Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/wc_vPAaoeUhXScIPDzjrSLORysk.roa
File: wc_vPAaoeUhXScIPDzjrSLORysk.roa (raw, json)
Hash identifier: KFY3f51/r3u8ok5tYGN6ASks1XRH9hl210Ociu4oErU=
Subject key identifier: C1:CF:EF:3C:06:A8:79:48:57:49:C2:0F:0F:38:EB:48:B3:91:CA:C9
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 0183601BD1130BE7B9B5B91840BB9503A367
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/wc_vPAaoeUhXScIPDzjrSLORysk.roa
Signing time: Wed 21 Sep 2022 12:52:59 +0000
ROA not before: Wed 21 Sep 2022 12:52:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35913
IP address blocks: 85.254.137.0/24 maxlen: 24
85.254.134.0/24 maxlen: 24
85.254.140.0/24 maxlen: 24
85.254.84.0/23 maxlen: 23
85.254.103.0/24 maxlen: 24
85.254.124.0/23 maxlen: 23
85.254.126.0/24 maxlen: 24
85.254.30.0/24 maxlen: 24
85.254.29.0/24 maxlen: 24
85.254.40.0/24 maxlen: 24
85.254.47.0/24 maxlen: 24
85.254.51.0/24 maxlen: 24
85.254.59.0/24 maxlen: 24
85.254.4.0/24 maxlen: 24
85.254.2.0/24 maxlen: 24
85.254.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:60:1b:d1:13:0b:e7:b9:b5:b9:18:40:bb:95:03:a3:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Sep 21 12:52:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c1cfef3c06a879485749c20f0f38eb48b391cac9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8d:14:db:ab:70:88:79:63:1a:06:35:af:75:
cc:17:c2:94:f9:57:11:e3:de:ee:73:d9:fa:34:dc:
2b:78:39:03:3e:a7:b8:cf:26:3e:98:87:e7:80:8e:
d7:c4:f0:76:ed:4e:ab:58:6b:37:05:8e:49:0d:dc:
e8:5d:b8:87:c1:06:a7:9a:4b:b8:a9:1a:f4:9b:f0:
42:ec:34:9c:cd:46:00:fc:30:12:7e:af:e1:b9:ab:
29:08:87:18:58:8b:eb:32:11:b5:1a:a6:55:6b:5a:
07:e5:e8:b2:9b:a5:2b:c8:e6:94:1d:e2:60:09:c3:
2c:6f:b6:90:7d:ae:0a:ea:b8:47:d8:6a:3b:80:7f:
3d:5e:8c:ed:dc:a5:25:5e:b5:7b:fa:44:ff:b1:6d:
fb:e4:a2:24:f2:a1:6f:a2:1e:92:67:e2:17:19:7a:
71:85:05:76:dd:85:87:b7:9b:8b:78:6c:22:0e:8d:
b1:dc:9a:aa:59:c3:96:e1:7c:04:59:39:74:d2:04:
be:c6:cd:8e:0b:7a:0f:6b:13:a5:9c:bf:81:7d:a0:
b7:de:db:97:c2:5e:fc:bc:65:eb:fa:c2:81:14:31:
53:90:f8:57:31:07:6a:84:32:50:c9:e9:7b:ca:d3:
85:ff:86:7b:9b:2d:34:4d:c8:dc:79:e1:24:87:7c:
5f:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:CF:EF:3C:06:A8:79:48:57:49:C2:0F:0F:38:EB:48:B3:91:CA:C9
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/wc_vPAaoeUhXScIPDzjrSLORysk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.2.0/24
85.254.4.0/24
85.254.7.0/24
85.254.29.0-85.254.30.255
85.254.40.0/24
85.254.47.0/24
