Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/W_alGTfewqbS5Hrby-xPmI6JrEo.roa
File: W_alGTfewqbS5Hrby-xPmI6JrEo.roa (raw, json)
Hash identifier: b03VTW0XLKPK97BJFZXIidvFKz+YiTo3kVzMMNrJ888=
Subject key identifier: 5B:F6:A5:19:37:DE:C2:A6:D2:E4:7A:DB:CB:EC:4F:98:8E:89:AC:4A
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 0183601BD2AA26F1D2591A182A8B12E29F28
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/W_alGTfewqbS5Hrby-xPmI6JrEo.roa
Signing time: Wed 21 Sep 2022 12:52:59 +0000
ROA not before: Wed 21 Sep 2022 12:52:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210906
IP address blocks: 85.254.138.0/23 maxlen: 23
159.148.109.0/24 maxlen: 24
85.254.140.0/24 maxlen: 24
85.254.178.0/23 maxlen: 23
85.254.180.0/23 maxlen: 23
159.148.54.0/24 maxlen: 24
85.254.84.0/23 maxlen: 23
159.148.66.0/24 maxlen: 24
85.254.112.0/22 maxlen: 22
85.254.116.0/22 maxlen: 22
85.254.124.0/23 maxlen: 23
85.254.128.0/22 maxlen: 22
159.148.216.0/24 maxlen: 24
159.148.218.0/24 maxlen: 24
159.148.236.0/24 maxlen: 24
159.148.239.0/24 maxlen: 24
159.148.234.0/24 maxlen: 24
159.148.241.0/24 maxlen: 24
159.148.248.0/24 maxlen: 24
85.254.64.0/23 maxlen: 23
85.254.76.0/22 maxlen: 22
159.148.166.0/23 maxlen: 23
159.148.204.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:60:1b:d2:aa:26:f1:d2:59:1a:18:2a:8b:12:e2:9f:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Sep 21 12:52:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5bf6a51937dec2a6d2e47adbcbec4f988e89ac4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:b8:6c:fd:27:f6:21:8f:70:bf:eb:d3:26:8c:
78:2c:eb:c0:6a:38:db:87:36:a9:79:26:da:e6:e1:
38:72:40:d6:30:4d:09:f8:b3:da:4f:82:8f:cc:ee:
96:fc:e6:f0:fb:1f:71:7f:04:1d:c8:d9:af:14:1d:
74:69:2e:66:d5:21:e0:8e:59:1b:f6:5e:0a:8d:7b:
62:a7:ad:31:3d:f4:53:ca:93:71:03:ef:b9:9a:92:
bb:9e:c0:e2:3f:db:d9:eb:7a:f7:69:52:17:c5:f3:
28:58:9c:63:1f:16:e7:1e:a5:9e:80:29:a5:79:ef:
8a:77:8a:b9:a5:75:8e:53:45:fa:97:e2:98:3a:af:
50:b9:2c:2a:55:b1:4a:be:6b:5b:ba:d8:a2:ab:4f:
71:61:8a:fd:b0:9c:9b:e8:03:a1:f7:b6:9c:2f:2c:
49:96:c7:c8:df:db:d1:89:d4:64:ce:ad:06:53:c8:
2d:e6:3e:ff:c2:2a:29:80:94:6e:a4:eb:8e:7b:58:
99:5d:f9:63:55:ae:4a:8c:8f:0a:bc:57:05:53:a9:
51:26:86:7b:ef:bf:2d:16:eb:57:61:53:94:a4:68:
2d:f7:06:fb:00:29:ba:0d:9c:cc:65:91:b9:f8:55:
43:ea:67:91:3a:66:ff:8a:56:74:c0:aa:01:4d:c6:
47:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:F6:A5:19:37:DE:C2:A6:D2:E4:7A:DB:CB:EC:4F:98:8E:89:AC:4A
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/W_alGTfewqbS5Hrby-xPmI6JrEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.64.0/23
85.254.76.0/22
85.254.84.0/23
85.254.112.0/21
85.254.124.0/23
