Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/tA-aeQ4YzMCoHwC9Kx-drm3PrSg.roa
File: tA-aeQ4YzMCoHwC9Kx-drm3PrSg.roa (raw, json)
Hash identifier: 75lERJN90Ogr12opfixiK+Bpj4VPhpebY8JDzt7JwiU=
Subject key identifier: B4:0F:9A:79:0E:18:CC:C0:A8:1F:00:BD:2B:1F:9D:AE:6D:CF:AD:28
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 39A22B78
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/tA-aeQ4YzMCoHwC9Kx-drm3PrSg.roa
Signing time: Fri 22 Apr 2022 10:44:35 +0000
ROA not before: Fri 22 Apr 2022 10:44:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 159.148.224.0/23 maxlen: 23
85.254.42.0/23 maxlen: 23
85.254.62.0/23 maxlen: 23
159.148.166.0/23 maxlen: 23
85.254.8.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 966929272 (0x39a22b78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Apr 22 10:44:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b40f9a790e18ccc0a81f00bd2b1f9dae6dcfad28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:64:31:08:fd:9d:5a:37:f6:1d:59:fb:9e:59:
5f:e3:63:c5:31:0b:6f:04:d6:4e:33:2d:81:bc:39:
2b:a3:07:49:9e:28:4c:63:ee:56:4f:67:80:52:2c:
4e:c9:0e:28:d1:01:e8:68:0e:a7:3b:f9:63:4f:2b:
69:d2:f3:8d:47:42:be:cd:56:31:0f:fd:d4:d9:04:
31:22:f9:e1:28:02:96:89:0e:50:0b:bd:75:c9:61:
f4:ec:e0:27:9b:1d:9d:76:1e:cf:73:c6:b6:b8:5e:
52:98:36:52:c4:f2:ef:ac:c5:90:79:d4:3a:bb:0d:
e3:12:db:a1:8d:17:55:9d:12:8c:19:66:e2:c0:91:
fb:84:16:c8:5f:e9:7c:43:81:a1:22:92:56:b5:ec:
28:fb:b3:41:46:79:7e:18:8f:71:9b:f0:6f:de:a4:
4e:85:b0:8d:19:a0:e1:d4:f4:fb:64:df:89:fd:4c:
83:d0:78:1d:93:7f:04:53:78:16:ff:21:1f:1f:0c:
f9:25:3d:7b:63:34:20:ea:2a:20:1f:2c:86:12:cc:
87:e7:f5:18:b3:0e:5a:d2:a3:60:a0:96:b1:9b:63:
8e:1e:a3:bd:9c:c0:d1:38:66:48:87:41:3a:db:d3:
c2:a2:70:cf:b2:66:0f:6f:49:fe:f1:33:35:a2:d1:
7f:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:0F:9A:79:0E:18:CC:C0:A8:1F:00:BD:2B:1F:9D:AE:6D:CF:AD:28
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/tA-aeQ4YzMCoHwC9Kx-drm3PrSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.8.0/21
85.254.42.0/23
85.254.62.0/23
159.148.166.0/23
159.148.224.0/23
Signature Algorithm: sha256WithRSAEncryption
36:62:92:c1:23:5d:87:29:09:a1:7e:9d:cd:eb:f2:8b:64:78:
7b:1a:54:5c:c6:89:5c:67:af:09:f1:51:a6:81:6b:65:bf:f7:
48:54:ca:86:a7:24:5d:8b:20:2f:60:b9:1b:67:f9:77:8d:4e:
5c:ef:af:aa:17:81:f7:70:88:28:1f:31:49:34:b5:58:1a:0f:
