Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/k7hPmnhkvNs-3bX9VObo2-BtHoY.roa
File: k7hPmnhkvNs-3bX9VObo2-BtHoY.roa (raw, json)
Hash identifier: CGUf8m5Mc1BYswVhAkdN6avx2bmVVs+MERP24JE7ryw=
Subject key identifier: 93:B8:4F:9A:78:64:BC:DB:3E:DD:B5:FD:54:E6:E8:DB:E0:6D:1E:86
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 1BE05048
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/k7hPmnhkvNs-3bX9VObo2-BtHoY.roa
Signing time: Fri 29 Apr 2022 08:49:36 +0000
ROA not before: Fri 29 Apr 2022 08:49:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211634
IP address blocks: 85.153.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 467685448 (0x1be05048)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Apr 29 08:49:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=93b84f9a7864bcdb3eddb5fd54e6e8dbe06d1e86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ea:ff:95:42:4e:ed:8e:9c:ef:14:4c:e9:f6:
64:aa:39:28:83:dc:79:19:86:ed:28:d3:af:9f:23:
cd:ed:ff:d6:fb:01:d4:29:20:ff:c0:5d:fd:9a:e0:
a1:af:be:c6:86:df:cc:51:94:cd:91:d6:6d:16:6c:
ec:e7:6b:64:f3:93:62:1f:74:66:07:28:b0:ee:67:
1c:46:45:a8:ed:8d:d1:b2:06:69:27:1a:57:78:cf:
34:ea:5f:72:42:19:c1:3d:a1:85:d8:ab:f6:76:de:
0a:5f:98:c2:ee:d1:a1:82:c2:c6:e6:c1:71:d2:44:
11:a9:54:b0:ba:74:c5:56:c4:85:e1:45:6f:4c:90:
18:33:ad:2b:e4:80:71:c8:db:aa:ce:d5:a6:ed:a8:
23:e3:1f:6b:8a:95:84:a7:18:b8:94:ac:df:3a:0f:
7a:c8:73:74:af:99:0d:69:99:b2:54:49:de:27:79:
3f:bf:4d:aa:16:a4:b7:b3:73:2f:d7:9a:62:87:73:
04:11:36:80:73:0e:96:50:30:f6:35:1e:ae:6b:90:
29:05:69:40:73:2f:4e:47:ec:2e:70:d1:23:cb:23:
f6:11:e3:37:8b:9d:0c:04:0c:df:b7:0b:00:2f:24:
7e:08:aa:0c:19:b9:b6:e4:4f:3f:aa:66:63:71:e4:
cd:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:B8:4F:9A:78:64:BC:DB:3E:DD:B5:FD:54:E6:E8:DB:E0:6D:1E:86
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/k7hPmnhkvNs-3bX9VObo2-BtHoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.153.159.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:21:86:b5:63:96:e8:3c:c3:d9:96:8b:1a:6d:4a:3a:70:e5:
f5:2b:bd:fb:1d:a1:0a:df:00:2f:00:26:0d:2a:71:df:40:7f:
99:3d:26:1d:14:f1:2a:7d:c5:78:e7:37:7a:1d:8f:c4:9d:7b:
56:5f:85:5f:e6:54:ca:a5:c9:15:25:a5:8c:20:51:23:58:64:
f7:14:34:59:e6:6d:01:76:85:8d:14:b7:08:48:ba:22:98:5c:
04:36:4c:82:39:31:5a:3b:39:6e:51:27:04:70:d2:6a:a9:53:
6e:94:56:db:01:2b:da:27:c0:dc:0b:64:28:48:6a:fa:03:a5:
82:b7:8c:42:89:bc:71:c2:bf:db:6f:51:72:91:e0:81:1d:f5:
91:38:11:79:25:b0:96:33:f8:39:99:50:db:6b:07:04:e9:59:
01:92:93:5b:c5:38:64:5a:6e:ff:a7:c0:57:8e:ff:f1:a6:03:
3b:d7:7a:4b:1f:2f:55:29:72:7c:64:5f:58:65:f8:ac:79:52:
67:4d:f0:53:fc:81:9c:b9:2c:b7:4b:55:5f:e6:b1:94:9a:4b:
ee:07:48:53:d5:c9:5d:c4:cb:74:ec:bf:43:8f:bf:62:5d:25:
b9:75:12:d9:f1:cc:38:d6:32:f7:5c:5c:85:cd:06:7c:3a:7e:
3d:c8:0a:ae
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEG+BQSDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZDU5YzQzMjNmNzY3Y2U0ZmZjODVkYWFkMjA4YjkwYzA0ZmJkM2U5MB4XDTIyMDQy
OTA4NDkzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTNiODRmOWE3ODY0
YmNkYjNlZGRiNWZkNTRlNmU4ZGJlMDZkMWU4NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL/q/5VCTu2OnO8UTOn2ZKo5KIPceRmG7SjTr58jze3/1vsB
1Ckg/8Bd/Zrgoa++xobfzFGUzZHWbRZs7OdrZPOTYh90ZgcosO5nHEZFqO2N0bIG
aScaV3jPNOpfckIZwT2hhdir9nbeCl+Ywu7RoYLCxubBcdJEEalUsLp0xVbEheFF
b0yQGDOtK+SAccjbqs7Vpu2oI+Mfa4qVhKcYuJSs3zoPeshzdK+ZDWmZslRJ3id5
P79Nqhakt7NzL9eaYodzBBE2gHMOllAw9jUermuQKQVpQHMvTkfsLnDRI8sj9hHj
N4udDAQM37cLAC8kfgiqDBm5tuRPP6pmY3HkzRUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSTuE+aeGS82z7dtf1U5ujb4G0ehjAfBgNVHSMEGDAWgBSNWcQyP3Z85P/I
XarSCLkMBPvT6TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pWbkVNajkyZk9UX3lGMnEwZ2k1REFUNzAtay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjYvZjA5ZWNmLWU4MDUtNDE1OC1iMzE1LWYyYmU5ZjZjNjY0Yy8x
L2s3aFBtbmhrdk5zLTNiWDlWT2JvMi1CdEhvWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYv
ZjA5ZWNmLWU4MDUtNDE1OC1iMzE1LWYyYmU5ZjZjNjY0Yy8xL2pWbkVNajkyZk9U
X3lGMnEwZ2k1REFUNzAtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFWZnzANBgkqhkiG9w0BAQsFAAOC
AQEAGyGGtWOW6DzD2ZaLGm1KOnDl9Su9+x2hCt8ALwAmDSpx30B/mT0mHRTxKn3F
eOc3eh2PxJ17Vl+FX+ZUyqXJFSWljCBRI1hk9xQ0WeZtAXaFjRS3CEi6IphcBDZM
gjkxWjs5blEnBHDSaqlTbpRW2wEr2ifA3AtkKEhq+gOlgreMQom8ccK/229RcpHg
gR31kTgReSWwljP4OZlQ22sHBOlZAZKTW8U4ZFpu/6fAV47/8aYDO9d6Sx8vVSly
fGRfWGX4rHlSZ03wU/yBnLkst0tVX+axlJpL7gdIU9XJXcTLdOy/Q4+/Yl0luXUS
2fHMONYy91xchc0GfDp+PcgKrg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:22 2024 by rpki-client on console-ams.rpki-client.org