Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/3cd7ff-20d2-4cec-aeca-354399724b1e/1/LYmG2pB9j4cJlH2XmXdiohFwc9s.roa
File: LYmG2pB9j4cJlH2XmXdiohFwc9s.roa (raw, json)
Hash identifier: llUmxLegyp1e1ekcYqsq1NFcI0OvOYQzmdsofB3mDjY=
Subject key identifier: 2D:89:86:DA:90:7D:8F:87:09:94:7D:97:99:77:62:A2:11:70:73:DB
Certificate issuer: /CN=ab30921d28c78ede81842f712e6cf72bde5a6080
Certificate serial: 01EEF1FF
Authority key identifier: AB:30:92:1D:28:C7:8E:DE:81:84:2F:71:2E:6C:F7:2B:DE:5A:60:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qzCSHSjHjt6BhC9xLmz3K95aYIA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/3cd7ff-20d2-4cec-aeca-354399724b1e/1/LYmG2pB9j4cJlH2XmXdiohFwc9s.roa
Signing time: Sat 01 Jan 2022 03:53:12 +0000
ROA not before: Sat 01 Jan 2022 03:53:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13335
IP address blocks: 5.149.1.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32436735 (0x1eef1ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab30921d28c78ede81842f712e6cf72bde5a6080
Validity
Not Before: Jan 1 03:53:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2d8986da907d8f8709947d97997762a2117073db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:39:a9:f5:21:3f:02:a5:cc:7e:89:e4:c8:98:
d0:ee:00:fb:41:41:6c:8a:30:07:ab:49:86:f4:11:
12:4c:cb:98:67:15:a5:90:44:38:a9:d0:9c:9c:9f:
ec:43:26:d6:ac:ff:9c:a9:94:6a:9c:91:6a:b8:74:
11:fb:8b:46:33:f9:bf:42:36:00:49:d4:8d:f9:41:
3d:80:1d:00:9d:02:14:0d:b5:c6:ae:c1:26:b4:2b:
cf:89:58:f3:d8:73:5d:55:a2:ab:07:03:8a:a9:2a:
7e:4d:a7:1e:73:ce:6d:05:f4:e5:22:96:0d:99:d6:
89:a7:21:c5:e2:59:e3:93:c9:8e:5f:18:3a:c9:d6:
d1:77:4b:a2:ed:03:b5:82:fd:f1:cb:56:52:15:50:
6d:8d:c4:c5:e1:1b:72:20:31:f7:85:2f:f2:60:bc:
fa:21:51:70:ed:46:92:ee:b3:74:d9:b7:de:a5:fc:
3e:3a:0a:7d:c8:7b:72:a1:32:85:06:2e:26:e8:a2:
62:50:e4:d8:2b:e7:ee:7a:45:5f:23:05:52:37:3c:
3c:c3:26:7f:60:8f:29:3e:1c:f8:d7:23:7c:fd:7b:
73:22:8a:dd:81:df:e8:24:de:81:11:77:3d:5b:7e:
40:0e:a0:8d:50:67:57:69:87:d2:d1:f3:31:c2:04:
08:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:89:86:DA:90:7D:8F:87:09:94:7D:97:99:77:62:A2:11:70:73:DB
X509v3 Authority Key Identifier:
keyid:AB:30:92:1D:28:C7:8E:DE:81:84:2F:71:2E:6C:F7:2B:DE:5A:60:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qzCSHSjHjt6BhC9xLmz3K95aYIA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3cd7ff-20d2-4cec-aeca-354399724b1e/1/LYmG2pB9j4cJlH2XmXdiohFwc9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3cd7ff-20d2-4cec-aeca-354399724b1e/1/qzCSHSjHjt6BhC9xLmz3K95aYIA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.1.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:35:31:51:ce:ae:6b:1c:42:33:58:ef:26:cb:d0:af:af:da:
99:71:7c:06:66:da:ae:bc:45:97:50:fa:b5:ef:fd:ec:95:ee:
89:3c:e9:ec:88:59:f9:77:25:40:a6:d3:4c:95:44:a7:b3:35:
a8:5c:74:5c:48:58:86:34:c3:61:70:04:1f:d1:d9:e8:a8:da:
4f:3d:f7:68:6a:61:64:71:ce:57:30:6e:29:d4:e8:1e:b6:98:
44:35:2b:37:eb:77:ef:91:1d:98:c2:e7:bf:1c:b1:c6:60:f3:
16:71:35:b7:1d:b3:5c:8b:0b:19:98:89:e2:d3:a8:18:eb:53:
0a:4f:83:55:ab:09:6e:06:ba:5a:05:6c:06:80:eb:b4:cf:c7:
04:c9:05:0e:60:fd:2c:21:58:4c:83:a4:62:fb:cd:a6:20:16:
c6:b7:32:64:4a:5f:50:43:85:2a:38:25:85:25:92:e7:1d:5c:
27:0b:14:bc:8f:02:dc:74:e6:c4:4f:94:5b:7d:4f:17:ea:e1:
4b:a4:47:e0:b7:7f:c1:03:d4:6b:d3:84:60:13:c5:f4:af:4c:
66:17:ea:ab:ab:50:99:0f:0b:a7:b8:49:a0:1c:19:fa:01:ac:
e3:4e:06:13:2e:e5:de:ac:89:40:8d:23:cc:77:39:ab:04:cd:
aa:be:9a:bc
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAe7x/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjMwOTIxZDI4Yzc4ZWRlODE4NDJmNzEyZTZjZjcyYmRlNWE2MDgwMB4XDTIyMDEw
MTAzNTMxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmQ4OTg2ZGE5MDdk
OGY4NzA5OTQ3ZDk3OTk3NzYyYTIxMTcwNzNkYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANA5qfUhPwKlzH6J5MiY0O4A+0FBbIowB6tJhvQREkzLmGcV
pZBEOKnQnJyf7EMm1qz/nKmUapyRarh0EfuLRjP5v0I2AEnUjflBPYAdAJ0CFA21
xq7BJrQrz4lY89hzXVWiqwcDiqkqfk2nHnPObQX05SKWDZnWiachxeJZ45PJjl8Y
OsnW0XdLou0DtYL98ctWUhVQbY3ExeEbciAx94Uv8mC8+iFRcO1Gku6zdNm33qX8
PjoKfch7cqEyhQYuJuiiYlDk2Cvn7npFXyMFUjc8PMMmf2CPKT4c+NcjfP17cyKK
3YHf6CTegRF3PVt+QA6gjVBnV2mH0tHzMcIECCUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQtiYbakH2PhwmUfZeZd2KiEXBz2zAfBgNVHSMEGDAWgBSrMJIdKMeO3oGE
L3EubPcr3lpggDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3F6Q1NIU2pIanQ2QmhDOXhMbXozSzk1YVlJQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvM2NkN2ZmLTIwZDItNGNlYy1hZWNhLTM1NDM5OTcyNGIxZS8x
L0xZbUcycEI5ajRjSmxIMlhtWGRpb2hGd2M5cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
M2NkN2ZmLTIwZDItNGNlYy1hZWNhLTM1NDM5OTcyNGIxZS8xL3F6Q1NIU2pIanQ2
QmhDOXhMbXozSzk1YVlJQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAWVATANBgkqhkiG9w0BAQsFAAOC
AQEASjUxUc6uaxxCM1jvJsvQr6/amXF8BmbarrxFl1D6te/97JXuiTzp7IhZ+Xcl
QKbTTJVEp7M1qFx0XEhYhjTDYXAEH9HZ6KjaTz33aGphZHHOVzBuKdToHraYRDUr
N+t375EdmMLnvxyxxmDzFnE1tx2zXIsLGZiJ4tOoGOtTCk+DVasJbga6WgVsBoDr
tM/HBMkFDmD9LCFYTIOkYvvNpiAWxrcyZEpfUEOFKjglhSWS5x1cJwsUvI8C3HTm
xE+UW31PF+rhS6RH4Ld/wQPUa9OEYBPF9K9MZhfqq6tQmQ8Lp7hJoBwZ+gGs404G
Ey7l3qyJQI0jzHc5qwTNqr6avA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:10 2023 by rpki-client on console-ams.rpki-client.org