Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/W2UNg6LZU7a2Ng-qZp3C8oHeeSE.roa
File: W2UNg6LZU7a2Ng-qZp3C8oHeeSE.roa (raw, json)
Hash identifier: qT/3G4eNdU01eM12F/3Rb59rwviSlbChkrKqj+uwD50=
Subject key identifier: 5B:65:0D:83:A2:D9:53:B6:B6:36:0F:AA:66:9D:C2:F2:81:DE:79:21
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 01828CA8FF69192DD12C3EA45C38D7A9F771
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/W2UNg6LZU7a2Ng-qZp3C8oHeeSE.roa
Signing time: Thu 11 Aug 2022 11:27:41 +0000
ROA not before: Thu 11 Aug 2022 11:27:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47952
IP address blocks: 194.127.118.0/24 maxlen: 24
194.127.117.0/24 maxlen: 24
194.127.116.0/24 maxlen: 24
194.127.119.0/24 maxlen: 24
185.185.235.0/24 maxlen: 24
91.106.219.0/24 maxlen: 24
91.106.218.0/24 maxlen: 24
91.106.217.0/24 maxlen: 24
91.106.216.0/24 maxlen: 24
193.35.206.0/24 maxlen: 24
193.35.205.0/24 maxlen: 24
193.35.204.0/24 maxlen: 24
193.35.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8c:a8:ff:69:19:2d:d1:2c:3e:a4:5c:38:d7:a9:f7:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Aug 11 11:27:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5b650d83a2d953b6b6360faa669dc2f281de7921
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:12:f5:9e:4b:87:25:2c:34:1e:69:ce:7b:d2:
06:20:64:92:96:c1:dc:af:e0:10:20:5a:a6:30:68:
52:28:1b:e8:ba:ee:7c:ac:c1:d2:53:d4:f5:88:f3:
9f:f9:57:e7:0d:09:31:c4:51:30:16:f6:a3:cc:e4:
4f:94:54:37:66:aa:9f:a4:2c:05:fd:ce:78:78:d3:
86:1f:9b:10:f7:ce:45:07:fc:8f:e3:75:7f:b5:a6:
ef:1e:3f:88:c5:b5:5f:8d:cb:e3:61:65:48:bf:84:
e4:e6:79:59:cf:95:a9:e9:ac:e9:34:77:ab:08:70:
cc:94:ed:cd:c7:12:af:4c:d9:35:3e:d8:74:7d:48:
a3:b2:0f:ab:43:77:6e:dc:9b:bd:60:20:cc:9b:25:
9a:22:46:3f:6e:1b:a6:83:25:38:1e:b1:5f:c3:63:
95:40:c4:4d:d0:99:75:bf:88:cb:db:d4:3d:b2:6d:
90:77:f2:f0:91:6a:45:29:b6:3d:88:1b:81:99:be:
7c:49:e9:62:4a:84:4c:27:52:88:0e:22:33:76:61:
79:4c:c4:88:ef:07:b4:07:91:f7:83:3e:d0:51:d2:
a0:ab:b2:b2:39:83:dc:9e:fa:f5:f3:5d:1c:0c:a0:
fe:3f:4b:10:0b:16:12:16:44:e3:d4:a5:86:e8:14:
55:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:65:0D:83:A2:D9:53:B6:B6:36:0F:AA:66:9D:C2:F2:81:DE:79:21
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/W2UNg6LZU7a2Ng-qZp3C8oHeeSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.106.216.0/22
185.185.235.0/24
193.35.204.0/22
194.127.116.0/22
Signature Algorithm: sha256WithRSAEncryption
69:cd:13:56:fb:44:ca:25:4e:7d:97:29:59:42:f9:34:4a:b1:
e8:d9:5e:d7:59:a4:a3:df:70:09:8b:63:6a:bc:6b:4d:4c:f6:
e7:e0:9b:3f:3b:b4:b6:06:81:42:e7:5f:27:54:c9:6c:b9:45:
03:8b:38:f2:59:46:47:37:5a:aa:97:71:ad:2e:64:cc:75:32:
87:be:18:37:1b:e9:cc:0d:58:fe:a7:cd:66:c2:bc:3a:1c:31:
ed:1f:e4:98:a1:6c:76:e8:ff:aa:9b:c6:cc:77:d7:a9:87:9c:
39:f4:ec:aa:a7:1e:49:25:c5:8e:39:cc:da:a2:d6:f0:19:8e:
9d:60:2a:cd:96:b4:e3:e8:ec:b2:f3:66:bf:c6:a1:9c:68:14:
a3:03:98:73:a8:fc:d7:22:d3:98:0f:be:b0:78:3f:d0:a1:2d:
97:64:d7:14:70:94:84:20:c4:cd:5c:f6:3a:32:c4:18:c9:c8:
f0:fa:c9:c5:d2:ef:80:8c:15:a0:98:0e:bc:70:85:14:41:ac:
79:e2:85:51:a3:c7:6c:0c:21:0d:00:6f:05:cf:cb:f5:e8:c5:
ae:05:f4:99:5b:62:ff:2a:89:08:cf:ef:d8:01:fe:cc:9f:94:
12:19:cf:73:8d:2d:95:6a:82:33:1c:35:88:1b:6e:9c:3e:aa:
2a:33:30:d7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYKMqP9pGS3RLD6kXDjXqfdxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjIwODExMTEyNzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjY1MGQ4M2EyZDk1M2I2YjYzNjBmYWE2NjlkYzJmMjgxZGU3OTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBL1nkuHJSw0HmnOe9IGIGSSlsHc
r+AQIFqmMGhSKBvouu58rMHSU9T1iPOf+VfnDQkxxFEwFvajzORPlFQ3ZqqfpCwF
/c54eNOGH5sQ985FB/yP43V/tabvHj+IxbVfjcvjYWVIv4Tk5nlZz5Wp6azpNHer
CHDMlO3NxxKvTNk1Pth0fUijsg+rQ3du3Ju9YCDMmyWaIkY/bhumgyU4HrFfw2OV
QMRN0Jl1v4jL29Q9sm2Qd/LwkWpFKbY9iBuBmb58SeliSoRMJ1KIDiIzdmF5TMSI
7we0B5H3gz7QUdKgq7KyOYPcnvr1810cDKD+P0sQCxYSFkTj1KWG6BRVTQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFtlDYOi2VO2tjYPqmadwvKB3nkhMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvVzJVTmc2TFpVN2EyTmctcVpwM0M4b0hlZVNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW2rYAwQA
ubnrAwQCwSPMAwQCwn90MA0GCSqGSIb3DQEBCwUAA4IBAQBpzRNW+0TKJU59lylZ
Qvk0SrHo2V7XWaSj33AJi2NqvGtNTPbn4Js/O7S2BoFC518nVMlsuUUDizjyWUZH
N1qql3GtLmTMdTKHvhg3G+nMDVj+p81mwrw6HDHtH+SYoWx26P+qm8bMd9eph5w5
9Oyqpx5JJcWOOczaotbwGY6dYCrNlrTj6Oyy82a/xqGcaBSjA5hzqPzXItOYD76w
eD/QoS2XZNcUcJSEIMTNXPY6MsQYycjw+snF0u+AjBWgmA68cIUUQax54oVRo8ds
DCENAG8Fz8v16MWuBfSZW2L/KokIz+/YAf7Mn5QSGc9zjS2VaoIzHDWIG26cPqoq
MzDX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:49 2024 by rpki-client on console-fra.rpki-client.org