Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/Wa5z9bBBkY8TIYXpM-_j0ZVUBSs.roa
File: Wa5z9bBBkY8TIYXpM-_j0ZVUBSs.roa (raw, json)
Hash identifier: SFQEa8Pk8Gsg5pR6yHuDlbFX5TauKIhkGra/iaeL1zo=
Subject key identifier: 59:AE:73:F5:B0:41:91:8F:13:21:85:E9:33:EF:E3:D1:95:54:05:2B
Certificate issuer: /CN=ecf42776be532bd0575332855d8c42c4952ed931
Certificate serial: 01847690AEF25097AEF3D598D079AC979CA0
Authority key identifier: EC:F4:27:76:BE:53:2B:D0:57:53:32:85:5D:8C:42:C4:95:2E:D9:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7PQndr5TK9BXUzKFXYxCxJUu2TE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/Wa5z9bBBkY8TIYXpM-_j0ZVUBSs.roa
Signing time: Mon 14 Nov 2022 14:35:04 +0000
ROA not before: Mon 14 Nov 2022 14:35:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20743
IP address blocks: 146.109.145.0/24 maxlen: 24
146.109.153.0/24 maxlen: 24
146.109.160.0/19 maxlen: 19
146.109.161.0/24 maxlen: 24
2a01:4642:100::/40 maxlen: 40
2a01:4642:200::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:76:90:ae:f2:50:97:ae:f3:d5:98:d0:79:ac:97:9c:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecf42776be532bd0575332855d8c42c4952ed931
Validity
Not Before: Nov 14 14:35:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=59ae73f5b041918f132185e933efe3d19554052b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:fb:1d:c1:c0:73:00:9c:03:b5:62:c7:ed:f4:
43:31:b0:05:12:44:fb:f7:83:ba:bd:89:07:41:5a:
0e:ca:cb:9a:55:02:a5:b8:b3:53:f0:fa:6a:1b:7d:
be:90:6b:26:76:e6:51:bb:0f:7b:01:12:b8:9c:6a:
1a:7f:8e:88:87:51:c7:98:3b:40:f8:5f:3a:12:90:
a8:77:34:9a:2f:5e:a2:27:b5:5e:33:4d:99:47:5c:
ca:d3:33:26:1d:64:c8:b4:90:a6:f4:63:21:4b:34:
61:e7:94:01:1f:f8:45:72:42:36:99:84:07:a7:dd:
b5:3b:2e:36:20:0e:92:2a:43:dc:97:ce:e2:57:cb:
75:b5:4b:c8:57:5b:bd:54:dd:d6:87:ec:ee:40:ae:
bf:56:0d:8e:c4:ff:82:c5:0f:3a:bf:f7:bd:f0:2a:
48:d1:a0:74:c6:b8:3e:42:16:32:3b:1d:57:59:55:
f0:35:22:cb:13:99:9a:91:20:3b:c7:29:38:b1:40:
ca:26:a9:ae:93:38:bc:77:40:92:99:54:af:d5:67:
07:9c:0f:e6:28:89:d7:af:d9:b4:f4:d3:ee:5c:78:
f8:1c:a2:e5:6b:79:7e:2e:ba:74:c3:27:c9:6a:4f:
c0:d1:38:d6:2c:cf:90:f1:fb:61:f6:59:dd:12:36:
0c:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:AE:73:F5:B0:41:91:8F:13:21:85:E9:33:EF:E3:D1:95:54:05:2B
X509v3 Authority Key Identifier:
keyid:EC:F4:27:76:BE:53:2B:D0:57:53:32:85:5D:8C:42:C4:95:2E:D9:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7PQndr5TK9BXUzKFXYxCxJUu2TE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/Wa5z9bBBkY8TIYXpM-_j0ZVUBSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/7PQndr5TK9BXUzKFXYxCxJUu2TE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.109.145.0/24
146.109.153.0/24
