Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WSPTaNbDS-pKgc4gYOedsVNG4UU.roa
File: WSPTaNbDS-pKgc4gYOedsVNG4UU.roa (raw, json)
Hash identifier: Azik6TnPTLNsJEWZv4PSv8jUBfEhKAgejHkec5sxx1c=
Subject key identifier: 59:23:D3:68:D6:C3:4B:EA:4A:81:CE:20:60:E7:9D:B1:53:46:E1:45
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018458EE50EC3CA120E7CC287D45EA109A5A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WSPTaNbDS-pKgc4gYOedsVNG4UU.roa
Signing time: Tue 08 Nov 2022 20:28:44 +0000
ROA not before: Tue 08 Nov 2022 20:28:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39521
IP address blocks: 164.40.189.0/24 maxlen: 24
164.40.191.0/24 maxlen: 24
164.40.188.0/24 maxlen: 24
164.40.190.0/24 maxlen: 24
193.149.28.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:58:ee:50:ec:3c:a1:20:e7:cc:28:7d:45:ea:10:9a:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 8 20:28:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5923d368d6c34bea4a81ce2060e79db15346e145
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:49:df:44:f6:d7:1a:c6:de:2b:1f:28:32:88:
cb:37:13:f3:b5:76:6a:26:29:ee:81:e2:4a:8b:c7:
85:6f:99:b0:56:b2:9a:4e:0b:d1:60:a3:bb:03:bf:
5e:2b:52:63:3b:9d:93:fe:f2:9a:13:26:08:51:d7:
d6:d3:a3:65:22:e3:7b:a4:a8:07:cb:f8:48:f2:5e:
63:fd:83:2d:0d:88:c9:67:2f:67:70:19:4c:90:38:
45:9f:49:b3:75:5b:49:f9:3d:ac:01:5a:72:66:54:
66:f0:f9:bf:11:e1:7d:27:35:9e:a5:52:3c:f9:1b:
1f:aa:8f:47:ff:94:8f:74:db:3b:9b:bd:48:5f:56:
ab:1e:f5:67:e8:89:80:24:de:f9:25:8f:4a:92:45:
3d:19:df:dd:f1:5c:6e:6a:84:21:3b:6a:43:4d:66:
4b:84:10:1d:b1:df:dc:a1:94:a4:b0:09:44:d9:db:
6c:b2:1b:95:21:a6:4f:69:3f:90:00:c4:01:dd:a5:
ad:a9:fb:a3:f7:a0:f1:89:fa:56:c4:c5:96:d2:da:
f6:48:c3:75:7c:ce:63:58:24:c4:cf:a8:6a:2e:20:
97:d0:6a:3f:87:99:22:98:07:0a:e6:a8:a1:14:d4:
77:87:36:a5:81:19:8b:b8:46:9e:c3:0c:6d:04:e3:
91:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:23:D3:68:D6:C3:4B:EA:4A:81:CE:20:60:E7:9D:B1:53:46:E1:45
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WSPTaNbDS-pKgc4gYOedsVNG4UU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.40.188.0/22
193.149.28.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:85:01:8c:0b:10:14:37:5d:b2:79:e0:b6:14:21:fe:f3:3e:
d6:af:21:70:48:4f:3c:19:19:5a:cf:49:3e:79:81:63:53:95:
f5:16:46:6a:54:e1:93:e6:89:0d:50:ae:8c:e8:b2:72:30:c2:
0e:0c:ed:83:2a:7d:a5:18:ca:38:bb:d6:cc:5c:98:b0:39:5b:
2f:68:38:4d:b8:82:5f:12:3b:c9:cb:a5:f3:d1:64:f9:e8:9a:
08:45:81:30:e5:a0:1d:cf:fd:9b:d6:a6:02:ad:c8:f5:0d:43:
27:d5:be:c8:5b:0f:86:58:55:c2:95:e6:46:87:e8:cd:17:d0:
83:97:0d:eb:c7:9e:b9:4e:b0:4e:8a:c8:d7:2d:38:56:23:a9:
94:80:76:62:37:8a:21:6c:d0:4f:c7:bf:c2:37:d0:65:f6:5f:
30:5e:54:ff:73:d2:2b:c7:ba:c2:3d:92:69:ec:a6:c2:e0:da:
25:80:d0:5d:57:4f:f9:a1:a5:01:31:37:23:b8:5f:d0:49:2f:
86:71:16:df:56:73:f6:39:25:35:88:91:86:bd:c1:e8:86:4a:
79:30:6d:1d:e4:17:66:2b:29:d9:d1:18:04:34:85:48:f6:59:
c9:64:5f:9f:3f:f8:aa:42:83:58:e6:3b:3d:da:a7:9b:52:fa:
6c:dd:a8:32
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYRY7lDsPKEg58wofUXqEJpaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMTA4MjAyODQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTIzZDM2OGQ2YzM0YmVhNGE4MWNlMjA2MGU3OWRiMTUzNDZlMTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyknfRPbXGsbeKx8oMojLNxPztXZq
JinugeJKi8eFb5mwVrKaTgvRYKO7A79eK1JjO52T/vKaEyYIUdfW06NlIuN7pKgH
y/hI8l5j/YMtDYjJZy9ncBlMkDhFn0mzdVtJ+T2sAVpyZlRm8Pm/EeF9JzWepVI8
+Rsfqo9H/5SPdNs7m71IX1arHvVn6ImAJN75JY9KkkU9Gd/d8VxuaoQhO2pDTWZL
hBAdsd/coZSksAlE2dtsshuVIaZPaT+QAMQB3aWtqfuj96DxifpWxMWW0tr2SMN1
fM5jWCTEz6hqLiCX0Go/h5kimAcK5qihFNR3hzalgRmLuEaewwxtBOORBQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFkj02jWw0vqSoHOIGDnnbFTRuFFMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvV1NQVGFOYkRTLXBLZ2M0Z1lPZWRzVk5HNFVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCpCi8AwQC
wZUcMA0GCSqGSIb3DQEBCwUAA4IBAQB+hQGMCxAUN12yeeC2FCH+8z7WryFwSE88
GRlaz0k+eYFjU5X1FkZqVOGT5okNUK6M6LJyMMIODO2DKn2lGMo4u9bMXJiwOVsv
aDhNuIJfEjvJy6Xz0WT56JoIRYEw5aAdz/2b1qYCrcj1DUMn1b7IWw+GWFXCleZG
h+jNF9CDlw3rx565TrBOisjXLThWI6mUgHZiN4ohbNBPx7/CN9Bl9l8wXlT/c9Ir
x7rCPZJp7KbC4NolgNBdV0/5oaUBMTcjuF/QSS+GcRbfVnP2OSU1iJGGvcHohkp5
MG0d5BdmKynZ0RgENIVI9lnJZF+fP/iqQoNY5js92qebUvps3agy
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:38 2023 by rpki-client on console-ams.rpki-client.org