Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/254ea2-974f-44b1-b239-5a377c8791f5/1/wS_vQC98AKhIrVETWCFOgL1iqio.roa
File: wS_vQC98AKhIrVETWCFOgL1iqio.roa (raw, json)
Hash identifier: 1vQgdhX355j0WCJWwF6I5lXswB6veWAf3IdB6YZ5dXY=
Subject key identifier: C1:2F:EF:40:2F:7C:00:A8:48:AD:51:13:58:21:4E:80:BD:62:AA:2A
Certificate issuer: /CN=03536e1a68e944b2347908b8bdfe7740d8e8aa43
Certificate serial: 3733A2A8
Authority key identifier: 03:53:6E:1A:68:E9:44:B2:34:79:08:B8:BD:FE:77:40:D8:E8:AA:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A1NuGmjpRLI0eQi4vf53QNjoqkM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/254ea2-974f-44b1-b239-5a377c8791f5/1/wS_vQC98AKhIrVETWCFOgL1iqio.roa
Signing time: Sat 01 Jan 2022 15:59:31 +0000
ROA not before: Sat 01 Jan 2022 15:59:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43118
IP address blocks: 95.108.0.0/17 maxlen: 17
78.152.0.0/19 maxlen: 19
195.42.140.0/23 maxlen: 23
46.187.128.0/17 maxlen: 17
91.203.244.0/22 maxlen: 22
2a02:2a0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 926130856 (0x3733a2a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03536e1a68e944b2347908b8bdfe7740d8e8aa43
Validity
Not Before: Jan 1 15:59:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c12fef402f7c00a848ad511358214e80bd62aa2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:db:0d:ba:a3:b7:3f:f2:41:3a:8c:a5:cf:a7:
20:92:1d:70:7a:e2:d9:09:59:7c:35:9b:42:6e:38:
6d:14:38:63:f6:5b:0d:7b:e8:55:6c:a0:4c:7d:a6:
91:1b:f6:2a:a8:97:63:4f:81:cc:5c:19:01:e7:e0:
37:69:ef:5c:dc:2f:1a:33:b2:cd:f6:d3:c0:be:62:
b2:46:bb:6b:59:17:fa:f5:ad:a2:00:48:e9:11:f0:
a2:d3:f9:f0:05:73:a0:55:b5:60:40:d2:2d:0f:ab:
02:f1:48:f6:63:0a:21:40:32:7e:7a:c3:86:51:b4:
ed:fb:54:11:7f:2b:48:ac:62:98:14:b8:cd:09:e5:
a1:b1:eb:1d:57:33:ba:a5:82:57:f6:a6:c5:f0:26:
fb:63:eb:1d:75:c9:23:f6:20:e9:06:eb:90:24:28:
03:97:7f:d6:23:46:38:75:04:6c:7e:54:b9:21:50:
c7:94:31:eb:ff:70:b3:8d:4e:bb:75:34:31:d6:f9:
30:9f:65:0f:4d:cb:c0:75:9e:57:09:b1:f1:c6:ee:
7f:8f:48:2d:6e:c3:b6:20:dd:70:8f:98:c9:e9:c0:
7d:cf:86:8a:d8:75:f9:4c:90:e8:bb:2b:c3:3a:cd:
21:b4:0f:df:89:e2:e8:88:4a:e5:79:dd:0f:ef:14:
55:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:2F:EF:40:2F:7C:00:A8:48:AD:51:13:58:21:4E:80:BD:62:AA:2A
X509v3 Authority Key Identifier:
keyid:03:53:6E:1A:68:E9:44:B2:34:79:08:B8:BD:FE:77:40:D8:E8:AA:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A1NuGmjpRLI0eQi4vf53QNjoqkM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/254ea2-974f-44b1-b239-5a377c8791f5/1/wS_vQC98AKhIrVETWCFOgL1iqio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/254ea2-974f-44b1-b239-5a377c8791f5/1/A1NuGmjpRLI0eQi4vf53QNjoqkM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.187.128.0/17
