Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/2cc283-9357-4c95-84d4-35cf770dc8b9/1/aLZkK1BLsvZG_WIvYCcVWK7Lvy0.roa
File: aLZkK1BLsvZG_WIvYCcVWK7Lvy0.roa (raw, json)
Hash identifier: BnoQlGNNVrg1wWDo3eswCA89oUyqRu5+Id71Xw4qLHk=
Subject key identifier: 68:B6:64:2B:50:4B:B2:F6:46:FD:62:2F:60:27:15:58:AE:CB:BF:2D
Certificate issuer: /CN=0c5e870d31ca7019951370cb221f18f1f09fa58a
Certificate serial: 3528EDA8
Authority key identifier: 0C:5E:87:0D:31:CA:70:19:95:13:70:CB:22:1F:18:F1:F0:9F:A5:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DF6HDTHKcBmVE3DLIh8Y8fCfpYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/2cc283-9357-4c95-84d4-35cf770dc8b9/1/aLZkK1BLsvZG_WIvYCcVWK7Lvy0.roa
Signing time: Sat 01 Jan 2022 09:55:21 +0000
ROA not before: Sat 01 Jan 2022 09:55:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39825
IP address blocks: 85.159.144.0/24 maxlen: 24
85.159.145.0/24 maxlen: 24
85.159.146.0/24 maxlen: 24
85.159.147.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 891874728 (0x3528eda8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c5e870d31ca7019951370cb221f18f1f09fa58a
Validity
Not Before: Jan 1 09:55:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=68b6642b504bb2f646fd622f60271558aecbbf2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:46:ca:bb:73:f1:4c:53:6e:40:69:49:91:de:
24:df:ee:67:05:eb:5f:c0:0e:ba:63:03:f3:35:98:
1e:1d:0a:7f:3a:dc:86:3e:7d:43:7c:b0:f0:ae:81:
f5:a5:da:88:23:22:f0:2b:ab:03:30:bc:e2:b2:5a:
ba:0f:13:6e:7b:e3:04:b0:98:1e:ca:e0:eb:37:f1:
f8:34:38:f5:d0:be:6a:45:7e:43:ff:8d:e8:65:b4:
f9:95:52:99:bc:a7:1a:d4:ce:60:20:69:8c:b0:fd:
f1:32:42:a2:98:bf:e4:2a:35:30:8c:d4:5e:f3:67:
fd:2d:7b:4c:73:fa:7d:3f:3f:56:f3:07:c7:14:63:
20:58:de:8e:f9:a9:db:bf:36:30:eb:d3:6b:0c:49:
3f:55:c9:99:57:91:b4:2c:7e:50:68:79:78:c3:cc:
67:a4:5f:8d:98:b7:3b:7f:60:88:80:27:dd:d3:00:
94:c0:bd:8b:44:e3:29:51:b6:e4:f6:e2:ad:d3:81:
2c:df:af:b7:1e:1d:41:2e:5e:5e:e6:2d:5b:e9:97:
28:21:e6:96:c0:18:7f:be:d5:34:73:c6:1a:68:4c:
b3:48:e1:1f:e6:21:ea:b5:8c:9a:28:98:3c:65:2f:
13:19:1a:33:76:8f:49:5b:43:84:ec:c5:bc:af:82:
f4:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:B6:64:2B:50:4B:B2:F6:46:FD:62:2F:60:27:15:58:AE:CB:BF:2D
X509v3 Authority Key Identifier:
keyid:0C:5E:87:0D:31:CA:70:19:95:13:70:CB:22:1F:18:F1:F0:9F:A5:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DF6HDTHKcBmVE3DLIh8Y8fCfpYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/2cc283-9357-4c95-84d4-35cf770dc8b9/1/aLZkK1BLsvZG_WIvYCcVWK7Lvy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/2cc283-9357-4c95-84d4-35cf770dc8b9/1/DF6HDTHKcBmVE3DLIh8Y8fCfpYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.159.144.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:48:1c:37:60:63:dc:8c:a6:bb:19:e2:de:6f:54:63:e1:ef:
