Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/fb265f-bbb6-49d8-9b29-57b917ce4765/1/wnBnuwbh0xdH6orpB2gCdVbIRqs.roa
File: wnBnuwbh0xdH6orpB2gCdVbIRqs.roa (raw, json)
Hash identifier: Hf1U1vgLXAVZVQjqbGoEqTjBmzA6jKCrvzMc9OW1THQ=
Subject key identifier: C2:70:67:BB:06:E1:D3:17:47:EA:8A:E9:07:68:02:75:56:C8:46:AB
Certificate issuer: /CN=65da84dbb4c6a12d3c9b8e21b77304568a03db50
Certificate serial: 01847A67F4D8FED5C6E78B9EEBCBBC391380
Authority key identifier: 65:DA:84:DB:B4:C6:A1:2D:3C:9B:8E:21:B7:73:04:56:8A:03:DB:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZdqE27TGoS08m44ht3MEVooD21A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/fb265f-bbb6-49d8-9b29-57b917ce4765/1/wnBnuwbh0xdH6orpB2gCdVbIRqs.roa
Signing time: Tue 15 Nov 2022 08:29:03 +0000
ROA not before: Tue 15 Nov 2022 08:29:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39591
IP address blocks: 77.94.240.0/21 maxlen: 24
79.143.212.0/23 maxlen: 24
79.143.208.0/20 maxlen: 24
79.143.208.0/22 maxlen: 24
79.143.215.0/24 maxlen: 24
79.143.214.0/24 maxlen: 24
79.143.216.0/21 maxlen: 24
185.3.104.0/22 maxlen: 24
2a00:1280::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7a:67:f4:d8:fe:d5:c6:e7:8b:9e:eb:cb:bc:39:13:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65da84dbb4c6a12d3c9b8e21b77304568a03db50
Validity
Not Before: Nov 15 08:29:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c27067bb06e1d31747ea8ae90768027556c846ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f1:67:f9:e4:fd:b9:1d:af:e5:11:8e:90:94:
5b:2f:b5:f5:17:eb:1d:24:06:f1:e7:4d:d8:38:b3:
fb:ab:7d:7d:44:06:c0:81:14:a3:4f:cb:e2:3b:16:
88:27:40:56:2f:ad:03:90:0a:c2:5a:e1:c3:b2:a7:
6b:90:43:e3:95:c2:37:fa:9f:84:e8:e3:54:ef:b2:
64:7b:ae:64:72:97:24:8e:36:0c:6a:1a:2e:31:65:
69:65:39:ea:bc:db:83:00:7f:e8:2c:37:6d:91:ee:
4e:00:a8:65:f1:3b:a1:44:ed:a0:99:b4:3e:0f:ed:
1f:25:cb:f5:95:5a:da:07:39:59:2b:04:9a:d9:9c:
16:9b:4e:12:10:d4:51:92:b8:00:47:1b:97:ab:05:
7b:91:d7:76:21:9f:d5:18:08:cc:7d:d1:aa:31:57:
52:2f:9e:69:c5:e8:e5:94:18:d7:84:77:dc:de:f9:
20:c2:6a:f1:c6:b8:45:d1:f8:ed:11:91:48:be:40:
ed:73:04:e2:1c:26:af:85:76:c8:42:06:5d:84:1e:
b2:4e:70:9d:fc:9a:e9:ff:c6:fe:a0:a9:ca:e2:13:
31:d8:96:71:82:e3:7f:31:a9:b4:5b:f5:fe:0e:9e:
09:37:58:16:48:34:8b:01:52:9a:07:30:b7:23:ad:
7d:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:70:67:BB:06:E1:D3:17:47:EA:8A:E9:07:68:02:75:56:C8:46:AB
X509v3 Authority Key Identifier:
keyid:65:DA:84:DB:B4:C6:A1:2D:3C:9B:8E:21:B7:73:04:56:8A:03:DB:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZdqE27TGoS08m44ht3MEVooD21A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/fb265f-bbb6-49d8-9b29-57b917ce4765/1/wnBnuwbh0xdH6orpB2gCdVbIRqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/fb265f-bbb6-49d8-9b29-57b917ce4765/1/ZdqE27TGoS08m44ht3MEVooD21A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.94.240.0/21
