Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/396759-b0c6-48ef-97b3-a15a18613da6/1/WolqZthNwa_5es7RyM9t8m-lMrc.roa
File: WolqZthNwa_5es7RyM9t8m-lMrc.roa (raw, json)
Hash identifier: br2FRCanDKMzNzsov2Sk3+GyDr/ERCkQABCaxurupCg=
Subject key identifier: 5A:89:6A:66:D8:4D:C1:AF:F9:7A:CE:D1:C8:CF:6D:F2:6F:A5:32:B7
Certificate issuer: /CN=b82b722715f91be792a1ec3c31e77ed9da05cbe1
Certificate serial: 375CE538
Authority key identifier: B8:2B:72:27:15:F9:1B:E7:92:A1:EC:3C:31:E7:7E:D9:DA:05:CB:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uCtyJxX5G-eSoew8Med-2doFy-E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/396759-b0c6-48ef-97b3-a15a18613da6/1/WolqZthNwa_5es7RyM9t8m-lMrc.roa
Signing time: Sat 01 Jan 2022 02:55:34 +0000
ROA not before: Sat 01 Jan 2022 02:55:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8301
IP address blocks: 178.208.192.0/19 maxlen: 24
217.65.48.0/20 maxlen: 24
212.120.224.0/19 maxlen: 24
195.244.192.0/19 maxlen: 24
195.244.204.0/24 maxlen: 24
185.74.72.0/22 maxlen: 22
2a01:8c40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 928834872 (0x375ce538)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b82b722715f91be792a1ec3c31e77ed9da05cbe1
Validity
Not Before: Jan 1 02:55:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5a896a66d84dc1aff97aced1c8cf6df26fa532b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ff:6e:40:7b:63:b2:40:4d:f3:40:7b:8f:da:
d5:7a:18:4a:4a:05:a5:12:9a:42:2e:07:29:68:4a:
23:d3:1a:37:28:bb:df:89:36:f8:ca:09:0e:56:26:
09:5e:4a:6a:87:d9:8d:f3:c5:92:18:27:a6:cd:3d:
cd:bb:1d:b8:d7:c2:d4:a5:8a:3e:fd:7e:eb:18:09:
b1:7d:de:ce:9a:4b:32:25:d7:d9:0a:74:0f:b1:b7:
ff:58:b5:a8:89:fd:be:1a:be:c7:c3:55:e9:f2:dd:
af:3d:15:48:a7:a8:99:b2:a1:cb:e5:a5:40:7c:bb:
41:b7:05:18:25:ed:96:b4:b4:61:4c:81:7b:7c:5f:
dd:d5:c0:b8:3c:86:d0:fb:2e:40:be:6c:73:06:e4:
6d:ff:9e:bc:2a:7a:c3:ed:02:79:af:e2:35:0d:11:
f2:ee:9b:95:ea:62:c3:1c:ec:54:a5:cc:86:4e:ec:
4c:c5:ce:c7:1d:83:37:7c:bc:1a:61:b1:84:12:81:
aa:06:d7:56:99:ad:62:ec:9c:dd:af:e8:d5:f5:9e:
72:50:ab:2b:89:e3:81:e7:58:27:a4:82:67:05:91:
05:d3:5f:4c:33:72:07:e3:aa:b3:3e:ad:ab:96:54:
26:ef:10:77:a7:d6:b1:45:34:52:91:7b:dd:f6:09:
d5:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:89:6A:66:D8:4D:C1:AF:F9:7A:CE:D1:C8:CF:6D:F2:6F:A5:32:B7
X509v3 Authority Key Identifier:
keyid:B8:2B:72:27:15:F9:1B:E7:92:A1:EC:3C:31:E7:7E:D9:DA:05:CB:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uCtyJxX5G-eSoew8Med-2doFy-E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/396759-b0c6-48ef-97b3-a15a18613da6/1/WolqZthNwa_5es7RyM9t8m-lMrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/396759-b0c6-48ef-97b3-a15a18613da6/1/uCtyJxX5G-eSoew8Med-2doFy-E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.208.192.0/19
