Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/eefe67-3ebd-46cb-bcc8-6c61a9023139/1/IcWJLmNxAVC6nBr7WrQcpneQc-U.roa
File: IcWJLmNxAVC6nBr7WrQcpneQc-U.roa (raw, json)
Hash identifier: RDfJrrqFSI1SyuCH1grd3YsONs999AQfS8BCGCx1x9o=
Subject key identifier: 21:C5:89:2E:63:71:01:50:BA:9C:1A:FB:5A:B4:1C:A6:77:90:73:E5
Certificate issuer: /CN=356ac9c769976f6e2e82aaccfe239b6aa1922378
Certificate serial: 18B5834F
Authority key identifier: 35:6A:C9:C7:69:97:6F:6E:2E:82:AA:CC:FE:23:9B:6A:A1:92:23:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWrJx2mXb24ugqrM_iObaqGSI3g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/eefe67-3ebd-46cb-bcc8-6c61a9023139/1/IcWJLmNxAVC6nBr7WrQcpneQc-U.roa
Signing time: Sat 01 Jan 2022 14:58:02 +0000
ROA not before: Sat 01 Jan 2022 14:58:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60164
IP address blocks: 185.54.148.0/22 maxlen: 24
2a04:d280::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 414548815 (0x18b5834f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=356ac9c769976f6e2e82aaccfe239b6aa1922378
Validity
Not Before: Jan 1 14:58:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=21c5892e63710150ba9c1afb5ab41ca6779073e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:32:0c:e2:97:b0:2d:a6:17:1b:c8:02:e4:68:
ae:82:d5:01:e6:45:6a:73:17:f7:68:e9:4f:df:a2:
bb:8a:9e:d3:97:62:2b:2f:7b:cf:4e:59:51:f1:58:
d4:f6:41:b2:ac:57:ca:fa:bb:c8:86:0e:ce:5b:81:
8d:0f:03:ae:e8:a9:0a:fe:18:17:55:a8:42:6e:40:
21:cb:88:38:7e:7b:a9:05:dd:f6:df:6e:be:ea:3d:
a6:81:b3:b6:83:d1:e8:d7:e1:16:34:a6:b0:28:68:
64:e1:74:a9:b9:10:ab:70:48:a6:7c:a8:f3:20:60:
6d:aa:0e:df:fb:5e:51:2b:4e:11:1e:41:0f:77:34:
3c:d6:63:e5:a8:ef:8a:43:e7:8b:40:d9:15:0e:16:
98:36:81:46:e2:5a:6d:75:68:0f:26:26:e0:df:e5:
99:18:c3:53:75:45:49:14:ca:fe:59:72:32:d5:93:
d0:b4:b4:01:f5:ca:48:80:f1:58:e8:4f:a2:2e:ac:
78:d7:09:3b:6b:46:0b:3a:5d:cf:8c:54:2a:24:f6:
d0:29:6b:e5:6a:b8:c0:1d:7e:21:61:a0:26:8e:45:
2a:99:77:2a:99:cc:9e:8d:ed:0b:35:d7:bb:a4:b6:
a1:98:65:5e:52:c4:28:3c:29:e3:7a:35:6c:f3:12:
d3:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:C5:89:2E:63:71:01:50:BA:9C:1A:FB:5A:B4:1C:A6:77:90:73:E5
X509v3 Authority Key Identifier:
keyid:35:6A:C9:C7:69:97:6F:6E:2E:82:AA:CC:FE:23:9B:6A:A1:92:23:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWrJx2mXb24ugqrM_iObaqGSI3g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/eefe67-3ebd-46cb-bcc8-6c61a9023139/1/IcWJLmNxAVC6nBr7WrQcpneQc-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/eefe67-3ebd-46cb-bcc8-6c61a9023139/1/NWrJx2mXb24ugqrM_iObaqGSI3g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.54.148.0/22
