Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/wHUBicP9rMFT7-PXGCg_8j5RhZc.roa
File: wHUBicP9rMFT7-PXGCg_8j5RhZc.roa (raw, json)
Hash identifier: qWAVbJ8gU4xrJgs/lU9a6HfyN1K8SHO4gFVZgnzOLM8=
Subject key identifier: C0:75:01:89:C3:FD:AC:C1:53:EF:E3:D7:18:28:3F:F2:3E:51:85:97
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 052CA045
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/wHUBicP9rMFT7-PXGCg_8j5RhZc.roa
Signing time: Tue 10 May 2022 10:57:02 +0000
ROA not before: Tue 10 May 2022 10:57:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 85.239.151.0/24 maxlen: 24
185.95.158.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86810693 (0x52ca045)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: May 10 10:57:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c0750189c3fdacc153efe3d718283ff23e518597
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f6:b9:55:33:72:72:1f:75:9f:17:69:98:2a:
58:52:de:26:9e:15:cc:8e:43:54:d8:71:88:13:dc:
98:e3:3d:01:54:3c:31:13:09:3d:35:94:96:a7:89:
95:ed:62:4e:b6:8f:2e:9d:e2:05:56:66:d9:9d:2b:
7a:71:96:b6:0c:00:88:c0:06:e4:52:af:6d:44:39:
23:7e:97:ec:01:17:65:09:44:68:79:3e:e9:2a:7d:
f3:c9:63:42:48:21:b8:e9:eb:50:e7:94:2b:b0:02:
2a:9f:40:a6:2a:0e:88:84:3d:59:a7:9d:66:55:9b:
ba:98:87:06:1d:d0:9e:28:58:be:ac:a5:c6:4e:32:
70:07:14:83:29:03:70:c5:7f:5e:d1:9b:a5:49:c8:
cd:e1:7e:49:92:a6:fe:d8:5a:3e:81:e1:3d:2d:16:
1c:5d:f0:17:40:b0:4f:da:4f:e3:49:9c:8c:b2:0a:
11:dd:be:3e:6c:63:cc:5e:43:72:8d:9c:06:2f:dc:
fd:ea:fb:43:fc:3c:86:c6:11:f3:57:20:e1:b7:b3:
42:a9:d0:0a:a1:f1:76:1f:9d:c1:6f:14:e1:da:0a:
6d:2b:34:c9:f2:b2:1b:04:04:8d:b9:27:7d:01:67:
b9:86:62:7b:d5:30:e9:6f:80:b1:75:64:04:95:d9:
19:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:75:01:89:C3:FD:AC:C1:53:EF:E3:D7:18:28:3F:F2:3E:51:85:97
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/wHUBicP9rMFT7-PXGCg_8j5RhZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.151.0/24
185.95.158.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:a2:7e:4f:d1:e3:3c:df:36:78:e1:49:19:b7:c6:11:a5:3b:
52:f7:60:9d:eb:a6:45:50:cd:80:2e:3c:8d:86:5d:87:a8:94:
4c:c2:65:4f:68:61:ea:ff:01:8f:ca:99:e9:1c:d9:72:73:6f:
4a:09:c9:78:92:ac:61:c7:19:7b:94:b4:96:ff:c8:82:57:bf:
15:df:19:6a:ce:0b:a9:91:25:6c:5f:e3:b4:87:73:69:4b:a1:
bb:96:b6:e5:af:84:e1:5f:80:e4:22:1c:9f:44:e7:d3:b2:11:
bc:9c:0f:00:3c:9b:7c:12:da:10:3f:f6:c4:32:9b:a0:39:f5:
ae:9c:c3:7d:ad:59:ec:4b:ea:07:c2:36:3a:35:21:76:41:5e:
10:dd:d2:44:38:02:54:23:54:7d:1e:83:83:db:41:1c:3b:e8:
ad:88:5b:e6:e8:e3:0f:1d:7a:0a:e6:2e:f7:6d:5d:91:04:62:
78:26:74:75:3a:96:75:0d:5c:f9:47:f7:e3:50:c8:3e:67:43:
25:1a:83:d1:23:9b:b1:2f:c7:9c:66:f5:b0:29:7f:7e:53:03:
f2:fa:a8:fb:c7:65:5c:64:68:de:c9:0e:23:da:12:b2:50:bf:
f2:87:f6:b5:4d:84:64:cc:1a:63:53:41:09:29:2a:cf:5b:58:
e2:1f:9a:1a
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBSygRTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OWQyZGFmZjFjNWJiNjFhMGFjOGIzY2FlYWQ0YjhhMWZhMjg0ZDBmMB4XDTIyMDUx
MDEwNTcwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzA3NTAxODljM2Zk
YWNjMTUzZWZlM2Q3MTgyODNmZjIzZTUxODU5NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK32uVUzcnIfdZ8XaZgqWFLeJp4VzI5DVNhxiBPcmOM9AVQ8
MRMJPTWUlqeJle1iTraPLp3iBVZm2Z0renGWtgwAiMAG5FKvbUQ5I36X7AEXZQlE
aHk+6Sp988ljQkghuOnrUOeUK7ACKp9ApioOiIQ9WaedZlWbupiHBh3QnihYvqyl
xk4ycAcUgykDcMV/XtGbpUnIzeF+SZKm/thaPoHhPS0WHF3wF0CwT9pP40mcjLIK
Ed2+PmxjzF5Dco2cBi/c/er7Q/w8hsYR81cg4bezQqnQCqHxdh+dwW8U4doKbSs0
yfKyGwQEjbknfQFnuYZie9Uw6W+AsXVkBJXZGT0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTAdQGJw/2swVPv49cYKD/yPlGFlzAfBgNVHSMEGDAWgBQp0tr/HFu2GgrI
s8rq1Lih+ihNDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tkTGFfeHhidGhvS3lMUEs2dFM0b2Zvb1RROC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDcvZTVlYTk4LTk2MDEtNGFkZC1hN2Y4LTRmNTdkOWNmNWNhYS8x
L3dIVUJpY1A5ck1GVDctUFhHQ2dfOGo1UmhaYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcv
ZTVlYTk4LTk2MDEtNGFkZC1hN2Y4LTRmNTdkOWNmNWNhYS8xL0tkTGFfeHhidGhv
S3lMUEs2dFM0b2Zvb1RROC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFXvlwMEALlfnjANBgkqhkiG9w0B
AQsFAAOCAQEAxaJ+T9HjPN82eOFJGbfGEaU7UvdgneumRVDNgC48jYZdh6iUTMJl
T2hh6v8Bj8qZ6RzZcnNvSgnJeJKsYccZe5S0lv/Igle/Fd8Zas4LqZElbF/jtIdz
aUuhu5a25a+E4V+A5CIcn0Tn07IRvJwPADybfBLaED/2xDKboDn1rpzDfa1Z7Evq
B8I2OjUhdkFeEN3SRDgCVCNUfR6Dg9tBHDvorYhb5ujjDx16CuYu921dkQRieCZ0
dTqWdQ1c+Uf341DIPmdDJRqD0SObsS/HnGb1sCl/flMD8vqo+8dlXGRo3skOI9oS
slC/8of2tU2EZMwaY1NBCSkqz1tY4h+aGg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:53 2024 by rpki-client on console-fra.rpki-client.org