Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/62001a-a313-4e33-bb04-914b4b34f981/1/lXKfPgw_vlJ7yGZGFUgo3yZci7g.roa
File: lXKfPgw_vlJ7yGZGFUgo3yZci7g.roa (raw, json)
Hash identifier: zpnblhwuTdEgJB8+Yyyj6oSwU8w64axfMHcwPzhd2p4=
Subject key identifier: 95:72:9F:3E:0C:3F:BE:52:7B:C8:66:46:15:48:28:DF:26:5C:8B:B8
Certificate issuer: /CN=970ebd0469a5c69c1098971caab36fe032ece311
Certificate serial: 0A223B16
Authority key identifier: 97:0E:BD:04:69:A5:C6:9C:10:98:97:1C:AA:B3:6F:E0:32:EC:E3:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lw69BGmlxpwQmJccqrNv4DLs4xE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/62001a-a313-4e33-bb04-914b4b34f981/1/lXKfPgw_vlJ7yGZGFUgo3yZci7g.roa
Signing time: Sat 01 Jan 2022 06:53:14 +0000
ROA not before: Sat 01 Jan 2022 06:53:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 786
IP address blocks: 149.157.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 170015510 (0xa223b16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=970ebd0469a5c69c1098971caab36fe032ece311
Validity
Not Before: Jan 1 06:53:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=95729f3e0c3fbe527bc86646154828df265c8bb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:b2:ee:5b:ff:ba:73:b7:e1:44:6e:57:1c:fc:
36:a4:76:d5:0c:a8:d4:77:2c:42:d9:24:0b:9b:bf:
d1:33:a0:cc:47:19:46:93:39:50:b7:31:f2:ac:0e:
4d:a6:f4:de:d5:44:5d:05:42:a4:0a:77:c1:da:78:
13:a8:33:4f:28:b3:98:12:de:24:97:0d:a9:e2:28:
f1:9a:47:b4:98:f6:ea:fa:25:08:21:ac:af:55:8b:
bf:25:c5:31:e6:56:f1:75:27:95:a7:ad:37:bb:03:
ff:8c:25:ff:31:f8:27:14:49:fe:17:10:44:50:76:
a5:75:0e:74:90:31:d0:f6:ac:60:df:be:d3:9e:12:
50:88:9f:67:92:10:9b:e0:21:10:7f:cf:ae:a9:39:
31:73:6a:97:3c:5e:df:d9:3d:13:9f:c3:f5:8f:d3:
85:72:ce:18:79:ec:e1:32:87:6a:5b:ea:d1:1f:15:
18:9e:63:88:a4:6f:06:2f:ed:a0:01:a0:78:0d:08:
fd:54:91:63:79:6d:f9:d7:5a:4b:28:c0:49:5a:39:
31:4c:e4:0c:1e:49:c9:05:1c:6c:49:c6:a3:c4:b8:
a8:65:f1:2b:fc:ca:4e:c1:b6:73:fd:10:21:d9:ec:
e3:44:69:ec:51:c6:c0:5c:7a:ed:d0:df:0f:1c:00:
92:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:72:9F:3E:0C:3F:BE:52:7B:C8:66:46:15:48:28:DF:26:5C:8B:B8
X509v3 Authority Key Identifier:
keyid:97:0E:BD:04:69:A5:C6:9C:10:98:97:1C:AA:B3:6F:E0:32:EC:E3:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lw69BGmlxpwQmJccqrNv4DLs4xE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/62001a-a313-4e33-bb04-914b4b34f981/1/lXKfPgw_vlJ7yGZGFUgo3yZci7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/62001a-a313-4e33-bb04-914b4b34f981/1/lw69BGmlxpwQmJccqrNv4DLs4xE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.157.0.0/16
