Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/f4116a-7f40-4529-a3cc-241eecff9ab0/1/wYkjF5j1jwW93PsIFmtVwlK-yTQ.roa
File: wYkjF5j1jwW93PsIFmtVwlK-yTQ.roa (raw, json)
Hash identifier: 5e3uS/J0IQdNrmXTp4izf3ZSDZjISBcw0bcBoDNf4NE=
Subject key identifier: C1:89:23:17:98:F5:8F:05:BD:DC:FB:08:16:6B:55:C2:52:BE:C9:34
Certificate issuer: /CN=da3220272a469aed65cc2a7f6d97fca991f7ec81
Certificate serial: 34D78352
Authority key identifier: DA:32:20:27:2A:46:9A:ED:65:CC:2A:7F:6D:97:FC:A9:91:F7:EC:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2jIgJypGmu1lzCp_bZf8qZH37IE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/f4116a-7f40-4529-a3cc-241eecff9ab0/1/wYkjF5j1jwW93PsIFmtVwlK-yTQ.roa
Signing time: Sat 01 Jan 2022 14:59:21 +0000
ROA not before: Sat 01 Jan 2022 14:59:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12907
IP address blocks: 213.252.0.0/18 maxlen: 18
2a04:d740::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 886539090 (0x34d78352)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da3220272a469aed65cc2a7f6d97fca991f7ec81
Validity
Not Before: Jan 1 14:59:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c189231798f58f05bddcfb08166b55c252bec934
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:c9:78:b4:98:5b:ae:64:b1:70:eb:26:76:ea:
83:ca:62:f2:8a:10:f8:c5:b9:90:57:2b:c0:d6:b4:
f7:66:0e:38:56:35:93:52:d5:5c:18:5b:a1:71:5c:
43:55:bb:73:d2:b2:32:fb:dd:9c:44:f9:dd:ce:dc:
0c:b6:76:d8:0f:9a:79:b3:f1:e7:79:de:d9:fe:d2:
99:d9:cf:f8:d9:b9:e4:40:2a:bb:b3:a0:12:a6:9b:
d0:94:41:55:00:30:04:c0:f9:9f:8c:f6:64:1a:22:
8c:3c:cb:0a:9d:5b:87:6e:e1:bc:3d:a4:32:55:dd:
8c:17:01:33:41:e6:ed:1e:eb:21:7a:38:19:f4:c0:
31:6c:8a:d3:47:f5:48:62:a5:fb:55:74:3c:25:d7:
5f:9b:8f:9b:e6:9e:e5:56:dd:68:c0:84:dc:3d:d9:
4f:df:c2:29:55:b6:2c:0f:a0:98:5b:e8:04:6a:ca:
91:be:0d:ee:e7:6c:04:23:99:84:5a:02:c8:fc:11:
57:f7:57:4c:98:1c:56:7b:e2:d6:98:31:a7:5a:cf:
d7:5c:03:c8:ee:2d:5f:d8:9d:de:c7:31:37:50:2f:
2f:e8:cd:5e:bf:1f:46:70:3e:27:65:a8:e4:19:43:
17:f1:6e:be:f7:a9:b7:da:e8:af:b4:72:fc:0e:01:
e6:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:89:23:17:98:F5:8F:05:BD:DC:FB:08:16:6B:55:C2:52:BE:C9:34
X509v3 Authority Key Identifier:
keyid:DA:32:20:27:2A:46:9A:ED:65:CC:2A:7F:6D:97:FC:A9:91:F7:EC:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2jIgJypGmu1lzCp_bZf8qZH37IE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/f4116a-7f40-4529-a3cc-241eecff9ab0/1/wYkjF5j1jwW93PsIFmtVwlK-yTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/f4116a-7f40-4529-a3cc-241eecff9ab0/1/2jIgJypGmu1lzCp_bZf8qZH37IE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.252.0.0/18
