Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/hgtfcaoPq0n8kAAd4A_WC-qkR3k.roa
File: hgtfcaoPq0n8kAAd4A_WC-qkR3k.roa (raw, json)
Hash identifier: Lmz12HXo7aqWd3W2kQyresYUTstRfkW4Aiute/UcTpk=
Subject key identifier: 86:0B:5F:71:AA:0F:AB:49:FC:90:00:1D:E0:0F:D6:0B:EA:A4:47:79
Certificate issuer: /CN=4dd954d3c77c9c4e37eebf753d86f3dcf091d4a9
Certificate serial: 069F8EA1
Authority key identifier: 4D:D9:54:D3:C7:7C:9C:4E:37:EE:BF:75:3D:86:F3:DC:F0:91:D4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TdlU08d8nE437r91PYbz3PCR1Kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/hgtfcaoPq0n8kAAd4A_WC-qkR3k.roa
Signing time: Wed 18 May 2022 21:28:16 +0000
ROA not before: Wed 18 May 2022 21:28:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33657
IP address blocks: 159.197.144.0/20 maxlen: 24
159.197.160.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 111120033 (0x69f8ea1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd954d3c77c9c4e37eebf753d86f3dcf091d4a9
Validity
Not Before: May 18 21:28:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=860b5f71aa0fab49fc90001de00fd60beaa44779
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a2:11:c6:18:fd:3b:5f:35:1f:e5:c1:b6:86:
7a:56:5d:5a:21:37:be:fd:85:1f:de:d9:df:63:83:
eb:01:79:78:8b:88:29:2a:f1:e8:56:1e:8f:3e:47:
59:be:bf:fe:b4:d5:d4:5f:c8:fe:02:e5:df:b4:f3:
17:02:88:92:ca:0d:0f:79:92:da:2f:75:13:d8:f5:
79:e0:9a:52:cf:2e:43:5f:5a:b6:b9:fe:20:c9:83:
d9:be:dc:b3:c2:f0:a6:ac:0e:e2:c9:37:c1:c5:a3:
9d:cf:f6:08:4a:18:1e:bb:d8:44:87:50:6e:d5:df:
dc:b7:27:d3:0a:43:58:9f:d7:c6:9c:16:3a:78:b2:
be:3a:d5:22:ed:e1:47:12:e1:6d:dd:86:0c:f8:05:
42:7b:81:45:cc:77:80:0d:c7:23:1e:11:17:72:75:
2e:11:28:73:ca:1d:c0:ed:6b:4c:f4:ed:37:0c:8f:
a1:26:b8:4d:16:64:1a:07:57:8b:26:d4:10:ab:c2:
86:20:a3:ff:a6:c9:3f:9b:35:74:41:59:9c:e8:85:
89:1f:20:03:12:ab:b3:c2:a3:de:bb:25:94:60:ad:
89:9e:0d:df:a0:ff:2b:e8:83:b8:97:ee:c3:a9:4a:
29:9d:ce:46:a6:18:93:04:b9:e5:52:95:74:56:4b:
d1:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:0B:5F:71:AA:0F:AB:49:FC:90:00:1D:E0:0F:D6:0B:EA:A4:47:79
X509v3 Authority Key Identifier:
keyid:4D:D9:54:D3:C7:7C:9C:4E:37:EE:BF:75:3D:86:F3:DC:F0:91:D4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdlU08d8nE437r91PYbz3PCR1Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/hgtfcaoPq0n8kAAd4A_WC-qkR3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/TdlU08d8nE437r91PYbz3PCR1Kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.197.144.0-159.197.191.255
Signature Algorithm: sha256WithRSAEncryption
