Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/wQ_5gAg6sPHjmPHQWuE5xwr8UCE.roa
File: wQ_5gAg6sPHjmPHQWuE5xwr8UCE.roa (raw, json)
Hash identifier: qM2sDmutBgevDu1hlPgfTbFlclLADd1bjbQ+F8fWyKc=
Subject key identifier: C1:0F:F9:80:08:3A:B0:F1:E3:98:F1:D0:5A:E1:39:C7:0A:FC:50:21
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 0184823A370714936BA0CC405DA11F414DD8
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/wQ_5gAg6sPHjmPHQWuE5xwr8UCE.roa
Signing time: Wed 16 Nov 2022 20:56:04 +0000
ROA not before: Wed 16 Nov 2022 20:56:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57844
IP address blocks: 193.57.136.0/24 maxlen: 24
193.46.56.0/24 maxlen: 24
45.89.52.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:82:3a:37:07:14:93:6b:a0:cc:40:5d:a1:1f:41:4d:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Nov 16 20:56:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c10ff980083ab0f1e398f1d05ae139c70afc5021
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:60:2d:1f:6c:ad:42:92:88:46:63:3a:f5:da:
2b:6e:bd:a8:a9:94:82:d8:0c:ed:e5:1c:0a:72:f6:
03:6e:34:a1:36:9f:43:db:eb:79:69:1f:11:e9:5d:
02:5c:cb:1d:40:5e:56:a2:e8:1a:e5:a6:04:3c:94:
69:2b:26:1f:39:9b:5a:08:ad:a6:dc:05:f6:ce:85:
6e:07:6d:1e:7d:e5:25:e5:e7:83:b5:46:11:fc:7a:
00:c9:11:9e:a5:07:2d:49:2f:13:61:75:b5:68:ae:
da:9f:bf:e0:41:e3:d0:5d:1b:1a:88:51:55:f1:fa:
04:6a:8a:19:fd:77:f2:e9:02:69:ca:31:fa:6c:14:
ef:dc:fe:ea:54:e1:91:32:7e:97:fe:9c:6d:be:4c:
2d:22:e1:b6:00:5d:c2:fd:08:24:06:f5:d9:35:de:
c1:8f:2d:62:46:e3:6a:64:d7:80:cc:30:3c:bd:5f:
dc:60:63:7a:cc:4e:30:07:11:a4:5a:e7:36:0d:0e:
8d:ba:e9:8b:f5:d3:01:6b:85:a8:21:0c:95:84:f1:
5b:1d:40:74:28:46:f5:16:7f:36:c9:89:55:52:aa:
ce:1d:a8:9f:36:d7:61:7f:5a:67:f1:b5:85:37:73:
34:79:da:72:55:1c:99:1b:cd:90:ac:6c:f7:fd:bf:
7d:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:0F:F9:80:08:3A:B0:F1:E3:98:F1:D0:5A:E1:39:C7:0A:FC:50:21
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/wQ_5gAg6sPHjmPHQWuE5xwr8UCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.52.0/24
193.46.56.0/24
193.57.136.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:38:cc:b2:57:96:b1:85:b3:76:a5:03:b3:5b:9e:cd:1d:a9:
3b:a1:46:6b:bd:5a:db:29:ec:8f:3d:4d:10:9d:2a:d9:a1:0a:
44:c7:e6:5e:cf:03:58:3a:e7:ad:71:68:6f:62:73:dd:00:81:
95:ab:22:48:b9:a8:a2:f9:e6:23:5c:a3:a9:d5:38:83:11:1d:
ad:58:e4:a2:b6:c7:23:e7:e8:40:a5:25:2a:9e:9a:a6:78:ea:
af:ad:a8:e9:f3:18:98:92:7d:73:a4:f6:21:05:ed:81:48:c6:
f3:ca:9f:6b:9e:c8:1a:e2:b5:0b:8e:a6:68:c5:0f:ee:51:03:
ab:79:4c:8c:25:a0:1c:bd:d7:c7:2a:56:d7:9b:8c:e5:5b:c1:
27:01:36:de:fc:05:98:0c:fc:c4:a3:3a:c9:e4:fe:6f:cb:d9:
60:2b:3b:b7:1a:48:cd:90:4c:52:b8:9e:56:70:11:c8:ee:99:
bc:06:be:a0:4a:ae:f6:69:9b:1e:46:63:dc:01:50:24:f8:14:
78:27:90:1e:c3:91:dc:99:5c:84:5d:9a:c3:86:28:20:fc:c9:
81:1d:89:00:a8:a3:9f:3f:38:26:68:f2:76:48:25:de:a9:05:
6e:dd:c7:83:ec:70:a2:8e:89:b2:45:5e:80:dc:31:c8:2f:af:
b9:64:b9:aa
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYSCOjcHFJNroMxAXaEfQU3YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjIxMTE2MjA1NjA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTBmZjk4MDA4M2FiMGYxZTM5OGYxZDA1YWUxMzljNzBhZmM1MDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWAtH2ytQpKIRmM69dorbr2oqZSC
2Azt5RwKcvYDbjShNp9D2+t5aR8R6V0CXMsdQF5Wouga5aYEPJRpKyYfOZtaCK2m
3AX2zoVuB20efeUl5eeDtUYR/HoAyRGepQctSS8TYXW1aK7an7/gQePQXRsaiFFV
8foEaooZ/Xfy6QJpyjH6bBTv3P7qVOGRMn6X/pxtvkwtIuG2AF3C/QgkBvXZNd7B
jy1iRuNqZNeAzDA8vV/cYGN6zE4wBxGkWuc2DQ6NuumL9dMBa4WoIQyVhPFbHUB0
KEb1Fn82yYlVUqrOHaifNtdhf1pn8bWFN3M0edpyVRyZG82QrGz3/b99VQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMEP+YAIOrDx45jx0FrhOccK/FAhMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvd1FfNWdBZzZzUEhqbVBIUVd1RTV4d3I4VUNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALVk0AwQA
wS44AwQAwTmIMA0GCSqGSIb3DQEBCwUAA4IBAQC3OMyyV5axhbN2pQOzW57NHak7
oUZrvVrbKeyPPU0QnSrZoQpEx+ZezwNYOuetcWhvYnPdAIGVqyJIuaii+eYjXKOp
1TiDER2tWOSitscj5+hApSUqnpqmeOqvrajp8xiYkn1zpPYhBe2BSMbzyp9rnsga
4rULjqZoxQ/uUQOreUyMJaAcvdfHKlbXm4zlW8EnATbe/AWYDPzEozrJ5P5vy9lg
Kzu3GkjNkExSuJ5WcBHI7pm8Br6gSq72aZseRmPcAVAk+BR4J5Aew5HcmVyEXZrD
higg/MmBHYkAqKOfPzgmaPJ2SCXeqQVu3ceD7HCijomyRV6A3DHIL6+5ZLmq
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:24 2023 by rpki-client on console-ams.rpki-client.org