Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/OZ4ebYshzjceOVcP6LYVJpYgbJY.roa
File: OZ4ebYshzjceOVcP6LYVJpYgbJY.roa (raw, json)
Hash identifier: /Rysl54kvAOQrnP+BV7Vomtkr43Ex/T3oPqsXWXVBZM=
Subject key identifier: 39:9E:1E:6D:8B:21:CE:37:1E:39:57:0F:E8:B6:15:26:96:20:6C:96
Certificate issuer: /CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Certificate serial: 08EE894D
Authority key identifier: EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/OZ4ebYshzjceOVcP6LYVJpYgbJY.roa
Signing time: Sat 01 Jan 2022 08:05:20 +0000
ROA not before: Sat 01 Jan 2022 08:05:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59709
IP address blocks: 151.252.198.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 149850445 (0x8ee894d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Validity
Not Before: Jan 1 08:05:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=399e1e6d8b21ce371e39570fe8b6152696206c96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:58:0f:e3:30:75:e0:20:75:70:9f:ae:84:19:
6c:ce:d6:24:61:af:9d:2c:47:99:ae:94:92:7d:5e:
1f:59:ff:1e:02:7a:6a:4f:29:16:f1:4c:46:33:aa:
42:07:8f:e6:5e:e3:9a:8c:33:99:76:e7:dd:e6:7f:
ff:84:ac:6c:b3:b9:12:6c:14:85:a9:62:30:05:fc:
d1:01:e1:ba:29:75:a0:59:de:f8:65:76:22:9f:c7:
ec:ea:d2:df:7a:ab:0d:f6:c6:72:c0:49:b4:6f:35:
2e:f6:f8:71:f1:ee:78:12:94:4b:7d:f6:2a:c9:35:
6c:bb:32:d9:70:0c:c4:87:09:43:ef:8c:df:15:2f:
24:95:04:43:04:4c:89:8d:c7:f1:33:d5:dd:6c:2b:
e1:9d:30:5b:a4:9d:cf:70:08:66:15:c8:01:58:9c:
88:2a:ae:b1:ee:f6:05:6a:b5:51:19:26:17:12:af:
a6:f5:2f:75:36:1d:19:75:2d:93:71:98:78:54:d2:
5c:7d:64:ba:87:f0:a1:59:c8:54:7c:f8:63:8b:4f:
80:c6:3d:c1:cd:7f:38:74:9e:d0:ef:c5:0c:f0:39:
a6:09:ac:af:8f:18:ba:a0:96:71:b8:70:4f:79:2f:
5e:c5:4f:5e:ac:5f:eb:32:86:20:29:65:43:ca:f3:
fc:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:9E:1E:6D:8B:21:CE:37:1E:39:57:0F:E8:B6:15:26:96:20:6C:96
X509v3 Authority Key Identifier:
keyid:EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/OZ4ebYshzjceOVcP6LYVJpYgbJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.252.198.0/24
Signature Algorithm: sha256WithRSAEncryption
33:0a:ee:cb:d2:b1:8a:27:74:9b:5d:e0:20:77:36:d6:cd:d3:
b5:8b:de:e7:a9:4e:1c:4b:0e:77:3c:4b:1e:ba:c0:b8:df:4a:
83:65:ba:27:e7:b8:71:f8:de:73:1d:a7:80:c3:01:05:25:88:
b1:7b:30:f3:fe:99:16:de:43:61:46:4c:bc:5c:b3:0c:f3:85:
06:bd:1c:4b:aa:ca:00:0b:90:8f:d2:23:08:b3:58:e9:34:c9:
4a:43:24:f8:d3:54:58:10:88:24:ba:9a:53:b1:73:17:4c:2f:
7b:09:34:73:76:24:e7:6f:8f:bf:22:22:94:c1:8d:c0:39:dc:
fb:bf:b0:b5:6a:72:82:5d:ba:6d:4c:57:b3:4e:94:20:a2:98:
10:54:25:4e:ed:57:af:09:cd:ae:89:57:96:7e:9a:ec:8e:8d:
5f:ca:0d:b8:1e:93:97:e5:36:1f:ca:0b:95:3e:b6:98:94:e1:
9c:09:f0:1d:da:f9:33:da:cb:17:84:a0:e0:ec:6c:79:af:48:
af:a0:05:99:b9:fb:f2:ef:ec:fe:bf:be:49:5e:33:5a:03:96:
4a:98:01:7b:78:c7:17:1e:da:a7:0b:fa:14:9e:d6:86:ce:6c:
6c:63:eb:dd:c9:be:00:ed:1c:b0:93:60:07:b7:bc:82:1f:cf:
4b:eb:ad:b9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECO6JTTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YmVjOTAzMGM3MGEzZDQxOTJkNTljMjhkY2M4ZDU0NzY5NDM0MGIzMB4XDTIyMDEw
MTA4MDUyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzk5ZTFlNmQ4YjIx
Y2UzNzFlMzk1NzBmZThiNjE1MjY5NjIwNmM5NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMpYD+MwdeAgdXCfroQZbM7WJGGvnSxHma6Ukn1eH1n/HgJ6
ak8pFvFMRjOqQgeP5l7jmowzmXbn3eZ//4SsbLO5EmwUhaliMAX80QHhuil1oFne
+GV2Ip/H7OrS33qrDfbGcsBJtG81Lvb4cfHueBKUS332Ksk1bLsy2XAMxIcJQ++M
3xUvJJUEQwRMiY3H8TPV3Wwr4Z0wW6Sdz3AIZhXIAViciCquse72BWq1URkmFxKv
pvUvdTYdGXUtk3GYeFTSXH1kuofwoVnIVHz4Y4tPgMY9wc1/OHSe0O/FDPA5pgms
r48YuqCWcbhwT3kvXsVPXqxf6zKGICllQ8rz/BECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ5nh5tiyHONx45Vw/othUmliBsljAfBgNVHSMEGDAWgBTr7JAwxwo9QZLV
nCjcyNVHaUNAszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzYteVFNTWNLUFVHUzFad28zTWpWUjJsRFFMTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTUvMzcyYjg3LTk1ZjQtNGM5OC1hNmY0LTRhNmY4NjgzMjY1Yy8x
L09aNGViWXNoempjZU9WY1A2TFlWSnBZZ2JKWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTUv
MzcyYjg3LTk1ZjQtNGM5OC1hNmY0LTRhNmY4NjgzMjY1Yy8xLzYteVFNTWNLUFVH
UzFad28zTWpWUjJsRFFMTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJf8xjANBgkqhkiG9w0BAQsFAAOC
AQEAMwruy9Kxiid0m13gIHc21s3TtYve56lOHEsOdzxLHrrAuN9Kg2W6J+e4cfje
cx2ngMMBBSWIsXsw8/6ZFt5DYUZMvFyzDPOFBr0cS6rKAAuQj9IjCLNY6TTJSkMk
+NNUWBCIJLqaU7FzF0wvewk0c3Yk52+PvyIilMGNwDnc+7+wtWpygl26bUxXs06U
IKKYEFQlTu1XrwnNrolXln6a7I6NX8oNuB6Tl+U2H8oLlT62mJThnAnwHdr5M9rL
F4Sg4Oxsea9Ir6AFmbn78u/s/r++SV4zWgOWSpgBe3jHFx7apwv6FJ7Whs5sbGPr
3cm+AO0csJNgB7e8gh/PS+utuQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:44 2023 by rpki-client on console-fra.rpki-client.org