Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/65690a-0acf-4f36-a89c-2b4a2714214a/1/w71yjWwHBNpGnVhYycMhecMYKsM.roa
File: w71yjWwHBNpGnVhYycMhecMYKsM.roa (raw, json)
Hash identifier: rAKH0eTJF1fEvjaVzBAl16qDjweYLdUVxKbzy4FpVOQ=
Subject key identifier: C3:BD:72:8D:6C:07:04:DA:46:9D:58:58:C9:C3:21:79:C3:18:2A:C3
Certificate issuer: /CN=13b43dace8663447ee4725520d78c54ab7b99ad4
Certificate serial: 03D53E88
Authority key identifier: 13:B4:3D:AC:E8:66:34:47:EE:47:25:52:0D:78:C5:4A:B7:B9:9A:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E7Q9rOhmNEfuRyVSDXjFSre5mtQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/65690a-0acf-4f36-a89c-2b4a2714214a/1/w71yjWwHBNpGnVhYycMhecMYKsM.roa
Signing time: Sat 01 Jan 2022 09:59:00 +0000
ROA not before: Sat 01 Jan 2022 09:59:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207603
IP address blocks: 193.41.58.0/24 maxlen: 24
185.178.20.0/22 maxlen: 24
185.101.140.0/22 maxlen: 22
2a10:5940::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64306824 (0x3d53e88)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13b43dace8663447ee4725520d78c54ab7b99ad4
Validity
Not Before: Jan 1 09:59:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c3bd728d6c0704da469d5858c9c32179c3182ac3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:41:59:5d:f0:cc:1b:2c:c9:65:96:3c:80:4c:
73:0d:95:47:f6:c4:41:de:d9:78:29:89:58:06:4a:
cc:1f:ee:04:7f:bc:8a:25:9a:b8:34:86:1e:a7:48:
2c:84:d5:1b:16:2c:84:7c:d6:52:99:0e:06:37:9f:
7f:28:c6:72:11:69:18:79:9c:8b:21:34:f9:7a:f4:
fe:75:41:13:7c:a1:8c:95:f0:f6:0d:d3:39:38:41:
c3:19:5d:0b:8a:67:28:40:89:73:3c:4b:4d:a3:2c:
3d:26:01:d8:5d:13:f3:12:ff:57:b9:3d:09:1c:a4:
63:36:ca:24:d4:63:99:5b:71:46:c8:ca:f7:36:0e:
3d:6a:54:7a:12:61:34:e0:13:df:98:cd:ff:d7:bd:
b9:39:e2:9b:33:e7:24:37:e9:33:ee:cf:0e:e6:ef:
b9:b8:dc:52:16:3c:75:79:d1:37:dd:94:ab:93:3c:
f3:35:14:ed:c0:90:63:7f:0c:36:7b:1f:95:25:44:
9a:23:98:3a:72:a6:ad:70:44:25:5c:4e:24:6b:44:
0c:24:2a:90:88:58:45:db:de:eb:0e:09:20:b1:42:
94:af:99:71:2a:03:f2:5b:ad:81:f6:72:cc:6f:89:
83:98:bc:a6:8d:df:76:9a:45:01:bb:42:5f:bd:f5:
ab:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:BD:72:8D:6C:07:04:DA:46:9D:58:58:C9:C3:21:79:C3:18:2A:C3
X509v3 Authority Key Identifier:
keyid:13:B4:3D:AC:E8:66:34:47:EE:47:25:52:0D:78:C5:4A:B7:B9:9A:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E7Q9rOhmNEfuRyVSDXjFSre5mtQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/65690a-0acf-4f36-a89c-2b4a2714214a/1/w71yjWwHBNpGnVhYycMhecMYKsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/65690a-0acf-4f36-a89c-2b4a2714214a/1/E7Q9rOhmNEfuRyVSDXjFSre5mtQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.140.0/22