78.152.0.0/19
91.203.244.0/22
95.108.0.0/17
195.42.140.0/23
IPv6:
2a02:2a0::/32
Signature Algorithm: sha256WithRSAEncryption
bc:30:85:25:11:6d:66:44:3a:ac:90:09:21:9b:be:08:64:46:
0c:0d:b2:f8:e4:ce:4d:a7:e7:b1:44:98:ff:b8:6c:c0:c6:69:
88:1e:98:d5:9b:38:85:da:61:c0:27:30:58:c8:f9:cf:f6:f4:
8e:3f:47:de:da:d6:da:c2:54:4a:9b:f9:32:6b:fc:b6:43:1e:
81:60:6a:0c:97:0f:e0:3f:19:3e:d1:26:bf:c5:c2:e5:c3:b3:
b3:98:4e:3d:ab:fd:da:47:ec:fd:bc:e8:7c:18:07:c0:43:54:
fe:ab:5b:18:37:35:d0:bc:13:40:8f:87:82:60:7c:ff:eb:ae:
d7:32:b3:16:2f:5d:e5:5e:2b:05:c2:76:5c:05:7b:69:b2:9b:
a8:99:ea:7f:6b:48:01:d3:1b:86:48:ae:2c:0c:07:ad:78:e0:
45:5c:d2:1f:b9:98:a8:e5:8f:48:79:74:70:2d:12:cb:69:84:
e2:c5:48:68:ff:09:bb:c3:e6:02:c0:38:ee:b3:61:56:1f:2d:
58:a6:67:cf:99:53:e0:f5:f5:bf:8e:01:a1:c9:55:ae:bb:72:
85:b4:50:22:46:46:2d:a2:21:6a:d9:20:d5:6e:c7:36:ca:b4:
b4:11:16:09:da:35:fd:71:5b:6d:19:2b:a0:21:97:15:b1:2b:
68:f3:82:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIENzOiqDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MzUzNmUxYTY4ZTk0NGIyMzQ3OTA4YjhiZGZlNzc0MGQ4ZThhYTQzMB4XDTIyMDEw
MTE1NTkzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzEyZmVmNDAyZjdj
MDBhODQ4YWQ1MTEzNTgyMTRlODBiZDYyYWEyYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN3bDbqjtz/yQTqMpc+nIJIdcHri2QlZfDWbQm44bRQ4Y/Zb
DXvoVWygTH2mkRv2KqiXY0+BzFwZAefgN2nvXNwvGjOyzfbTwL5iska7a1kX+vWt
ogBI6RHwotP58AVzoFW1YEDSLQ+rAvFI9mMKIUAyfnrDhlG07ftUEX8rSKximBS4
zQnlobHrHVczuqWCV/amxfAm+2PrHXXJI/Yg6QbrkCQoA5d/1iNGOHUEbH5UuSFQ
x5Qx6/9ws41Ou3U0Mdb5MJ9lD03LwHWeVwmx8cbuf49ILW7DtiDdcI+YyenAfc+G
ith1+UyQ6LsrwzrNIbQP34ni6IhK5XndD+8UVfkCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBTBL+9AL3wAqEitURNYIU6AvWKqKjAfBgNVHSMEGDAWgBQDU24aaOlEsjR5
CLi9/ndA2OiqQzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ExTnVHbWpwUkxJMGVRaTR2ZjUzUU5qb3FrTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWEvMjU0ZWEyLTk3NGYtNDRiMS1iMjM5LTVhMzc3Yzg3OTFmNS8x
L3dTX3ZRQzk4QUtoSXJWRVRXQ0ZPZ0wxaXFpby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWEv
MjU0ZWEyLTk3NGYtNDRiMS1iMjM5LTVhMzc3Yzg3OTFmNS8xL0ExTnVHbWpwUkxJ
MGVRaTR2ZjUzUU5qb3FrTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEBy67gAMEBU6YAAMEAlvL9AMEB19s
AAMEAcMqjDANBAIAAjAHAwUAKgICoDANBgkqhkiG9w0BAQsFAAOCAQEAvDCFJRFt
ZkQ6rJAJIZu+CGRGDA2y+OTOTafnsUSY/7hswMZpiB6Y1Zs4hdphwCcwWMj5z/b0
jj9H3trW2sJUSpv5Mmv8tkMegWBqDJcP4D8ZPtEmv8XC5cOzs5hOPav92kfs/bzo
fBgHwENU/qtbGDc10LwTQI+HgmB8/+uu1zKzFi9d5V4rBcJ2XAV7abKbqJnqf2tI
AdMbhkiuLAwHrXjgRVzSH7mYqOWPSHl0cC0Sy2mE4sVIaP8Ju8PmAsA47rNhVh8t
WKZnz5lT4PX1v44BoclVrrtyhbRQIkZGLaIhatkg1W7HNsq0tBEWCdo1/XFbbRkr
oCGXFbEraPOC4w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:48 2023 by rpki-client on console-fra.rpki-client.org