Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/WhtesQGXOkKNIPs9xHzLd7s1JgI.roa
File: WhtesQGXOkKNIPs9xHzLd7s1JgI.roa (raw, json)
Hash identifier: m26mIjCEMA4hSjyTl1Kwa2phtBJ85cKjwZ/eA8bYgtQ=
Subject key identifier: 5A:1B:5E:B1:01:97:3A:42:8D:20:FB:3D:C4:7C:CB:77:BB:35:26:02
Certificate issuer: /CN=da96b5bdafb28332dafe847ced14f7a5fad45e69
Certificate serial: 0718B46D
Authority key identifier: DA:96:B5:BD:AF:B2:83:32:DA:FE:84:7C:ED:14:F7:A5:FA:D4:5E:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2pa1va-ygzLa_oR87RT3pfrUXmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/WhtesQGXOkKNIPs9xHzLd7s1JgI.roa
Signing time: Sat 01 Jan 2022 01:56:38 +0000
ROA not before: Sat 01 Jan 2022 01:56:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204296
IP address blocks: 185.254.60.0/23 maxlen: 23
185.254.63.0/24 maxlen: 24
185.254.62.0/24 maxlen: 24
2a0c:4840::/29 maxlen: 29
2a0c:4847:ffff::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119059565 (0x718b46d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da96b5bdafb28332dafe847ced14f7a5fad45e69
Validity
Not Before: Jan 1 01:56:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5a1b5eb101973a428d20fb3dc47ccb77bb352602
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:1b:12:16:5b:08:36:97:87:9f:68:c1:8d:46:
5d:66:34:2d:96:77:b3:73:4b:9a:8a:da:2e:74:2b:
f8:85:77:b7:ff:bd:7e:62:1e:2b:f7:1f:cb:31:d5:
da:53:ae:9f:0a:45:9e:c6:91:60:7d:fc:0c:26:19:
03:a2:fe:e0:1b:49:c2:84:a9:ec:cb:0b:20:8e:de:
82:f6:c9:62:ad:2a:43:27:0f:25:5f:12:59:e4:0b:
45:fc:3f:aa:54:86:1f:1d:cc:91:74:a6:80:00:2e:
2b:05:5f:75:8a:e9:f1:0e:d4:a1:a1:21:2c:7d:25:
32:a9:c7:46:da:0c:7e:89:06:86:56:2e:6f:18:fb:
62:1a:5e:65:e9:a2:0c:ca:8e:8f:b0:46:44:81:94:
64:df:fe:75:52:9b:2e:45:57:e8:d4:0e:d1:13:91:
42:76:48:da:e1:44:5a:31:3e:53:36:00:a3:aa:1c:
e9:29:60:94:bb:b5:0d:a4:70:56:55:59:37:8f:0d:
00:dd:8c:8d:77:12:66:b6:bc:01:ae:c0:6b:97:31:
75:f0:40:17:df:f4:17:8d:fe:a4:36:21:8d:1a:06:
18:0f:10:4e:a5:12:dc:ee:c0:40:71:93:8c:55:3b:
72:ae:57:00:bd:d8:9d:40:c1:11:10:5b:2f:2d:35:
96:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:1B:5E:B1:01:97:3A:42:8D:20:FB:3D:C4:7C:CB:77:BB:35:26:02
X509v3 Authority Key Identifier:
keyid:DA:96:B5:BD:AF:B2:83:32:DA:FE:84:7C:ED:14:F7:A5:FA:D4:5E:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2pa1va-ygzLa_oR87RT3pfrUXmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/WhtesQGXOkKNIPs9xHzLd7s1JgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/2pa1va-ygzLa_oR87RT3pfrUXmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.254.60.0/22
IPv6:
2a0c:4840::/29