Signature Algorithm: sha256WithRSAEncryption
33:b0:1b:d6:b2:87:92:d6:7b:69:ed:99:d0:62:e3:b3:ef:46:
d7:7a:52:c4:a3:e3:cb:ee:f3:60:1e:c3:c1:f6:89:09:08:d2:
3d:f0:2c:dd:d2:10:56:12:e7:22:a1:b0:dd:53:35:e8:6a:87:
12:79:1e:f0:2c:bb:1b:f7:38:06:81:2e:23:ea:63:94:46:17:
11:38:57:db:de:6d:7a:89:44:aa:81:66:d5:31:66:80:17:57:
d1:bc:18:f4:e4:00:9d:ad:06:4f:20:5f:38:d3:1b:2a:0f:4c:
5c:9f:ae:d1:7f:59:8c:36:2f:fa:01:67:6a:e3:28:00:22:c8:
cf:0e:f2:61:62:8e:93:fb:d1:02:82:32:90:c6:c0:d1:b1:72:
d1:b7:72:de:22:90:4d:60:ab:e4:68:9e:f3:a9:44:4d:8f:8a:
71:fe:ff:0e:ec:de:06:d8:1b:80:6a:e9:57:8f:83:21:44:a9:
f6:7d:48:39:92:97:e1:54:14:6a:b8:e5:28:56:77:c7:6e:7b:
d8:c4:97:a5:63:a3:7e:82:30:56:d7:e6:f0:4e:34:3a:29:50:
2f:c1:43:c2:8d:63:2b:e7:dc:73:29:7a:fb:32:f2:5f:61:43:
79:34:0f:9d:24:5e:6b:ed:79:75:33:f4:25:20:6e:b0:b8:ed:
36:d4:cb:0b
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIECiI7FjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NzBlYmQwNDY5YTVjNjljMTA5ODk3MWNhYWIzNmZlMDMyZWNlMzExMB4XDTIyMDEw
MTA2NTMxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTU3MjlmM2UwYzNm
YmU1MjdiYzg2NjQ2MTU0ODI4ZGYyNjVjOGJiODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO+y7lv/unO34URuVxz8NqR21Qyo1HcsQtkkC5u/0TOgzEcZ
RpM5ULcx8qwOTab03tVEXQVCpAp3wdp4E6gzTyizmBLeJJcNqeIo8ZpHtJj26vol
CCGsr1WLvyXFMeZW8XUnlaetN7sD/4wl/zH4JxRJ/hcQRFB2pXUOdJAx0PasYN++
054SUIifZ5IQm+AhEH/Prqk5MXNqlzxe39k9E5/D9Y/ThXLOGHns4TKHalvq0R8V
GJ5jiKRvBi/toAGgeA0I/VSRY3lt+ddaSyjASVo5MUzkDB5JyQUcbEnGo8S4qGXx
K/zKTsG2c/0QIdns40Rp7FHGwFx67dDfDxwAkiECAwEAAaOCAggwggIEMB0GA1Ud
DgQWBBSVcp8+DD++UnvIZkYVSCjfJlyLuDAfBgNVHSMEGDAWgBSXDr0EaaXGnBCY
lxyqs2/gMuzjETAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2x3NjlCR21seHB3UW1KY2Nxck52NERMczR4RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2UvNjIwMDFhLWEzMTMtNGUzMy1iYjA0LTkxNGI0YjM0Zjk4MS8x
L2xYS2ZQZ3dfdmxKN3lHWkdGVWdvM3laY2k3Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Uv
NjIwMDFhLWEzMTMtNGUzMy1iYjA0LTkxNGI0YjM0Zjk4MS8xL2x3NjlCR21seHB3
UW1KY2Nxck52NERMczR4RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAe
BggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJWdMA0GCSqGSIb3DQEBCwUAA4IB
AQAzsBvWsoeS1ntp7ZnQYuOz70bXelLEo+PL7vNgHsPB9okJCNI98Czd0hBWEuci
obDdUzXoaocSeR7wLLsb9zgGgS4j6mOURhcROFfb3m16iUSqgWbVMWaAF1fRvBj0
5ACdrQZPIF840xsqD0xcn67Rf1mMNi/6AWdq4ygAIsjPDvJhYo6T+9ECgjKQxsDR
sXLRt3LeIpBNYKvkaJ7zqURNj4px/v8O7N4G2BuAaulXj4MhRKn2fUg5kpfhVBRq
uOUoVnfHbnvYxJelY6N+gjBW1+bwTjQ6KVAvwUPCjWMr59xzKXr7MvJfYUN5NA+d
JF5r7Xl1M/QlIG6wuO021MsL
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:07 2023 by rpki-client on console-ams.rpki-client.org