85.254.128.0/22
85.254.138.0-85.254.140.255
85.254.178.0-85.254.181.255
159.148.54.0/24
159.148.66.0/24
159.148.109.0/24
159.148.166.0/23
159.148.204.0/24
159.148.216.0/24
159.148.218.0/24
159.148.234.0/24
159.148.236.0/24
159.148.239.0/24
159.148.241.0/24
159.148.248.0/24
Signature Algorithm: sha256WithRSAEncryption
99:6c:ed:c2:a6:1c:76:de:57:36:ef:ef:26:d5:80:e3:65:36:
a2:16:db:d3:49:9b:12:a8:28:0a:d0:80:38:a2:a0:83:e4:e5:
9f:1a:3a:f4:86:83:11:19:56:8c:97:a6:ba:6f:1c:1d:9c:17:
c9:c8:c8:0a:26:e3:bc:0c:26:6b:6f:35:be:dc:1e:30:32:e0:
73:15:10:bd:3e:05:d1:d7:80:ec:71:7a:42:26:45:10:4d:c5:
c9:e5:77:b9:0d:ad:46:29:05:c9:0f:b1:34:f0:21:72:77:cc:
0a:e9:25:d2:7d:f3:39:13:2b:09:32:79:ab:7c:34:b6:86:f9:
39:89:75:91:a7:82:88:7c:c1:5d:ee:52:78:fe:f9:71:aa:eb:
78:ea:4a:d7:1f:3f:a3:e2:55:13:d0:d0:d7:a9:ad:16:ea:8f:
fb:3d:d9:b5:70:29:ac:6e:78:2a:ef:fc:55:f8:be:22:c9:89:
b1:8d:87:66:98:68:e3:60:12:27:4e:43:00:80:0b:15:be:c0:
1e:d8:cc:f1:89:93:83:d4:e1:9c:a9:ea:a9:cf:67:34:91:a2:
c7:48:1f:25:74:5a:30:6c:02:3f:05:60:96:28:e1:9c:55:28:
ff:7c:88:c7:6d:08:4e:be:c6:27:c5:4f:2c:9e:d2:be:ad:77:
0f:0f:cf:60
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAYNgG9KqJvHSWRoYKosS4p8oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjIwOTIxMTI1MjU5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmY2YTUxOTM3ZGVjMmE2ZDJlNDdhZGJjYmVjNGY5ODhlODlhYzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbhs/Sf2IY9wv+vTJox4LOvAajjb
hzapeSba5uE4ckDWME0J+LPaT4KPzO6W/Obw+x9xfwQdyNmvFB10aS5m1SHgjlkb
9l4KjXtip60xPfRTypNxA++5mpK7nsDiP9vZ63r3aVIXxfMoWJxjHxbnHqWegCml
ee+Kd4q5pXWOU0X6l+KYOq9QuSwqVbFKvmtbutiiq09xYYr9sJyb6AOh97acLyxJ
lsfI39vRidRkzq0GU8gt5j7/wiopgJRupOuOe1iZXfljVa5KjI8KvFcFU6lRJoZ7
778tFutXYVOUpGgt9wb7ACm6DZzMZZG5+FVD6meROmb/ilZ0wKoBTcZHQwIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFFv2pRk33sKm0uR628vsT5iOiaxKMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvV19hbEdUZmV3cWJTNUhyYnkteFBtSTZKckVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBAFV
/kADBAJV/kwDBAFV/lQDBANV/nADBAFV/nwDBAJV/oAwDAMEAVX+igMEAFX+jDAM
AwQBVf6yAwQBVf60AwQAn5Q2AwQAn5RCAwQAn5RtAwQBn5SmAwQAn5TMAwQAn5TY
AwQAn5TaAwQAn5TqAwQAn5TsAwQAn5TvAwQAn5TxAwQAn5T4MA0GCSqGSIb3DQEB
CwUAA4IBAQCZbO3Cphx23lc27+8m1YDjZTaiFtvTSZsSqCgK0IA4oqCD5OWfGjr0
hoMRGVaMl6a6bxwdnBfJyMgKJuO8DCZrbzW+3B4wMuBzFRC9PgXR14DscXpCJkUQ
TcXJ5Xe5Da1GKQXJD7E08CFyd8wK6SXSffM5EysJMnmrfDS2hvk5iXWRp4KIfMFd
7lJ4/vlxqut46krXHz+j4lUT0NDXqa0W6o/7Pdm1cCmsbngq7/xV+L4iyYmxjYdm
mGjjYBInTkMAgAsVvsAe2MzxiZOD1OGcqeqpz2c0kaLHSB8ldFowbAI/BWCWKOGc
VSj/fIjHbQhOvsYnxU8sntK+rXcPD89g
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:45 2023 by rpki-client on console-fra.rpki-client.org