Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/1-WktsqmCiCAMgpp4p2Oemj9YVpc.roa
File: 1-WktsqmCiCAMgpp4p2Oemj9YVpc.roa (raw, json)
Hash identifier: T4GN+wVzJi8Ny6AG3/ks8a8zE2CV7VrfEjXpppfB2wA=
Subject key identifier: F9:69:2D:B2:A9:82:88:20:0C:82:9A:78:A7:63:9E:9A:3F:58:56:97
Certificate issuer: /CN=e2e8f56bc1f5010291681bc2d8c02f9acbf714a0
Certificate serial: 0D124A6D
Authority key identifier: E2:E8:F5:6B:C1:F5:01:02:91:68:1B:C2:D8:C0:2F:9A:CB:F7:14:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4uj1a8H1AQKRaBvC2MAvmsv3FKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/1-WktsqmCiCAMgpp4p2Oemj9YVpc.roa
Signing time: Sat 01 Jan 2022 03:53:51 +0000
ROA not before: Sat 01 Jan 2022 03:53:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12618
IP address blocks: 89.191.144.0/20 maxlen: 23
46.239.144.0/20 maxlen: 20
94.141.128.0/19 maxlen: 19
46.238.248.0/21 maxlen: 21
212.122.216.0/22 maxlen: 22
212.122.220.0/22 maxlen: 22
46.238.192.0/19 maxlen: 19
46.239.160.0/19 maxlen: 19
46.238.224.0/22 maxlen: 22
46.238.232.0/22 maxlen: 22
46.238.228.0/22 maxlen: 22
46.238.239.0/24 maxlen: 24
2001:90e::/32 maxlen: 32
2001:90c::/31 maxlen: 31
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 219302509 (0xd124a6d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2e8f56bc1f5010291681bc2d8c02f9acbf714a0
Validity
Not Before: Jan 1 03:53:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f9692db2a98288200c829a78a7639e9a3f585697
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b1:09:21:32:1f:b2:f7:f8:d0:be:9d:02:ca:
28:eb:7e:09:a6:1b:5d:a6:d0:63:1c:b0:73:da:e1:
24:ed:41:b5:f1:71:78:6d:1e:1a:0d:8e:06:69:1a:
0d:58:f1:0c:a7:5f:be:52:26:7a:56:57:97:40:e4:
d2:cb:a4:16:7b:ed:50:54:9a:0d:06:e9:2b:17:e6:
8b:6b:72:bf:ce:b8:20:d0:1f:ee:8d:1b:6f:82:90:
a1:ed:d5:ac:f7:37:71:0e:3c:0c:a0:df:9c:e6:14:
c6:21:30:6a:67:d8:6c:f0:1d:9d:b3:f3:23:d7:6a:
20:ef:6f:c4:e8:bc:ea:70:45:4c:13:29:43:2a:13:
4b:85:0f:3e:33:98:4d:97:79:48:f2:7f:ee:7d:ad:
7e:8b:7f:0c:26:2e:4e:ad:7d:4b:c9:c9:45:6d:27:
c7:5c:ec:e0:10:43:33:fb:44:95:23:4d:01:86:1b:
d5:ec:72:77:c7:70:cb:b7:ae:be:4f:b6:7b:72:fd:
4b:9f:c6:82:14:31:44:5a:63:c8:76:02:97:3d:a2:
4d:68:5b:aa:65:d9:5d:ab:3f:2d:77:f7:03:0a:32:
98:95:3e:64:ca:5f:d8:97:35:4a:df:84:a5:b2:1a:
7e:b6:29:83:b4:6c:7c:80:ce:60:07:c8:15:9e:65:
92:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:69:2D:B2:A9:82:88:20:0C:82:9A:78:A7:63:9E:9A:3F:58:56:97
X509v3 Authority Key Identifier:
keyid:E2:E8:F5:6B:C1:F5:01:02:91:68:1B:C2:D8:C0:2F:9A:CB:F7:14:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4uj1a8H1AQKRaBvC2MAvmsv3FKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/1-WktsqmCiCAMgpp4p2Oemj9YVpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/4uj1a8H1AQKRaBvC2MAvmsv3FKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.238.192.0-46.238.235.255
