Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/46c38b-4324-44aa-9bb5-386910dcb903/1/WGDYEx7QX0SpZh9HVI2S37Re8jw.roa
File: WGDYEx7QX0SpZh9HVI2S37Re8jw.roa (raw, json)
Hash identifier: lZ3MYDyBe++8lKJBhU0rDvH/g0pOEsxfobz+ssaFbcc=
Subject key identifier: 58:60:D8:13:1E:D0:5F:44:A9:66:1F:47:54:8D:92:DF:B4:5E:F2:3C
Certificate issuer: /CN=37e0cb58ae23d473ae13a7341b7a73bdd1028a0d
Certificate serial: 01590F19
Authority key identifier: 37:E0:CB:58:AE:23:D4:73:AE:13:A7:34:1B:7A:73:BD:D1:02:8A:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N-DLWK4j1HOuE6c0G3pzvdECig0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/46c38b-4324-44aa-9bb5-386910dcb903/1/WGDYEx7QX0SpZh9HVI2S37Re8jw.roa
Signing time: Sat 01 Jan 2022 11:02:23 +0000
ROA not before: Sat 01 Jan 2022 11:02:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206876
IP address blocks: 185.173.136.0/24 maxlen: 24
185.173.137.0/24 maxlen: 24
185.173.138.0/24 maxlen: 24
185.173.139.0/24 maxlen: 24
2a0b:5500::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22613785 (0x1590f19)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37e0cb58ae23d473ae13a7341b7a73bdd1028a0d
Validity
Not Before: Jan 1 11:02:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5860d8131ed05f44a9661f47548d92dfb45ef23c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:35:a7:50:56:ea:74:0f:e9:56:d7:05:34:5e:
68:5d:67:8d:09:d0:6b:1e:63:92:79:a2:f2:89:ac:
f4:a0:34:2b:f9:d3:1a:75:ad:95:4d:c6:57:79:31:
7f:bb:4a:73:d3:58:0f:45:5e:5b:85:10:80:9f:74:
c3:fa:60:4f:4a:cc:a8:dc:b6:bf:5d:ea:92:bb:54:
a5:99:29:5b:21:de:e0:a9:18:a0:5a:83:de:bf:fe:
6a:20:d7:5f:e4:7d:d0:35:3d:fe:16:d1:f0:36:ba:
f2:22:b6:1e:b9:a7:7c:38:07:a8:5f:f0:cd:cd:9f:
eb:a9:3d:61:84:df:1d:07:71:00:78:72:0d:ef:ae:
26:a1:8f:75:68:4d:59:a8:db:40:93:1f:9a:40:5c:
c8:fa:93:c0:1f:0b:b1:d6:d2:64:e8:76:9f:85:d0:
81:8f:94:bd:b9:e2:e0:d7:e7:37:41:93:c4:f1:57:
75:6f:27:c1:59:78:45:cd:45:07:b5:0e:18:ad:b6:
81:49:d7:ad:79:08:e5:83:c1:19:b6:da:28:50:c7:
f4:84:d9:96:b0:c2:bb:6c:5b:f1:96:60:1a:62:b4:
82:5b:04:d0:7a:c5:e3:b7:29:49:13:3e:57:70:ee:
7c:ef:d6:ef:10:30:81:3b:f5:eb:e1:35:7d:d0:cb:
91:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:60:D8:13:1E:D0:5F:44:A9:66:1F:47:54:8D:92:DF:B4:5E:F2:3C
X509v3 Authority Key Identifier:
keyid:37:E0:CB:58:AE:23:D4:73:AE:13:A7:34:1B:7A:73:BD:D1:02:8A:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N-DLWK4j1HOuE6c0G3pzvdECig0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/46c38b-4324-44aa-9bb5-386910dcb903/1/WGDYEx7QX0SpZh9HVI2S37Re8jw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/46c38b-4324-44aa-9bb5-386910dcb903/1/N-DLWK4j1HOuE6c0G3pzvdECig0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.173.136.0/22
