Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/1VRWg8kxktM-tNOi5cAnAKpYNeo.roa
File: 1VRWg8kxktM-tNOi5cAnAKpYNeo.roa (raw, json)
Hash identifier: /FSWSOcfPRLtUIvhXP0PHvftCWIAKecEVCvvH6D7OM8=
Subject key identifier: D5:54:56:83:C9:31:92:D3:3E:B4:D3:A2:E5:C0:27:00:AA:58:35:EA
Certificate issuer: /CN=259490c5dbcfbf590da33bfbd37970a0763469c9
Certificate serial: 0184925B6CDD60D01747D7FC83ED856A3E01
Authority key identifier: 25:94:90:C5:DB:CF:BF:59:0D:A3:3B:FB:D3:79:70:A0:76:34:69:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/1VRWg8kxktM-tNOi5cAnAKpYNeo.roa
Signing time: Sun 20 Nov 2022 00:06:15 +0000
ROA not before: Sun 20 Nov 2022 00:06:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209968
IP address blocks: 185.23.5.0/24 maxlen: 24
2a09:be44::/30 maxlen: 48
2a0e:ec00::/32 maxlen: 48
2a09:be41::/32 maxlen: 48
2a12:49c0::/29 maxlen: 48
2a09:be42::/31 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:92:5b:6c:dd:60:d0:17:47:d7:fc:83:ed:85:6a:3e:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=259490c5dbcfbf590da33bfbd37970a0763469c9
Validity
Not Before: Nov 20 00:06:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d5545683c93192d33eb4d3a2e5c02700aa5835ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:e0:4a:db:26:1d:ca:9a:36:de:d8:75:34:7b:
74:c8:56:56:22:72:d2:e8:16:94:0d:7b:b9:ea:1e:
aa:56:c2:72:f6:1d:c5:a3:21:bf:e1:83:32:6f:6d:
1a:fa:cb:a9:82:91:1f:68:e7:12:7a:36:31:dd:12:
23:ac:06:d9:6f:c3:6c:f7:ad:35:93:d8:bb:c7:27:
c4:55:79:77:25:63:bc:e3:f3:c4:e8:20:96:eb:cc:
cb:60:00:ac:e4:aa:3f:54:02:92:d6:73:5b:0b:d3:
a2:23:bf:98:54:a9:48:63:63:22:4a:d6:35:d7:91:
1f:74:2f:7a:8c:4f:92:e2:f0:30:03:a4:8d:b0:49:
c0:97:d7:0e:33:a8:24:90:ae:b4:e6:9f:a8:09:e8:
5a:48:d3:01:ce:00:09:a5:bd:6e:7d:ff:e9:9a:c9:
94:54:4b:df:1b:01:12:6b:41:64:b5:17:0a:91:72:
e2:64:5b:31:64:fb:07:8e:0d:40:55:29:94:51:70:
2a:aa:18:a3:b2:8b:b0:43:1d:8d:25:13:48:ea:b7:
29:bf:37:54:8c:ff:9e:4a:3a:79:89:69:cc:b9:cb:
a2:b9:f8:15:67:d9:a4:00:f0:da:0a:0a:9e:f7:e1:
30:98:d9:1f:2d:6b:e6:29:0a:fe:91:6a:ba:91:88:
07:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:54:56:83:C9:31:92:D3:3E:B4:D3:A2:E5:C0:27:00:AA:58:35:EA
X509v3 Authority Key Identifier:
keyid:25:94:90:C5:DB:CF:BF:59:0D:A3:3B:FB:D3:79:70:A0:76:34:69:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/1VRWg8kxktM-tNOi5cAnAKpYNeo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/JZSQxdvPv1kNozv703lwoHY0ack.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.5.0/24
IPv6:
2a09:be41::-2a09:be47:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:ec00::/32
2a12:49c0::/29
Signature Algorithm: sha256WithRSAEncryption