46.238.239.0/24
46.238.248.0/21
46.239.144.0-46.239.191.255
89.191.144.0/20
94.141.128.0/19
212.122.216.0/21
IPv6:
2001:90c::-2001:90e:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a2:4e:9f:3b:70:b0:52:81:cc:0d:ee:72:b5:52:08:f1:3c:f8:
6f:d0:85:4f:f0:55:5b:dd:c0:fb:bb:c3:82:ad:c2:df:a6:70:
d9:4d:8e:aa:78:1b:1d:df:d9:2d:d1:a3:44:c9:f0:4a:a8:f9:
3a:3e:d4:35:18:04:b4:e4:a2:31:69:1b:29:d8:af:d0:df:04:
b8:be:61:b8:27:88:53:88:4f:f1:39:01:f3:8a:bd:a4:2c:86:
05:13:6e:3a:00:a5:da:3d:a3:93:52:39:ae:61:d1:32:2e:f3:
7f:83:22:c7:fc:a4:eb:a0:7c:4f:92:47:ae:c8:d5:86:db:a7:
d1:c0:9a:d2:0f:5b:5b:33:27:5f:e9:8e:ba:02:ef:f5:0e:fd:
5f:bb:f6:ca:95:75:8d:b4:0f:fb:f3:f7:dd:c5:32:eb:95:56:
79:37:8e:bc:a5:35:46:a9:00:33:d4:37:7b:ab:13:23:43:44:
18:93:6c:c8:32:1c:ab:5e:23:ce:5b:46:26:f1:e6:1b:bd:8d:
09:b0:72:f8:d2:b3:2e:60:79:64:3e:9d:b3:70:e9:61:8b:1f:
c5:a5:3f:dd:12:45:57:9a:c6:03:56:9b:5b:3a:35:b1:7f:ee:
95:d9:fc:61:a0:3b:d7:cb:ef:a6:5e:73:96:98:ed:fb:03:48:
81:bd:33:d4
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIEDRJKbTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MmU4ZjU2YmMxZjUwMTAyOTE2ODFiYzJkOGMwMmY5YWNiZjcxNGEwMB4XDTIyMDEw
MTAzNTM1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjk2OTJkYjJhOTgy
ODgyMDBjODI5YTc4YTc2MzllOWEzZjU4NTY5NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKSxCSEyH7L3+NC+nQLKKOt+CaYbXabQYxywc9rhJO1BtfFx
eG0eGg2OBmkaDVjxDKdfvlImelZXl0Dk0sukFnvtUFSaDQbpKxfmi2tyv864INAf
7o0bb4KQoe3VrPc3cQ48DKDfnOYUxiEwamfYbPAdnbPzI9dqIO9vxOi86nBFTBMp
QyoTS4UPPjOYTZd5SPJ/7n2tfot/DCYuTq19S8nJRW0nx1zs4BBDM/tElSNNAYYb
1exyd8dwy7euvk+2e3L9S5/GghQxRFpjyHYClz2iTWhbqmXZXas/LXf3AwoymJU+
ZMpf2Jc1St+EpbIafrYpg7RsfIDOYAfIFZ5lkncCAwEAAaOCAlYwggJSMB0GA1Ud
DgQWBBT5aS2yqYKIIAyCmninY56aP1hWlzAfBgNVHSMEGDAWgBTi6PVrwfUBApFo
G8LYwC+ay/cUoDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzR1ajFhOEgxQVFLUmFCdkMyTUF2bXN2M0ZLQS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvODA0MmJmLTcxYmEtNGZiZC05ZTE3LTQ0N2VkYzRmOWFmNi8x
LzEtV2t0c3FtQ2lDQU1ncHA0cDJPZW1qOVlWcGMucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMw
LzgwNDJiZi03MWJhLTRmYmQtOWUxNy00NDdlZGM0ZjlhZjYvMS80dWoxYThIMUFR
S1JhQnZDMk1Bdm1zdjNGS0EuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
awYIKwYBBQUHAQcBAf8EXDBaMEAEAgABMDowDAMEBi7uwAMEAi7u6AMEAC7u7wME
Ay7u+DAMAwQELu+QAwQGLu+AAwQEWb+QAwQFXo2AAwQD1HrYMBYEAgACMBAwDgMF
AiABCQwDBQAgAQkOMA0GCSqGSIb3DQEBCwUAA4IBAQCiTp87cLBSgcwN7nK1Ugjx
PPhv0IVP8FVb3cD7u8OCrcLfpnDZTY6qeBsd39kt0aNEyfBKqPk6PtQ1GAS05KIx
aRsp2K/Q3wS4vmG4J4hTiE/xOQHzir2kLIYFE246AKXaPaOTUjmuYdEyLvN/gyLH
/KTroHxPkkeuyNWG26fRwJrSD1tbMydf6Y66Au/1Dv1fu/bKlXWNtA/78/fdxTLr
lVZ5N468pTVGqQAz1Dd7qxMjQ0QYk2zIMhyrXiPOW0Ym8eYbvY0JsHL40rMuYHlk
Pp2zcOlhix/FpT/dEkVXmsYDVptbOjWxf+6V2fxhoDvXy++mXnOWmO37A0iBvTPU
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:53 2023 by rpki-client on console-ams.rpki-client.org