Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/WyksgZlpqE_q3ODGpsj3ATq5B7c.roa
File: WyksgZlpqE_q3ODGpsj3ATq5B7c.roa (raw, json)
Hash identifier: gpKYRhUT/iO3fAfRp9yCDe6A99w6zOIU8A/1OK5DlqM=
Subject key identifier: 5B:29:2C:81:99:69:A8:4F:EA:DC:E0:C6:A6:C8:F7:01:3A:B9:07:B7
Certificate issuer: /CN=9e4b3281b08e6b5ec1fdeb0d0440528ed934dc3f
Certificate serial: 35DE78E7
Authority key identifier: 9E:4B:32:81:B0:8E:6B:5E:C1:FD:EB:0D:04:40:52:8E:D9:34:DC:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nksygbCOa17B_esNBEBSjtk03D8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/WyksgZlpqE_q3ODGpsj3ATq5B7c.roa
Signing time: Sat 01 Jan 2022 03:02:43 +0000
ROA not before: Sat 01 Jan 2022 03:02:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12322
IP address blocks: 213.228.0.0/18 maxlen: 18
78.192.0.0/10 maxlen: 11
82.224.0.0/11 maxlen: 13
88.160.0.0/11 maxlen: 15
62.147.0.0/16 maxlen: 16
82.64.0.0/14 maxlen: 15
212.27.32.0/19 maxlen: 19
2a01:e01::/32 maxlen: 32
2a01:e00::/26 maxlen: 39
2a01:e00::/32 maxlen: 32
2a01:e02::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 903772391 (0x35de78e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e4b3281b08e6b5ec1fdeb0d0440528ed934dc3f
Validity
Not Before: Jan 1 03:02:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5b292c819969a84feadce0c6a6c8f7013ab907b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:3c:2d:03:d7:bc:b7:9b:78:74:8a:1a:f0:34:
54:9a:62:0c:96:7b:0f:ca:b9:85:50:aa:bb:ea:10:
49:45:58:c7:01:e5:8e:1c:22:fe:99:c2:dd:76:69:
13:0a:d1:f5:64:5e:f7:97:85:df:ab:e3:cb:bd:55:
45:04:3b:ea:dd:67:18:1f:ab:18:a5:27:d1:98:75:
9f:9c:33:1d:37:4c:36:f3:2c:b9:5a:e8:fa:9c:e4:
7b:7f:ab:e9:67:ec:12:09:b4:49:30:61:4a:5e:df:
51:e9:20:15:84:e8:d4:7a:b0:b3:54:14:ae:2c:32:
fc:a1:8b:3f:1b:37:8b:99:fb:df:f3:1b:81:94:32:
25:dc:b7:23:83:91:e6:f1:4a:a3:0d:c5:bb:b2:bd:
7d:b6:af:ca:e8:b8:8e:4f:c1:ef:0c:c9:93:58:f5:
a3:01:c3:0b:92:24:8c:ae:06:e0:3d:6c:61:68:c9:
52:79:bb:93:b2:99:66:86:89:00:74:24:18:44:8b:
26:2c:93:93:08:38:ae:5c:a0:a0:71:71:b7:b4:21:
7d:aa:32:cf:f5:b4:f8:77:42:ea:b4:a2:82:70:fe:
c9:9b:bb:83:d8:7b:15:78:e4:25:9e:c5:39:33:00:
f6:0b:6e:fb:99:93:7f:24:af:04:fa:2c:98:63:cb:
3b:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:29:2C:81:99:69:A8:4F:EA:DC:E0:C6:A6:C8:F7:01:3A:B9:07:B7
X509v3 Authority Key Identifier:
keyid:9E:4B:32:81:B0:8E:6B:5E:C1:FD:EB:0D:04:40:52:8E:D9:34:DC:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nksygbCOa17B_esNBEBSjtk03D8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/WyksgZlpqE_q3ODGpsj3ATq5B7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/nksygbCOa17B_esNBEBSjtk03D8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.147.0.0/16
78.192.0.0/10
82.64.0.0/14
