Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/276c24-2a7f-4726-8d9f-8bf4fe4c7732/1/WdbDyqTC4Qc0G4-qa81ZW2z2BrU.roa
File: WdbDyqTC4Qc0G4-qa81ZW2z2BrU.roa (raw, json)
Hash identifier: F2DLipC3FJjvD5FLAeo92bzAJRa4h6eS4Szzxwsfwpo=
Subject key identifier: 59:D6:C3:CA:A4:C2:E1:07:34:1B:8F:AA:6B:CD:59:5B:6C:F6:06:B5
Certificate issuer: /CN=fa56c7e660b1c74e3b0318b14338c3f00dd7bc72
Certificate serial: 0184191FD01054C92FBA9FF52F1239559B52
Authority key identifier: FA:56:C7:E6:60:B1:C7:4E:3B:03:18:B1:43:38:C3:F0:0D:D7:BC:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-lbH5mCxx047AxixQzjD8A3XvHI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/276c24-2a7f-4726-8d9f-8bf4fe4c7732/1/WdbDyqTC4Qc0G4-qa81ZW2z2BrU.roa
Signing time: Thu 27 Oct 2022 11:07:06 +0000
ROA not before: Thu 27 Oct 2022 11:07:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57704
IP address blocks: 176.106.40.0/21 maxlen: 24
192.145.120.0/22 maxlen: 22
192.145.120.0/24 maxlen: 24
192.145.122.0/24 maxlen: 24
192.145.121.0/24 maxlen: 24
192.145.123.0/24 maxlen: 24
45.130.98.0/24 maxlen: 24
45.130.96.0/24 maxlen: 24
45.130.97.0/24 maxlen: 24
45.130.99.0/24 maxlen: 24
152.89.42.0/24 maxlen: 24
152.89.41.0/24 maxlen: 24
152.89.43.0/24 maxlen: 24
152.89.40.0/24 maxlen: 24
185.5.221.0/24 maxlen: 24
185.5.220.0/22 maxlen: 22
185.5.220.0/24 maxlen: 24
185.5.223.0/24 maxlen: 24
185.5.222.0/24 maxlen: 24
2a03:7c0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:19:1f:d0:10:54:c9:2f:ba:9f:f5:2f:12:39:55:9b:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa56c7e660b1c74e3b0318b14338c3f00dd7bc72
Validity
Not Before: Oct 27 11:07:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=59d6c3caa4c2e107341b8faa6bcd595b6cf606b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:5f:87:3c:71:fb:32:27:b4:ab:e1:e2:8c:6c:
65:8a:bb:0f:c2:8d:a2:c6:6a:db:06:9f:82:e4:86:
62:af:51:37:ed:8f:84:6e:c0:b9:56:9d:8d:28:14:
2d:70:fa:95:6a:f6:0f:82:9e:c2:ee:31:47:03:ee:
a4:9a:69:4b:06:0a:75:c2:6b:72:cf:67:4c:d8:bd:
be:5b:ba:fb:1b:ae:33:89:a9:08:4c:5c:c9:40:d9:
9f:aa:e5:21:62:62:bd:09:62:81:06:bc:db:21:36:
3d:53:82:e8:9e:73:10:5e:28:1d:8a:65:2f:d1:d5:
d4:62:11:7b:70:ee:b1:27:db:fe:2b:27:04:26:c4:
7e:58:4e:82:1a:51:cc:e0:21:0b:2a:29:3e:fd:33:
00:77:db:ed:5a:c1:4f:fc:4c:16:c2:74:b1:78:79:
c8:ce:98:05:f6:b3:90:51:21:d0:cd:6e:f9:8d:55:
bb:87:6d:81:e8:cf:00:3d:54:d8:d8:26:12:97:4c:
28:34:05:3a:4a:82:f4:4d:7f:84:4a:1b:bc:8f:85:
a2:e5:9e:90:45:69:6c:4e:39:67:19:ff:fa:12:de:
98:11:43:4e:64:52:bc:2a:a8:99:8e:27:7c:95:b2:
d4:80:54:9a:fe:3d:c7:ca:15:7e:b7:ba:c3:fc:d7:
38:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:D6:C3:CA:A4:C2:E1:07:34:1B:8F:AA:6B:CD:59:5B:6C:F6:06:B5
X509v3 Authority Key Identifier:
keyid:FA:56:C7:E6:60:B1:C7:4E:3B:03:18:B1:43:38:C3:F0:0D:D7:BC:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-lbH5mCxx047AxixQzjD8A3XvHI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/276c24-2a7f-4726-8d9f-8bf4fe4c7732/1/WdbDyqTC4Qc0G4-qa81ZW2z2BrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/276c24-2a7f-4726-8d9f-8bf4fe4c7732/1/1-lbH5mCxx047AxixQzjD8A3XvHI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.96.0/22
