Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/WQ1NeK_m_XIHw-VsBt5UzgHNB0w.roa
File: WQ1NeK_m_XIHw-VsBt5UzgHNB0w.roa (raw, json)
Hash identifier: jYCihKwmoYeSv6hAj/EvILnlzkUXDoIzDXXT5E3pq5o=
Subject key identifier: 59:0D:4D:78:AF:E6:FD:72:07:C3:E5:6C:06:DE:54:CE:01:CD:07:4C
Certificate issuer: /CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Certificate serial: 14B6D646
Authority key identifier: 54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/WQ1NeK_m_XIHw-VsBt5UzgHNB0w.roa
Signing time: Wed 16 Mar 2022 06:10:53 +0000
ROA not before: Wed 16 Mar 2022 06:10:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9121
IP address blocks: 213.238.165.0/24 maxlen: 24
213.238.161.0/24 maxlen: 24
213.238.162.0/24 maxlen: 24
213.238.163.0/24 maxlen: 24
213.238.164.0/24 maxlen: 24
213.238.160.0/24 maxlen: 24
213.238.168.0/24 maxlen: 24
213.238.187.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 347526726 (0x14b6d646)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54cbda78b1d1b613df565ff99700b6aee940de3f
Validity
Not Before: Mar 16 06:10:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=590d4d78afe6fd7207c3e56c06de54ce01cd074c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:8a:1a:9f:99:fa:59:cd:80:79:87:a5:46:c3:
0a:5b:7b:b9:2d:d3:57:50:00:44:a5:15:5a:df:29:
d3:d5:df:7e:5a:05:13:f2:73:ad:90:76:e3:d3:46:
b3:9f:01:7f:a6:81:24:5a:e3:49:3d:0e:a9:0d:14:
d5:e3:70:29:00:6a:df:d0:e2:d5:7b:21:fd:7c:99:
6c:53:23:0d:e8:3d:6f:c4:2b:8a:a4:b0:42:22:ee:
3f:50:e9:d9:9a:5a:2c:91:48:09:59:a4:b8:b4:27:
af:ae:46:95:6b:cf:3e:51:5d:50:12:9c:a5:93:ad:
54:cc:95:23:bc:2d:12:e0:1b:c6:e8:c0:73:f7:35:
3c:0b:aa:4d:83:9d:91:a7:b9:da:31:da:f3:10:33:
33:46:5b:e2:85:b1:ba:ef:24:74:7f:99:2a:43:cc:
b9:52:e0:c4:fc:1f:8d:ed:b9:4e:90:27:94:e7:17:
9a:45:2b:d2:a5:88:14:01:d8:6b:c6:92:6b:d5:9b:
a6:bd:0b:55:2e:20:33:f6:b2:1c:e2:b1:b9:e2:68:
77:2d:3c:6a:69:4a:43:9b:c9:6e:ba:05:14:80:80:
91:e9:e7:a1:1e:fa:ea:87:13:8c:4a:c7:06:76:82:
5b:ed:a9:4e:af:fc:18:98:39:4b:e3:32:f9:5c:55:
89:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:0D:4D:78:AF:E6:FD:72:07:C3:E5:6C:06:DE:54:CE:01:CD:07:4C
X509v3 Authority Key Identifier:
keyid:54:CB:DA:78:B1:D1:B6:13:DF:56:5F:F9:97:00:B6:AE:E9:40:DE:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VMvaeLHRthPfVl_5lwC2rulA3j8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/WQ1NeK_m_XIHw-VsBt5UzgHNB0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6d61d9-0bf7-44bb-b80f-cd31615d01a9/1/VMvaeLHRthPfVl_5lwC2rulA3j8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.238.160.0-213.238.165.255
213.238.168.0/24
213.238.187.0/24
