Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WcrHElo9q6--3KDhk0VCjSnMg0k.roa
File: WcrHElo9q6--3KDhk0VCjSnMg0k.roa (raw, json)
Hash identifier: KVIQzgHTE2YsCuwBoa5jn2KGnWK2Is4KJfV1pj/T50U=
Subject key identifier: 59:CA:C7:12:5A:3D:AB:AF:BE:DC:A0:E1:93:45:42:8D:29:CC:83:49
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0182F8B4A3FF881CDF1C482E62EF94FE5B83
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WcrHElo9q6--3KDhk0VCjSnMg0k.roa
Signing time: Thu 01 Sep 2022 10:59:24 +0000
ROA not before: Thu 01 Sep 2022 10:59:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 79.110.50.0/24 maxlen: 24
185.218.137.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f8:b4:a3:ff:88:1c:df:1c:48:2e:62:ef:94:fe:5b:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 1 10:59:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=59cac7125a3dabafbedca0e19345428d29cc8349
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5d:4f:ae:0c:b6:ae:19:2a:8f:72:56:d0:ed:
80:e1:9a:c6:5e:05:4f:c3:52:cd:6c:7e:06:49:b8:
e3:60:0f:8b:82:19:15:3f:48:d9:a0:d0:e0:33:63:
9d:67:1f:02:99:54:f7:e8:ec:59:9b:19:a5:b4:a4:
15:72:f5:08:7c:c5:5a:b3:7b:ec:94:19:5c:75:ff:
e6:77:09:18:99:55:d2:a3:7c:14:83:62:26:59:8b:
68:cd:a0:ac:75:54:6c:06:73:5d:04:06:29:36:c8:
ef:68:a7:ea:17:44:7d:09:21:19:c2:97:c9:ed:b6:
10:21:3a:42:a6:70:2e:c9:cf:8e:d8:a9:3c:c3:8a:
a5:d5:f0:66:35:c9:ea:73:e2:cd:93:55:41:72:55:
a9:2f:41:a3:2c:50:34:6f:3b:6e:4d:2b:cd:0f:7a:
81:ae:0c:a1:aa:b7:bb:c6:a3:5d:a2:00:da:f3:62:
28:d2:1a:49:0f:9b:f7:50:2b:57:cb:28:9b:8c:1c:
f0:5b:ee:07:2a:d1:d0:52:83:52:24:88:e3:3b:49:
81:6e:19:53:46:71:b8:17:e6:e7:40:67:5b:5d:d6:
06:da:5d:c9:0c:7a:6a:19:cb:94:d3:a7:2e:56:c5:
12:ac:d3:8b:61:39:4b:46:cb:e2:18:8b:59:e5:60:
b8:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:CA:C7:12:5A:3D:AB:AF:BE:DC:A0:E1:93:45:42:8D:29:CC:83:49
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WcrHElo9q6--3KDhk0VCjSnMg0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.50.0/24
109.206.239.0/24
185.218.137.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:a8:fd:57:af:a7:8e:82:59:9d:31:33:fb:0e:44:cf:a4:9c:
28:6f:72:84:10:ac:0f:69:70:b4:21:d4:c1:f7:4d:0f:50:d0:
69:63:55:36:36:99:96:16:57:ad:c1:a4:68:a7:4a:24:41:c4:
87:51:7a:81:8a:6d:23:a5:ab:22:56:4c:9f:e4:04:21:fb:b9:
b4:2e:58:2c:86:38:06:57:a6:ab:51:52:35:f5:24:3d:8b:41:
fd:fb:6c:bf:60:04:62:aa:ef:6c:10:a8:c0:76:5d:80:25:cb:
e8:f6:fb:4c:92:f4:05:f6:0b:f1:39:ef:44:5f:be:f3:7f:17:
55:ce:3f:09:c6:c3:aa:c4:a7:b4:55:fc:b8:0e:bc:93:b1:a2:
86:12:9f:b8:ed:04:68:15:16:6e:ea:e0:6c:1b:b9:b5:2e:c8:
20:97:42:73:dc:e7:8e:44:be:a9:48:f4:52:ca:73:30:88:b4:
46:15:52:46:dd:c6:d7:ef:f1:c2:57:0f:0c:ee:9b:4e:a1:8a:
dc:15:09:e5:de:02:ad:91:c1:9e:4c:fc:e5:59:13:13:60:bb:
ab:39:88:ca:5d:25:d4:60:78:5f:27:e7:4e:4a:c4:61:eb:6b:
81:41:2e:ba:70:c0:8b:c2:9d:e0:cd:92:2b:cf:de:c2:95:cc:
a1:55:03:ac
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYL4tKP/iBzfHEguYu+U/luDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIwOTAxMTA1OTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWNhYzcxMjVhM2RhYmFmYmVkY2EwZTE5MzQ1NDI4ZDI5Y2M4MzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtF1Prgy2rhkqj3JW0O2A4ZrGXgVP
w1LNbH4GSbjjYA+LghkVP0jZoNDgM2OdZx8CmVT36OxZmxmltKQVcvUIfMVas3vs
lBlcdf/mdwkYmVXSo3wUg2ImWYtozaCsdVRsBnNdBAYpNsjvaKfqF0R9CSEZwpfJ
7bYQITpCpnAuyc+O2Kk8w4ql1fBmNcnqc+LNk1VBclWpL0GjLFA0bztuTSvND3qB
rgyhqre7xqNdogDa82Io0hpJD5v3UCtXyyibjBzwW+4HKtHQUoNSJIjjO0mBbhlT
RnG4F+bnQGdbXdYG2l3JDHpqGcuU06cuVsUSrNOLYTlLRsviGItZ5WC4EQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFnKxxJaPauvvtyg4ZNFQo0pzINJMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvV2NySEVsbzlxNi0tM0tEaGswVkNqU25NZzBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAT24yAwQA
bc7vAwQAudqJMA0GCSqGSIb3DQEBCwUAA4IBAQBKqP1Xr6eOglmdMTP7DkTPpJwo
b3KEEKwPaXC0IdTB900PUNBpY1U2NpmWFletwaRop0okQcSHUXqBim0jpasiVkyf
5AQh+7m0LlgshjgGV6arUVI19SQ9i0H9+2y/YARiqu9sEKjAdl2AJcvo9vtMkvQF
9gvxOe9EX77zfxdVzj8JxsOqxKe0Vfy4DryTsaKGEp+47QRoFRZu6uBsG7m1Lsgg
l0Jz3OeORL6pSPRSynMwiLRGFVJG3cbX7/HCVw8M7ptOoYrcFQnl3gKtkcGeTPzl
WRMTYLurOYjKXSXUYHhfJ+dOSsRh62uBQS66cMCLwp3gzZIrz97ClcyhVQOs
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:38 2023 by rpki-client on console-ams.rpki-client.org