3b:bb:e1:91:0c:26:e7:06:eb:38:15:c2:d0:cc:b2:05:80:f5:
00:36:02:19:29:ab:13:42:2e:7f:18:c9:8a:c0:8b:2b:a9:c1:
b9:08:a9:1b:b6:23:80:6e:57:04:4a:4c:db:75:32:91:ab:9f:
22:17:ea:aa:45:32:2d:f3:a3:3f:84:a1:83:f5:ff:f7:f6:d6:
59:51:ce:ab:b8:6c:43:5b:12:b3:8e:84:b2:71:a2:2b:98:ee:
db:94:ae:d6:b2:1c:35:27:69:37:1d:16:20:5a:2d:d3:e8:27:
2a:0d:e3:0c:97:d2:b7:d3:1a:6c:f4:48:cc:5c:de:66:a6:c7:
e0:d3:20:eb:18:bc:62:3c:7c:ad:18:83:e3:81:62:7c:36:a9:
39:f8:7a:b8:68:a6:86:9c:f0:d3:78:4a:a5:10:89:61:e1:7d:
a9:8a:fd:80:de:19:d1:13:a6:30:37:3a:a3:f7:97:cf:42:ef:
2c:de:d1:4e:b6:26:c0:14:2d:c4:a7:00:76:09:53:fc:7d:20:
0b:0e:ac:b7:2a:82:91:30:db:39:21:28:9e:aa:a5:df:4b:17:
c7:4d:46:8f:87:8f:1a:df:e7:29:19:09:7a:aa:e0:3b:53:fd:
20:df:2e:7f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENSjtqDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YzVlODcwZDMxY2E3MDE5OTUxMzcwY2IyMjFmMThmMWYwOWZhNThhMB4XDTIyMDEw
MTA5NTUyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjhiNjY0MmI1MDRi
YjJmNjQ2ZmQ2MjJmNjAyNzE1NThhZWNiYmYyZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKlGyrtz8UxTbkBpSZHeJN/uZwXrX8AOumMD8zWYHh0Kfzrc
hj59Q3yw8K6B9aXaiCMi8CurAzC84rJaug8TbnvjBLCYHsrg6zfx+DQ49dC+akV+
Q/+N6GW0+ZVSmbynGtTOYCBpjLD98TJCopi/5Co1MIzUXvNn/S17THP6fT8/VvMH
xxRjIFjejvmp2782MOvTawxJP1XJmVeRtCx+UGh5eMPMZ6RfjZi3O39giIAn3dMA
lMC9i0TjKVG25PbirdOBLN+vtx4dQS5eXuYtW+mXKCHmlsAYf77VNHPGGmhMs0jh
H+Yh6rWMmiiYPGUvExkaM3aPSVtDhOzFvK+C9PUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRotmQrUEuy9kb9Yi9gJxVYrsu/LTAfBgNVHSMEGDAWgBQMXocNMcpwGZUT
cMsiHxjx8J+lijAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RGNkhEVEhLY0JtVkUzRExJaDhZOGZDZnBZby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTkvMmNjMjgzLTkzNTctNGM5NS04NGQ0LTM1Y2Y3NzBkYzhiOS8x
L2FMWmtLMUJMc3ZaR19XSXZZQ2NWV0s3THZ5MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkv
MmNjMjgzLTkzNTctNGM5NS04NGQ0LTM1Y2Y3NzBkYzhiOS8xL0RGNkhEVEhLY0Jt
VkUzRExJaDhZOGZDZnBZby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlWfkDANBgkqhkiG9w0BAQsFAAOC
AQEAj0gcN2Bj3Iymuxni3m9UY+HvO7vhkQwm5wbrOBXC0MyyBYD1ADYCGSmrE0Iu
fxjJisCLK6nBuQipG7YjgG5XBEpM23UykaufIhfqqkUyLfOjP4Shg/X/9/bWWVHO
q7hsQ1sSs46EsnGiK5ju25Su1rIcNSdpNx0WIFot0+gnKg3jDJfSt9MabPRIzFze
ZqbH4NMg6xi8Yjx8rRiD44FifDapOfh6uGimhpzw03hKpRCJYeF9qYr9gN4Z0ROm
MDc6o/eXz0LvLN7RTrYmwBQtxKcAdglT/H0gCw6styqCkTDbOSEonqql30sXx01G
j4ePGt/nKRkJeqrgO1P9IN8ufw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:31 2023 by rpki-client on console-ams.rpki-client.org