Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/WDPsUcwyxWkR33i3NKLpHAgdqkI.roa
File: WDPsUcwyxWkR33i3NKLpHAgdqkI.roa (raw, json)
Hash identifier: DgDOwyv5uAFBEnbSednMw3lRY7MmKEK9TM8A1Oe00+8=
Subject key identifier: 58:33:EC:51:CC:32:C5:69:11:DF:78:B7:34:A2:E9:1C:08:1D:AA:42
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0E0EB1DF
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/WDPsUcwyxWkR33i3NKLpHAgdqkI.roa
Signing time: Sat 01 Jan 2022 01:58:11 +0000
ROA not before: Sat 01 Jan 2022 01:58:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3356
IP address blocks: 194.87.204.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
194.87.219.0/24 maxlen: 24
195.133.193.0/24 maxlen: 24
194.135.18.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.87.252.0/24 maxlen: 24
194.87.63.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
194.87.182.0/24 maxlen: 24
194.87.199.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 235844063 (0xe0eb1df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 01:58:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5833ec51cc32c56911df78b734a2e91c081daa42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d7:f8:23:1d:67:b2:14:39:1f:8e:da:a7:ae:
ca:96:fa:03:02:14:c5:80:4f:fd:2e:12:b6:5b:da:
5a:30:8f:6c:26:89:97:cc:b5:58:3b:c4:ee:8c:2c:
2b:8b:23:ef:8b:18:af:a2:59:d9:8b:45:a7:b2:2a:
c4:a8:00:04:5a:85:0c:4d:e8:6c:6c:7d:78:44:2a:
72:3d:a0:4e:e9:d3:71:ba:86:a3:75:bf:0a:ad:9a:
b3:5f:22:16:9c:07:c4:39:2b:02:3c:84:56:4a:e5:
61:44:4e:0f:01:38:7b:b3:70:20:32:f8:9e:2c:c4:
2a:d5:8a:80:cf:ee:d0:80:09:b3:75:cb:26:0e:16:
88:1b:de:6c:86:4a:cb:7d:93:2a:51:37:b9:10:ac:
60:47:22:57:db:13:dc:4d:7f:f5:be:f2:20:7b:25:
0e:97:71:94:df:33:4c:b8:da:69:63:69:24:bc:3d:
c0:3c:6b:68:49:d3:4b:be:21:63:2b:bc:49:e1:50:
24:f0:fd:3c:2e:02:15:b1:b6:6c:d8:e8:24:c5:73:
fa:68:a2:32:d7:a2:21:16:09:a1:a7:34:f3:0b:2e:
88:e5:1d:f7:09:c2:b2:0b:a1:a1:bd:98:ec:9e:2d:
1d:52:20:50:a1:64:6c:a0:83:90:2c:ad:10:bf:c4:
86:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:33:EC:51:CC:32:C5:69:11:DF:78:B7:34:A2:E9:1C:08:1D:AA:42
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/WDPsUcwyxWkR33i3NKLpHAgdqkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.8.0/24
194.87.63.0/24
194.87.182.0/24
194.87.199.0/24
194.87.204.0/24
194.87.219.0/24
194.87.252.0/24
194.135.18.0/24
194.135.23.0/24
195.133.35.0/24
195.133.193.0/24
Signature Algorithm: sha256WithRSAEncryption
33:04:2e:26:7c:09:c7:6e:8e:6d:20:e3:37:4a:d7:f0:43:95:
