Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/pi0qZypMmMxVf4guW4iMtZuHgnw.roa
File: pi0qZypMmMxVf4guW4iMtZuHgnw.roa (raw, json)
Hash identifier: S/0rG+Fu5F/qP9JALJtEjco1Yb6O7BupbkRxMvwXrww=
Subject key identifier: A6:2D:2A:67:2A:4C:98:CC:55:7F:88:2E:5B:88:8C:B5:9B:87:82:7C
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 39A46018
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/pi0qZypMmMxVf4guW4iMtZuHgnw.roa
Signing time: Fri 22 Apr 2022 10:50:36 +0000
ROA not before: Fri 22 Apr 2022 10:50:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21700
IP address blocks: 159.148.114.0/24 maxlen: 24
159.148.125.0/24 maxlen: 24
159.148.126.0/24 maxlen: 24
159.148.128.0/24 maxlen: 24
159.148.130.0/24 maxlen: 24
159.148.138.0/24 maxlen: 24
159.148.150.0/24 maxlen: 24
159.148.148.0/24 maxlen: 24
159.148.157.0/24 maxlen: 24
159.148.158.0/24 maxlen: 24
159.148.163.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 967073816 (0x39a46018)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Apr 22 10:50:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a62d2a672a4c98cc557f882e5b888cb59b87827c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c3:aa:e8:30:4e:9e:ed:e8:a8:08:2f:7a:a9:
d4:a4:6b:b8:5a:1a:31:26:68:d8:69:77:d8:b6:c4:
ca:bd:f2:5f:a4:8e:67:91:a5:28:3a:5f:1a:7c:22:
89:07:0c:ef:ae:80:b9:b9:ab:d5:67:1a:b9:d1:28:
30:7f:f9:9d:4c:12:f4:62:d0:96:cc:c1:6c:eb:cb:
05:ce:3f:31:a6:fd:e9:cc:16:1c:59:27:07:30:31:
3a:70:5d:b3:01:56:87:33:12:1f:d7:39:d1:40:37:
fb:7b:a6:11:f9:fe:08:47:98:71:95:75:51:66:b3:
3b:bf:58:be:d7:5d:fe:93:58:e3:35:cd:c9:30:95:
41:e3:cf:14:37:98:06:ad:9d:09:a4:82:d5:e5:7f:
73:c0:03:41:13:fb:60:97:d6:70:ea:ae:a9:75:ad:
13:a3:42:a4:63:48:66:57:de:cd:f2:3c:12:d4:86:
fa:89:b1:29:00:7e:bf:a3:f3:7e:4e:5e:9f:5c:a7:
81:4d:bc:91:17:68:de:91:31:8a:d0:07:73:f8:47:
f3:c9:39:51:88:88:9c:14:c7:f1:5b:36:ab:e2:52:
ba:2a:d2:f7:df:1b:d4:41:9b:65:66:b8:1a:9d:da:
8a:a4:f8:e6:0a:40:93:7b:9e:cf:06:90:72:87:b7:
ca:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:2D:2A:67:2A:4C:98:CC:55:7F:88:2E:5B:88:8C:B5:9B:87:82:7C
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/pi0qZypMmMxVf4guW4iMtZuHgnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.114.0/24
159.148.125.0-159.148.126.255
159.148.128.0/24
159.148.130.0/24
159.148.138.0/24
159.148.148.0/24
159.148.150.0/24
159.148.157.0-159.148.158.255
159.148.163.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:13:c9:d8:97:75:af:51:4e:de:5a:b0:a7:c9:34:70:d7:57:
d4:90:18:79:74:d0:c2:df:1c:dd:d3:b5:d9:68:94:33:7c:79:
03:8c:c7:cb:61:4f:bd:29:be:a4:4c:8a:e0:10:33:0b:ad:e3:
71:b1:70:38:50:c6:04:b9:eb:29:5f:35:45:75:2d:0b:8e:08:
a8:21:5b:9a:7d:54:0a:d1:85:3f:1e:5d:69:6f:81:30:e6:d6:
b2:6e:1a:33:7d:1e:54:79:8d:bd:1f:0c:c5:5a:50:d2:08:43:
0d:2d:11:e2:34:1a:08:10:ba:8a:cf:9f:c0:21:c6:c1:9f:e1:
84:7a:1a:31:bd:bc:f4:5e:46:a2:63:86:06:7b:d3:f7:3f:8b:
b7:d6:cb:31:59:94:ec:e8:cc:ff:68:06:9e:da:24:ea:e8:22:
07:db:cb:c5:3a:d6:e6:a9:86:da:3f:7b:28:cd:64:e6:4e:27:
27:4b:ff:d6:94:0d:b7:df:30:4b:5b:2c:11:cd:d8:cd:be:a7:
67:dc:fe:56:dc:a2:fe:d3:57:a7:eb:70:aa:f6:63:4b:f5:56:
a3:8a:fe:f0:ec:5a:29:e1:60:3e:ac:ee:39:66:9d:28:9d:b7:
1e:94:72:e9:9c:0d:7b:f6:58:94:a0:b1:f5:fa:2c:d2:d2:eb:
a5:cf:b0:ad
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIEOaRgGDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjA5NTJjOGJhOGRhZGIxZDM0ZGU2YzZhOTM4NjRhNjA5ZmM0MWVjMB4XDTIyMDQy
MjEwNTAzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTYyZDJhNjcyYTRj
OThjYzU1N2Y4ODJlNWI4ODhjYjU5Yjg3ODI3YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMLDqugwTp7t6KgIL3qp1KRruFoaMSZo2Gl32LbEyr3yX6SO
Z5GlKDpfGnwiiQcM766Aubmr1WcaudEoMH/5nUwS9GLQlszBbOvLBc4/Mab96cwW
HFknBzAxOnBdswFWhzMSH9c50UA3+3umEfn+CEeYcZV1UWazO79Yvtdd/pNY4zXN
yTCVQePPFDeYBq2dCaSC1eV/c8ADQRP7YJfWcOquqXWtE6NCpGNIZlfezfI8EtSG
+omxKQB+v6Pzfk5en1yngU28kRdo3pExitAHc/hH88k5UYiInBTH8Vs2q+JSuirS
998b1EGbZWa4Gp3aiqT45gpAk3uezwaQcoe3yusCAwEAAaOCAkkwggJFMB0GA1Ud
DgQWBBSmLSpnKkyYzFV/iC5biIy1m4eCfDAfBgNVHSMEGDAWgBSrCVLIuo2tsdNN
5sapOGSmCfxB7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3F3bFN5THFOcmJIVFRlYkdxVGhrcGduOFFldy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGUvMzU1NWZlLTEyY2QtNDAyYS1hODEwLTU1NTRkNmUxNjg2Zi8x
L3BpMHFaeXBNbU14VmY0Z3VXNGlNdFp1SGdudy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUv
MzU1NWZlLTEyY2QtNDAyYS1hODEwLTU1NTRkNmUxNjg2Zi8xL3F3bFN5THFOcmJI
VFRlYkdxVGhrcGduOFFldy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBf
BggrBgEFBQcBBwEB/wRQME4wTAQCAAEwRgMEAJ+UcjAMAwQAn5R9AwQAn5R+AwQA
n5SAAwQAn5SCAwQAn5SKAwQAn5SUAwQAn5SWMAwDBACflJ0DBACflJ4DBACflKMw
DQYJKoZIhvcNAQELBQADggEBAA0TydiXda9RTt5asKfJNHDXV9SQGHl00MLfHN3T
tdlolDN8eQOMx8thT70pvqRMiuAQMwut43GxcDhQxgS56ylfNUV1LQuOCKghW5p9
VArRhT8eXWlvgTDm1rJuGjN9HlR5jb0fDMVaUNIIQw0tEeI0GggQuorPn8AhxsGf
4YR6GjG9vPReRqJjhgZ70/c/i7fWyzFZlOzozP9oBp7aJOroIgfby8U61uaphto/
eyjNZOZOJydL/9aUDbffMEtbLBHN2M2+p2fc/lbcov7TV6frcKr2Y0v1VqOK/vDs
WinhYD6s7jlmnSidtx6UcumcDXv2WJSgsfX6LNLS66XPsK0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:38 2023 by rpki-client on console-ams.rpki-client.org