9f:29:1f:15:05:17:f4:15:31:31:18:9b:c7:7a:52:75:9c:9e:
48:95:42:ff:f2:2b:a4:4b:12:7d:3e:4d:dc:4b:16:8b:41:99:
69:92:0e:a2:79:7b:43:aa:86:c7:39:11:ad:34:1d:15:98:eb:
70:1b:aa:82:60:52:2c:62:33:18:75:a2:85:d7:cd:56:6d:ad:
37:27:9c:4f:2b:ce:61:5d:84:37:62:f4:ee:75:b1:98:1d:e6:
0b:64:4c:fa:a5:d2:11:d9:0b:af:b3:67:7e:21:ca:1a:cc:01:
8c:e3:eb:fc:a1:76:6c:a7:41:f6:41:dc:f0:fe:f4:dc:70:82:
10:3e:3e:84:c6:cc:45:c6:49:0a:50:14:44:cb:62:67:f2:47:
b8:70:80:9c:5b:6c:f3:03:22:21:05:33:97:a9:23:4c:a4:51:
e1:66:91:d2:d1:52:57:ea:82:47:58:6f:81:17:3d:9a:1a:6b:
37:85:93:0a:b3:5f:20:20:2a:89:91:0f:6b:93:26:68:5e:a1:
33:04:dc:54:0c:0a:28:df:10:0c:19:33:10:1b:4e:d1:b2:22:
00:12:89:f4:21:21:9f:13:46:3c:a5:b1:8d:29:32:28:0f:9c:
a9:ac:ad:1a:40:77:3f:d9:cf:3c:5e:00:df:44:fb:57:70:46:
fa:88:97:61
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYSSW2zdYNAXR9f8g+2Faj4BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1OTQ5MGM1ZGJjZmJmNTkwZGEzM2JmYmQzNzk3MGEwNzYz
NDY5YzkwHhcNMjIxMTIwMDAwNjE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTU0NTY4M2M5MzE5MmQzM2ViNGQzYTJlNWMwMjcwMGFhNTgzNWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkeBK2yYdypo23th1NHt0yFZWInLS
6BaUDXu56h6qVsJy9h3FoyG/4YMyb20a+supgpEfaOcSejYx3RIjrAbZb8Ns9601
k9i7xyfEVXl3JWO84/PE6CCW68zLYACs5Ko/VAKS1nNbC9OiI7+YVKlIY2MiStY1
15EfdC96jE+S4vAwA6SNsEnAl9cOM6gkkK605p+oCehaSNMBzgAJpb1uff/pmsmU
VEvfGwESa0FktRcKkXLiZFsxZPsHjg1AVSmUUXAqqhijsouwQx2NJRNI6rcpvzdU
jP+eSjp5iWnMucuiufgVZ9mkAPDaCgqe9+EwmNkfLWvmKQr+kWq6kYgHrQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFNVUVoPJMZLTPrTTouXAJwCqWDXqMB8GA1UdIwQY
MBaAFCWUkMXbz79ZDaM7+9N5cKB2NGnJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlpTUXhkdlB2MWtOb3p2NzAzbHdvSFkwYWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9lZGFkMmQtOTVjYy00OWQwLTg2ZjQt
M2NlM2NmOGIxYzQ5LzEvMVZSV2c4a3hrdE0tdE5PaTVjQW5BS3BZTmVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9lZGFkMmQtOTVjYy00OWQwLTg2ZjQtM2NlM2NmOGIxYzQ5
LzEvSlpTUXhkdlB2MWtOb3p2NzAzbHdvSFkwYWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAMBAIAATAGAwQAuRcFMCQE
AgACMB4wDgMFACoJvkEDBQMqCb5AAwUAKg7sAAMFAyoSScAwDQYJKoZIhvcNAQEL
BQADggEBAJ8pHxUFF/QVMTEYm8d6UnWcnkiVQv/yK6RLEn0+TdxLFotBmWmSDqJ5
e0Oqhsc5Ea00HRWY63AbqoJgUixiMxh1ooXXzVZtrTcnnE8rzmFdhDdi9O51sZgd
5gtkTPql0hHZC6+zZ34hyhrMAYzj6/yhdmynQfZB3PD+9NxwghA+PoTGzEXGSQpQ
FETLYmfyR7hwgJxbbPMDIiEFM5epI0ykUeFmkdLRUlfqgkdYb4EXPZoaazeFkwqz
XyAgKomRD2uTJmheoTME3FQMCijfEAwZMxAbTtGyIgASifQhIZ8TRjylsY0pMigP
nKmsrRpAdz/ZzzxeAN9E+1dwRvqIl2E=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:34 2023 by rpki-client on console-ams.rpki-client.org