185.178.20.0/22
193.41.58.0/24
IPv6:
2a10:5940::/29
Signature Algorithm: sha256WithRSAEncryption
0d:03:4a:ea:4c:f8:9e:a3:23:e2:d8:54:a5:89:0b:c1:f4:9a:
39:62:94:f3:1c:75:d9:5e:15:a3:8b:12:8d:16:60:72:87:8f:
1c:9f:69:2e:a7:6f:0f:2b:5d:36:78:a9:9e:7b:27:fd:3a:e2:
10:47:ef:c6:15:fb:b6:68:c6:93:dc:05:c4:2e:ff:ff:2a:83:
74:ff:c5:dc:fe:b3:09:5b:e0:cb:a3:ba:85:96:a9:12:00:ed:
19:0e:e7:a1:db:5b:0c:19:53:59:7e:57:f6:cf:32:0f:c2:c9:
b8:a8:bd:e3:7c:bc:4f:a4:73:a7:f6:6b:81:5e:a1:56:50:63:
1b:52:cd:7e:47:48:a0:59:ab:77:82:39:15:27:a4:e4:6e:b6:
a5:2b:21:e4:29:82:16:59:f1:d4:c9:d1:66:04:d1:3e:90:fe:
8d:59:ad:73:81:99:01:46:b3:0c:09:ac:4f:98:b8:c6:a3:7d:
0a:12:1e:d3:a9:6a:30:74:44:a9:62:19:06:f5:6b:23:e8:69:
ba:6f:47:a5:a0:b2:a3:8f:16:ea:d5:f9:b5:c0:1e:84:64:d4:
49:b5:6e:71:0e:49:9c:25:f1:ca:ec:82:45:a5:ed:29:ab:8a:
e3:a5:29:73:4f:70:84:e9:91:be:0e:41:36:48:12:a5:f6:eb:
06:b0:cd:98
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEA9U+iDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
M2I0M2RhY2U4NjYzNDQ3ZWU0NzI1NTIwZDc4YzU0YWI3Yjk5YWQ0MB4XDTIyMDEw
MTA5NTkwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzNiZDcyOGQ2YzA3
MDRkYTQ2OWQ1ODU4YzljMzIxNzljMzE4MmFjMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK1BWV3wzBssyWWWPIBMcw2VR/bEQd7ZeCmJWAZKzB/uBH+8
iiWauDSGHqdILITVGxYshHzWUpkOBjeffyjGchFpGHmciyE0+Xr0/nVBE3yhjJXw
9g3TOThBwxldC4pnKECJczxLTaMsPSYB2F0T8xL/V7k9CRykYzbKJNRjmVtxRsjK
9zYOPWpUehJhNOAT35jN/9e9uTnimzPnJDfpM+7PDubvubjcUhY8dXnRN92Uq5M8
8zUU7cCQY38MNnsflSVEmiOYOnKmrXBEJVxOJGtEDCQqkIhYRdve6w4JILFClK+Z
cSoD8lutgfZyzG+Jg5i8po3fdppFAbtCX731q9ECAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBTDvXKNbAcE2kadWFjJwyF5wxgqwzAfBgNVHSMEGDAWgBQTtD2s6GY0R+5H
JVINeMVKt7ma1DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0U3UTlyT2htTkVmdVJ5VlNEWGpGU3JlNW10US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjYvNjU2OTBhLTBhY2YtNGYzNi1hODljLTJiNGEyNzE0MjE0YS8x
L3c3MXlqV3dIQk5wR25WaFl5Y01oZWNNWUtzTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjYv
NjU2OTBhLTBhY2YtNGYzNi1hODljLTJiNGEyNzE0MjE0YS8xL0U3UTlyT2htTkVm
dVJ5VlNEWGpGU3JlNW10US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEArlljAMEArmyFAMEAMEpOjANBAIA
AjAHAwUDKhBZQDANBgkqhkiG9w0BAQsFAAOCAQEADQNK6kz4nqMj4thUpYkLwfSa
OWKU8xx12V4Vo4sSjRZgcoePHJ9pLqdvDytdNnipnnsn/TriEEfvxhX7tmjGk9wF
xC7//yqDdP/F3P6zCVvgy6O6hZapEgDtGQ7nodtbDBlTWX5X9s8yD8LJuKi943y8
T6Rzp/ZrgV6hVlBjG1LNfkdIoFmrd4I5FSek5G62pSsh5CmCFlnx1MnRZgTRPpD+
jVmtc4GZAUazDAmsT5i4xqN9ChIe06lqMHREqWIZBvVrI+hpum9HpaCyo48W6tX5
tcAehGTUSbVucQ5JnCXxyuyCRaXtKauK46Upc09whOmRvg5BNkgSpfbrBrDNmA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:28 2023 by rpki-client on console-fra.rpki-client.org