Signature Algorithm: sha256WithRSAEncryption
78:2c:be:a5:96:f5:6e:2e:fa:60:56:9e:65:1e:a8:01:dd:f6:
7e:a9:19:69:a1:73:04:e4:83:e5:91:bc:4c:a4:a5:7f:81:7b:
ef:90:7d:fc:bd:34:59:c7:49:25:e2:42:48:e3:a5:03:d2:8f:
af:b3:39:4f:5a:84:7f:1a:f3:68:12:9e:7b:b8:10:03:0e:6f:
83:53:01:8f:d8:c4:b9:0f:18:e5:fb:df:7a:9d:33:a8:98:93:
f9:90:51:39:40:2c:aa:b8:8e:52:a2:b6:26:02:21:f7:54:fc:
bd:20:a0:48:fe:6e:aa:74:33:59:3c:84:32:5e:89:a2:95:72:
d3:10:23:74:85:25:83:da:d3:d5:69:1b:e0:cb:5c:b4:70:5f:
d4:22:ff:55:9c:6b:dc:75:83:6f:0f:48:5c:46:62:2e:8a:aa:
e6:69:fd:e6:3f:da:46:d4:de:bf:30:e0:e5:ad:b6:82:b6:f6:
2b:a4:6f:b9:97:71:91:9d:f0:bc:3d:9f:81:a1:c1:27:ae:27:
d9:fe:cb:0c:81:47:8f:0e:3b:d4:65:8a:a2:02:b7:bf:b4:63:
ac:14:3d:6f:b7:bf:5f:de:b1:3c:b0:16:fc:8f:a7:49:3b:2f:
ee:e5:0a:9e:54:3e:a1:e5:03:3d:b4:5b:d0:99:45:83:c5:fd:
47:a3:c0:55
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBxi0bTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YTk2YjViZGFmYjI4MzMyZGFmZTg0N2NlZDE0ZjdhNWZhZDQ1ZTY5MB4XDTIyMDEw
MTAxNTYzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWExYjVlYjEwMTk3
M2E0MjhkMjBmYjNkYzQ3Y2NiNzdiYjM1MjYwMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOMbEhZbCDaXh59owY1GXWY0LZZ3s3NLmoraLnQr+IV3t/+9
fmIeK/cfyzHV2lOunwpFnsaRYH38DCYZA6L+4BtJwoSp7MsLII7egvbJYq0qQycP
JV8SWeQLRfw/qlSGHx3MkXSmgAAuKwVfdYrp8Q7UoaEhLH0lMqnHRtoMfokGhlYu
bxj7YhpeZemiDMqOj7BGRIGUZN/+dVKbLkVX6NQO0RORQnZI2uFEWjE+UzYAo6oc
6SlglLu1DaRwVlVZN48NAN2MjXcSZra8Aa7Aa5cxdfBAF9/0F43+pDYhjRoGGA8Q
TqUS3O7AQHGTjFU7cq5XAL3YnUDBERBbLy01lmsCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRaG16xAZc6Qo0g+z3EfMt3uzUmAjAfBgNVHSMEGDAWgBTalrW9r7KDMtr+
hHztFPel+tReaTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJwYTF2YS15Z3pMYV9vUjg3UlQzcGZyVVhtay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWQvODE5MDg5LTQ3M2ItNDYzZi1iODdiLTQyNTM5NTBmMTE1NS8x
L1dodGVzUUdYT2tLTklQczl4SHpMZDdzMUpnSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWQv
ODE5MDg5LTQ3M2ItNDYzZi1iODdiLTQyNTM5NTBmMTE1NS8xLzJwYTF2YS15Z3pM
YV9vUjg3UlQzcGZyVVhtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArn+PDANBAIAAjAHAwUDKgxIQDAN
BgkqhkiG9w0BAQsFAAOCAQEAeCy+pZb1bi76YFaeZR6oAd32fqkZaaFzBOSD5ZG8
TKSlf4F775B9/L00WcdJJeJCSOOlA9KPr7M5T1qEfxrzaBKee7gQAw5vg1MBj9jE
uQ8Y5fvfep0zqJiT+ZBROUAsqriOUqK2JgIh91T8vSCgSP5uqnQzWTyEMl6JopVy
0xAjdIUlg9rT1Wkb4MtctHBf1CL/VZxr3HWDbw9IXEZiLoqq5mn95j/aRtTevzDg
5a22grb2K6RvuZdxkZ3wvD2fgaHBJ64n2f7LDIFHjw471GWKogK3v7RjrBQ9b7e/
X96xPLAW/I+nSTsv7uUKnlQ+oeUDPbRb0JlFg8X9R6PAVQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:15 2024 by rpki-client on console-ams.rpki-client.org