Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/jV_z0CQkYF5_IS_5P8FRNq88x-4.roa
File: jV_z0CQkYF5_IS_5P8FRNq88x-4.roa (raw, json)
Hash identifier: kypmHWtrwptFTyw2boerpHM+Myb/aCU/8S2UGyW0G9A=
Subject key identifier: 8D:5F:F3:D0:24:24:60:5E:7F:21:2F:F9:3F:C1:51:36:AF:3C:C7:EE
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 39A7AE92
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/jV_z0CQkYF5_IS_5P8FRNq88x-4.roa
Signing time: Fri 22 Apr 2022 10:55:09 +0000
ROA not before: Fri 22 Apr 2022 10:55:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57844
IP address blocks: 159.148.109.0/24 maxlen: 24
159.148.234.0/24 maxlen: 24
159.148.236.0/24 maxlen: 24
159.148.239.0/24 maxlen: 24
159.148.241.0/24 maxlen: 24
159.148.26.0/24 maxlen: 24
159.148.248.0/24 maxlen: 24
159.148.54.0/24 maxlen: 24
159.148.58.0/24 maxlen: 24
159.148.62.0/24 maxlen: 24
159.148.66.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 967290514 (0x39a7ae92)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Apr 22 10:55:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8d5ff3d02424605e7f212ff93fc15136af3cc7ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:8f:5d:d9:a4:e7:a7:29:2c:5d:df:27:03:ca:
9b:21:9e:f5:c9:25:ed:82:92:d0:29:31:6c:9b:05:
ca:af:47:91:cf:6a:43:9b:26:59:6d:8b:19:eb:c3:
bc:27:35:f8:01:64:81:29:f1:c2:a9:75:c9:39:35:
8a:af:c6:0c:7d:1e:3e:0a:9a:70:1a:8a:86:cd:40:
f3:f7:80:4a:4d:9d:52:c3:b1:1b:f2:0d:0b:74:9f:
50:11:10:6c:5d:e8:ce:ce:69:1c:e0:6c:fb:25:ef:
1b:9c:a1:eb:b2:6a:7c:4c:12:c6:46:09:0c:12:f3:
c5:61:38:74:07:a9:5a:d0:8a:ab:43:9c:2d:6e:78:
35:5f:45:b9:5b:d9:10:4c:98:5f:37:08:48:5f:c7:
ab:30:02:18:51:9d:1f:ef:fb:a9:34:76:72:79:06:
56:42:c9:c5:59:d9:ea:70:35:fe:59:d2:1f:36:78:
0a:25:bc:29:ce:9d:5a:98:09:7c:3a:b1:61:01:5f:
f5:d9:60:e0:a5:5f:46:a9:4b:20:b9:ae:53:8b:10:
d4:68:1d:b5:06:fb:97:42:39:e1:4b:91:77:58:95:
32:9d:4a:a4:6a:00:1d:95:55:aa:b0:63:94:96:cb:
0a:fc:91:a5:3b:24:af:34:50:ac:8b:a8:ae:4d:60:
ab:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:5F:F3:D0:24:24:60:5E:7F:21:2F:F9:3F:C1:51:36:AF:3C:C7:EE
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/jV_z0CQkYF5_IS_5P8FRNq88x-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.26.0/24
159.148.54.0/24
159.148.58.0/24
159.148.62.0/24
159.148.66.0/24
159.148.109.0/24
159.148.234.0/24
159.148.236.0/24
159.148.239.0/24
159.148.241.0/24
159.148.248.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:2b:de:35:8c:83:fe:6d:22:3a:a9:78:6c:f4:45:4b:1a:69:
0e:2c:c6:fc:fc:6f:07:52:03:26:84:38:6d:1c:fb:d1:3b:3d:
