Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/218dcb-d097-41fd-8f82-d6d3422baec8/1/iS6laxidT7ylKK_CpypOr8tkgZU.roa
File: iS6laxidT7ylKK_CpypOr8tkgZU.roa (raw, json)
Hash identifier: Mk34VM+z3jtSOJewinXPcDgKtP+GRUo5/7buumPlRUE=
Subject key identifier: 89:2E:A5:6B:18:9D:4F:BC:A5:28:AF:C2:A7:2A:4E:AF:CB:64:81:95
Certificate issuer: /CN=d89b6a1097b1f251f95c56da4e4aa311b9470bff
Certificate serial: 1513A165
Authority key identifier: D8:9B:6A:10:97:B1:F2:51:F9:5C:56:DA:4E:4A:A3:11:B9:47:0B:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2JtqEJex8lH5XFbaTkqjEblHC_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/218dcb-d097-41fd-8f82-d6d3422baec8/1/iS6laxidT7ylKK_CpypOr8tkgZU.roa
Signing time: Sat 01 Jan 2022 05:02:52 +0000
ROA not before: Sat 01 Jan 2022 05:02:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 137
IP address blocks: 159.149.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 353608037 (0x1513a165)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d89b6a1097b1f251f95c56da4e4aa311b9470bff
Validity
Not Before: Jan 1 05:02:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=892ea56b189d4fbca528afc2a72a4eafcb648195
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:20:50:e4:41:17:82:1c:8d:2e:33:9a:66:ee:
db:88:6b:3d:ae:cc:f2:14:ed:85:ef:47:76:61:45:
85:5f:68:4b:a3:b5:c1:0a:65:7f:5b:87:7d:7c:3a:
f3:3d:98:3a:82:7f:42:06:01:9a:ec:35:b1:34:e9:
de:e1:a8:fa:be:37:3f:aa:b2:35:e3:29:50:95:88:
59:b5:fe:30:8a:0b:ca:b4:c4:c4:c8:4f:00:6b:94:
61:77:d8:4c:2a:1f:12:12:42:16:6e:b6:81:c4:0e:
e9:0a:d5:96:e7:15:e1:bc:93:ae:dd:70:08:4e:23:
80:3e:a3:15:73:c0:57:06:7e:44:b7:02:27:23:e1:
3f:04:d9:9b:0f:05:70:c4:0c:03:0b:22:be:ad:9f:
54:c8:df:ca:3c:e6:27:57:cf:bc:48:50:12:34:92:
0b:52:f6:dc:2f:27:94:e8:d2:7d:e1:ba:64:b4:ab:
bf:5f:5d:94:df:2f:bd:44:ca:6a:17:fc:67:ab:97:
3d:dd:12:da:5e:d9:99:bd:cb:82:84:3d:d4:57:a6:
5a:a4:78:c8:f9:b8:76:bd:c5:fb:e7:f5:2b:e5:3d:
20:c6:2c:f4:ee:a9:b2:d1:77:5e:1e:48:b4:79:54:
a5:0b:ed:ef:0b:53:f8:51:c9:97:b9:14:a4:2d:a7:
4c:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:2E:A5:6B:18:9D:4F:BC:A5:28:AF:C2:A7:2A:4E:AF:CB:64:81:95
X509v3 Authority Key Identifier:
keyid:D8:9B:6A:10:97:B1:F2:51:F9:5C:56:DA:4E:4A:A3:11:B9:47:0B:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2JtqEJex8lH5XFbaTkqjEblHC_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/218dcb-d097-41fd-8f82-d6d3422baec8/1/iS6laxidT7ylKK_CpypOr8tkgZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/218dcb-d097-41fd-8f82-d6d3422baec8/1/2JtqEJex8lH5XFbaTkqjEblHC_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.149.0.0/16
