Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/f9b3ca-04a0-4233-aed1-c6f9d0a8f36e/1/WbJMYPl4ponji6RUq38PvH1u8o4.roa
File: WbJMYPl4ponji6RUq38PvH1u8o4.roa (raw, json)
Hash identifier: UVgnly/dLg9c1BDFzLyEdM7mFUO6WzzSom6MD8s59C0=
Subject key identifier: 59:B2:4C:60:F9:78:A6:89:E3:8B:A4:54:AB:7F:0F:BC:7D:6E:F2:8E
Certificate issuer: /CN=aee8d6f56c5fbc904c9b913609013e5964865257
Certificate serial: 018550C712BDD6069AB4A688D818C6A878FD
Authority key identifier: AE:E8:D6:F5:6C:5F:BC:90:4C:9B:91:36:09:01:3E:59:64:86:52:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rujW9WxfvJBMm5E2CQE-WWSGUlc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/f9b3ca-04a0-4233-aed1-c6f9d0a8f36e/1/WbJMYPl4ponji6RUq38PvH1u8o4.roa
Signing time: Mon 26 Dec 2022 23:31:41 +0000
ROA not before: Mon 26 Dec 2022 23:31:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35913
IP address blocks: 195.20.19.0/24 maxlen: 24
2a13:49c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:50:c7:12:bd:d6:06:9a:b4:a6:88:d8:18:c6:a8:78:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aee8d6f56c5fbc904c9b913609013e5964865257
Validity
Not Before: Dec 26 23:31:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=59b24c60f978a689e38ba454ab7f0fbc7d6ef28e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:bd:31:cd:8a:4d:d5:0b:0d:5c:74:be:55:3c:
72:7f:45:93:18:3d:53:6a:fd:07:ad:ef:b8:f3:b0:
cb:53:bd:d0:c0:37:33:70:fb:b9:be:44:5d:5a:b1:
4a:8f:e2:1e:41:1c:36:61:87:51:b0:17:3c:62:b6:
3e:cc:6f:55:6d:c7:94:c6:3d:d4:6e:68:b6:25:98:
70:ae:39:1b:97:9b:f8:57:2f:37:87:44:bd:25:eb:
a3:b1:e1:25:7f:27:0d:9b:0b:71:0b:22:8e:b3:4b:
14:80:2b:67:89:70:20:f7:e5:98:10:31:ea:a0:1c:
60:ee:89:42:da:19:b7:37:53:f1:11:53:be:ab:7f:
61:05:26:9e:de:f5:41:fd:f7:d1:6b:be:7a:4c:1d:
5f:e8:7d:e3:bb:1c:c7:e0:16:51:8a:47:f9:3a:b3:
bb:95:3f:49:f3:db:6d:f8:1a:3d:f6:3e:7e:18:f1:
12:f1:93:73:93:80:05:e9:ba:10:0c:3e:a8:1d:2a:
68:50:c4:36:ee:c4:a1:ad:8a:0d:13:06:a7:9a:64:
88:cd:0a:02:02:1d:3b:c2:7c:b0:c8:25:19:40:bf:
03:47:13:58:d9:aa:cc:a5:18:17:84:dc:d5:5c:ca:
64:0e:df:b2:c8:9f:a0:c9:9b:57:62:61:ad:8b:45:
00:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:B2:4C:60:F9:78:A6:89:E3:8B:A4:54:AB:7F:0F:BC:7D:6E:F2:8E
X509v3 Authority Key Identifier:
keyid:AE:E8:D6:F5:6C:5F:BC:90:4C:9B:91:36:09:01:3E:59:64:86:52:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rujW9WxfvJBMm5E2CQE-WWSGUlc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f9b3ca-04a0-4233-aed1-c6f9d0a8f36e/1/WbJMYPl4ponji6RUq38PvH1u8o4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f9b3ca-04a0-4233-aed1-c6f9d0a8f36e/1/rujW9WxfvJBMm5E2CQE-WWSGUlc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.20.19.0/24
