Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3wlw_LdL_6ybiLP92cGam1tQ2EA.roa
File: 3wlw_LdL_6ybiLP92cGam1tQ2EA.roa (raw, json)
Hash identifier: EmzQFAf9uI1eetwPNk0TZBmRGfy8pwb4z5al5KSob+Q=
Subject key identifier: DF:09:70:FC:B7:4B:FF:AC:9B:88:B3:FD:D9:C1:9A:9B:5B:50:D8:40
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01850A5D50C293700601E8C62307167DB573
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3wlw_LdL_6ybiLP92cGam1tQ2EA.roa
Signing time: Tue 13 Dec 2022 07:22:45 +0000
ROA not before: Tue 13 Dec 2022 07:22:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 138687
IP address blocks: 212.192.7.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
194.87.180.0/24 maxlen: 24
194.58.61.0/24 maxlen: 24
195.58.61.0/24 maxlen: 24
194.87.191.0/24 maxlen: 24
193.124.94.0/24 maxlen: 24
212.193.5.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0a:5d:50:c2:93:70:06:01:e8:c6:23:07:16:7d:b5:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 13 07:22:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=df0970fcb74bffac9b88b3fdd9c19a9b5b50d840
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:6b:49:b7:83:c9:c0:77:15:ed:86:c8:7b:05:
48:fa:b0:18:e7:f3:50:2b:a6:d9:35:40:84:14:72:
6a:69:a4:17:aa:ae:9b:52:78:63:61:0c:2c:62:90:
de:a8:e1:67:cb:c8:98:e8:92:5c:e4:12:8c:fb:24:
2c:55:2d:b9:d7:3e:22:42:fc:f1:e0:51:93:66:d4:
b0:45:b3:6b:6d:72:57:a6:c8:62:2c:cf:b7:15:66:
33:c7:34:b9:84:bc:96:70:25:c5:a6:f1:f3:3a:ea:
91:28:f6:f5:ae:2f:41:0c:b2:c4:1c:54:73:08:9b:
68:29:6d:82:02:a4:72:87:82:20:ac:6f:62:d6:94:
b0:a1:f4:d3:29:7d:d5:b8:d4:f6:c7:48:c0:0a:a2:
e6:4c:7b:f0:8c:02:e0:74:0d:52:5f:1b:b1:0f:3b:
b6:9d:06:81:46:ab:af:96:20:ef:af:93:25:47:b0:
cd:58:2a:7f:06:9f:ed:8d:3b:74:35:f9:1b:e0:fa:
a1:0d:a9:14:aa:5e:4d:4f:f6:83:f3:20:78:3f:5b:
f6:f4:71:df:23:c1:c6:27:83:d1:75:99:7d:b2:a3:
06:89:ed:ab:4a:fd:05:36:5b:0e:0e:11:4f:60:db:
9c:d7:64:c3:42:82:4e:11:47:9a:51:81:81:68:f4:
36:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:09:70:FC:B7:4B:FF:AC:9B:88:B3:FD:D9:C1:9A:9B:5B:50:D8:40
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3wlw_LdL_6ybiLP92cGam1tQ2EA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.181.0/24
193.124.94.0/24
194.58.61.0/24
194.58.154.0/23
194.87.180.0/24
194.87.191.0/24
195.58.61.0/24
212.192.7.0/24
212.193.5.0/24
Signature Algorithm: sha256WithRSAEncryption
20:2b:8f:97:c0:2a:cb:8f:9a:1e:af:73:23:ce:73:cf:3b:c3:
31:80:8d:7d:cc:d9:4e:aa:62:19:4e:84:75:12:04:59:03:88:
2d:a0:f7:37:41:e3:20:e8:c9:a2:4f:d2:e4:1d:51:14:81:fc:
e6:d5:3a:d4:a4:30:85:e7:28:37:c2:33:7f:58:a7:e8:20:25:
0a:4b:84:ea:ae:32:16:b0:7a:ef:bd:8d:87:65:af:d2:a1:be:
7c:be:9e:c8:1b:73:e7:a3:69:f0:a7:bf:3a:b9:9e:b5:e6:00:
cc:9d:15:90:53:1e:ed:fc:48:da:30:80:6c:6d:bf:f2:55:14:
98:25:47:c1:94:28:69:67:bb:c9:f8:3b:b7:ca:65:22:ec:18:
b2:4b:df:e1:d7:88:7b:52:cd:ab:2f:f8:5b:45:27:85:ec:5d:
38:f0:33:16:93:7f:19:80:76:92:d9:70:c9:9c:66:36:55:c3:
dc:78:2b:15:58:5e:5a:ba:48:b0:e5:6c:90:e7:b2:62:26:af:
98:74:29:73:ef:89:ea:af:2a:08:ee:f6:a8:c0:2d:21:63:e4:
90:da:5f:fc:87:da:13:ab:97:7d:cb:4f:f8:20:3e:06:19:e8:
10:09:ae:55:20:53:d5:5c:65:63:8e:03:12:c3:51:1b:4c:33:
f2:78:85:f9
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYUKXVDCk3AGAejGIwcWfbVzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjEzMDcyMjQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjA5NzBmY2I3NGJmZmFjOWI4OGIzZmRkOWMxOWE5YjViNTBkODQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWtJt4PJwHcV7YbIewVI+rAY5/NQ
K6bZNUCEFHJqaaQXqq6bUnhjYQwsYpDeqOFny8iY6JJc5BKM+yQsVS251z4iQvzx
4FGTZtSwRbNrbXJXpshiLM+3FWYzxzS5hLyWcCXFpvHzOuqRKPb1ri9BDLLEHFRz
CJtoKW2CAqRyh4IgrG9i1pSwofTTKX3VuNT2x0jACqLmTHvwjALgdA1SXxuxDzu2
nQaBRquvliDvr5MlR7DNWCp/Bp/tjTt0Nfkb4PqhDakUql5NT/aD8yB4P1v29HHf
I8HGJ4PRdZl9sqMGie2rSv0FNlsODhFPYNuc12TDQoJOEUeaUYGBaPQ2aQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFN8JcPy3S/+sm4iz/dnBmptbUNhAMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvM3dsd19MZExfNnliaUxQOTJjR2FtMXRRMkVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAwHy1AwQA
wXxeAwQAwjo9AwQBwjqaAwQAwle0AwQAwle/AwQAwzo9AwQA1MAHAwQA1MEFMA0G
CSqGSIb3DQEBCwUAA4IBAQAgK4+XwCrLj5oer3MjznPPO8MxgI19zNlOqmIZToR1
EgRZA4gtoPc3QeMg6MmiT9LkHVEUgfzm1TrUpDCF5yg3wjN/WKfoICUKS4TqrjIW
sHrvvY2HZa/Sob58vp7IG3Pno2nwp786uZ615gDMnRWQUx7t/EjaMIBsbb/yVRSY
JUfBlChpZ7vJ+Du3ymUi7BiyS9/h14h7Us2rL/hbRSeF7F048DMWk38ZgHaS2XDJ
nGY2VcPceCsVWF5aukiw5WyQ57JiJq+YdClz74nqryoI7vaowC0hY+SQ2l/8h9oT
q5d9y0/4ID4GGegQCa5VIFPVXGVjjgMSw1EbTDPyeIX5
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:55 2023 by rpki-client on console-fra.rpki-client.org