152.89.40.0/22
176.106.40.0/21
185.5.220.0/22
192.145.120.0/22
IPv6:
2a03:7c0::/32
Signature Algorithm: sha256WithRSAEncryption
80:b6:b0:0a:6c:c8:09:18:53:a2:f0:f7:b6:fe:96:93:6a:06:
2a:66:19:d5:96:f3:bf:96:2a:6d:77:49:00:bc:8a:a6:75:a8:
5b:6b:b5:85:6e:23:3b:bd:6a:d4:30:06:1b:54:ea:2a:f3:b8:
02:14:e5:c9:5e:61:45:89:52:e6:6f:a2:f3:10:76:79:84:46:
00:97:9a:ca:4d:20:22:b6:f4:f4:a4:36:f3:22:41:e9:a8:a0:
cb:84:84:ac:49:65:18:fa:f2:35:73:f1:ab:29:cc:ea:d3:ef:
b9:8c:d8:b1:10:c0:65:5b:e9:3f:31:9a:1e:dc:eb:36:1b:61:
3b:e5:a8:4c:01:ba:04:2c:53:41:c3:34:b4:d5:65:22:19:dd:
6f:fd:03:d4:7f:aa:fd:ca:a0:97:ea:bf:85:d6:13:30:ff:68:
de:08:79:9d:bf:6b:04:5e:27:29:92:38:3e:38:62:72:5b:62:
1c:a2:85:4f:6c:fc:02:17:90:cb:c4:f5:f7:55:b8:84:55:38:
39:6c:28:9b:86:f2:44:12:2c:8b:02:d6:41:e1:88:80:16:f1:
3d:b7:a5:c6:d5:59:30:41:54:a9:86:d3:6e:2c:47:95:b9:f6:
b3:84:9c:10:30:bc:b7:3c:e0:fa:6e:e8:b7:b1:ec:6c:a4:25:
b1:fb:16:45
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYQZH9AQVMkvup/1LxI5VZtSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhNTZjN2U2NjBiMWM3NGUzYjAzMThiMTQzMzhjM2YwMGRk
N2JjNzIwHhcNMjIxMDI3MTEwNzA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWQ2YzNjYWE0YzJlMTA3MzQxYjhmYWE2YmNkNTk1YjZjZjYwNmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1+HPHH7Mie0q+HijGxlirsPwo2i
xmrbBp+C5IZir1E37Y+EbsC5Vp2NKBQtcPqVavYPgp7C7jFHA+6kmmlLBgp1wmty
z2dM2L2+W7r7G64ziakITFzJQNmfquUhYmK9CWKBBrzbITY9U4LonnMQXigdimUv
0dXUYhF7cO6xJ9v+KycEJsR+WE6CGlHM4CELKik+/TMAd9vtWsFP/EwWwnSxeHnI
zpgF9rOQUSHQzW75jVW7h22B6M8APVTY2CYSl0woNAU6SoL0TX+EShu8j4Wi5Z6Q
RWlsTjlnGf/6Et6YEUNOZFK8KqiZjid8lbLUgFSa/j3HyhV+t7rD/Nc4cwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFFnWw8qkwuEHNBuPqmvNWVts9ga1MB8GA1UdIwQY
MBaAFPpWx+ZgscdOOwMYsUM4w/AN17xyMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1sYkg1bUN4eDA0N0F4aXhRempEOEEzWHZISS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODIvMjc2YzI0LTJhN2YtNDcyNi04ZDlm
LThiZjRmZTRjNzczMi8xL1dkYkR5cVRDNFFjMEc0LXFhODFaVzJ6MkJyVS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODIvMjc2YzI0LTJhN2YtNDcyNi04ZDlmLThiZjRmZTRjNzcz
Mi8xLzEtbGJINW1DeHgwNDdBeGl4UXpqRDhBM1h2SEkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwRgYIKwYBBQUHAQcBAf8ENzA1MCQEAgABMB4DBAItgmAD
BAKYWSgDBAOwaigDBAK5BdwDBALAkXgwDQQCAAIwBwMFACoDB8AwDQYJKoZIhvcN
AQELBQADggEBAIC2sApsyAkYU6Lw97b+lpNqBipmGdWW87+WKm13SQC8iqZ1qFtr
tYVuIzu9atQwBhtU6irzuAIU5cleYUWJUuZvovMQdnmERgCXmspNICK29PSkNvMi
QemooMuEhKxJZRj68jVz8aspzOrT77mM2LEQwGVb6T8xmh7c6zYbYTvlqEwBugQs
U0HDNLTVZSIZ3W/9A9R/qv3KoJfqv4XWEzD/aN4IeZ2/awReJymSOD44YnJbYhyi
hU9s/AIXkMvE9fdVuIRVODlsKJuG8kQSLIsC1kHhiIAW8T23pcbVWTBBVKmG024s
R5W59rOEnBAwvLc84Ppu6Lex7GykJbH7FkU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:07 2024 by rpki-client on console-fra.rpki-client.org