Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/ykiGKNAC7bCBIqStc2qTURvPTgU.roa
File: ykiGKNAC7bCBIqStc2qTURvPTgU.roa (raw, json)
Hash identifier: J/QUdV/5nCXjF2YUa2FTS2FrQMHNI45Gx2dNdWDMKcE=
Subject key identifier: CA:48:86:28:D0:02:ED:B0:81:22:A4:AD:73:6A:93:51:1B:CF:4E:05
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 39CA2F0B
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/ykiGKNAC7bCBIqStc2qTURvPTgU.roa
Signing time: Fri 06 May 2022 06:00:29 +0000
ROA not before: Fri 06 May 2022 06:00:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205625
IP address blocks: 159.148.44.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 969551627 (0x39ca2f0b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: May 6 06:00:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca488628d002edb08122a4ad736a93511bcf4e05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:2b:47:92:3e:74:5f:75:2d:50:2d:df:3d:3a:
5c:57:65:fb:52:4f:9f:55:4b:60:8e:8c:50:d3:bc:
0a:14:e4:77:16:33:80:74:57:61:bb:47:53:33:76:
75:6f:7b:0b:c9:a6:35:7e:20:c6:e3:3b:70:76:79:
d8:95:7e:03:1d:0a:ec:67:bc:24:66:7a:d4:5a:34:
10:71:a6:7b:fb:24:48:59:14:4c:66:8e:03:f4:8e:
3a:e9:38:da:b1:ea:bb:21:a2:c2:4c:9d:c1:86:6a:
e6:9c:80:84:b7:aa:c4:bb:8b:14:db:16:1a:dc:51:
65:6d:70:60:71:18:0e:44:9c:c4:0a:bb:1f:d4:f6:
43:da:b4:bc:7e:04:a5:f7:67:81:c0:8d:91:1a:fd:
75:7f:34:32:58:f0:80:61:21:06:b3:a8:cd:9e:1d:
20:3c:2e:4c:89:e7:fb:d8:34:c0:88:bb:6f:d9:4d:
bb:83:0c:21:17:c4:d1:83:93:54:f1:4c:b6:20:bc:
55:e9:d3:2a:47:ca:67:ab:8c:1b:ae:b1:23:11:1d:
20:41:26:8d:c5:e1:9d:28:06:e1:12:77:cb:85:d6:
2a:f0:88:da:be:c8:d7:42:5f:42:8f:53:fe:bb:9e:
22:ea:6f:10:d5:91:a5:66:29:33:cf:57:b0:fb:ea:
ef:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:48:86:28:D0:02:ED:B0:81:22:A4:AD:73:6A:93:51:1B:CF:4E:05
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/ykiGKNAC7bCBIqStc2qTURvPTgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.44.0/24
Signature Algorithm: sha256WithRSAEncryption
36:f3:d3:e7:05:64:41:24:6b:45:1e:2d:e2:99:e0:8a:43:7c:
f7:47:13:bc:66:6e:54:cb:4d:ed:9c:04:c4:eb:ec:50:10:8f:
bc:d1:6c:93:54:ad:42:27:85:6a:00:8e:b6:82:48:ff:23:8e:
f1:7a:49:ab:4a:15:35:dd:e6:65:79:29:62:c4:1d:1d:a3:d3:
92:f8:f4:7d:9b:57:a9:96:27:bc:d1:35:c2:c3:44:7d:64:c1:
ea:7a:02:5f:24:88:c3:ab:f1:64:13:22:51:e1:e3:f7:3c:ef:
77:44:b2:61:fb:0b:98:78:68:e9:4a:fa:4a:48:1d:f2:0e:96:
92:f1:ee:02:3b:d1:5b:19:36:ee:38:a0:33:db:be:2c:15:ce:
d0:02:13:66:f8:5f:ad:5f:ef:50:de:12:41:c7:5a:3f:e2:21:
89:e6:49:a5:78:5e:bf:a6:3e:b7:0f:8b:5f:fe:60:54:2f:3b:
80:a1:59:88:67:73:92:ef:8e:d0:7a:7d:2b:f2:d5:d9:40:57:
32:a0:2a:2f:d5:82:1f:ae:f3:ad:d4:e9:97:c5:01:43:34:cb:
5b:55:bb:e2:0f:b7:40:a3:6f:27:fe:30:15:16:e3:66:55:70:
5a:b2:9d:61:25:aa:e9:49:5d:c5:5a:fb:93:f0:06:0c:6d:00:
3a:d6:78:2a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOcovCzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjA5NTJjOGJhOGRhZGIxZDM0ZGU2YzZhOTM4NjRhNjA5ZmM0MWVjMB4XDTIyMDUw
NjA2MDAyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2E0ODg2MjhkMDAy
ZWRiMDgxMjJhNGFkNzM2YTkzNTExYmNmNGUwNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANUrR5I+dF91LVAt3z06XFdl+1JPn1VLYI6MUNO8ChTkdxYz
gHRXYbtHUzN2dW97C8mmNX4gxuM7cHZ52JV+Ax0K7Ge8JGZ61Fo0EHGme/skSFkU
TGaOA/SOOuk42rHquyGiwkydwYZq5pyAhLeqxLuLFNsWGtxRZW1wYHEYDkScxAq7
H9T2Q9q0vH4EpfdngcCNkRr9dX80MljwgGEhBrOozZ4dIDwuTInn+9g0wIi7b9lN
u4MMIRfE0YOTVPFMtiC8VenTKkfKZ6uMG66xIxEdIEEmjcXhnSgG4RJ3y4XWKvCI
2r7I10JfQo9T/rueIupvENWRpWYpM89XsPvq7/0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTKSIYo0ALtsIEipK1zapNRG89OBTAfBgNVHSMEGDAWgBSrCVLIuo2tsdNN
5sapOGSmCfxB7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3F3bFN5THFOcmJIVFRlYkdxVGhrcGduOFFldy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGUvMzU1NWZlLTEyY2QtNDAyYS1hODEwLTU1NTRkNmUxNjg2Zi8x
L3lraUdLTkFDN2JDQklxU3RjMnFUVVJ2UFRnVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUv
MzU1NWZlLTEyY2QtNDAyYS1hODEwLTU1NTRkNmUxNjg2Zi8xL3F3bFN5THFOcmJI
VFRlYkdxVGhrcGduOFFldy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJ+ULDANBgkqhkiG9w0BAQsFAAOC
AQEANvPT5wVkQSRrRR4t4pngikN890cTvGZuVMtN7ZwExOvsUBCPvNFsk1StQieF
agCOtoJI/yOO8XpJq0oVNd3mZXkpYsQdHaPTkvj0fZtXqZYnvNE1wsNEfWTB6noC
XySIw6vxZBMiUeHj9zzvd0SyYfsLmHho6Ur6Skgd8g6WkvHuAjvRWxk27jigM9u+
LBXO0AITZvhfrV/vUN4SQcdaP+IhieZJpXhev6Y+tw+LX/5gVC87gKFZiGdzku+O
0Hp9K/LV2UBXMqAqL9WCH67zrdTpl8UBQzTLW1W74g+3QKNvJ/4wFRbjZlVwWrKd
YSWq6UldxVr7k/AGDG0AOtZ4Kg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:38 2023 by rpki-client on console-ams.rpki-client.org