IPv6:
2a04:d740::/29
Signature Algorithm: sha256WithRSAEncryption
2a:10:16:37:a6:ee:65:71:2b:1f:e8:c7:78:da:85:c3:21:2c:
0e:8c:27:0a:dd:c1:ff:9f:7f:32:9c:47:15:43:cf:64:44:dd:
c6:9c:d9:b6:53:5c:b3:59:15:15:89:45:98:fe:eb:04:da:f8:
36:4e:2c:24:51:90:1a:c8:e2:01:af:4b:df:d7:db:6a:3e:9a:
88:a4:91:75:89:01:ea:a3:09:c3:44:4f:36:c9:7d:34:e2:d9:
63:6b:c0:d9:c9:9f:7b:3a:17:26:ec:9e:23:16:14:6b:a0:8f:
0a:f3:9d:ed:b8:d6:bc:5f:e3:87:0b:f3:ef:45:56:14:d9:2d:
72:12:9f:b7:8a:46:9a:59:cc:b9:e4:61:24:4f:78:78:1c:00:
4d:01:fc:f3:4d:5c:42:fd:df:4a:14:e1:51:b1:8e:a9:d5:f5:
77:35:68:00:c3:9d:fe:56:e3:4a:bc:0f:b2:a5:b2:cc:03:8d:
1e:48:59:3c:2d:71:fa:cb:17:2a:34:a8:d3:08:47:40:63:bd:
9e:47:10:2e:49:da:a3:a4:6a:44:4e:87:de:72:9a:3a:c8:2a:
2b:76:b2:2b:4c:ad:5c:6f:01:d5:6c:2f:8c:55:fc:3f:c1:90:
a6:73:2e:0b:2e:60:84:5b:c6:b9:c6:3c:1b:9e:b2:e1:11:2c:
f0:76:8d:71
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIENNeDUjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YTMyMjAyNzJhNDY5YWVkNjVjYzJhN2Y2ZDk3ZmNhOTkxZjdlYzgxMB4XDTIyMDEw
MTE0NTkyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzE4OTIzMTc5OGY1
OGYwNWJkZGNmYjA4MTY2YjU1YzI1MmJlYzkzNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPPJeLSYW65ksXDrJnbqg8pi8ooQ+MW5kFcrwNa092YOOFY1
k1LVXBhboXFcQ1W7c9KyMvvdnET53c7cDLZ22A+aebPx53ne2f7SmdnP+Nm55EAq
u7OgEqab0JRBVQAwBMD5n4z2ZBoijDzLCp1bh27hvD2kMlXdjBcBM0Hm7R7rIXo4
GfTAMWyK00f1SGKl+1V0PCXXX5uPm+ae5VbdaMCE3D3ZT9/CKVW2LA+gmFvoBGrK
kb4N7udsBCOZhFoCyPwRV/dXTJgcVnvi1pgxp1rP11wDyO4tX9id3scxN1AvL+jN
Xr8fRnA+J2Wo5BlDF/Fuvvept9ror7Ry/A4B5uMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTBiSMXmPWPBb3c+wgWa1XCUr7JNDAfBgNVHSMEGDAWgBTaMiAnKkaa7WXM
Kn9tl/ypkffsgTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJqSWdKeXBHbXUxbHpDcF9iWmY4cVpIMzdJRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTEvZjQxMTZhLTdmNDAtNDUyOS1hM2NjLTI0MWVlY2ZmOWFiMC8x
L3dZa2pGNWoxandXOTNQc0lGbXRWd2xLLXlUUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTEv
ZjQxMTZhLTdmNDAtNDUyOS1hM2NjLTI0MWVlY2ZmOWFiMC8xLzJqSWdKeXBHbXUx
bHpDcF9iWmY4cVpIMzdJRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBtX8ADANBAIAAjAHAwUDKgTXQDAN
BgkqhkiG9w0BAQsFAAOCAQEAKhAWN6buZXErH+jHeNqFwyEsDownCt3B/59/MpxH
FUPPZETdxpzZtlNcs1kVFYlFmP7rBNr4Nk4sJFGQGsjiAa9L39fbaj6aiKSRdYkB
6qMJw0RPNsl9NOLZY2vA2cmfezoXJuyeIxYUa6CPCvOd7bjWvF/jhwvz70VWFNkt
chKft4pGmlnMueRhJE94eBwATQH8801cQv3fShThUbGOqdX1dzVoAMOd/lbjSrwP
sqWyzAONHkhZPC1x+ssXKjSo0whHQGO9nkcQLknao6RqRE6H3nKaOsgqK3ayK0yt
XG8B1WwvjFX8P8GQpnMuCy5ghFvGucY8G56y4REs8HaNcQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:08 2024 by rpki-client on console-ams.rpki-client.org