146.109.160.0/19
IPv6:
2a01:4642:100::-2a01:4642:2ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5d:43:79:67:0f:64:73:37:0b:d7:8d:c6:c0:cc:37:05:dd:d0:
dd:99:ee:a2:25:d5:36:8d:4c:a4:77:58:0e:2b:f9:9e:e6:74:
bf:d2:0b:5a:6d:9c:46:d0:81:5e:33:3d:3d:2f:56:eb:6e:e9:
49:02:a7:69:b6:4b:dd:1c:e1:5d:ed:60:eb:4c:e2:72:d6:89:
03:49:4a:a2:c4:77:db:78:4a:87:1a:00:10:59:b5:87:66:09:
7e:88:36:6a:83:e7:5b:c4:4c:ee:06:63:24:06:68:bf:32:c6:
dc:f3:a8:87:da:13:8c:14:cf:10:47:30:96:d3:b8:a0:26:d6:
3d:8a:48:23:14:9e:55:c7:51:91:00:08:56:c5:fb:41:e9:a5:
55:e4:81:70:30:af:87:47:3f:01:68:13:bd:5c:e9:c1:ba:56:
d6:5e:69:5a:17:2e:96:d9:70:89:56:44:46:b7:7d:f5:9e:5a:
bd:cc:eb:16:d4:60:9c:21:21:d5:95:b2:79:cd:75:64:3a:73:
af:62:ef:96:7b:43:93:32:ce:30:7a:a6:22:9f:88:9d:d7:1d:
1c:54:f5:94:e0:03:7d:ff:3f:ec:ca:fa:dc:4a:2e:d6:43:ff:
0c:d1:2c:82:85:00:70:65:62:f5:59:a1:1e:00:a3:63:02:9f:
a9:11:f2:ef
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYR2kK7yUJeu89WY0Hmsl5ygMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjZjQyNzc2YmU1MzJiZDA1NzUzMzI4NTVkOGM0MmM0OTUy
ZWQ5MzEwHhcNMjIxMTE0MTQzNTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWFlNzNmNWIwNDE5MThmMTMyMTg1ZTkzM2VmZTNkMTk1NTQwNTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvsdwcBzAJwDtWLH7fRDMbAFEkT7
94O6vYkHQVoOysuaVQKluLNT8PpqG32+kGsmduZRuw97ARK4nGoaf46Ih1HHmDtA
+F86EpCodzSaL16iJ7VeM02ZR1zK0zMmHWTItJCm9GMhSzRh55QBH/hFckI2mYQH
p921Oy42IA6SKkPcl87iV8t1tUvIV1u9VN3Wh+zuQK6/Vg2OxP+CxQ86v/e98CpI
0aB0xrg+QhYyOx1XWVXwNSLLE5makSA7xyk4sUDKJqmukzi8d0CSmVSv1WcHnA/m
KInXr9m09NPuXHj4HKLla3l+Lrp0wyfJak/A0TjWLM+Q8fth9lndEjYMMwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFFmuc/WwQZGPEyGF6TPv49GVVAUrMB8GA1UdIwQY
MBaAFOz0J3a+UyvQV1MyhV2MQsSVLtkxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1BRbmRyNVRLOUJYVXpLRlhZeEN4SlV1MlRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9lYmQ0OWYtZjU2OS00MTUyLWIwYjgt
NWU1M2MyM2I1NWIwLzEvV2E1ejliQkJrWThUSVlYcE0tX2owWlZVQlNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9lYmQ0OWYtZjU2OS00MTUyLWIwYjgtNWU1M2MyM2I1NWIw
LzEvN1BRbmRyNVRLOUJYVXpLRlhZeEN4SlV1MlRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQAkm2RAwQA
km2ZAwQFkm2gMBgEAgACMBIwEAMGACoBRkIBAwYAKgFGQgIwDQYJKoZIhvcNAQEL
BQADggEBAF1DeWcPZHM3C9eNxsDMNwXd0N2Z7qIl1TaNTKR3WA4r+Z7mdL/SC1pt
nEbQgV4zPT0vVutu6UkCp2m2S90c4V3tYOtM4nLWiQNJSqLEd9t4SocaABBZtYdm
CX6INmqD51vETO4GYyQGaL8yxtzzqIfaE4wUzxBHMJbTuKAm1j2KSCMUnlXHUZEA
CFbF+0HppVXkgXAwr4dHPwFoE71c6cG6VtZeaVoXLpbZcIlWREa3ffWeWr3M6xbU
YJwhIdWVsnnNdWQ6c69i75Z7Q5MyzjB6piKfiJ3XHRxU9ZTgA33/P+zK+txKLtZD
/wzRLIKFAHBlYvVZoR4Ao2MCn6kR8u8=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:34 2023 by rpki-client on console-ams.rpki-client.org