85.254.51.0/24
85.254.59.0/24
85.254.84.0/23
85.254.103.0/24
85.254.124.0-85.254.126.255
85.254.134.0/24
85.254.137.0/24
85.254.140.0/24
Signature Algorithm: sha256WithRSAEncryption
ca:0b:21:4c:84:63:14:36:2b:3b:88:f9:c5:62:5a:9c:4e:cc:
bc:c7:e9:42:f6:13:2a:07:1a:43:e7:c8:bc:9b:03:25:f7:14:
54:09:e3:6a:d0:ed:45:20:d9:48:94:c6:b9:8d:6e:07:21:8a:
81:7b:53:4c:3a:87:43:98:bb:fc:0b:ba:7c:93:a2:ce:77:50:
29:08:2f:ac:7a:e4:3e:00:24:1d:f4:15:b5:6a:1a:48:e4:e1:
8e:52:d1:0f:95:df:9c:e5:0f:63:34:72:74:94:2f:0b:72:13:
e7:05:b9:3c:71:ec:3a:61:7d:75:e6:3a:9e:c5:05:48:64:78:
35:01:d0:79:68:05:a6:9f:2e:c7:76:0e:65:31:50:f7:bc:32:
76:4a:41:87:9c:4b:c4:7a:c5:c7:da:44:6f:73:01:b7:1c:b1:
e0:40:25:5a:d9:2f:f1:3d:28:6f:56:38:6b:a0:2c:ca:7f:6f:
1a:eb:2d:99:76:67:52:3b:70:bd:cf:d9:80:d8:ad:f1:34:2e:
a3:8b:b1:a2:8d:c9:bc:5a:55:36:43:96:c3:1a:e1:1a:7e:00:
a0:12:ee:39:94:54:76:7f:34:b9:af:b1:e5:7e:a9:06:33:62:
b4:ea:07:c3:d1:73:b6:8d:aa:61:d8:76:4f:d0:98:d4:8d:d7:
3c:cb:18:23
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAYNgG9ETC+e5tbkYQLuVA6NnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjIwOTIxMTI1MjU5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWNmZWYzYzA2YTg3OTQ4NTc0OWMyMGYwZjM4ZWI0OGIzOTFjYWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr40U26twiHljGgY1r3XMF8KU+VcR
497uc9n6NNwreDkDPqe4zyY+mIfngI7XxPB27U6rWGs3BY5JDdzoXbiHwQanmku4
qRr0m/BC7DSczUYA/DASfq/huaspCIcYWIvrMhG1GqZVa1oH5eiym6UryOaUHeJg
CcMsb7aQfa4K6rhH2Go7gH89Xozt3KUlXrV7+kT/sW375KIk8qFvoh6SZ+IXGXpx
hQV23YWHt5uLeGwiDo2x3JqqWcOW4XwEWTl00gS+xs2OC3oPaxOlnL+BfaC33tuX
wl78vGXr+sKBFDFTkPhXMQdqhDJQyel7ytOF/4Z7my00TcjceeEkh3xf/QIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFMHP7zwGqHlIV0nCDw8460izkcrJMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvd2NfdlBBYW9lVWhYU2NJUER6anJTTE9SeXNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkAwQAVf4CAwQA
Vf4EAwQAVf4HMAwDBABV/h0DBABV/h4DBABV/igDBABV/i8DBABV/jMDBABV/jsD
BAFV/lQDBABV/mcwDAMEAlX+fAMEAFX+fgMEAFX+hgMEAFX+iQMEAFX+jDANBgkq
hkiG9w0BAQsFAAOCAQEAygshTIRjFDYrO4j5xWJanE7MvMfpQvYTKgcaQ+fIvJsD
JfcUVAnjatDtRSDZSJTGuY1uByGKgXtTTDqHQ5i7/Au6fJOizndQKQgvrHrkPgAk
HfQVtWoaSOThjlLRD5XfnOUPYzRydJQvC3IT5wW5PHHsOmF9deY6nsUFSGR4NQHQ
eWgFpp8ux3YOZTFQ97wydkpBh5xLxHrFx9pEb3MBtxyx4EAlWtkv8T0ob1Y4a6As
yn9vGustmXZnUjtwvc/ZgNit8TQuo4uxoo3JvFpVNkOWwxrhGn4AoBLuOZRUdn80
ua+x5X6pBjNitOoHw9Fzto2qYdh2T9CY1I3XPMsYIw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:38 2023 by rpki-client on console-ams.rpki-client.org