IPv6:
2a04:d280::/29
Signature Algorithm: sha256WithRSAEncryption
19:bb:ab:b5:0f:a0:f9:78:92:ad:b1:f7:42:b7:59:fb:52:ab:
99:75:4e:7e:a6:35:75:eb:69:de:95:f0:9b:36:96:d0:86:8d:
85:78:83:26:2f:02:82:2b:c7:0d:7d:a7:06:74:ef:53:6a:e4:
1a:a6:f3:14:9b:18:23:74:df:5f:8c:47:5a:0c:1e:7e:b5:8a:
4b:44:5c:9b:d6:d1:79:a4:60:4b:76:54:91:2a:74:47:6e:a4:
6b:bd:86:df:66:25:21:d6:2c:7a:00:07:00:50:c7:8d:fe:ca:
0b:84:63:0f:06:18:b7:f7:2d:20:9a:d3:19:60:0a:f8:1b:9f:
51:cf:5c:f3:c0:16:3c:53:67:40:b9:d9:24:18:f2:d0:45:4f:
38:90:ee:27:0a:90:a3:11:f9:c4:6a:96:a0:45:2f:a8:02:b5:
e2:4b:6c:3d:38:5c:24:01:c0:af:f4:a2:6c:f8:c0:f3:d1:96:
39:72:9f:01:94:b8:92:c3:b5:57:b5:da:ed:1f:63:eb:7b:f8:
bf:70:d1:93:40:97:ce:5d:fe:00:cb:6d:ca:d6:87:03:de:be:
d3:04:ee:8c:38:ed:bb:ea:04:82:37:16:4a:fe:ae:ba:44:14:
55:91:f9:21:3d:1b:18:d2:c0:67:99:de:a2:81:a6:05:a3:e1:
4a:a5:78:8a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEGLWDTzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTZhYzljNzY5OTc2ZjZlMmU4MmFhY2NmZTIzOWI2YWExOTIyMzc4MB4XDTIyMDEw
MTE0NTgwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjFjNTg5MmU2Mzcx
MDE1MGJhOWMxYWZiNWFiNDFjYTY3NzkwNzNlNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANoyDOKXsC2mFxvIAuRoroLVAeZFanMX92jpT9+iu4qe05di
Ky97z05ZUfFY1PZBsqxXyvq7yIYOzluBjQ8DruipCv4YF1WoQm5AIcuIOH57qQXd
9t9uvuo9poGztoPR6NfhFjSmsChoZOF0qbkQq3BIpnyo8yBgbaoO3/teUStOER5B
D3c0PNZj5ajvikPni0DZFQ4WmDaBRuJabXVoDyYm4N/lmRjDU3VFSRTK/llyMtWT
0LS0AfXKSIDxWOhPoi6seNcJO2tGCzpdz4xUKiT20Clr5Wq4wB1+IWGgJo5FKpl3
KpnMno3tCzXXu6S2oZhlXlLEKDwp43o1bPMS078CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQhxYkuY3EBULqcGvtatBymd5Bz5TAfBgNVHSMEGDAWgBQ1asnHaZdvbi6C
qsz+I5tqoZIjeDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Xckp4Mm1YYjI0dWdxck1faU9iYXFHU0kzZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmYvZWVmZTY3LTNlYmQtNDZjYi1iY2M4LTZjNjFhOTAyMzEzOS8x
L0ljV0pMbU54QVZDNm5CcjdXclFjcG5lUWMtVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmYv
ZWVmZTY3LTNlYmQtNDZjYi1iY2M4LTZjNjFhOTAyMzEzOS8xL05Xckp4Mm1YYjI0
dWdxck1faU9iYXFHU0kzZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArk2lDANBAIAAjAHAwUDKgTSgDAN
BgkqhkiG9w0BAQsFAAOCAQEAGburtQ+g+XiSrbH3QrdZ+1KrmXVOfqY1detp3pXw
mzaW0IaNhXiDJi8CgivHDX2nBnTvU2rkGqbzFJsYI3TfX4xHWgwefrWKS0Rcm9bR
eaRgS3ZUkSp0R26ka72G32YlIdYsegAHAFDHjf7KC4RjDwYYt/ctIJrTGWAK+Buf
Uc9c88AWPFNnQLnZJBjy0EVPOJDuJwqQoxH5xGqWoEUvqAK14ktsPThcJAHAr/Si
bPjA89GWOXKfAZS4ksO1V7Xa7R9j63v4v3DRk0CXzl3+AMttytaHA96+0wTujDjt
u+oEgjcWSv6uukQUVZH5IT0bGNLAZ5neooGmBaPhSqV4ig==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:22 2023 by rpki-client on console-ams.rpki-client.org