmJZ1LddD3t6sNqPDbEBPAI.roa
Signing time: Sat 01 Jan 2022 05:54:23 +0000
ROA not before: Sat 01 Jan 2022 05:54:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60324
IP address blocks: 159.148.191.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 948741494 (0x388ca576)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 1 05:54:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62e5c3ce6259d4b75d0f7b7ab0da8f0db1013c02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:03:0a:27:9d:df:dd:11:fb:12:49:83:3b:a7:
e4:6e:a8:e0:77:c5:26:db:3d:f9:06:dd:1e:53:ba:
0b:d5:a9:8b:d9:f8:f4:08:78:86:a6:f3:4d:be:de:
5a:52:c9:05:ca:12:19:b3:e2:34:e1:b9:81:33:98:
d3:96:3d:40:36:a8:a3:9d:ce:7d:82:4f:08:13:15:
9d:43:92:24:9b:24:5d:f6:3c:45:b3:72:e8:4d:71:
f4:8a:ce:25:5e:31:d9:6b:16:df:9f:f8:81:e4:ba:
b6:d6:1d:a2:ec:a9:49:6d:b7:d0:52:44:ee:41:08:
48:c6:9d:b6:97:4c:93:08:4d:8a:fd:1d:06:52:77:
21:7d:6a:86:b7:29:e5:b4:78:a6:ae:3a:5d:2f:88:
e0:5b:d1:a3:e0:37:cc:98:88:98:c0:4a:14:2d:e6:
a7:ed:02:c5:ae:ca:6a:5f:b3:16:96:6c:05:c3:47:
35:cd:9a:9d:ed:db:59:b0:ab:90:e4:61:e9:30:f0:
52:28:58:82:91:1d:5f:e0:cc:54:b2:53:af:24:5d:
ee:9e:09:a8:86:9a:b8:97:7b:e6:63:a7:8c:11:8e:
b7:ff:f2:39:57:a9:85:03:1c:25:bc:42:5d:d8:12:
f0:68:7f:58:33:3c:a9:00:36:20:6f:da:1e:21:cd:
65:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:E5:C3:CE:62:59:D4:B7:5D:0F:7B:7A:B0:DA:8F:0D:B1:01:3C:02
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/YuXDzmJZ1LddD3t6sNqPDbEBPAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.191.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:51:9f:19:7c:83:4d:fb:c4:21:9c:f4:10:68:4a:8f:0d:6c:
42:85:8d:28:2b:d1:fa:46:15:40:31:24:6c:6d:a7:93:ea:41:
0a:c4:de:55:8a:b2:db:6a:01:88:08:f0:7a:32:47:fa:e3:c2:
b8:57:cc:31:22:c4:a9:e6:bf:3d:f2:44:c7:ba:f0:26:a2:e7:
cb:3a:a3:0a:db:aa:89:fd:df:1e:52:9d:40:28:e1:55:c2:73:
8b:01:8f:6a:90:bf:0b:ee:c8:a1:3f:a9:30:ca:ab:64:4e:9c:
3f:de:99:2d:19:45:a4:85:73:fc:bc:50:68:10:8d:14:87:a6:
44:20:5c:1c:8e:5e:19:66:c5:3c:c5:fc:82:81:dc:2b:cb:4e:
09:44:2c:54:aa:0f:9a:cf:32:c8:b1:11:51:56:fe:26:24:99:
a6:9f:45:db:0a:fb:61:3f:12:40:66:cb:f0:33:ea:3e:d0:28:
3a:e5:34:24:1b:a0:65:5a:ae:97:88:c6:ae:00:38:43:fd:30:
e4:c2:12:15:f6:1c:be:a3:23:1b:da:94:de:63:fe:6b:22:d1:
a5:81:da:fd:76:21:cc:9d:be:4c:13:3d:80:f8:d9:6c:93:4c:
cd:45:70:20:e8:60:ac:28:8c:c0:5a:34:d2:0d:df:6a:19:76:
d7:a8:56:cf
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOIyldjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjA5NTJjOGJhOGRhZGIxZDM0ZGU2YzZhOTM4NjRhNjA5ZmM0MWVjMB4XDTIyMDEw
MTA1NTQyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjJlNWMzY2U2MjU5
ZDRiNzVkMGY3YjdhYjBkYThmMGRiMTAxM2MwMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKgDCied390R+xJJgzun5G6o4HfFJts9+QbdHlO6C9Wpi9n4
9Ah4hqbzTb7eWlLJBcoSGbPiNOG5gTOY05Y9QDaoo53OfYJPCBMVnUOSJJskXfY8
RbNy6E1x9IrOJV4x2WsW35/4geS6ttYdouypSW230FJE7kEISMadtpdMkwhNiv0d
BlJ3IX1qhrcp5bR4pq46XS+I4FvRo+A3zJiImMBKFC3mp+0Cxa7Kal+zFpZsBcNH
Nc2ane3bWbCrkORh6TDwUihYgpEdX+DMVLJTryRd7p4JqIaauJd75mOnjBGOt//y
OVephQMcJbxCXdgS8Gh/WDM8qQA2IG/aHiHNZZUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRi5cPOYlnUt10Pe3qw2o8NsQE8AjAfBgNVHSMEGDAWgBSrCVLIuo2tsdNN
5sapOGSmCfxB7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3F3bFN5THFOcmJIVFRlYkdxVGhrcGduOFFldy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGUvMzU1NWZlLTEyY2QtNDAyYS1hODEwLTU1NTRkNmUxNjg2Zi8x
L1l1WER6bUpaMUxkZEQzdDZzTnFQRGJFQlBBSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUv
MzU1NWZlLTEyY2QtNDAyYS1hODEwLTU1NTRkNmUxNjg2Zi8xL3F3bFN5THFOcmJI
VFRlYkdxVGhrcGduOFFldy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJ+UvzANBgkqhkiG9w0BAQsFAAOC
AQEAilGfGXyDTfvEIZz0EGhKjw1sQoWNKCvR+kYVQDEkbG2nk+pBCsTeVYqy22oB
iAjwejJH+uPCuFfMMSLEqea/PfJEx7rwJqLnyzqjCtuqif3fHlKdQCjhVcJziwGP
apC/C+7IoT+pMMqrZE6cP96ZLRlFpIVz/LxQaBCNFIemRCBcHI5eGWbFPMX8goHc
K8tOCUQsVKoPms8yyLERUVb+JiSZpp9F2wr7YT8SQGbL8DPqPtAoOuU0JBugZVqu
l4jGrgA4Q/0w5MISFfYcvqMjG9qU3mP+ayLRpYHa/XYhzJ2+TBM9gPjZbJNMzUVw
IOhgrCiMwFo00g3fahl216hWzw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:37 2023 by rpki-client on console-ams.rpki-client.org