185.74.72.0/22
195.244.192.0/19
212.120.224.0/19
217.65.48.0/20
IPv6:
2a01:8c40::/32
Signature Algorithm: sha256WithRSAEncryption
96:a2:c2:d1:4f:45:51:ae:4f:53:ad:64:35:61:88:50:20:d7:
45:b8:86:6f:c9:31:14:eb:71:a2:03:7f:1e:17:52:ee:0e:4d:
19:ca:9d:4f:7c:00:ef:9f:df:23:b6:58:be:73:46:64:32:be:
76:09:91:29:75:57:1c:e4:2b:2d:06:6d:6c:c5:53:ec:22:9d:
6d:f9:6d:7b:6a:80:29:44:00:46:cd:45:a9:c2:f2:57:7a:6a:
23:d5:e7:bf:77:bf:69:61:3d:5e:14:be:66:f3:00:d6:94:0c:
02:09:43:26:31:80:a2:3b:1e:4e:18:3a:c4:ab:a0:8a:f0:cb:
6a:4c:b1:9e:2b:93:a1:19:59:67:fe:69:4d:a4:ab:2b:98:ac:
3b:65:7c:3e:9a:f1:d2:c5:2f:5e:72:f6:63:f7:3a:bc:71:92:
69:5c:92:83:20:a4:d9:1a:45:5f:5f:1d:e0:fa:53:6f:cd:bb:
c2:bb:59:0a:9d:0a:93:57:26:8f:31:40:b0:fc:65:38:91:a3:
cd:0e:0e:3a:58:e4:40:a8:8b:e3:5d:d5:b2:c4:5c:82:6e:28:
f6:71:3d:d2:49:28:10:b2:7e:1c:f4:aa:ea:a4:b3:dd:ae:2a:
52:e2:44:f2:e1:cc:db:06:a6:92:90:ac:17:0c:91:62:24:d4:
67:62:5b:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEN1zlODANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ODJiNzIyNzE1ZjkxYmU3OTJhMWVjM2MzMWU3N2VkOWRhMDVjYmUxMB4XDTIyMDEw
MTAyNTUzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWE4OTZhNjZkODRk
YzFhZmY5N2FjZWQxYzhjZjZkZjI2ZmE1MzJiNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKn/bkB7Y7JATfNAe4/a1XoYSkoFpRKaQi4HKWhKI9MaNyi7
34k2+MoJDlYmCV5KaofZjfPFkhgnps09zbsduNfC1KWKPv1+6xgJsX3ezppLMiXX
2Qp0D7G3/1i1qIn9vhq+x8NV6fLdrz0VSKeombKhy+WlQHy7QbcFGCXtlrS0YUyB
e3xf3dXAuDyG0PsuQL5scwbkbf+evCp6w+0Cea/iNQ0R8u6blepiwxzsVKXMhk7s
TMXOxx2DN3y8GmGxhBKBqgbXVpmtYuyc3a/o1fWeclCrK4njgedYJ6SCZwWRBdNf
TDNyB+Oqsz6tq5ZUJu8Qd6fWsUU0UpF73fYJ1UsCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBRaiWpm2E3Br/l6ztHIz23yb6UytzAfBgNVHSMEGDAWgBS4K3InFfkb55Kh
7Dwx537Z2gXL4TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VDdHlKeFg1Ry1lU29ldzhNZWQtMmRvRnktRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGQvMzk2NzU5LWIwYzYtNDhlZi05N2IzLWExNWExODYxM2RhNi8x
L1dvbHFadGhOd2FfNWVzN1J5TTl0OG0tbE1yYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGQv
Mzk2NzU5LWIwYzYtNDhlZi05N2IzLWExNWExODYxM2RhNi8xL3VDdHlKeFg1Ry1l
U29ldzhNZWQtMmRvRnktRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEBbLQwAMEArlKSAMEBcP0wAMEBdR4
4AMEBNlBMDANBAIAAjAHAwUAKgGMQDANBgkqhkiG9w0BAQsFAAOCAQEAlqLC0U9F
Ua5PU61kNWGIUCDXRbiGb8kxFOtxogN/HhdS7g5NGcqdT3wA75/fI7ZYvnNGZDK+
dgmRKXVXHOQrLQZtbMVT7CKdbflte2qAKUQARs1FqcLyV3pqI9Xnv3e/aWE9XhS+
ZvMA1pQMAglDJjGAojseThg6xKugivDLakyxniuToRlZZ/5pTaSrK5isO2V8Pprx
0sUvXnL2Y/c6vHGSaVySgyCk2RpFX18d4PpTb827wrtZCp0Kk1cmjzFAsPxlOJGj
zQ4OOljkQKiL413VssRcgm4o9nE90kkoELJ+HPSq6qSz3a4qUuJE8uHM2wamkpCs
FwyRYiTUZ2Jbig==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:27 2025 by rpki-client