Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/W3c9W7OtasPvk7lhF4FuOMWj7rM.roa
File: W3c9W7OtasPvk7lhF4FuOMWj7rM.roa (raw, json)
Hash identifier: 4n9kpwfyLibyH/MdBlTlQYLsrZPpQ+Hv98SEAzzeTrs=
Subject key identifier: 5B:77:3D:5B:B3:AD:6A:C3:EF:93:B9:61:17:81:6E:38:C5:A3:EE:B3
Certificate issuer: /CN=da9c6729e1e8989984dd802d1a90e89ce2fe373c
Certificate serial: 0182B10D01C612C38C4D984DA8D9F51BDF81
Authority key identifier: DA:9C:67:29:E1:E8:98:99:84:DD:80:2D:1A:90:E8:9C:E2:FE:37:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2pxnKeHomJmE3YAtGpDonOL-Nzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/W3c9W7OtasPvk7lhF4FuOMWj7rM.roa
Signing time: Thu 18 Aug 2022 13:03:15 +0000
ROA not before: Thu 18 Aug 2022 13:03:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35280
IP address blocks: 185.94.142.0/23 maxlen: 24
185.94.141.0/24 maxlen: 24
185.94.140.0/22 maxlen: 22
185.94.140.0/24 maxlen: 24
185.94.140.0/23 maxlen: 24
84.54.60.0/22 maxlen: 24
185.160.10.0/23 maxlen: 24
185.160.9.0/24 maxlen: 24
185.160.8.0/23 maxlen: 24
193.16.221.0/24 maxlen: 24
5.182.212.0/22 maxlen: 22
193.16.236.0/24 maxlen: 24
185.56.152.0/24 maxlen: 24
185.56.154.0/23 maxlen: 24
193.16.213.0/24 maxlen: 24
2a05:f440::/29 maxlen: 48
2a07:b7c0::/29 maxlen: 29
2a02:53a0::/32 maxlen: 32
2a09:4b00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:b1:0d:01:c6:12:c3:8c:4d:98:4d:a8:d9:f5:1b:df:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da9c6729e1e8989984dd802d1a90e89ce2fe373c
Validity
Not Before: Aug 18 13:03:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5b773d5bb3ad6ac3ef93b96117816e38c5a3eeb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c3:65:0b:d5:ee:b9:41:5c:70:c4:c7:fc:0b:
2e:9a:8f:ad:0c:1b:3d:c5:24:c1:88:20:57:81:20:
6d:02:a8:ae:6e:27:3c:74:47:aa:06:0d:a4:64:44:
bd:81:5c:08:5b:ce:57:2b:81:ea:2d:46:6a:44:84:
91:3c:67:f2:64:8b:8b:a1:79:67:96:ff:c7:63:53:
11:fd:60:ad:77:fe:d1:d7:6e:81:d6:bb:04:a5:df:
ab:6e:8f:71:79:80:d1:a8:71:59:2f:54:09:d7:10:
8a:75:2b:57:94:1d:69:c0:fe:2c:18:0e:2f:10:82:
04:90:ed:b0:be:93:0a:b7:55:a9:c2:35:cd:b4:5c:
42:90:77:d0:d6:d1:36:6b:57:e5:db:84:85:34:99:
77:30:b9:a1:1d:d1:73:8c:94:d7:e2:4e:02:8c:a9:
29:35:8b:65:1a:7a:05:6d:08:3f:c6:2f:d1:97:55:
76:5d:85:1e:8d:c2:c8:cc:f6:b6:16:8e:69:a2:2d:
cc:82:a7:75:ce:97:d8:5d:70:7f:4a:e3:82:f4:1c:
2b:b9:a4:2d:73:64:2a:da:7c:87:56:d1:80:9c:75:
b3:68:85:a3:49:fc:99:78:ad:93:36:52:0e:80:27:
b3:d4:d8:dd:b0:57:55:cf:2e:a7:5d:cb:90:60:44:
c6:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:77:3D:5B:B3:AD:6A:C3:EF:93:B9:61:17:81:6E:38:C5:A3:EE:B3
X509v3 Authority Key Identifier:
keyid:DA:9C:67:29:E1:E8:98:99:84:DD:80:2D:1A:90:E8:9C:E2:FE:37:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2pxnKeHomJmE3YAtGpDonOL-Nzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/W3c9W7OtasPvk7lhF4FuOMWj7rM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.212.0/22
