Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/91e882-ba8a-44c5-9b0d-275242aa6775/1/wnP445pUQ6wPBweARGIUsLxqGPY.roa
File: wnP445pUQ6wPBweARGIUsLxqGPY.roa (raw, json)
Hash identifier: tY7zxLuedEy/wJY6MmZQeHoa5VFLk/efkw9Pv3DXPas=
Subject key identifier: C2:73:F8:E3:9A:54:43:AC:0F:07:07:80:44:62:14:B0:BC:6A:18:F6
Certificate issuer: /CN=ab91d5262561a9dd713dfa39163dec849fee4636
Certificate serial: 018437F71419F6BFB91EEFC02831D6A8A3C6
Authority key identifier: AB:91:D5:26:25:61:A9:DD:71:3D:FA:39:16:3D:EC:84:9F:EE:46:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q5HVJiVhqd1xPfo5Fj3shJ_uRjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/91e882-ba8a-44c5-9b0d-275242aa6775/1/wnP445pUQ6wPBweARGIUsLxqGPY.roa
Signing time: Wed 02 Nov 2022 10:50:50 +0000
ROA not before: Wed 02 Nov 2022 10:50:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200168
IP address blocks: 195.254.172.0/23 maxlen: 23
185.35.212.0/22 maxlen: 24
2a04:6543::/32 maxlen: 32
2a04:6540::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:37:f7:14:19:f6:bf:b9:1e:ef:c0:28:31:d6:a8:a3:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab91d5262561a9dd713dfa39163dec849fee4636
Validity
Not Before: Nov 2 10:50:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c273f8e39a5443ac0f070780446214b0bc6a18f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:4e:8e:c6:ff:38:19:6a:4c:31:85:d8:f1:3e:
80:2a:e0:86:74:e7:75:f4:a9:54:ad:88:26:43:b4:
0c:1b:40:23:7b:c6:10:a7:b0:59:91:d7:8d:a6:a2:
6b:e6:21:9c:29:10:cf:34:9d:03:58:40:22:04:79:
29:63:ff:66:c3:b2:88:ba:1e:af:8c:7a:c9:68:53:
fd:c4:55:f4:22:5b:dd:91:82:49:de:78:8f:56:60:
be:62:c3:a4:91:5a:c4:78:59:16:d0:c4:36:fa:b4:
b3:78:12:5a:c3:69:f5:38:cf:87:e3:b4:ec:8c:77:
46:53:49:16:51:ca:0c:16:e2:27:25:a4:b4:ef:a4:
f7:f2:35:f8:01:7f:ad:f9:26:0d:30:47:2b:e1:2a:
55:ed:9d:2d:6f:9c:a3:b7:e0:bb:17:1d:6a:69:63:
af:df:37:e4:03:a1:10:2f:17:e8:45:b1:ee:64:e4:
bb:69:2f:a4:a3:ef:97:74:23:7c:07:33:7d:aa:e8:
5f:55:4e:ce:87:06:69:13:2f:2c:2d:7d:7f:5f:0a:
a4:9c:1f:fc:cd:65:5d:82:fc:b3:32:b5:fe:6d:7b:
40:03:b2:69:da:0e:85:d4:ef:b3:50:d3:34:32:72:
5c:ad:a8:99:4b:f1:a8:ca:43:04:0b:65:66:ec:74:
38:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:73:F8:E3:9A:54:43:AC:0F:07:07:80:44:62:14:B0:BC:6A:18:F6
X509v3 Authority Key Identifier:
keyid:AB:91:D5:26:25:61:A9:DD:71:3D:FA:39:16:3D:EC:84:9F:EE:46:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q5HVJiVhqd1xPfo5Fj3shJ_uRjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/91e882-ba8a-44c5-9b0d-275242aa6775/1/wnP445pUQ6wPBweARGIUsLxqGPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/91e882-ba8a-44c5-9b0d-275242aa6775/1/q5HVJiVhqd1xPfo5Fj3shJ_uRjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.35.212.0/22
