Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/8e7785-9451-46fb-b244-7d9b8230537e/1/_wQjhnPhpZN0wxJwqT2BGmOE2kA.roa
File: _wQjhnPhpZN0wxJwqT2BGmOE2kA.roa (raw, json)
Hash identifier: Jk4fiOpJFvq3OPcY/gtNf4DW7QvuWyMy0K80PMRCmA8=
Subject key identifier: FF:04:23:86:73:E1:A5:93:74:C3:12:70:A9:3D:81:1A:63:84:DA:40
Certificate issuer: /CN=7ec65a1dcf8225e7f10be20ddde1e216e800b67c
Certificate serial: 0183B1803710FE77AB3A8867C6A8CDE6097C
Authority key identifier: 7E:C6:5A:1D:CF:82:25:E7:F1:0B:E2:0D:DD:E1:E2:16:E8:00:B6:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fsZaHc-CJefxC-IN3eHiFugAtnw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/8e7785-9451-46fb-b244-7d9b8230537e/1/_wQjhnPhpZN0wxJwqT2BGmOE2kA.roa
Signing time: Fri 07 Oct 2022 08:11:53 +0000
ROA not before: Fri 07 Oct 2022 08:11:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6453
IP address blocks: 178.240.0.0/13 maxlen: 24
31.140.0.0/14 maxlen: 24
176.237.0.0/16 maxlen: 24
5.27.0.0/19 maxlen: 24
213.43.0.0/16 maxlen: 24
176.91.0.0/16 maxlen: 17
141.196.0.0/16 maxlen: 24
176.239.0.0/16 maxlen: 24
86.108.128.0/17 maxlen: 24
5.26.0.0/16 maxlen: 24
176.90.0.0/15 maxlen: 24
176.227.0.0/17 maxlen: 24
188.56.0.0/14 maxlen: 24
5.24.0.0/14 maxlen: 24
176.238.0.0/16 maxlen: 24
5.11.128.0/17 maxlen: 24
176.89.0.0/16 maxlen: 24
2a02:4e0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b1:80:37:10:fe:77:ab:3a:88:67:c6:a8:cd:e6:09:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ec65a1dcf8225e7f10be20ddde1e216e800b67c
Validity
Not Before: Oct 7 08:11:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ff04238673e1a59374c31270a93d811a6384da40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:e6:af:a5:04:6a:6c:2b:33:63:cc:69:f8:1f:
3b:0d:0b:c8:6c:55:3d:0e:ad:57:38:22:c2:de:13:
ee:e4:23:24:e0:5a:4a:95:ca:dd:fd:1c:60:b4:89:
8b:63:b6:24:0d:59:dd:69:7e:02:9e:7c:ac:d6:fd:
96:79:5e:58:61:f8:05:bc:2a:ed:7a:1f:39:89:a0:
17:27:13:e8:63:75:18:53:68:bf:27:74:74:3b:84:
04:3b:5d:9f:ec:39:26:4f:6f:b0:90:04:ba:a9:7f:
f9:84:27:bc:b6:22:04:9a:3c:35:bc:60:99:39:76:
31:8f:6a:20:1d:00:00:0e:42:1a:c7:93:1f:16:35:
c9:0b:a5:14:a4:cd:20:14:49:be:a5:71:a0:12:e3:
c5:41:0d:13:c2:f4:61:9e:15:de:7c:79:66:95:de:
ae:73:57:47:ae:25:40:e1:c6:6c:98:d8:08:bd:25:
23:30:36:63:25:17:34:d5:bd:34:26:a6:24:16:73:
ed:78:cd:af:b6:8f:86:a2:43:22:94:c5:54:73:68:
7a:f0:0d:bf:4a:d5:88:d0:10:be:48:fe:05:fe:58:
b9:ce:c3:8f:c1:ba:4e:80:2e:79:4d:5d:c8:25:69:
5a:6f:6c:e3:d1:a5:d9:02:93:25:7e:ad:f1:7d:97:
06:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:04:23:86:73:E1:A5:93:74:C3:12:70:A9:3D:81:1A:63:84:DA:40
X509v3 Authority Key Identifier:
keyid:7E:C6:5A:1D:CF:82:25:E7:F1:0B:E2:0D:DD:E1:E2:16:E8:00:B6:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fsZaHc-CJefxC-IN3eHiFugAtnw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/8e7785-9451-46fb-b244-7d9b8230537e/1/_wQjhnPhpZN0wxJwqT2BGmOE2kA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/8e7785-9451-46fb-b244-7d9b8230537e/1/fsZaHc-CJefxC-IN3eHiFugAtnw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.128.0/17