0f:22:56:b8:5d:63:aa:ce:1c:96:6c:3a:a1:9b:cf:a8:ea:45:
a4:86:45:03:3d:ba:52:83:86:d8:2d:23:b7:f5:ba:87:b8:b7:
42:f9:63:1b:94:6b:68:8a:61:e1:aa:37:e6:e2:15:72:90:cf:
a3:19:15:83:23:e5:be:52:fc:5d:d2:69:a3:1d:51:b2:5d:71:
7a:c4:12:be:02:89:37:48:3d:41:12:38:42:a5:5d:61:17:ff:
67:69:78:8f:13:bb:c9:30:f3:22:92:bb:09:5b:a5:24:11:57:
a8:64:7f:d5:85:63:c7:94:c8:e0:b1:e7:6c:71:34:1e:87:56:
ec:9e:b3:4c:4c:f4:17:c4:ea:16:da:42:a2:9d:22:19:28:41:
d3:6a:27:91:2f:52:22:9b:91:c8:95:8e:19:3d:fb:27:e1:ab:
7f:c2:85:94:cd:f8:9e:08:7b:2c:5b:a7:b9:5f:48:e6:7b:e2:
f4:6a:0d:83:6b:cc:37:bf:1a:7e:59:d8:0a:27:20:0f:e3:63:
ea:03:4c:26:65:3d:5c:b5:2b:15:3e:bb:f2:50:3b:e0:c6:78:
dd:b4:20:e9:ba:f2:d7:3d:41:10:6e:f1:c3:d3:d4:db:e4:46:
45:34:1c:93:6b:38:eb:a5:6a:7c:a9:79:71:c0:0e:25:d5:f4:
8d:ba:12:62
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEBp+OoTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZGQ5NTRkM2M3N2M5YzRlMzdlZWJmNzUzZDg2ZjNkY2YwOTFkNGE5MB4XDTIyMDUx
ODIxMjgxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODYwYjVmNzFhYTBm
YWI0OWZjOTAwMDFkZTAwZmQ2MGJlYWE0NDc3OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK6iEcYY/TtfNR/lwbaGelZdWiE3vv2FH97Z32OD6wF5eIuI
KSrx6FYejz5HWb6//rTV1F/I/gLl37TzFwKIksoND3mS2i91E9j1eeCaUs8uQ19a
trn+IMmD2b7cs8LwpqwO4sk3wcWjnc/2CEoYHrvYRIdQbtXf3Lcn0wpDWJ/XxpwW
OniyvjrVIu3hRxLhbd2GDPgFQnuBRcx3gA3HIx4RF3J1LhEoc8odwO1rTPTtNwyP
oSa4TRZkGgdXiybUEKvChiCj/6bJP5s1dEFZnOiFiR8gAxKrs8Kj3rsllGCtiZ4N
36D/K+iDuJfuw6lKKZ3ORqYYkwS55VKVdFZL0T8CAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBSGC19xqg+rSfyQAB3gD9YL6qRHeTAfBgNVHSMEGDAWgBRN2VTTx3ycTjfu
v3U9hvPc8JHUqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RkbFUwOGQ4bkU0MzdyOTFQWWJ6M1BDUjFLay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWQvN2EyYTk5LTE0NmMtNDc4MS1hMzAyLWViN2FhYTY4MjhiZS8x
L2hndGZjYW9QcTBuOGtBQWQ0QV9XQy1xa1Izay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWQv
N2EyYTk5LTE0NmMtNDc4MS1hMzAyLWViN2FhYTY4MjhiZS8xL1RkbFUwOGQ4bkU0
MzdyOTFQWWJ6M1BDUjFLay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQEn8WQAwQGn8WAMA0GCSqGSIb3
DQEBCwUAA4IBAQAPIla4XWOqzhyWbDqhm8+o6kWkhkUDPbpSg4bYLSO39bqHuLdC
+WMblGtoimHhqjfm4hVykM+jGRWDI+W+Uvxd0mmjHVGyXXF6xBK+Aok3SD1BEjhC
pV1hF/9naXiPE7vJMPMikrsJW6UkEVeoZH/VhWPHlMjgsedscTQeh1bsnrNMTPQX
xOoW2kKinSIZKEHTaieRL1Iim5HIlY4ZPfsn4at/woWUzfieCHssW6e5X0jme+L0
ag2Da8w3vxp+WdgKJyAP42PqA0wmZT1ctSsVPrvyUDvgxnjdtCDpuvLXPUEQbvHD
09Tb5EZFNByTazjrpWp8qXlxwA4l1fSNuhJi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:14 2024 by rpki-client on console-ams.rpki-client.org