c0:94:09:a4:3d:5d:93:49:ac:08:94:12:d5:70:66:fa:66:e4:
6e:fc:61:1f:40:b4:13:6c:40:44:a6:0d:8e:b8:2d:57:c0:70:
df:fa:e3:01:79:ef:7f:a0:11:e9:8a:cd:c1:54:a0:42:4c:7e:
75:b7:de:fb:fa:7c:10:7e:f8:f8:0e:1e:3a:29:b6:e8:d7:73:
8d:0a:e9:b2:64:df:51:4a:26:6d:61:d0:69:04:4b:95:9c:3f:
25:02:e6:1c:08:0f:49:c5:de:bc:8f:a0:3d:36:19:ff:4d:11:
27:9c:9a:4f:83:32:2b:f4:45:2a:e8:0b:89:f3:b7:eb:55:5d:
c9:80:12:e3:80:dc:61:a1:24:11:25:d7:b0:23:e3:00:93:40:
b0:8e:e9:f1:6e:71:d0:28:2f:1d:71:66:c5:b7:7c:83:cc:40:
08:2d:dc:93:00:52:5c:e2:d6:7f:9f:f3:6e:2a:9a:29:3d:e3:
03:c7:7a:ed:88:9c:94:40:a5:78:29:c4:32:e0:b1:3e:c6:85:
95:d2:a8:2d:04:4c:94:9b:c4:73:f5:d4:07:29:55:ba:37:bb:
44:3b:05:2e:11:f9:e9:81:63:40:3c:90:c3:64:40:92:ba:0e:
1b:94:f8:4a
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIEDg6x3zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTY5MGY1ZTMyZDVjODZhZjFlMTM0OWRmZDRlOGNlZWI3MGUxYWM3MB4XDTIyMDEw
MTAxNTgxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTgzM2VjNTFjYzMy
YzU2OTExZGY3OGI3MzRhMmU5MWMwODFkYWE0MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKXX+CMdZ7IUOR+O2qeuypb6AwIUxYBP/S4StlvaWjCPbCaJ
l8y1WDvE7owsK4sj74sYr6JZ2YtFp7IqxKgABFqFDE3obGx9eEQqcj2gTunTcbqG
o3W/Cq2as18iFpwHxDkrAjyEVkrlYURODwE4e7NwIDL4nizEKtWKgM/u0IAJs3XL
Jg4WiBvebIZKy32TKlE3uRCsYEciV9sT3E1/9b7yIHslDpdxlN8zTLjaaWNpJLw9
wDxraEnTS74hYyu8SeFQJPD9PC4CFbG2bNjoJMVz+miiMteiIRYJoac08wsuiOUd
9wnCsguhob2Y7J4tHVIgUKFkbKCDkCytEL/EhocCAwEAAaOCAkUwggJBMB0GA1Ud
DgQWBBRYM+xRzDLFaRHfeLc0oukcCB2qQjAfBgNVHSMEGDAWgBQ1aQ9eMtXIavHh
NJ39Tozutw4axzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Xa1BYakxWeUdyeDRUU2RfVTZNN3JjT0dzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8x
L1dEUHNVY3d5eFdrUjMzaTNOS0xwSEFnZHFrSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
ZTE0NDdhLThmMTgtNGE4MC1hNDIyLTVhNDI0MjhmMTE0My8xL05Xa1BYakxWeUdy
eDRUU2RfVTZNN3JjT0dzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBb
BggrBgEFBQcBBwEB/wRMMEowSAQCAAEwQgMEAMF8CAMEAMJXPwMEAMJXtgMEAMJX
xwMEAMJXzAMEAMJX2wMEAMJX/AMEAMKHEgMEAMKHFwMEAMOFIwMEAMOFwTANBgkq
hkiG9w0BAQsFAAOCAQEAMwQuJnwJx26ObSDjN0rX8EOVwJQJpD1dk0msCJQS1XBm
+mbkbvxhH0C0E2xARKYNjrgtV8Bw3/rjAXnvf6AR6YrNwVSgQkx+dbfe+/p8EH74
+A4eOim26NdzjQrpsmTfUUombWHQaQRLlZw/JQLmHAgPScXevI+gPTYZ/00RJ5ya
T4MyK/RFKugLifO361VdyYAS44DcYaEkESXXsCPjAJNAsI7p8W5x0CgvHXFmxbd8
g8xACC3ckwBSXOLWf5/zbiqaKT3jA8d67YiclECleCnEMuCxPsaFldKoLQRMlJvE
c/XUBylVuje7RDsFLhH56YFjQDyQw2RAkroOG5T4Sg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:59 2023 by rpki-client on console-ams.rpki-client.org