Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/ed17c8-abd4-414f-bc30-7d08291a7662/1/WDjfyE_mAiF-Ga_CIeDBeM7vKhk.roa
File: WDjfyE_mAiF-Ga_CIeDBeM7vKhk.roa (raw, json)
Hash identifier: edY61xNs7hhvn8yfxh1E4tw1qjZFAEWI7LDzK5i8r2g=
Subject key identifier: 58:38:DF:C8:4F:E6:02:21:7E:19:AF:C2:21:E0:C1:78:CE:EF:2A:19
Certificate issuer: /CN=a10c73530bb684fd569dfc432704675704183429
Certificate serial: 1610C0F6
Authority key identifier: A1:0C:73:53:0B:B6:84:FD:56:9D:FC:43:27:04:67:57:04:18:34:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oQxzUwu2hP1WnfxDJwRnVwQYNCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/ed17c8-abd4-414f-bc30-7d08291a7662/1/WDjfyE_mAiF-Ga_CIeDBeM7vKhk.roa
Signing time: Sat 01 Jan 2022 11:58:41 +0000
ROA not before: Sat 01 Jan 2022 11:58:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56595
IP address blocks: 185.94.232.0/24 maxlen: 24
185.94.232.0/22 maxlen: 24
185.94.232.0/23 maxlen: 24
185.94.233.0/24 maxlen: 24
185.94.234.0/23 maxlen: 24
185.94.234.0/24 maxlen: 24
185.94.235.0/24 maxlen: 24
2a03:e840::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 370196726 (0x1610c0f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a10c73530bb684fd569dfc432704675704183429
Validity
Not Before: Jan 1 11:58:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5838dfc84fe602217e19afc221e0c178ceef2a19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:4a:7b:55:46:b7:21:00:71:65:e3:aa:9c:28:
b3:9d:e2:40:4e:c0:f0:7c:26:09:89:2d:bb:10:2e:
36:e9:e6:73:08:03:28:86:6e:c5:f3:04:87:78:a4:
13:85:65:ee:a6:af:da:7f:20:eb:f3:85:4f:c3:92:
49:fb:3c:68:2e:61:ee:56:ec:62:0e:c2:50:be:cf:
4b:f3:56:92:a1:b7:8e:25:47:27:17:65:70:23:3e:
db:9d:25:bc:dd:42:87:e1:38:a5:86:2e:a9:2f:da:
25:2a:89:04:a0:5d:38:cd:62:9b:e1:67:b7:02:f2:
9e:06:2e:3d:c5:6f:a5:d1:16:a6:cb:57:39:27:fc:
e5:79:e3:a5:2d:4f:34:5b:c1:bf:01:5a:7f:f6:d4:
3a:3f:98:0d:5d:cf:44:7e:2c:88:c2:90:50:18:bf:
0c:29:2c:57:e1:6a:4f:90:80:7b:0c:ac:32:57:cb:
41:9e:ef:2c:52:b2:ed:99:a2:0d:b6:c8:0c:72:12:
93:f6:44:b5:9c:0c:f5:8e:ac:2c:d4:e5:5c:52:5c:
ab:ae:6d:1c:42:84:81:0f:d1:ab:d2:fb:9b:4c:3d:
b3:f1:38:b8:0c:23:2b:d5:2a:7b:d0:10:9d:48:51:
86:8d:9a:c3:05:bd:f7:9e:2d:09:d9:e8:e0:e2:0c:
35:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:38:DF:C8:4F:E6:02:21:7E:19:AF:C2:21:E0:C1:78:CE:EF:2A:19
X509v3 Authority Key Identifier:
keyid:A1:0C:73:53:0B:B6:84:FD:56:9D:FC:43:27:04:67:57:04:18:34:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oQxzUwu2hP1WnfxDJwRnVwQYNCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/ed17c8-abd4-414f-bc30-7d08291a7662/1/WDjfyE_mAiF-Ga_CIeDBeM7vKhk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/ed17c8-abd4-414f-bc30-7d08291a7662/1/oQxzUwu2hP1WnfxDJwRnVwQYNCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.94.232.0/22