82.224.0.0/11
88.160.0.0/11
212.27.32.0/19
213.228.0.0/18
IPv6:
2a01:e00::/26
Signature Algorithm: sha256WithRSAEncryption
0a:30:79:a1:1f:33:ea:e0:f6:b7:ab:b3:2b:22:2f:3d:04:b5:
a4:09:07:8b:2f:19:2d:94:98:33:c2:d1:f2:f0:1d:13:d5:27:
4e:7d:9f:f6:c3:79:61:f0:1f:2e:9c:2c:10:91:ab:d7:c9:95:
b2:12:e8:34:d8:c8:8a:66:57:f5:ec:28:4c:95:16:5f:e0:cb:
1e:02:38:80:bb:40:16:db:04:14:db:36:09:e7:c1:6b:3a:10:
fe:44:43:04:95:f3:df:11:e6:90:a8:ee:58:e7:dd:fc:53:4d:
2b:d0:d4:58:01:27:8f:c5:ce:c9:f6:2f:44:0f:e1:3e:96:4a:
ef:4d:64:05:c2:1a:91:03:29:fc:71:68:99:49:72:65:cb:ea:
dd:5c:ca:b2:c3:dc:8b:06:8a:d6:da:c2:47:37:8f:8a:48:0f:
7d:27:2b:5a:a2:44:2a:83:35:c3:0a:f6:c5:14:50:81:82:19:
3c:68:c9:68:42:9c:b5:5b:93:2a:0f:f3:38:cb:e7:ef:65:ab:
1c:23:67:09:ac:f5:93:ef:3e:37:b5:45:f9:b1:11:15:1d:f6:
f0:96:4a:bf:fb:df:ad:07:0c:97:ed:e2:cb:a2:6c:d3:50:70:
6d:b1:c3:1a:9b:72:64:6a:d6:10:c0:5c:a0:f0:c8:f1:68:c0:
f5:5a:0d:dd
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIENd545zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZTRiMzI4MWIwOGU2YjVlYzFmZGViMGQwNDQwNTI4ZWQ5MzRkYzNmMB4XDTIyMDEw
MTAzMDI0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWIyOTJjODE5OTY5
YTg0ZmVhZGNlMGM2YTZjOGY3MDEzYWI5MDdiNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK48LQPXvLebeHSKGvA0VJpiDJZ7D8q5hVCqu+oQSUVYxwHl
jhwi/pnC3XZpEwrR9WRe95eF36vjy71VRQQ76t1nGB+rGKUn0Zh1n5wzHTdMNvMs
uVro+pzke3+r6WfsEgm0STBhSl7fUekgFYTo1Hqws1QUriwy/KGLPxs3i5n73/Mb
gZQyJdy3I4OR5vFKow3Fu7K9fbavyui4jk/B7wzJk1j1owHDC5IkjK4G4D1sYWjJ
Unm7k7KZZoaJAHQkGESLJiyTkwg4rlygoHFxt7Qhfaoyz/W0+HdC6rSignD+yZu7
g9h7FXjkJZ7FOTMA9gtu+5mTfySvBPosmGPLO9MCAwEAAaOCAjcwggIzMB0GA1Ud
DgQWBBRbKSyBmWmoT+rc4MamyPcBOrkHtzAfBgNVHSMEGDAWgBSeSzKBsI5rXsH9
6w0EQFKO2TTcPzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25rc3lnYkNPYTE3Ql9lc05CRUJTanRrMDNEOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvZmY3ZDMzLWU0ZjctNDNjMC05MjRiLTZiMmQ0NjkyNGM2Zi8x
L1d5a3NnWmxwcUVfcTNPREdwc2ozQVRxNUI3Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
ZmY3ZDMzLWU0ZjctNDNjMC05MjRiLTZiMmQ0NjkyNGM2Zi8xL25rc3lnYkNPYTE3
Ql9lc05CRUJTanRrMDNEOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBN
BggrBgEFBQcBBwEB/wQ+MDwwKwQCAAEwJQMDAD6TAwMGTsADAwJSQAMDBVLgAwMF
WKADBAXUGyADBAbV5AAwDQQCAAIwBwMFBioBDgAwDQYJKoZIhvcNAQELBQADggEB
AAoweaEfM+rg9rersysiLz0EtaQJB4svGS2UmDPC0fLwHRPVJ059n/bDeWHwHy6c
LBCRq9fJlbIS6DTYyIpmV/XsKEyVFl/gyx4COIC7QBbbBBTbNgnnwWs6EP5EQwSV
898R5pCo7ljn3fxTTSvQ1FgBJ4/Fzsn2L0QP4T6WSu9NZAXCGpEDKfxxaJlJcmXL
6t1cyrLD3IsGitbawkc3j4pID30nK1qiRCqDNcMK9sUUUIGCGTxoyWhCnLVbkyoP
8zjL5+9lqxwjZwms9ZPvPje1RfmxERUd9vCWSr/7360HDJft4suibNNQcG2xwxqb
cmRq1hDAXKDwyPFowPVaDd0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:55 2023 by rpki-client on console-ams.rpki-client.org