Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/9S-GqDRu3SFNVRPHZ-culXOLZFU.roa
File: 9S-GqDRu3SFNVRPHZ-culXOLZFU.roa (raw, json)
Hash identifier: qiYnTsB+d1y4PX3NMgTlaWeTiObxUKxdfeVHppun1v4=
Subject key identifier: F5:2F:86:A8:34:6E:DD:21:4D:55:13:C7:67:E7:2E:95:73:8B:64:55
Certificate issuer: /CN=58b29e7b8a0ddb9c36c6e0e3f49577817b0ea3a6
Certificate serial: 0183406D1D64359234235551B457B0DC8851
Authority key identifier: 58:B2:9E:7B:8A:0D:DB:9C:36:C6:E0:E3:F4:95:77:81:7B:0E:A3:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WLKee4oN25w2xuDj9JV3gXsOo6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/9S-GqDRu3SFNVRPHZ-culXOLZFU.roa
Signing time: Thu 15 Sep 2022 09:13:56 +0000
ROA not before: Thu 15 Sep 2022 09:13:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35228
IP address blocks: 82.132.138.0/23 maxlen: 24
82.132.164.0/23 maxlen: 24
82.132.160.0/23 maxlen: 24
82.132.162.0/23 maxlen: 24
82.132.166.0/23 maxlen: 24
82.132.184.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:40:6d:1d:64:35:92:34:23:55:51:b4:57:b0:dc:88:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58b29e7b8a0ddb9c36c6e0e3f49577817b0ea3a6
Validity
Not Before: Sep 15 09:13:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f52f86a8346edd214d5513c767e72e95738b6455
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e5:74:5e:f5:3a:94:0b:ee:8a:b5:20:79:20:
98:aa:b5:b4:2b:5b:95:8e:2f:7f:19:26:60:2e:53:
06:df:66:f7:d8:93:78:c9:d8:9c:f7:de:31:2d:22:
d9:e6:ff:91:85:95:46:40:5c:8f:42:a6:91:54:29:
01:82:8c:50:b4:e6:81:56:51:c5:aa:83:40:8f:4c:
84:5c:1d:7b:b4:c2:ba:67:d3:4f:40:8b:6c:78:9e:
1a:d6:43:35:b3:8e:6b:08:3f:ae:f9:07:35:35:fc:
80:55:e8:59:0e:33:96:39:a5:97:ea:8b:d4:2b:b7:
2c:8a:a2:18:59:26:6e:26:2b:14:c1:c3:f5:f5:dd:
36:06:ce:a1:a8:53:4d:f7:21:a3:6a:bb:b5:55:11:
16:4a:d6:16:f8:de:33:65:93:f3:b4:86:80:d1:ba:
bc:b7:ed:53:6d:c4:d0:33:cd:66:07:62:e2:6d:dc:
dc:4c:b2:f3:66:2e:a4:6a:34:2b:ee:db:ca:33:6e:
45:8b:ef:9b:bf:ed:58:4f:3b:4c:2e:f8:05:8f:3d:
b4:a9:02:8a:ff:ee:83:46:29:03:99:2d:c6:e6:7d:
d9:91:ea:a4:34:89:e6:53:78:c1:f4:c2:a8:a5:b5:
af:0b:62:33:3c:a5:3d:f0:0d:5d:aa:8a:95:bc:60:
e4:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:2F:86:A8:34:6E:DD:21:4D:55:13:C7:67:E7:2E:95:73:8B:64:55
X509v3 Authority Key Identifier:
keyid:58:B2:9E:7B:8A:0D:DB:9C:36:C6:E0:E3:F4:95:77:81:7B:0E:A3:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WLKee4oN25w2xuDj9JV3gXsOo6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/9S-GqDRu3SFNVRPHZ-culXOLZFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/WLKee4oN25w2xuDj9JV3gXsOo6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.132.138.0/23