b7:68:7f:33:c9:9f:05:d3:12:18:d5:99:98:80:a0:13:b3:ed:
db:d0:d9:c9:ba:ea:9c:d0:e9:4b:9f:5a:58:e2:31:7c:2e:5f:
33:a7:5e:d4:43:db:a0:e5:e6:4f:05:67:9e:b5:7b:04:8a:96:
1d:6b:4e:fe:b0:c6:ab:1f:e0:44:a7:72:33:a8:e9:41:17:c9:
35:a1:68:aa:52:00:cd:cf:89:8a:cf:e1:ec:e7:36:35:0a:6e:
30:7c:1c:71:06:48:aa:7f:fe:9a:2a:5f:7e:60:fb:81:6f:fb:
86:56:34:a8:91:7f:5a:fd:b6:ae:35:af:1a:8a:3a:ad:36:c0:
d2:66:c8:44:ad:8a:56:1b:ca:36:ef:16:c8:32:72:e6:39:38:
c5:d0:f5:f9:b4:30:84:07:ff:e5:1b:86:0c:ee:a5:61:54:a9:
b9:cc:35:34:d5:6a:de:df:a2:11:39:71:40:cc:50:72:0e:4f:
49:f0:2b:f1
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEOaIreDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjA5NTJjOGJhOGRhZGIxZDM0ZGU2YzZhOTM4NjRhNjA5ZmM0MWVjMB4XDTIyMDQy
MjEwNDQzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjQwZjlhNzkwZTE4
Y2NjMGE4MWYwMGJkMmIxZjlkYWU2ZGNmYWQyODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKxkMQj9nVo39h1Z+55ZX+NjxTELbwTWTjMtgbw5K6MHSZ4o
TGPuVk9ngFIsTskOKNEB6GgOpzv5Y08radLzjUdCvs1WMQ/91NkEMSL54SgClokO
UAu9dclh9OzgJ5sdnXYez3PGtrheUpg2UsTy76zFkHnUOrsN4xLboY0XVZ0SjBlm
4sCR+4QWyF/pfEOBoSKSVrXsKPuzQUZ5fhiPcZvwb96kToWwjRmg4dT0+2Tfif1M
g9B4HZN/BFN4Fv8hHx8M+SU9e2M0IOoqIB8shhLMh+f1GLMOWtKjYKCWsZtjjh6j
vZzA0ThmSIdBOtvTwqJwz7JmD29J/vEzNaLRf38CAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBS0D5p5DhjMwKgfAL0rH52ubc+tKDAfBgNVHSMEGDAWgBSrCVLIuo2tsdNN
5sapOGSmCfxB7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3F3bFN5THFOcmJIVFRlYkdxVGhrcGduOFFldy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGUvMzU1NWZlLTEyY2QtNDAyYS1hODEwLTU1NTRkNmUxNjg2Zi8x
L3RBLWFlUTRZek1Db0h3QzlLeC1kcm0zUHJTZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUv
MzU1NWZlLTEyY2QtNDAyYS1hODEwLTU1NTRkNmUxNjg2Zi8xL3F3bFN5THFOcmJI
VFRlYkdxVGhrcGduOFFldy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEA1X+CAMEAVX+KgMEAVX+PgMEAZ+U
pgMEAZ+U4DANBgkqhkiG9w0BAQsFAAOCAQEANmKSwSNdhykJoX6dzevyi2R4expU
XMaJXGevCfFRpoFrZb/3SFTKhqckXYsgL2C5G2f5d41OXO+vqheB93CIKB8xSTS1
WBoPt2h/M8mfBdMSGNWZmICgE7Pt29DZybrqnNDpS59aWOIxfC5fM6de1EPboOXm
TwVnnrV7BIqWHWtO/rDGqx/gRKdyM6jpQRfJNaFoqlIAzc+Jis/h7Oc2NQpuMHwc
cQZIqn/+mipffmD7gW/7hlY0qJF/Wv22rjWvGoo6rTbA0mbIRK2KVhvKNu8WyDJy
5jk4xdD1+bQwhAf/5RuGDO6lYVSpucw1NNVq3t+iETlxQMxQcg5PSfAr8Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:38 2023 by rpki-client on console-ams.rpki-client.org