Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/AJ6UTxZIUZ7oBG7JYPjQXY9h_ws.roa
File: AJ6UTxZIUZ7oBG7JYPjQXY9h_ws.roa (raw, json)
Hash identifier: 2EZJNFdYq6MbHE4iTc5E9DHNzCMpbiLC8VfVvF/xuuc=
Subject key identifier: 00:9E:94:4F:16:48:51:9E:E8:04:6E:C9:60:F8:D0:5D:8F:61:FF:0B
Certificate issuer: /CN=5c892aed3833e6100f5e0cf12271fd80b755c361
Certificate serial: 024879
Authority key identifier: 5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/AJ6UTxZIUZ7oBG7JYPjQXY9h_ws.roa
Signing time: Wed 30 Mar 2022 07:35:07 +0000
ROA not before: Wed 30 Mar 2022 07:35:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 185.173.144.0/24 maxlen: 24
185.173.145.0/24 maxlen: 24
185.173.147.0/24 maxlen: 24
185.173.146.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 149625 (0x24879)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c892aed3833e6100f5e0cf12271fd80b755c361
Validity
Not Before: Mar 30 07:35:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=009e944f1648519ee8046ec960f8d05d8f61ff0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:b0:73:6c:02:63:76:ce:b3:51:67:69:a6:62:
7d:a2:f5:33:6d:71:a3:af:1f:a5:9d:45:f2:2c:4a:
28:83:9a:7d:f0:da:c9:47:6b:a2:4d:a9:62:50:c6:
a7:99:49:62:b7:53:84:73:b2:c0:7a:c7:c2:29:69:
21:61:70:50:fb:82:b1:c1:c3:a6:48:47:62:02:7f:
f0:35:8d:68:b3:56:ef:14:10:14:02:8f:a5:ac:27:
6a:fd:6c:0b:95:10:de:8b:bf:b4:00:56:56:79:8f:
ed:69:97:e0:b8:f5:f2:a0:87:b6:6f:eb:a0:64:91:
6b:a7:9b:70:62:9b:b2:a1:51:0a:18:a9:84:66:c8:
06:fe:09:0d:55:7f:12:8a:e0:d3:4a:64:61:7b:2f:
92:6c:0e:fe:48:1c:1f:3a:82:dc:31:1c:67:a5:09:
00:93:f4:da:da:9d:39:de:34:75:f8:06:87:f9:78:
b2:bd:54:56:1e:a3:0f:32:f6:2a:13:51:90:7d:ae:
bb:5e:96:42:22:75:a3:fc:a5:12:db:82:02:b7:65:
4c:e5:a9:78:9f:57:91:4e:97:27:34:d0:ea:71:ce:
32:7b:7a:49:92:89:07:a0:62:7f:bd:5d:bc:e4:e8:
ff:4d:47:97:49:44:0f:55:3c:1c:c4:bb:91:56:09:
e9:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:9E:94:4F:16:48:51:9E:E8:04:6E:C9:60:F8:D0:5D:8F:61:FF:0B
X509v3 Authority Key Identifier:
keyid:5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/AJ6UTxZIUZ7oBG7JYPjQXY9h_ws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/XIkq7Tgz5hAPXgzxInH9gLdVw2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.173.144.0/22
Signature Algorithm: sha256WithRSAEncryption
94:43:15:74:d5:fb:ca:74:01:b0:13:27:2f:a2:36:95:3e:11:
3a:dd:8e:28:4b:c8:22:31:b8:f6:41:b6:2b:4c:06:d3:b2:34:
cd:c2:6f:58:11:2b:94:4c:6f:16:52:33:24:74:97:45:c4:64:
dd:77:82:f4:2f:e1:c7:3a:31:a8:b0:1c:f8:0d:d0:13:af:fa:
15:4b:af:b7:db:3f:26:31:16:1c:49:cb:dd:42:0b:cc:8d:19:
5d:77:53:b6:3f:23:9f:a7:e4:c1:a4:c6:b5:79:71:11:b5:2c:
27:ab:0a:c2:ac:7e:e2:f5:4f:0b:05:c7:67:da:4e:19:72:b9:
3a:46:e6:b2:77:88:7a:30:d3:d1:32:aa:6f:d6:d8:0b:06:ea:
c4:cd:1e:b8:2a:ab:00:7b:8b:89:4f:5b:a8:3d:a3:0b:4b:66:
43:da:21:b7:47:7e:4f:4b:88:4e:55:7f:e8:1b:69:18:fe:a0:
3e:a6:c2:96:60:49:fb:9c:57:be:60:e6:22:a3:f4:5d:ea:24:
29:bd:b1:87:43:3c:0f:a9:e2:90:8d:6d:13:88:fa:89:80:b9:
ac:b4:1f:08:a9:05:57:7b:da:5c:68:fd:2d:5f:0e:b1:36:da:
fe:84:b5:e3:ca:dc:4b:b8:e6:36:2b:f9:58:42:f8:42:39:6a:
b6:2e:eb:3e
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAkh5MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDVj
ODkyYWVkMzgzM2U2MTAwZjVlMGNmMTIyNzFmZDgwYjc1NWMzNjEwHhcNMjIwMzMw
MDczNTA3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwMDllOTQ0ZjE2NDg1
MTllZTgwNDZlYzk2MGY4ZDA1ZDhmNjFmZjBiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA7bBzbAJjds6zUWdppmJ9ovUzbXGjrx+lnUXyLEoog5p98NrJ
R2uiTaliUManmUlit1OEc7LAesfCKWkhYXBQ+4KxwcOmSEdiAn/wNY1os1bvFBAU
Ao+lrCdq/WwLlRDei7+0AFZWeY/taZfguPXyoIe2b+ugZJFrp5twYpuyoVEKGKmE
ZsgG/gkNVX8SiuDTSmRhey+SbA7+SBwfOoLcMRxnpQkAk/Ta2p053jR1+AaH+Xiy
vVRWHqMPMvYqE1GQfa67XpZCInWj/KUS24ICt2VM5al4n1eRTpcnNNDqcc4ye3pJ
kokHoGJ/vV285Oj/TUeXSUQPVTwcxLuRVgnpKwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFACelE8WSFGe6ARuyWD40F2PYf8LMB8GA1UdIwQYMBaAFFyJKu04M+YQD14M
8SJx/YC3VcNhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
WElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2UtM2FhN2RhYTlkM2VjLzEv
QUo2VVR4WklVWjdvQkc3SllQalFYWTloX3dzLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi84
NmZiNDYtZDcxMi00NjAyLTljY2UtM2FhN2RhYTlkM2VjLzEvWElrcTdUZ3o1aEFQ
WGd6eEluSDlnTGRWdzJFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCua2QMA0GCSqGSIb3DQEBCwUAA4IB
AQCUQxV01fvKdAGwEycvojaVPhE63Y4oS8giMbj2QbYrTAbTsjTNwm9YESuUTG8W
UjMkdJdFxGTdd4L0L+HHOjGosBz4DdATr/oVS6+32z8mMRYcScvdQgvMjRldd1O2
PyOfp+TBpMa1eXERtSwnqwrCrH7i9U8LBcdn2k4Zcrk6Ruayd4h6MNPRMqpv1tgL
BurEzR64KqsAe4uJT1uoPaMLS2ZD2iG3R35PS4hOVX/oG2kY/qA+psKWYEn7nFe+
YOYio/Rd6iQpvbGHQzwPqeKQjW0TiPqJgLmstB8IqQVXe9pcaP0tXw6xNtr+hLXj
ytxLuOY2K/lYQvhCOWq2Lus+
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:56:50 2023 by rpki-client on console-fra.rpki-client.org