IPv6:
2a03:e840::/32
Signature Algorithm: sha256WithRSAEncryption
4f:1b:23:96:36:d9:1d:1e:be:86:91:ab:c9:92:35:b2:c3:c5:
7a:29:c9:a0:8c:ff:88:91:fc:11:ea:58:bd:9a:86:b3:1b:29:
2c:5d:ea:75:b5:52:d0:e2:02:3c:7f:ff:ca:30:bf:40:7d:5e:
0c:5e:80:95:b6:bb:2e:d6:ac:a2:c4:13:15:2f:e8:1e:97:36:
11:69:47:8e:fc:51:18:5e:1f:98:af:83:c6:b6:6f:26:53:9d:
d6:97:75:ca:f7:fc:de:1c:66:3a:ee:86:8f:b8:0d:2b:65:d3:
99:0e:12:82:11:e5:c4:7f:87:b5:3c:76:86:11:97:52:64:a9:
a5:2f:9b:33:d3:ad:b5:79:a8:af:62:4a:aa:06:95:ff:90:66:
92:60:f7:14:c7:6d:0f:93:49:ba:25:c7:fb:7b:03:3e:cd:2b:
8c:d2:e4:07:bc:b5:47:c0:b6:be:4f:33:7d:f3:da:26:2c:b0:
67:fd:0a:7a:55:9a:e5:4c:72:12:58:93:36:3e:58:e2:c2:8e:
fe:47:78:78:bb:15:1e:87:b8:9c:bd:c7:d4:b5:60:c2:43:2a:
e8:8a:b6:e3:d1:57:68:97:b0:81:f2:13:12:6a:4b:d7:ca:09:
7b:28:41:af:2d:dc:5a:c6:99:ca:1c:ee:f2:bf:74:25:f9:63:
29:4c:8d:65
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEFhDA9jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MTBjNzM1MzBiYjY4NGZkNTY5ZGZjNDMyNzA0Njc1NzA0MTgzNDI5MB4XDTIyMDEw
MTExNTg0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTgzOGRmYzg0ZmU2
MDIyMTdlMTlhZmMyMjFlMGMxNzhjZWVmMmExOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK1Ke1VGtyEAcWXjqpwos53iQE7A8HwmCYktuxAuNunmcwgD
KIZuxfMEh3ikE4Vl7qav2n8g6/OFT8OSSfs8aC5h7lbsYg7CUL7PS/NWkqG3jiVH
JxdlcCM+250lvN1Ch+E4pYYuqS/aJSqJBKBdOM1im+FntwLyngYuPcVvpdEWpstX
OSf85XnjpS1PNFvBvwFaf/bUOj+YDV3PRH4siMKQUBi/DCksV+FqT5CAewysMlfL
QZ7vLFKy7ZmiDbbIDHISk/ZEtZwM9Y6sLNTlXFJcq65tHEKEgQ/Rq9L7m0w9s/E4
uAwjK9Uqe9AQnUhRho2awwW9954tCdno4OIMNcUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRYON/IT+YCIX4Zr8Ih4MF4zu8qGTAfBgNVHSMEGDAWgBShDHNTC7aE/Vad
/EMnBGdXBBg0KTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29ReHpVd3UyaFAxV25meERKd1JuVndRWU5Day5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWYvZWQxN2M4LWFiZDQtNDE0Zi1iYzMwLTdkMDgyOTFhNzY2Mi8x
L1dEamZ5RV9tQWlGLUdhX0NJZURCZU03dktoay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWYv
ZWQxN2M4LWFiZDQtNDE0Zi1iYzMwLTdkMDgyOTFhNzY2Mi8xL29ReHpVd3UyaFAx
V25meERKd1JuVndRWU5Day5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArle6DANBAIAAjAHAwUAKgPoQDAN
BgkqhkiG9w0BAQsFAAOCAQEATxsjljbZHR6+hpGryZI1ssPFeinJoIz/iJH8EepY
vZqGsxspLF3qdbVS0OICPH//yjC/QH1eDF6Alba7LtasosQTFS/oHpc2EWlHjvxR
GF4fmK+DxrZvJlOd1pd1yvf83hxmOu6Gj7gNK2XTmQ4SghHlxH+HtTx2hhGXUmSp
pS+bM9OttXmor2JKqgaV/5BmkmD3FMdtD5NJuiXH+3sDPs0rjNLkB7y1R8C2vk8z
ffPaJiywZ/0KelWa5UxyEliTNj5Y4sKO/kd4eLsVHoe4nL3H1LVgwkMq6Iq249FX
aJewgfITEmpL18oJeyhBry3cWsaZyhzu8r90JfljKUyNZQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:55 2024 by rpki-client on console-fra.rpki-client.org