Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/rpcuJ7vTBVTRWbsVhvnQBPCcrvI.roa
File: rpcuJ7vTBVTRWbsVhvnQBPCcrvI.roa (raw, json)
Hash identifier: w9xua+wkQLvCm58Af8+G+/alMaRmTiUFaWzDFHjY36Q=
Subject key identifier: AE:97:2E:27:BB:D3:05:54:D1:59:BB:15:86:F9:D0:04:F0:9C:AE:F2
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 0183601BD1A4C8FAA7A912670DEB58A43BBF
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/rpcuJ7vTBVTRWbsVhvnQBPCcrvI.roa
Signing time: Wed 21 Sep 2022 12:52:59 +0000
ROA not before: Wed 21 Sep 2022 12:52:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57844
IP address blocks: 159.148.109.0/24 maxlen: 24
159.148.234.0/24 maxlen: 24
159.148.26.0/24 maxlen: 24
159.148.58.0/24 maxlen: 24
159.148.62.0/24 maxlen: 24
159.148.66.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:60:1b:d1:a4:c8:fa:a7:a9:12:67:0d:eb:58:a4:3b:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Sep 21 12:52:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ae972e27bbd30554d159bb1586f9d004f09caef2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a7:d5:a0:e2:90:e5:a2:2c:d9:f7:b5:5b:08:
2a:17:18:c8:5e:2c:d0:3e:4a:b6:bc:89:51:52:37:
d8:d6:1c:38:6e:40:ad:08:c5:96:7f:6f:32:ec:85:
d1:a5:1c:85:47:d6:d2:0b:7c:48:3c:cc:fd:cd:bc:
2a:4a:0a:c9:1d:40:bb:42:34:4b:34:a5:15:2b:64:
60:e0:1c:61:b8:df:2b:01:b0:ef:23:2b:4b:f4:6c:
63:8b:c1:35:0a:00:ad:40:86:46:70:9d:5d:c6:fa:
7d:21:97:d2:a6:64:12:47:1c:57:04:d1:db:44:d6:
8f:1c:00:d7:5f:22:29:e2:41:e9:6e:c2:2c:9c:15:
73:73:bb:04:96:10:8c:a1:69:eb:5c:1b:cf:59:32:
c8:57:27:7d:a8:b2:df:45:dc:1f:df:0e:93:20:ea:
6d:58:39:b4:12:9e:d9:6f:70:50:48:74:7b:28:4e:
7b:bb:5a:76:76:a7:5b:0d:3c:87:54:40:69:34:b6:
0c:a7:35:99:8c:30:ae:17:a7:48:d0:a9:41:0c:14:
9a:69:12:e4:c2:af:74:fd:ef:92:e9:ae:25:44:20:
37:d5:b3:96:2f:6c:34:3c:83:a7:d6:22:b7:18:36:
12:f9:4e:2d:eb:63:8b:98:c1:41:cd:3a:8f:ad:28:
52:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:97:2E:27:BB:D3:05:54:D1:59:BB:15:86:F9:D0:04:F0:9C:AE:F2
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/rpcuJ7vTBVTRWbsVhvnQBPCcrvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.26.0/24
159.148.58.0/24
159.148.62.0/24
159.148.66.0/24
159.148.109.0/24
159.148.234.0/24
Signature Algorithm: sha256WithRSAEncryption
19:01:fe:9f:dd:cb:7f:86:7d:3b:12:18:8d:d4:f3:2e:6a:91:
99:ae:f7:10:4f:70:fb:fc:40:0f:1a:11:7a:07:02:97:06:97:
3f:da:2f:42:73:c4:7f:1c:9f:a5:24:3b:e3:73:b5:8e:5f:ca:
2c:13:05:3d:f1:fa:2f:79:cd:5f:83:5d:f3:2d:b1:e2:25:c8:
66:56:35:cc:f5:d9:d3:ed:49:57:fd:01:90:97:96:3f:1d:bc:
c7:0e:02:02:85:06:1e:d0:f2:83:89:3e:f7:c3:82:51:9e:30:
e1:5c:b8:bc:51:43:73:3a:60:95:47:14:f3:e9:40:54:52:c4:
cd:f8:1b:0e:14:15:a8:6d:ca:d6:00:ae:ed:9f:2d:47:a7:99:
45:9b:de:99:af:bf:5b:ce:f5:41:da:63:ec:98:13:c8:2a:6a:
a5:e5:a4:db:d6:62:44:1a:d5:12:81:2b:fe:a7:1e:de:55:9b:
14:49:c3:22:1a:63:d7:66:71:80:bc:f2:b9:c6:c2:71:b9:c2:
13:ec:4e:0e:e7:5f:82:2d:c4:e0:e0:73:f5:59:ae:4a:7d:45:
3f:a8:3b:18:ee:b8:15:16:ad:b8:67:ff:d3:c3:5f:b2:ce:76:
2d:9f:72:f1:e1:a4:8e:8f:df:09:f3:b2:d3:28:01:28:eb:a7:
96:c6:4d:a5
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYNgG9GkyPqnqRJnDetYpDu/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjIwOTIxMTI1MjU5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTk3MmUyN2JiZDMwNTU0ZDE1OWJiMTU4NmY5ZDAwNGYwOWNhZWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKfVoOKQ5aIs2fe1WwgqFxjIXizQ
Pkq2vIlRUjfY1hw4bkCtCMWWf28y7IXRpRyFR9bSC3xIPMz9zbwqSgrJHUC7QjRL
NKUVK2Rg4BxhuN8rAbDvIytL9Gxji8E1CgCtQIZGcJ1dxvp9IZfSpmQSRxxXBNHb
RNaPHADXXyIp4kHpbsIsnBVzc7sElhCMoWnrXBvPWTLIVyd9qLLfRdwf3w6TIOpt
WDm0Ep7Zb3BQSHR7KE57u1p2dqdbDTyHVEBpNLYMpzWZjDCuF6dI0KlBDBSaaRLk
wq90/e+S6a4lRCA31bOWL2w0PIOn1iK3GDYS+U4t62OLmMFBzTqPrShSbwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFK6XLie70wVU0Vm7FYb50ATwnK7yMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvcnBjdUo3dlRCVlRSV2JzVmh2blFCUENjcnZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAn5QaAwQA
n5Q6AwQAn5Q+AwQAn5RCAwQAn5RtAwQAn5TqMA0GCSqGSIb3DQEBCwUAA4IBAQAZ
Af6f3ct/hn07EhiN1PMuapGZrvcQT3D7/EAPGhF6BwKXBpc/2i9Cc8R/HJ+lJDvj
c7WOX8osEwU98fovec1fg13zLbHiJchmVjXM9dnT7UlX/QGQl5Y/HbzHDgIChQYe
0PKDiT73w4JRnjDhXLi8UUNzOmCVRxTz6UBUUsTN+BsOFBWobcrWAK7tny1Hp5lF
m96Zr79bzvVB2mPsmBPIKmql5aTb1mJEGtUSgSv+px7eVZsUScMiGmPXZnGAvPK5
xsJxucIT7E4O51+CLcTg4HP1Wa5KfUU/qDsY7rgVFq24Z//Tw1+yznYtn3Lx4aSO
j98J87LTKAEo66eWxk2l
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:38 2023 by rpki-client on console-ams.rpki-client.org