IPv6:
2a13:49c0::/29
Signature Algorithm: sha256WithRSAEncryption
69:fb:92:84:ba:19:91:74:fa:36:e7:5e:88:dc:ed:8d:45:94:
4a:a6:24:cc:2d:be:89:65:d3:42:61:80:cd:d6:ec:33:1b:46:
54:8d:41:b1:09:02:f8:b2:bd:5b:ac:bd:5f:92:d2:de:71:eb:
30:43:04:82:97:a2:d9:95:7a:b3:40:43:54:45:5c:86:43:df:
19:4e:c3:ef:2c:16:68:91:3e:81:0c:81:98:31:ef:10:aa:0c:
e5:fc:eb:60:cd:91:b1:42:ba:84:32:35:af:5a:ff:20:25:54:
fd:c9:95:d0:65:42:41:79:fd:b9:4a:49:da:dd:f9:88:28:bb:
f9:1d:f0:70:66:9d:9d:5e:df:0f:f8:5e:41:f5:53:c5:66:32:
3c:ee:72:22:56:e3:ab:26:a6:43:23:02:60:bd:a3:80:df:a4:
ef:c9:8c:20:18:a8:43:23:e5:8c:d2:c9:bd:f2:5b:8d:33:3f:
b8:c0:56:3c:93:84:8a:e4:e5:19:1a:7e:b5:36:e8:8a:e3:d1:
96:82:81:f4:eb:e0:64:37:81:a3:b7:f0:e7:34:5b:af:2a:17:
41:a5:7f:ee:af:64:74:83:20:fd:6d:bc:3a:d0:d2:b4:a5:96:
e8:ec:36:94:54:1a:74:fd:0c:1f:81:db:98:a9:39:81:82:0b:
4d:c6:5c:24
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVQxxK91gaatKaI2BjGqHj9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZThkNmY1NmM1ZmJjOTA0YzliOTEzNjA5MDEzZTU5NjQ4
NjUyNTcwHhcNMjIxMjI2MjMzMTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWIyNGM2MGY5NzhhNjg5ZTM4YmE0NTRhYjdmMGZiYzdkNmVmMjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqb0xzYpN1QsNXHS+VTxyf0WTGD1T
av0Hre+487DLU73QwDczcPu5vkRdWrFKj+IeQRw2YYdRsBc8YrY+zG9VbceUxj3U
bmi2JZhwrjkbl5v4Vy83h0S9JeujseElfycNmwtxCyKOs0sUgCtniXAg9+WYEDHq
oBxg7olC2hm3N1PxEVO+q39hBSae3vVB/ffRa756TB1f6H3juxzH4BZRikf5OrO7
lT9J89tt+Bo99j5+GPES8ZNzk4AF6boQDD6oHSpoUMQ27sShrYoNEwanmmSIzQoC
Ah07wnywyCUZQL8DRxNY2arMpRgXhNzVXMpkDt+yyJ+gyZtXYmGti0UA5wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFmyTGD5eKaJ44ukVKt/D7x9bvKOMB8GA1UdIwQY
MBaAFK7o1vVsX7yQTJuRNgkBPllkhlJXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnVqVzlXeGZ2SkJNbTVFMkNRRS1XV1NHVWxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9mOWIzY2EtMDRhMC00MjMzLWFlZDEt
YzZmOWQwYThmMzZlLzEvV2JKTVlQbDRwb25qaTZSVXEzOFB2SDF1OG80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9mOWIzY2EtMDRhMC00MjMzLWFlZDEtYzZmOWQwYThmMzZl
LzEvcnVqVzlXeGZ2SkJNbTVFMkNRRS1XV1NHVWxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwxQTMA0E
AgACMAcDBQMqE0nAMA0GCSqGSIb3DQEBCwUAA4IBAQBp+5KEuhmRdPo2516I3O2N
RZRKpiTMLb6JZdNCYYDN1uwzG0ZUjUGxCQL4sr1brL1fktLeceswQwSCl6LZlXqz
QENURVyGQ98ZTsPvLBZokT6BDIGYMe8Qqgzl/OtgzZGxQrqEMjWvWv8gJVT9yZXQ
ZUJBef25Skna3fmIKLv5HfBwZp2dXt8P+F5B9VPFZjI87nIiVuOrJqZDIwJgvaOA
36TvyYwgGKhDI+WM0sm98luNMz+4wFY8k4SK5OUZGn61NuiK49GWgoH06+BkN4Gj
t/DnNFuvKhdBpX/ur2R0gyD9bbw60NK0pZbo7DaUVBp0/QwfgduYqTmBggtNxlwk
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:18 2023 by rpki-client on console-fra.rpki-client.org