Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/9def86-b1ac-40e6-83bd-947cc54ebe02/1/4LUxKzUgjTzqOfPW9I6G0o9-kls.roa
File: 4LUxKzUgjTzqOfPW9I6G0o9-kls.roa (raw, json)
Hash identifier: s7BzWsGTmLmJDFE8wacPJe9xgqR58mZc+rBawGyT7HM=
Subject key identifier: E0:B5:31:2B:35:20:8D:3C:EA:39:F3:D6:F4:8E:86:D2:8F:7E:92:5B
Certificate issuer: /CN=61b3e1cab8cbf5b3c6e0fbbe1491f48da60cae6c
Certificate serial: 018572CCBDF2BFE2E5239C417E0664AED8E0
Authority key identifier: 61:B3:E1:CA:B8:CB:F5:B3:C6:E0:FB:BE:14:91:F4:8D:A6:0C:AE:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbPhyrjL9bPG4Pu-FJH0jaYMrmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/9def86-b1ac-40e6-83bd-947cc54ebe02/1/4LUxKzUgjTzqOfPW9I6G0o9-kls.roa
Signing time: Mon 02 Jan 2023 14:04:58 +0000
ROA not before: Mon 02 Jan 2023 14:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 159.60.0.0/20 maxlen: 24
159.60.192.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:bd:f2:bf:e2:e5:23:9c:41:7e:06:64:ae:d8:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b3e1cab8cbf5b3c6e0fbbe1491f48da60cae6c
Validity
Not Before: Jan 2 14:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0b5312b35208d3cea39f3d6f48e86d28f7e925b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:0d:04:a3:af:ff:7b:ba:d8:34:45:55:a6:3a:
bd:32:bc:32:3d:bf:95:c4:97:2d:f6:9e:81:9f:73:
ff:4c:4b:8c:91:61:af:f8:dc:b7:72:76:aa:48:a0:
c0:8a:63:68:66:f9:7d:7a:6d:2d:94:93:12:c3:1a:
24:3e:e3:33:9d:80:25:c1:7f:e4:88:2d:27:d4:16:
00:e2:44:3d:ed:0b:fc:a6:cf:6a:d9:37:41:53:ee:
0b:ff:0e:c3:37:ed:d0:b5:70:c9:8c:28:7c:46:ea:
b1:18:e6:34:0d:60:cd:54:9f:1c:f7:fb:c1:c7:23:
32:80:00:17:07:c8:2e:1c:f0:c2:3a:4f:65:71:31:
f9:be:8d:35:ef:e2:41:5b:5b:3f:6a:24:5e:0b:18:
f2:6c:8e:4e:0a:37:6b:19:52:bd:6d:5d:88:aa:2d:
0f:9e:f7:72:21:80:d6:b8:90:a1:64:c4:1e:b5:30:
42:72:45:53:e5:a6:e5:e6:d2:90:65:3c:1f:d3:da:
ab:ec:e4:84:66:dd:b7:4e:1d:a6:b7:96:fc:8f:9d:
86:68:97:59:df:42:ae:34:d4:5f:53:b4:39:21:83:
f3:3e:5d:2c:e3:41:27:28:da:19:15:fc:fd:1b:48:
b6:31:fe:fd:f3:69:bf:4f:52:f8:3c:11:bb:f6:96:
46:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:B5:31:2B:35:20:8D:3C:EA:39:F3:D6:F4:8E:86:D2:8F:7E:92:5B
X509v3 Authority Key Identifier:
keyid:61:B3:E1:CA:B8:CB:F5:B3:C6:E0:FB:BE:14:91:F4:8D:A6:0C:AE:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbPhyrjL9bPG4Pu-FJH0jaYMrmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/9def86-b1ac-40e6-83bd-947cc54ebe02/1/4LUxKzUgjTzqOfPW9I6G0o9-kls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/9def86-b1ac-40e6-83bd-947cc54ebe02/1/YbPhyrjL9bPG4Pu-FJH0jaYMrmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.60.0.0/20