79.143.208.0/20
185.3.104.0/22
IPv6:
2a00:1280::/32
Signature Algorithm: sha256WithRSAEncryption
52:2d:8b:ac:6b:08:3a:9b:29:b6:2f:a1:49:49:8a:4a:07:f4:
d4:74:11:b3:b8:27:8b:4f:4a:72:73:78:d5:b8:85:07:64:40:
4e:98:8e:8a:03:65:8d:8a:11:cc:53:c8:50:91:18:a8:4b:b0:
9d:9c:4d:c2:20:a7:e5:d7:8b:58:a4:d0:43:12:66:83:54:39:
f4:b7:f6:a7:93:6a:f2:02:dc:41:71:03:0d:50:a4:96:20:61:
5b:e1:37:1b:c8:97:c9:cd:ec:0f:23:d7:b6:68:c0:b3:dc:15:
22:42:81:fc:0d:67:64:16:1a:0b:74:38:fd:1e:7f:6a:db:50:
4c:ff:6c:12:3b:bd:d8:be:9a:eb:0f:82:f8:f8:38:93:9e:98:
48:df:f4:10:69:fc:ef:b9:24:8e:0f:7d:95:70:8a:ea:07:18:
b4:0f:01:93:74:e1:46:71:7e:33:eb:2a:99:6f:5a:ef:bf:2e:
c3:9f:16:7d:d0:43:26:b2:3b:5d:ca:c8:a9:35:2e:fc:5c:fa:
55:cd:a2:3c:7a:ba:0a:98:4a:d4:2c:33:b5:6d:7b:fb:73:99:
9b:55:25:c2:85:0d:b8:cd:1b:56:7b:56:68:f5:87:8b:02:be:
99:05:5b:bd:30:91:ee:ac:79:16:81:4b:c7:cf:fc:5c:34:99:
8f:d4:0e:b1
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYR6Z/TY/tXG54ue68u8OROAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ZGE4NGRiYjRjNmExMmQzYzliOGUyMWI3NzMwNDU2OGEw
M2RiNTAwHhcNMjIxMTE1MDgyOTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjcwNjdiYjA2ZTFkMzE3NDdlYThhZTkwNzY4MDI3NTU2Yzg0NmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfFn+eT9uR2v5RGOkJRbL7X1F+sd
JAbx503YOLP7q319RAbAgRSjT8viOxaIJ0BWL60DkArCWuHDsqdrkEPjlcI3+p+E
6ONU77Jke65kcpckjjYMahouMWVpZTnqvNuDAH/oLDdtke5OAKhl8TuhRO2gmbQ+
D+0fJcv1lVraBzlZKwSa2ZwWm04SENRRkrgARxuXqwV7kdd2IZ/VGAjMfdGqMVdS
L55pxejllBjXhHfc3vkgwmrxxrhF0fjtEZFIvkDtcwTiHCavhXbIQgZdhB6yTnCd
/Jrp/8b+oKnK4hMx2JZxguN/Mam0W/X+Dp4JN1gWSDSLAVKaBzC3I619VQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMJwZ7sG4dMXR+qK6QdoAnVWyEarMB8GA1UdIwQY
MBaAFGXahNu0xqEtPJuOIbdzBFaKA9tQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmRxRTI3VEdvUzA4bTQ0aHQzTUVWb29EMjFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9mYjI2NWYtYmJiNi00OWQ4LTliMjkt
NTdiOTE3Y2U0NzY1LzEvd25CbnV3YmgweGRINm9ycEIyZ0NkVmJJUnFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9mYjI2NWYtYmJiNi00OWQ4LTliMjktNTdiOTE3Y2U0NzY1
LzEvWmRxRTI3VEdvUzA4bTQ0aHQzTUVWb29EMjFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDTV7wAwQE
T4/QAwQCuQNoMA0EAgACMAcDBQAqABKAMA0GCSqGSIb3DQEBCwUAA4IBAQBSLYus
awg6mym2L6FJSYpKB/TUdBGzuCeLT0pyc3jVuIUHZEBOmI6KA2WNihHMU8hQkRio
S7CdnE3CIKfl14tYpNBDEmaDVDn0t/ank2ryAtxBcQMNUKSWIGFb4TcbyJfJzewP
I9e2aMCz3BUiQoH8DWdkFhoLdDj9Hn9q21BM/2wSO73YvprrD4L4+DiTnphI3/QQ
afzvuSSOD32VcIrqBxi0DwGTdOFGcX4z6yqZb1rvvy7DnxZ90EMmsjtdysipNS78
XPpVzaI8eroKmErULDO1bXv7c5mbVSXChQ24zRtWe1Zo9YeLAr6ZBVu9MJHurHkW
gUvHz/xcNJmP1A6x
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:17 2023 by rpki-client on console-fra.rpki-client.org