IPv6:
2a0b:5500::/29
Signature Algorithm: sha256WithRSAEncryption
6e:94:4a:77:84:d9:06:58:67:d4:31:35:e5:e7:e7:b3:0a:21:
1e:32:4d:b7:5e:a5:bb:8c:d5:e2:3a:86:7e:5b:1d:c3:ac:c7:
ec:d8:c7:05:91:bf:f1:db:18:f5:f7:2f:ae:48:4d:86:78:54:
6a:40:05:54:ec:5b:8d:37:cb:8e:89:4d:74:b0:85:9a:92:63:
24:d9:0c:62:2e:3c:3a:1d:17:c8:16:3f:d6:35:24:d5:13:d9:
ec:30:22:29:79:dc:83:b8:24:27:86:8b:20:1d:84:6e:63:ba:
06:31:0e:c0:e6:43:cf:5e:dd:88:eb:8c:9f:45:05:de:dd:ae:
d5:b6:fe:38:53:64:0f:9a:96:3e:8c:ca:39:68:04:14:ce:17:
54:f5:91:d9:e6:6d:48:36:b1:80:68:b8:1c:0f:30:0b:02:f1:
c1:da:2f:9a:d3:d3:bf:0f:48:4e:98:22:cb:f9:e2:15:26:03:
04:77:9e:06:a1:c2:e6:5e:ff:e6:dd:6c:e1:21:06:30:ad:cb:
6c:45:13:64:a0:66:6a:84:d4:c6:b2:1a:61:bb:87:28:67:bf:
c1:60:4d:c4:7b:3d:3c:98:b8:ba:83:90:dc:61:dc:a5:fe:b3:
fa:6f:44:a3:1b:63:33:bc:30:79:44:1b:80:e2:74:39:9d:a4:
c1:e8:c0:91
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAVkPGTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
N2UwY2I1OGFlMjNkNDczYWUxM2E3MzQxYjdhNzNiZGQxMDI4YTBkMB4XDTIyMDEw
MTExMDIyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTg2MGQ4MTMxZWQw
NWY0NGE5NjYxZjQ3NTQ4ZDkyZGZiNDVlZjIzYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALk1p1BW6nQP6VbXBTReaF1njQnQax5jknmi8oms9KA0K/nT
GnWtlU3GV3kxf7tKc9NYD0VeW4UQgJ90w/pgT0rMqNy2v13qkrtUpZkpWyHe4KkY
oFqD3r/+aiDXX+R90DU9/hbR8Da68iK2HrmnfDgHqF/wzc2f66k9YYTfHQdxAHhy
De+uJqGPdWhNWajbQJMfmkBcyPqTwB8LsdbSZOh2n4XQgY+Uvbni4NfnN0GTxPFX
dW8nwVl4Rc1FB7UOGK22gUnXrXkI5YPBGbbaKFDH9ITZlrDCu2xb8ZZgGmK0glsE
0HrF47cpSRM+V3DufO/W7xAwgTv16+E1fdDLkckCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRYYNgTHtBfRKlmH0dUjZLftF7yPDAfBgNVHSMEGDAWgBQ34MtYriPUc64T
pzQbenO90QKKDTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L04tRExXSzRqMUhPdUU2YzBHM3B6dmRFQ2lnMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWYvNDZjMzhiLTQzMjQtNDRhYS05YmI1LTM4NjkxMGRjYjkwMy8x
L1dHRFlFeDdRWDBTcFpoOUhWSTJTMzdSZThqdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWYv
NDZjMzhiLTQzMjQtNDRhYS05YmI1LTM4NjkxMGRjYjkwMy8xL04tRExXSzRqMUhP
dUU2YzBHM3B6dmRFQ2lnMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmtiDANBAIAAjAHAwUDKgtVADAN
BgkqhkiG9w0BAQsFAAOCAQEAbpRKd4TZBlhn1DE15efnswohHjJNt16lu4zV4jqG
flsdw6zH7NjHBZG/8dsY9fcvrkhNhnhUakAFVOxbjTfLjolNdLCFmpJjJNkMYi48
Oh0XyBY/1jUk1RPZ7DAiKXncg7gkJ4aLIB2EbmO6BjEOwOZDz17diOuMn0UF3t2u
1bb+OFNkD5qWPozKOWgEFM4XVPWR2eZtSDaxgGi4HA8wCwLxwdovmtPTvw9ITpgi
y/niFSYDBHeeBqHC5l7/5t1s4SEGMK3LbEUTZKBmaoTUxrIaYbuHKGe/wWBNxHs9
PJi4uoOQ3GHcpf6z+m9EoxtjM7wweUQbgOJ0OZ2kwejAkQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:23 2023 by rpki-client on console.sobornost.net