84.54.60.0/22
185.56.152.0/24
185.56.154.0/23
185.94.140.0/22
185.160.8.0/22
193.16.213.0/24
193.16.221.0/24
193.16.236.0/24
IPv6:
2a02:53a0::/32
2a05:f440::/29
2a07:b7c0::/29
2a09:4b00::/32
Signature Algorithm: sha256WithRSAEncryption
2d:f4:14:d8:cb:8e:a7:9b:9d:39:cb:45:fa:1e:ca:40:d7:b6:
4a:c0:49:cb:cf:76:01:a2:60:cb:02:23:41:95:c7:3e:e3:50:
d9:34:df:6b:8e:20:39:53:86:49:2b:99:56:d9:3f:c1:90:24:
93:10:9a:61:53:01:8c:5c:f0:a6:b7:7a:13:57:5b:8a:3b:de:
3d:14:b3:dc:86:0a:07:0c:8e:32:26:ad:63:65:59:7d:91:86:
62:7f:db:58:71:e6:b1:67:0e:5b:00:2c:b4:c6:da:1f:19:fd:
c4:aa:a0:39:1c:84:5c:74:34:90:77:5c:20:80:70:e7:59:cd:
f2:dd:18:bd:55:f0:0d:3e:bd:ce:c4:82:5b:b6:b3:f2:24:40:
0a:fa:9b:fd:83:54:6d:3c:07:42:9b:3f:73:94:c1:df:93:95:
0c:bf:6f:94:66:ec:e6:ca:66:80:1e:34:9d:98:df:8d:08:73:
c6:20:7a:dd:34:ed:24:12:ed:4a:81:6b:bb:17:e5:0b:9e:9e:
78:c2:65:2e:9e:05:51:89:3f:32:da:7a:06:c2:02:d3:5e:a2:
4a:a0:ed:9b:73:eb:cc:eb:3d:01:75:1a:af:2e:41:d4:54:af:
15:fe:b9:8a:5a:67:aa:b6:86:c1:bd:95:41:f6:e4:ba:ca:ba:
fa:94:dd:f5
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYKxDQHGEsOMTZhNqNn1G9+BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOWM2NzI5ZTFlODk4OTk4NGRkODAyZDFhOTBlODljZTJm
ZTM3M2MwHhcNMjIwODE4MTMwMzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yjc3M2Q1YmIzYWQ2YWMzZWY5M2I5NjExNzgxNmUzOGM1YTNlZWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsNlC9XuuUFccMTH/Asumo+tDBs9
xSTBiCBXgSBtAqiubic8dEeqBg2kZES9gVwIW85XK4HqLUZqRISRPGfyZIuLoXln
lv/HY1MR/WCtd/7R126B1rsEpd+rbo9xeYDRqHFZL1QJ1xCKdStXlB1pwP4sGA4v
EIIEkO2wvpMKt1WpwjXNtFxCkHfQ1tE2a1fl24SFNJl3MLmhHdFzjJTX4k4CjKkp
NYtlGnoFbQg/xi/Rl1V2XYUejcLIzPa2Fo5poi3Mgqd1zpfYXXB/SuOC9BwruaQt
c2Qq2nyHVtGAnHWzaIWjSfyZeK2TNlIOgCez1NjdsFdVzy6nXcuQYETGTwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFFt3PVuzrWrD75O5YReBbjjFo+6zMB8GA1UdIwQY
MBaAFNqcZynh6JiZhN2ALRqQ6Jzi/jc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnB4bktlSG9tSm1FM1lBdEdwRG9uT0wtTnp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC83NTVjNTUtYzRmNS00Y2I3LTg3MWQt
NjljNjhlMmVmMjdkLzEvVzNjOVc3T3Rhc1B2azdsaEY0RnVPTVdqN3JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC83NTVjNTUtYzRmNS00Y2I3LTg3MWQtNjljNjhlMmVmMjdk
LzEvMnB4bktlSG9tSm1FM1lBdEdwRG9uT0wtTnp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjA8BAIAATA2AwQCBbbUAwQC
VDY8AwQAuTiYAwQBuTiaAwQCuV6MAwQCuaAIAwQAwRDVAwQAwRDdAwQAwRDsMCIE
AgACMBwDBQAqAlOgAwUDKgX0QAMFAyoHt8ADBQAqCUsAMA0GCSqGSIb3DQEBCwUA
A4IBAQAt9BTYy46nm505y0X6HspA17ZKwEnLz3YBomDLAiNBlcc+41DZNN9rjiA5
U4ZJK5lW2T/BkCSTEJphUwGMXPCmt3oTV1uKO949FLPchgoHDI4yJq1jZVl9kYZi
f9tYceaxZw5bACy0xtofGf3EqqA5HIRcdDSQd1wggHDnWc3y3Ri9VfANPr3OxIJb
trPyJEAK+pv9g1RtPAdCmz9zlMHfk5UMv2+UZuzmymaAHjSdmN+NCHPGIHrdNO0k
Eu1KgWu7F+ULnp54wmUungVRiT8y2noGwgLTXqJKoO2bc+vM6z0BdRqvLkHUVK8V
/rmKWmeqtobBvZVB9uS6yrr6lN31
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:29 2024 by rpki-client on console-ams.rpki-client.org