Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/wcJtYpLep0S-OIV3TuwPA5Fc-7U.roa
File: wcJtYpLep0S-OIV3TuwPA5Fc-7U.roa (raw, json)
Hash identifier: r3kXjy/apoYhLps/56NtBOgIVbsFw/u4orDICl9Bhac=
Subject key identifier: C1:C2:6D:62:92:DE:A7:44:BE:38:85:77:4E:EC:0F:03:91:5C:FB:B5
Certificate issuer: /CN=2236ed5f5623edeb7910acd31d5f6ee81e5cb17e
Certificate serial: 0189214F9415E61CC86A9ED0148C77EDE35C
Authority key identifier: 22:36:ED:5F:56:23:ED:EB:79:10:AC:D3:1D:5F:6E:E8:1E:5C:B1:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IjbtX1Yj7et5EKzTHV9u6B5csX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/wcJtYpLep0S-OIV3TuwPA5Fc-7U.roa
Signing time: Tue 04 Jul 2023 14:30:10 +0000
ROA not before: Tue 04 Jul 2023 14:30:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43009
IP address blocks: 83.166.65.0/24 maxlen: 24
83.166.78.0/24 maxlen: 24
83.166.79.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:21:4f:94:15:e6:1c:c8:6a:9e:d0:14:8c:77:ed:e3:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2236ed5f5623edeb7910acd31d5f6ee81e5cb17e
Validity
Not Before: Jul 4 14:30:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c1c26d6292dea744be3885774eec0f03915cfbb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:14:a1:4e:9c:cd:5c:92:f3:7d:ab:65:f2:f9:
25:8a:e3:c8:38:83:98:eb:08:c4:29:39:ae:5f:cd:
fb:59:f7:5a:d4:92:10:05:23:4c:ad:77:65:b9:a0:
39:e6:bf:55:dc:70:5c:c9:79:0c:4b:16:98:01:97:
76:2b:21:31:f4:22:9c:56:b0:07:36:58:20:f7:60:
ed:90:89:78:da:95:25:13:4a:11:78:7b:a9:bd:24:
82:f7:a6:a6:83:3e:5e:6a:d6:2f:61:a3:4c:ae:fb:
66:4f:6e:d4:0d:d2:a8:e2:3f:cd:fd:47:20:e3:65:
b2:c7:1d:7a:a0:bd:aa:a3:7a:e9:65:3c:8f:d3:2e:
b0:23:4d:11:29:08:a6:2f:5b:55:a0:8b:6c:c8:a3:
ac:13:44:47:e3:57:60:95:9a:67:9f:ef:11:0b:18:
9b:92:82:c7:01:fc:47:0e:cb:00:03:d2:6f:89:c9:
0d:17:7a:45:f6:12:24:e2:35:7a:b5:e3:c4:b9:65:
da:51:c0:7b:eb:28:96:8b:fa:70:c3:08:41:f4:0f:
88:bd:ff:59:82:c6:43:a7:a1:03:42:fa:6e:2a:ff:
59:e1:21:90:76:e0:81:b8:ad:aa:4e:ab:79:c9:de:
8f:84:9b:fb:fa:16:19:24:ad:77:2b:f8:4a:c2:2d:
1a:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:C2:6D:62:92:DE:A7:44:BE:38:85:77:4E:EC:0F:03:91:5C:FB:B5
X509v3 Authority Key Identifier:
keyid:22:36:ED:5F:56:23:ED:EB:79:10:AC:D3:1D:5F:6E:E8:1E:5C:B1:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IjbtX1Yj7et5EKzTHV9u6B5csX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/wcJtYpLep0S-OIV3TuwPA5Fc-7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/IjbtX1Yj7et5EKzTHV9u6B5csX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.166.65.0/24