82.132.160.0/21
82.132.184.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:94:55:47:eb:d7:ef:e2:d9:2f:b4:5b:6d:1d:97:60:d9:f1:
cb:84:be:6c:06:f3:43:01:1b:cc:22:a4:30:2e:94:e9:d2:58:
cc:9d:74:c2:37:b8:e9:3f:76:92:7f:2c:8c:f2:21:3f:56:6d:
ab:8c:41:84:9f:34:b1:65:da:c4:19:50:6c:a1:75:83:6a:89:
b1:09:1d:ab:f4:e3:e5:0f:04:9f:99:6b:ef:46:e3:ea:15:66:
39:a8:bc:0e:99:bb:65:3b:d3:1d:68:51:a8:ca:25:f6:9f:23:
87:35:46:ea:db:6a:9e:65:a3:b7:b0:a1:d3:7e:62:1d:24:be:
cd:30:99:67:f9:cb:eb:13:aa:f9:5a:12:12:2d:d4:03:3c:4a:
eb:97:d2:1a:bb:5b:c3:bc:1d:89:fa:51:9e:a7:b4:73:93:08:
ca:fd:ca:b5:94:87:b1:d3:bc:fd:5b:b1:71:ed:d3:53:49:e0:
64:f1:37:43:a3:d5:60:6a:45:79:b3:78:db:db:df:01:cf:10:
48:02:cc:a0:bc:44:2d:e4:76:8d:b9:8b:b3:bc:b0:4d:7c:95:
f3:4e:8b:5d:37:f3:d1:91:81:ec:28:f3:c1:a5:09:0c:03:c4:
da:b6:74:08:5c:71:52:06:91:9b:1a:72:01:da:61:78:80:04:
19:72:41:a8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYNAbR1kNZI0I1VRtFew3IhRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YjI5ZTdiOGEwZGRiOWMzNmM2ZTBlM2Y0OTU3NzgxN2Iw
ZWEzYTYwHhcNMjIwOTE1MDkxMzU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTJmODZhODM0NmVkZDIxNGQ1NTEzYzc2N2U3MmU5NTczOGI2NDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+V0XvU6lAvuirUgeSCYqrW0K1uV
ji9/GSZgLlMG32b32JN4ydic994xLSLZ5v+RhZVGQFyPQqaRVCkBgoxQtOaBVlHF
qoNAj0yEXB17tMK6Z9NPQItseJ4a1kM1s45rCD+u+Qc1NfyAVehZDjOWOaWX6ovU
K7csiqIYWSZuJisUwcP19d02Bs6hqFNN9yGjaru1VREWStYW+N4zZZPztIaA0bq8
t+1TbcTQM81mB2LibdzcTLLzZi6kajQr7tvKM25Fi++bv+1YTztMLvgFjz20qQKK
/+6DRikDmS3G5n3ZkeqkNInmU3jB9MKopbWvC2IzPKU98A1dqoqVvGDk8QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPUvhqg0bt0hTVUTx2fnLpVzi2RVMB8GA1UdIwQY
MBaAFFiynnuKDducNsbg4/SVd4F7DqOmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0xLZWU0b04yNXcyeHVEajlKVjNnWHNPbzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yY2IzYmItMGVkMS00ZWNmLThhZjUt
ZWU3M2ZlMjFlZDIzLzEvOVMtR3FEUnUzU0ZOVlJQSFotY3VsWE9MWkZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8yY2IzYmItMGVkMS00ZWNmLThhZjUtZWU3M2ZlMjFlZDIz
LzEvV0xLZWU0b04yNXcyeHVEajlKVjNnWHNPbzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBUoSKAwQD
UoSgAwQCUoS4MA0GCSqGSIb3DQEBCwUAA4IBAQBdlFVH69fv4tkvtFttHZdg2fHL
hL5sBvNDARvMIqQwLpTp0ljMnXTCN7jpP3aSfyyM8iE/Vm2rjEGEnzSxZdrEGVBs
oXWDaomxCR2r9OPlDwSfmWvvRuPqFWY5qLwOmbtlO9MdaFGoyiX2nyOHNUbq22qe
ZaO3sKHTfmIdJL7NMJln+cvrE6r5WhISLdQDPErrl9Iau1vDvB2J+lGep7RzkwjK
/cq1lIex07z9W7Fx7dNTSeBk8TdDo9VgakV5s3jb298BzxBIAsygvEQt5HaNuYuz
vLBNfJXzTotdN/PRkYHsKPPBpQkMA8TatnQIXHFSBpGbGnIB2mF4gAQZckGo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:10 2024 by rpki-client on console-fra.rpki-client.org