00:77:56:10:fc:2b:74:f7:30:ab:0b:07:bb:de:f2:ef:49:cb:
89:53:12:12:7a:9a:ba:ed:f9:21:b7:7a:f7:87:a3:78:da:f6:
0b:e8:a8:6f:68:52:08:4c:13:d8:ee:87:fe:98:32:a8:3d:80:
04:0c:ea:ec:ef:0d:a7:59:d2:5b:50:ee:3a:b9:8a:f2:c3:f9:
f2:f8:bb:24:dd:0b:12:36:72:a7:1c:8b:14:e8:ba:e4:e1:ac:
9a:c7:f2:f1:92:a6:46:06:31:93:20:c3:4b:33:79:63:a1:e1:
15:88:2e:e5:65:77:37:50:bd:77:a9:7d:45:25:1e:78:30:d9:
2f:b0:fa:c0:3c:c9:97:fc:ce:4e:58:83:99:3a:2d:de:6d:1f:
82:f2:43:a8:ac:8c:ed:b3:ef:48:2e:e1:a0:46:6f:d0:3d:09:
9a:cc:33:6d:7b:11:7d:c6:82:77:cd:cd:d2:a1:76:c5:8f:49:
64:1a:41:ac:5a:f2:70:d0:2e:cb:27:d7:18:ef:bf:51:cb:f3:
d2:65:75:d9:57:f9:17:82:ae:b3:92:7e:e1:92:ae:f8:b7:40:
27:f8:e6:06
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIEOaeukjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjA5NTJjOGJhOGRhZGIxZDM0ZGU2YzZhOTM4NjRhNjA5ZmM0MWVjMB4XDTIyMDQy
MjEwNTUwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGQ1ZmYzZDAyNDI0
NjA1ZTdmMjEyZmY5M2ZjMTUxMzZhZjNjYzdlZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKuPXdmk56cpLF3fJwPKmyGe9ckl7YKS0CkxbJsFyq9Hkc9q
Q5smWW2LGevDvCc1+AFkgSnxwql1yTk1iq/GDH0ePgqacBqKhs1A8/eASk2dUsOx
G/INC3SfUBEQbF3ozs5pHOBs+yXvG5yh67JqfEwSxkYJDBLzxWE4dAepWtCKq0Oc
LW54NV9FuVvZEEyYXzcISF/HqzACGFGdH+/7qTR2cnkGVkLJxVnZ6nA1/lnSHzZ4
CiW8Kc6dWpgJfDqxYQFf9dlg4KVfRqlLILmuU4sQ1GgdtQb7l0I54UuRd1iVMp1K
pGoAHZVVqrBjlJbLCvyRpTskrzRQrIuork1gq3sCAwEAAaOCAkUwggJBMB0GA1Ud
DgQWBBSNX/PQJCRgXn8hL/k/wVE2rzzH7jAfBgNVHSMEGDAWgBSrCVLIuo2tsdNN
5sapOGSmCfxB7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3F3bFN5THFOcmJIVFRlYkdxVGhrcGduOFFldy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGUvMzU1NWZlLTEyY2QtNDAyYS1hODEwLTU1NTRkNmUxNjg2Zi8x
L2pWX3owQ1FrWUY1X0lTXzVQOEZSTnE4OHgtNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUv
MzU1NWZlLTEyY2QtNDAyYS1hODEwLTU1NTRkNmUxNjg2Zi8xL3F3bFN5THFOcmJI
VFRlYkdxVGhrcGduOFFldy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBb
BggrBgEFBQcBBwEB/wRMMEowSAQCAAEwQgMEAJ+UGgMEAJ+UNgMEAJ+UOgMEAJ+U
PgMEAJ+UQgMEAJ+UbQMEAJ+U6gMEAJ+U7AMEAJ+U7wMEAJ+U8QMEAJ+U+DANBgkq
hkiG9w0BAQsFAAOCAQEAqCveNYyD/m0iOql4bPRFSxppDizG/PxvB1IDJoQ4bRz7
0Ts9AHdWEPwrdPcwqwsHu97y70nLiVMSEnqauu35Ibd694ejeNr2C+iob2hSCEwT
2O6H/pgyqD2ABAzq7O8Np1nSW1DuOrmK8sP58vi7JN0LEjZypxyLFOi65OGsmsfy
8ZKmRgYxkyDDSzN5Y6HhFYgu5WV3N1C9d6l9RSUeeDDZL7D6wDzJl/zOTliDmTot
3m0fgvJDqKyM7bPvSC7hoEZv0D0JmswzbXsRfcaCd83N0qF2xY9JZBpBrFrycNAu
yyfXGO+/Ucvz0mV12Vf5F4Kus5J+4ZKu+LdAJ/jmBg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:46 2023 by rpki-client on console-fra.rpki-client.org