83.166.78.0/23
Signature Algorithm: sha256WithRSAEncryption
a6:37:d0:37:cc:5d:e7:a3:3b:b4:0a:09:6f:79:4c:e4:51:ad:
fc:a4:fe:e9:b5:91:8c:33:40:60:44:f7:97:7d:53:31:ea:f3:
d6:f3:00:77:a8:16:97:8d:0a:dc:a4:d6:57:41:5a:be:c7:06:
de:61:87:ba:6f:f9:3b:86:a5:2d:55:98:c1:7a:c6:ff:6b:5f:
c4:3d:37:4d:4e:80:2a:ab:84:4b:47:d1:5d:b6:25:f0:ce:a3:
19:3a:84:45:6a:5c:42:82:2e:2e:ba:fe:b3:8e:99:01:71:7b:
72:60:be:85:8d:81:27:c3:8f:ab:66:96:af:5e:c0:0d:fb:10:
8a:da:a7:90:a9:97:fc:ac:e4:60:73:ec:05:c6:b4:a9:06:cb:
09:92:35:fa:da:0d:b3:51:a5:1a:02:ad:09:3c:ff:c0:da:2d:
23:7c:05:8a:cb:b0:03:e5:d1:00:7c:be:3e:f5:6f:15:aa:30:
ed:b3:56:26:5b:9b:2d:8f:21:47:94:66:c7:89:50:0a:23:87:
7c:17:c8:95:4e:6b:ef:6f:e5:03:40:c0:5e:f5:24:c0:1e:52:
d2:02:97:26:ff:d3:c3:3d:da:7d:41:09:7f:0f:b7:b5:fa:c0:
63:60:a7:0a:8d:c9:69:fd:73:4d:63:72:c7:6c:92:20:b8:b7:
06:45:f1:89
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYkhT5QV5hzIap7QFIx37eNcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzZlZDVmNTYyM2VkZWI3OTEwYWNkMzFkNWY2ZWU4MWU1
Y2IxN2UwHhcNMjMwNzA0MTQzMDEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWMyNmQ2MjkyZGVhNzQ0YmUzODg1Nzc0ZWVjMGYwMzkxNWNmYmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0RShTpzNXJLzfatl8vkliuPIOIOY
6wjEKTmuX837Wfda1JIQBSNMrXdluaA55r9V3HBcyXkMSxaYAZd2KyEx9CKcVrAH
Nlgg92DtkIl42pUlE0oReHupvSSC96amgz5eatYvYaNMrvtmT27UDdKo4j/N/Ucg
42Wyxx16oL2qo3rpZTyP0y6wI00RKQimL1tVoItsyKOsE0RH41dglZpnn+8RCxib
koLHAfxHDssAA9JvickNF3pF9hIk4jV6tePEuWXaUcB76yiWi/pwwwhB9A+Ivf9Z
gsZDp6EDQvpuKv9Z4SGQduCBuK2qTqt5yd6PhJv7+hYZJK13K/hKwi0aSQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMHCbWKS3qdEvjiFd07sDwORXPu1MB8GA1UdIwQY
MBaAFCI27V9WI+3reRCs0x1fbugeXLF+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpidFgxWWo3ZXQ1RUt6VEhWOXU2QjVjc1g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8xZDlkZGEtMmFkZi00NmJkLThhZjct
NGQxNmJlOWJhMTMyLzEvd2NKdFlwTGVwMFMtT0lWM1R1d1BBNUZjLTdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8xZDlkZGEtMmFkZi00NmJkLThhZjctNGQxNmJlOWJhMTMy
LzEvSWpidFgxWWo3ZXQ1RUt6VEhWOXU2QjVjc1g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAU6ZBAwQB
U6ZOMA0GCSqGSIb3DQEBCwUAA4IBAQCmN9A3zF3nozu0CglveUzkUa38pP7ptZGM
M0BgRPeXfVMx6vPW8wB3qBaXjQrcpNZXQVq+xwbeYYe6b/k7hqUtVZjBesb/a1/E
PTdNToAqq4RLR9FdtiXwzqMZOoRFalxCgi4uuv6zjpkBcXtyYL6FjYEnw4+rZpav
XsAN+xCK2qeQqZf8rORgc+wFxrSpBssJkjX62g2zUaUaAq0JPP/A2i0jfAWKy7AD
5dEAfL4+9W8VqjDts1YmW5stjyFHlGbHiVAKI4d8F8iVTmvvb+UDQMBe9STAHlLS
Apcm/9PDPdp9QQl/D7e1+sBjYKcKjclp/XNNY3LHbJIguLcGRfGJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:09 2025 by rpki-client