Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/oVQbRwksrmYKTQ2AUTKGutMR5XM.roa
File: oVQbRwksrmYKTQ2AUTKGutMR5XM.roa (raw, json)
Hash identifier: A/OeszQFIL8oCnl4SJ1FTN4kpj2UmlYffrkEO11LnjQ=
Subject key identifier: A1:54:1B:47:09:2C:AE:66:0A:4D:0D:80:51:32:86:BA:D3:11:E5:73
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01853EF6D68BAE3093013AB3A62928D9E063
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/oVQbRwksrmYKTQ2AUTKGutMR5XM.roa
Signing time: Fri 23 Dec 2022 12:30:42 +0000
ROA not before: Fri 23 Dec 2022 12:30:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 159.148.224.0/23 maxlen: 23
85.254.64.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3e:f6:d6:8b:ae:30:93:01:3a:b3:a6:29:28:d9:e0:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Dec 23 12:30:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a1541b47092cae660a4d0d80513286bad311e573
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:2d:e7:0c:27:41:1e:5b:9c:68:06:c4:66:7e:
53:ed:f3:76:7c:d2:c5:22:68:2a:23:82:01:39:bb:
de:3c:04:a7:ef:e0:d7:92:ac:fb:e7:7b:14:8c:80:
71:78:ee:a4:d0:fb:9e:9e:2c:ef:3a:4d:0e:28:9b:
f4:16:a5:b9:0f:e8:9e:c1:d5:52:30:ac:7d:6a:c9:
97:61:63:b3:0e:35:2a:bb:40:7b:df:43:0f:79:6f:
2f:6b:e0:31:fe:84:9e:65:46:01:4a:5a:f8:37:97:
49:e5:bf:78:ba:57:ea:64:3c:bf:5a:d0:16:74:e5:
43:bf:b2:33:39:cb:4b:c7:c8:f1:08:47:65:a1:92:
e7:8f:97:f9:72:5d:67:a5:b4:e5:4b:72:cb:9b:74:
30:dc:ec:c8:0e:5b:18:3e:b0:22:58:cf:85:bc:1e:
60:7e:09:72:70:2d:e4:af:be:63:de:1f:ce:31:08:
a2:43:8c:b2:ad:a6:8f:0c:4b:90:97:c8:e7:d2:36:
f9:7d:8d:4e:53:d9:e1:7a:71:a1:28:9b:68:9d:4c:
46:4a:f0:bb:5b:99:af:f9:16:49:d8:88:72:5e:3b:
d1:b4:22:07:3c:e5:92:65:7a:e3:de:18:94:fb:94:
c0:6f:79:79:1a:54:65:c3:25:e0:19:65:b2:e0:9f:
97:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:54:1B:47:09:2C:AE:66:0A:4D:0D:80:51:32:86:BA:D3:11:E5:73
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/oVQbRwksrmYKTQ2AUTKGutMR5XM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.64.0/23
159.148.224.0/23
Signature Algorithm: sha256WithRSAEncryption
a5:99:cd:13:40:c5:46:6c:9f:3c:7f:9d:21:ac:2f:26:e9:a1:
0e:8c:7e:91:51:76:21:50:30:c4:6d:16:01:bf:ec:5d:81:f6:
da:6e:b6:c3:b6:ad:c1:1b:60:d5:a2:e1:7f:29:75:b4:e7:6a:
4a:fb:33:50:9b:d2:2c:31:c7:bf:c8:ec:a0:c5:07:1c:c5:a5:
a5:b7:a0:72:f2:ba:d2:6a:81:6c:1d:9d:28:4f:bb:fe:14:51:
8c:80:68:0e:a8:ba:54:66:bd:9b:d5:db:5f:c7:68:2c:6c:08:
f1:e0:6c:ed:61:d8:b3:c9:2f:bd:a4:4c:43:5f:62:ae:dd:a9:
54:b7:be:11:ff:01:fd:b2:73:1b:6d:9d:a1:3c:16:42:86:b9:
c6:94:e2:1e:17:2c:77:d3:0f:81:ae:a6:80:de:97:4a:73:6e:
9f:c7:ee:97:c8:58:41:2e:ca:8c:8e:13:6f:bd:04:e7:24:98:
7c:61:89:59:48:a0:3b:04:1e:cc:91:e3:20:ae:b0:95:a4:f2:
76:70:88:21:ea:c3:f5:99:50:e0:89:d4:7b:93:2d:46:d6:db:
7c:09:2f:4e:08:e6:7a:41:b9:e6:96:52:b8:5e:ba:d9:0a:e1:
be:e7:ba:ca:8d:b5:63:11:36:8a:3d:88:74:89:e0:40:3a:0f:
91:49:bb:e4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYU+9taLrjCTATqzpiko2eBjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjIxMjIzMTIzMDQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTU0MWI0NzA5MmNhZTY2MGE0ZDBkODA1MTMyODZiYWQzMTFlNTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuC3nDCdBHlucaAbEZn5T7fN2fNLF
ImgqI4IBObvePASn7+DXkqz753sUjIBxeO6k0PuenizvOk0OKJv0FqW5D+iewdVS
MKx9asmXYWOzDjUqu0B730MPeW8va+Ax/oSeZUYBSlr4N5dJ5b94ulfqZDy/WtAW
dOVDv7IzOctLx8jxCEdloZLnj5f5cl1npbTlS3LLm3Qw3OzIDlsYPrAiWM+FvB5g
fglycC3kr75j3h/OMQiiQ4yyraaPDEuQl8jn0jb5fY1OU9nhenGhKJtonUxGSvC7
W5mv+RZJ2IhyXjvRtCIHPOWSZXrj3hiU+5TAb3l5GlRlwyXgGWWy4J+XrwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKFUG0cJLK5mCk0NgFEyhrrTEeVzMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvb1ZRYlJ3a3NybVlLVFEyQVVUS0d1dE1SNVhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVf5AAwQB
n5TgMA0GCSqGSIb3DQEBCwUAA4IBAQClmc0TQMVGbJ88f50hrC8m6aEOjH6RUXYh
UDDEbRYBv+xdgfbabrbDtq3BG2DVouF/KXW052pK+zNQm9IsMce/yOygxQccxaWl
t6By8rrSaoFsHZ0oT7v+FFGMgGgOqLpUZr2b1dtfx2gsbAjx4GztYdizyS+9pExD
X2Ku3alUt74R/wH9snMbbZ2hPBZChrnGlOIeFyx30w+BrqaA3pdKc26fx+6XyFhB
LsqMjhNvvQTnJJh8YYlZSKA7BB7MkeMgrrCVpPJ2cIgh6sP1mVDgidR7ky1G1tt8
CS9OCOZ6QbnmllK4XrrZCuG+57rKjbVjETaKPYh0ieBAOg+RSbvk
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:38 2023 by rpki-client on console-ams.rpki-client.org