159.60.192.0/18
Signature Algorithm: sha256WithRSAEncryption
8f:24:ca:fe:b7:ca:08:0a:c2:8d:02:1c:a6:70:ea:6a:e9:8e:
4f:ac:31:65:87:d6:d8:89:01:04:ff:4a:6b:40:ef:da:7b:1f:
34:4f:95:38:b6:59:15:46:a1:51:8f:c9:39:89:62:99:97:4f:
66:17:ef:43:b9:bb:7e:d9:f4:b2:b7:c9:69:de:02:c9:f0:74:
91:8f:a0:7e:7e:0a:d4:cf:16:ab:4e:9f:1b:0c:3e:40:9f:b9:
8f:30:76:24:9c:7d:4e:e8:0b:2a:f1:58:e6:d4:21:c1:10:cd:
e1:fc:f8:63:98:50:b5:63:3b:fe:e7:7a:a6:d8:d8:49:68:58:
35:5b:a3:15:77:94:25:a5:44:0a:cd:03:6f:a3:54:a4:35:51:
5b:9c:fe:de:93:69:d9:3d:f0:ec:da:37:84:d7:d1:ff:09:ef:
48:d5:c8:49:73:94:63:9b:53:a9:e6:94:b6:3a:a0:c6:f1:1b:
d5:1f:2e:9a:50:0a:07:cb:0b:e4:1b:88:ab:73:9d:cb:56:a8:
87:46:08:f1:45:98:d0:44:bf:92:1d:64:45:35:3f:22:c0:4e:
ba:6c:9f:ea:6d:0a:3c:99:01:e3:c7:b7:f3:62:2a:06:65:7d:
0e:56:02:6e:e3:3d:1d:a5:13:6c:d8:c3:ef:61:a3:fa:5a:61:
fb:3d:68:cf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyzL3yv+LlI5xBfgZkrtjgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYjNlMWNhYjhjYmY1YjNjNmUwZmJiZTE0OTFmNDhkYTYw
Y2FlNmMwHhcNMjMwMTAyMTQwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGI1MzEyYjM1MjA4ZDNjZWEzOWYzZDZmNDhlODZkMjhmN2U5MjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQ0Eo6//e7rYNEVVpjq9MrwyPb+V
xJct9p6Bn3P/TEuMkWGv+Ny3cnaqSKDAimNoZvl9em0tlJMSwxokPuMznYAlwX/k
iC0n1BYA4kQ97Qv8ps9q2TdBU+4L/w7DN+3QtXDJjCh8RuqxGOY0DWDNVJ8c9/vB
xyMygAAXB8guHPDCOk9lcTH5vo017+JBW1s/aiReCxjybI5OCjdrGVK9bV2Iqi0P
nvdyIYDWuJChZMQetTBCckVT5abl5tKQZTwf09qr7OSEZt23Th2mt5b8j52GaJdZ
30KuNNRfU7Q5IYPzPl0s40EnKNoZFfz9G0i2Mf7982m/T1L4PBG79pZGawIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOC1MSs1II086jnz1vSOhtKPfpJbMB8GA1UdIwQY
MBaAFGGz4cq4y/WzxuD7vhSR9I2mDK5sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWJQaHlyakw5YlBHNFB1LUZKSDBqYVlNcm13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi85ZGVmODYtYjFhYy00MGU2LTgzYmQt
OTQ3Y2M1NGViZTAyLzEvNExVeEt6VWdqVHpxT2ZQVzlJNkcwbzkta2xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi85ZGVmODYtYjFhYy00MGU2LTgzYmQtOTQ3Y2M1NGViZTAy
LzEvWWJQaHlyakw5YlBHNFB1LUZKSDBqYVlNcm13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEnzwAAwQG
nzzAMA0GCSqGSIb3DQEBCwUAA4IBAQCPJMr+t8oICsKNAhymcOpq6Y5PrDFlh9bY
iQEE/0prQO/aex80T5U4tlkVRqFRj8k5iWKZl09mF+9Dubt+2fSyt8lp3gLJ8HSR
j6B+fgrUzxarTp8bDD5An7mPMHYknH1O6Asq8Vjm1CHBEM3h/PhjmFC1Yzv+53qm
2NhJaFg1W6MVd5QlpUQKzQNvo1SkNVFbnP7ek2nZPfDs2jeE19H/Ce9I1chJc5Rj
m1Op5pS2OqDG8RvVHy6aUAoHywvkG4irc53LVqiHRgjxRZjQRL+SHWRFNT8iwE66
bJ/qbQo8mQHjx7fzYioGZX0OVgJu4z0dpRNs2MPvYaP6WmH7PWjP
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:12 2025 by rpki-client