Signature Algorithm: sha256WithRSAEncryption
35:70:f7:a9:55:4a:0e:51:5d:94:9c:f0:43:76:89:d6:0f:2c:
b0:a9:15:2d:94:e3:c3:b7:71:41:f5:52:a3:2d:53:bc:e6:91:
20:ab:69:e3:c5:7d:7d:c7:20:29:bb:f5:c2:3c:32:26:ef:04:
f0:de:62:bb:b9:72:cc:28:39:45:fc:52:cc:1a:18:6d:25:a0:
a7:8d:3e:10:6a:6c:08:00:22:28:c5:83:61:a1:7b:00:4e:db:
b1:a8:ac:46:6d:2a:15:75:98:34:fd:c3:cf:66:16:1c:76:00:
78:5f:c7:8f:09:94:b6:21:5f:7a:3b:4a:e4:75:c0:84:b5:5b:
15:a2:1f:bb:54:8d:2a:22:53:39:45:20:af:65:ea:1f:4e:28:
24:3d:5b:ee:3c:2d:38:74:c8:bc:21:68:47:3c:ae:34:70:fc:
91:9b:8a:4c:57:ee:4c:a9:ec:40:cd:16:bc:f4:6a:a1:42:c2:
ef:7d:f8:32:e7:97:49:18:c2:f8:ce:fc:d4:80:8f:91:12:97:
48:5d:e0:2e:3d:18:ad:e0:fd:31:82:33:5b:49:24:3e:c5:8a:
a8:90:e3:99:17:77:03:c5:98:57:ca:61:4e:bb:de:ec:68:e0:
03:40:3a:ae:a2:5f:76:ed:e0:51:90:3b:ff:56:41:34:cf:e9:
6d:fd:45:e5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEFLbWRjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NGNiZGE3OGIxZDFiNjEzZGY1NjVmZjk5NzAwYjZhZWU5NDBkZTNmMB4XDTIyMDMx
NjA2MTA1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTkwZDRkNzhhZmU2
ZmQ3MjA3YzNlNTZjMDZkZTU0Y2UwMWNkMDc0YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMGKGp+Z+lnNgHmHpUbDClt7uS3TV1AARKUVWt8p09XffloF
E/JzrZB249NGs58Bf6aBJFrjST0OqQ0U1eNwKQBq39Di1Xsh/XyZbFMjDeg9b8Qr
iqSwQiLuP1Dp2ZpaLJFICVmkuLQnr65GlWvPPlFdUBKcpZOtVMyVI7wtEuAbxujA
c/c1PAuqTYOdkae52jHa8xAzM0Zb4oWxuu8kdH+ZKkPMuVLgxPwfje25TpAnlOcX
mkUr0qWIFAHYa8aSa9Wbpr0LVS4gM/ayHOKxueJody08amlKQ5vJbroFFICAkenn
oR766ocTjErHBnaCW+2pTq/8GJg5S+My+VxViWMCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBRZDU14r+b9cgfD5WwG3lTOAc0HTDAfBgNVHSMEGDAWgBRUy9p4sdG2E99W
X/mXALau6UDePzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZNdmFlTEhSdGhQZlZsXzVsd0MycnVsQTNqOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvNmQ2MWQ5LTBiZjctNDRiYi1iODBmLWNkMzE2MTVkMDFhOS8x
L1dRMU5lS19tX1hJSHctVnNCdDVVemdITkIwdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
NmQ2MWQ5LTBiZjctNDRiYi1iODBmLWNkMzE2MTVkMDFhOS8xL1ZNdmFlTEhSdGhQ
ZlZsXzVsd0MycnVsQTNqOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGjAMAwQF1e6gAwQB1e6kAwQA1e6oAwQA
1e67MA0GCSqGSIb3DQEBCwUAA4IBAQA1cPepVUoOUV2UnPBDdonWDyywqRUtlOPD
t3FB9VKjLVO85pEgq2njxX19xyApu/XCPDIm7wTw3mK7uXLMKDlF/FLMGhhtJaCn
jT4QamwIACIoxYNhoXsATtuxqKxGbSoVdZg0/cPPZhYcdgB4X8ePCZS2IV96O0rk
dcCEtVsVoh+7VI0qIlM5RSCvZeofTigkPVvuPC04dMi8IWhHPK40cPyRm4pMV+5M
qexAzRa89GqhQsLvffgy55dJGML4zvzUgI+REpdIXeAuPRit4P0xgjNbSSQ+xYqo
kOOZF3cDxZhXymFOu97saOADQDquol927eBRkDv/VkE0z+lt/UXl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:36 2024 by rpki-client on console-ams.rpki-client.org