195.254.172.0/23
IPv6:
2a04:6540::/32
2a04:6543::/32
Signature Algorithm: sha256WithRSAEncryption
35:af:da:f5:24:d8:1a:b5:2a:d9:90:c1:1b:71:cc:5c:ea:53:
80:d8:4a:7b:d6:48:0b:41:2b:b8:12:e0:a3:ea:e2:69:b1:9a:
42:50:c1:21:b2:0b:37:e3:b4:57:4a:92:d2:39:c0:3b:96:40:
ee:f4:14:ac:df:15:45:a6:ca:39:a9:c6:4d:45:f8:b0:b5:cd:
d8:aa:9f:bb:65:92:60:74:90:95:2b:70:f7:c6:91:9a:69:a0:
71:f6:18:a4:a7:a5:da:c6:0c:c8:40:76:5c:58:f4:74:02:0b:
5b:e9:d6:ea:d0:30:30:b4:a7:7f:1b:16:61:55:63:69:71:1d:
a6:e7:d5:3d:f8:5c:bc:36:0d:f8:dc:23:91:09:79:3e:28:36:
ff:4e:be:45:bd:fa:96:b2:39:d3:e6:36:4d:8b:60:05:2b:f2:
d1:ac:14:72:be:0e:db:4f:bb:ca:73:4e:a0:4e:df:c5:02:34:
21:9a:db:31:ca:3a:55:c4:a6:de:07:08:66:02:a2:c5:a1:c1:
6f:4f:f2:b0:dc:7e:57:77:e5:dd:e8:c1:38:cd:a6:a5:aa:d8:
79:19:2d:69:ec:99:70:dc:f2:94:99:9e:c7:45:e2:a2:dd:a2:
b0:db:d7:ce:69:35:de:b3:a7:a0:bd:8d:40:89:06:7a:a3:7a:
11:5a:9c:61
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYQ39xQZ9r+5Hu/AKDHWqKPGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiOTFkNTI2MjU2MWE5ZGQ3MTNkZmEzOTE2M2RlYzg0OWZl
ZTQ2MzYwHhcNMjIxMTAyMTA1MDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjczZjhlMzlhNTQ0M2FjMGYwNzA3ODA0NDYyMTRiMGJjNmExOGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo06Oxv84GWpMMYXY8T6AKuCGdOd1
9KlUrYgmQ7QMG0Aje8YQp7BZkdeNpqJr5iGcKRDPNJ0DWEAiBHkpY/9mw7KIuh6v
jHrJaFP9xFX0IlvdkYJJ3niPVmC+YsOkkVrEeFkW0MQ2+rSzeBJaw2n1OM+H47Ts
jHdGU0kWUcoMFuInJaS076T38jX4AX+t+SYNMEcr4SpV7Z0tb5yjt+C7Fx1qaWOv
3zfkA6EQLxfoRbHuZOS7aS+ko++XdCN8BzN9quhfVU7OhwZpEy8sLX1/XwqknB/8
zWVdgvyzMrX+bXtAA7Jp2g6F1O+zUNM0MnJcraiZS/GoykMEC2Vm7HQ4vwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFMJz+OOaVEOsDwcHgERiFLC8ahj2MB8GA1UdIwQY
MBaAFKuR1SYlYandcT36ORY97ISf7kY2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTVIVkppVmhxZDF4UGZvNUZqM3NoSl91UmpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi85MWU4ODItYmE4YS00NGM1LTliMGQt
Mjc1MjQyYWE2Nzc1LzEvd25QNDQ1cFVRNndQQndlQVJHSVVzTHhxR1BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi85MWU4ODItYmE4YS00NGM1LTliMGQtMjc1MjQyYWE2Nzc1
LzEvcTVIVkppVmhxZDF4UGZvNUZqM3NoSl91UmpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuSPUAwQB
w/6sMBQEAgACMA4DBQAqBGVAAwUAKgRlQzANBgkqhkiG9w0BAQsFAAOCAQEANa/a
9STYGrUq2ZDBG3HMXOpTgNhKe9ZIC0EruBLgo+riabGaQlDBIbILN+O0V0qS0jnA
O5ZA7vQUrN8VRabKOanGTUX4sLXN2Kqfu2WSYHSQlStw98aRmmmgcfYYpKel2sYM
yEB2XFj0dAILW+nW6tAwMLSnfxsWYVVjaXEdpufVPfhcvDYN+NwjkQl5Pig2/06+
Rb36lrI50+Y2TYtgBSvy0awUcr4O20+7ynNOoE7fxQI0IZrbMco6VcSm3gcIZgKi
xaHBb0/ysNx+V3fl3ejBOM2mparYeRktaeyZcNzylJmex0Xiot2isNvXzmk13rOn
oL2NQIkGeqN6EVqcYQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:19 2024 by rpki-client on console-ams.rpki-client.org