Signature Algorithm: sha256WithRSAEncryption
30:6d:ff:4a:00:49:a6:1f:c5:a0:22:71:d3:e5:ac:d8:45:9f:
e7:71:b3:3f:a7:c1:65:a6:9e:64:b0:ab:68:f6:6e:ac:fa:a3:
09:6e:1f:8f:6b:e4:b6:65:d1:06:4d:2a:a9:c8:20:a1:5c:0d:
ca:45:3d:b3:01:87:ac:5e:95:3d:03:ae:9c:57:53:43:f5:85:
d9:bb:cb:f9:40:ec:db:80:36:44:16:60:f3:83:0e:b4:dd:a1:
49:5e:61:85:b1:e1:22:93:41:c8:2a:38:ba:ec:8f:24:a3:88:
c5:6e:ca:f4:05:c5:f7:ff:96:aa:39:42:b9:2a:1a:33:4e:5c:
17:77:a7:3c:f3:5f:30:94:ed:7e:cb:22:02:7d:33:4e:3e:9e:
b4:79:91:cf:e4:5e:68:17:9d:83:46:7a:43:23:73:be:ef:74:
fc:ec:8b:c7:94:0d:b7:86:dc:e1:9f:3a:6e:e2:ce:b8:a6:bd:
18:c6:13:a9:74:7d:0a:a3:fe:e3:d2:78:7d:61:2b:1d:ea:8f:
b1:ae:cd:48:af:6a:30:4e:6f:7f:b4:20:2e:f9:d3:ea:cb:ad:
b9:a6:e9:ae:0d:83:99:ab:3d:73:4c:d1:4f:97:91:f3:32:7e:
81:99:d5:85:de:0c:e4:07:76:66:0f:40:89:ac:b8:a3:3b:97:
67:fb:34:1a
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIEFROhZTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ODliNmExMDk3YjFmMjUxZjk1YzU2ZGE0ZTRhYTMxMWI5NDcwYmZmMB4XDTIyMDEw
MTA1MDI1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODkyZWE1NmIxODlk
NGZiY2E1MjhhZmMyYTcyYTRlYWZjYjY0ODE5NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALogUORBF4IcjS4zmmbu24hrPa7M8hTthe9HdmFFhV9oS6O1
wQplf1uHfXw68z2YOoJ/QgYBmuw1sTTp3uGo+r43P6qyNeMpUJWIWbX+MIoLyrTE
xMhPAGuUYXfYTCofEhJCFm62gcQO6QrVlucV4byTrt1wCE4jgD6jFXPAVwZ+RLcC
JyPhPwTZmw8FcMQMAwsivq2fVMjfyjzmJ1fPvEhQEjSSC1L23C8nlOjSfeG6ZLSr
v19dlN8vvUTKahf8Z6uXPd0S2l7Zmb3LgoQ91FemWqR4yPm4dr3F++f1K+U9IMYs
9O6pstF3Xh5ItHlUpQvt7wtT+FHJl7kUpC2nTD8CAwEAAaOCAggwggIEMB0GA1Ud
DgQWBBSJLqVrGJ1PvKUor8KnKk6vy2SBlTAfBgNVHSMEGDAWgBTYm2oQl7HyUflc
VtpOSqMRuUcL/zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJKdHFFSmV4OGxINVhGYmFUa3FqRWJsSENfOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvMjE4ZGNiLWQwOTctNDFmZC04ZjgyLWQ2ZDM0MjJiYWVjOC8x
L2lTNmxheGlkVDd5bEtLX0NweXBPcjh0a2daVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
MjE4ZGNiLWQwOTctNDFmZC04ZjgyLWQ2ZDM0MjJiYWVjOC8xLzJKdHFFSmV4OGxI
NVhGYmFUa3FqRWJsSENfOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAe
BggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ+VMA0GCSqGSIb3DQEBCwUAA4IB
AQAwbf9KAEmmH8WgInHT5azYRZ/ncbM/p8Flpp5ksKto9m6s+qMJbh+Pa+S2ZdEG
TSqpyCChXA3KRT2zAYesXpU9A66cV1ND9YXZu8v5QOzbgDZEFmDzgw603aFJXmGF
seEik0HIKji67I8ko4jFbsr0BcX3/5aqOUK5KhozTlwXd6c8818wlO1+yyICfTNO
Pp60eZHP5F5oF52DRnpDI3O+73T87IvHlA23htzhnzpu4s64pr0YxhOpdH0Ko/7j
0nh9YSsd6o+xrs1Ir2owTm9/tCAu+dPqy625pumuDYOZqz1zTNFPl5HzMn6BmdWF
3gzkB3ZmD0CJrLijO5dn+zQa
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:30 2023 by rpki-client on console-fra.rpki-client.org