5.24.0.0/14
31.140.0.0/14
86.108.128.0/17
141.196.0.0/16
176.89.0.0-176.91.255.255
176.227.0.0/17
176.237.0.0-176.239.255.255
178.240.0.0/13
188.56.0.0/14
213.43.0.0/16
IPv6:
2a02:4e0::/32
Signature Algorithm: sha256WithRSAEncryption
8c:17:74:14:d6:4a:f9:c2:60:9b:87:3c:0b:6a:39:0f:db:64:
03:f0:0a:b0:52:d7:8d:59:bc:aa:32:fb:9d:a1:ae:b0:b8:57:
45:97:63:b5:3b:3e:3f:32:4a:c2:79:fd:55:85:a4:83:0a:0d:
9c:79:b0:65:0e:0f:c5:79:a6:4c:db:ab:8a:31:00:c7:ee:dd:
73:e3:ca:02:ff:4b:7e:bf:fe:95:a9:97:90:23:06:9d:74:02:
cc:eb:ad:9b:28:0b:97:7a:35:75:ec:30:41:1d:eb:70:46:5c:
ac:f5:b3:7b:c2:69:9a:02:1d:28:93:ec:fd:60:0d:bd:76:52:
a3:72:d3:db:0d:5a:48:d4:fd:3a:6a:f7:44:2b:98:87:db:85:
e8:61:e3:2e:69:de:9b:b0:35:1c:c5:21:cf:17:c2:33:f1:2d:
aa:8c:5a:7c:3b:e1:bc:05:5a:01:bc:e4:58:f7:c2:da:19:b8:
48:fe:df:86:c8:f1:02:31:e5:da:f4:f2:c1:cd:b8:8e:80:b2:
69:9b:76:4f:e7:13:66:97:67:80:c4:e6:ce:7f:5f:d5:9d:5e:
86:1a:de:21:e2:f4:81:20:12:b0:e3:87:bc:0e:2b:e4:48:17:
65:1b:4b:a4:cd:48:2a:c5:cb:ba:9b:27:f6:e2:4d:4b:48:1f:
92:29:1c:16
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYOxgDcQ/nerOohnxqjN5gl8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlYzY1YTFkY2Y4MjI1ZTdmMTBiZTIwZGRkZTFlMjE2ZTgw
MGI2N2MwHhcNMjIxMDA3MDgxMTUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjA0MjM4NjczZTFhNTkzNzRjMzEyNzBhOTNkODExYTYzODRkYTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkuavpQRqbCszY8xp+B87DQvIbFU9
Dq1XOCLC3hPu5CMk4FpKlcrd/RxgtImLY7YkDVndaX4Cnnys1v2WeV5YYfgFvCrt
eh85iaAXJxPoY3UYU2i/J3R0O4QEO12f7DkmT2+wkAS6qX/5hCe8tiIEmjw1vGCZ
OXYxj2ogHQAADkIax5MfFjXJC6UUpM0gFEm+pXGgEuPFQQ0TwvRhnhXefHlmld6u
c1dHriVA4cZsmNgIvSUjMDZjJRc01b00JqYkFnPteM2vto+GokMilMVUc2h68A2/
StWI0BC+SP4F/li5zsOPwbpOgC55TV3IJWlab2zj0aXZApMlfq3xfZcGtQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFP8EI4Zz4aWTdMMScKk9gRpjhNpAMB8GA1UdIwQY
MBaAFH7GWh3PgiXn8QviDd3h4hboALZ8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnNaYUhjLUNKZWZ4Qy1JTjNlSGlGdWdBdG53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi84ZTc3ODUtOTQ1MS00NmZiLWIyNDQt
N2Q5YjgyMzA1MzdlLzEvX3dRamhuUGhwWk4wd3hKd3FUMkJHbU9FMmtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi84ZTc3ODUtOTQ1MS00NmZiLWIyNDQtN2Q5YjgyMzA1Mzdl
LzEvZnNaYUhjLUNKZWZ4Qy1JTjNlSGlGdWdBdG53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQHBQuAAwMC
BRgDAwIfjAMEB1ZsgAMDAI3EMAoDAwCwWQMDArBYAwQHsOMAMAoDAwCw7QMDBLDg
AwMDsvADAwK8OAMDANUrMA0EAgACMAcDBQAqAgTgMA0GCSqGSIb3DQEBCwUAA4IB
AQCMF3QU1kr5wmCbhzwLajkP22QD8AqwUteNWbyqMvudoa6wuFdFl2O1Oz4/MkrC
ef1VhaSDCg2cebBlDg/FeaZM26uKMQDH7t1z48oC/0t+v/6VqZeQIwaddALM662b
KAuXejV17DBBHetwRlys9bN7wmmaAh0ok+z9YA29dlKjctPbDVpI1P06avdEK5iH
24XoYeMuad6bsDUcxSHPF8Iz8S2qjFp8O+G8BVoBvORY98LaGbhI/t+GyPECMeXa
9PLBzbiOgLJpm3ZP5xNml2eAxObOf1/VnV6GGt4h4vSBIBKw44e8DivkSBdlG0uk
zUgqxcu6myf24k1LSB+SKRwW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:45 2024 by rpki-client on console-ams.rpki-client.org