Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/WPKSmj_sd21QbT3uNzfun7Y-dQk.roa
File: WPKSmj_sd21QbT3uNzfun7Y-dQk.roa (raw, json)
Hash identifier: XLhEHdn2locOim9gngjLfnZ+vyqOubQULSkslbLeypM=
Subject key identifier: 58:F2:92:9A:3F:EC:77:6D:50:6D:3D:EE:37:37:EE:9F:B6:3E:75:09
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0325B811
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/WPKSmj_sd21QbT3uNzfun7Y-dQk.roa
Signing time: Sat 01 Jan 2022 01:54:26 +0000
ROA not before: Sat 01 Jan 2022 01:54:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207429
IP address blocks: 188.132.155.0/24 maxlen: 24
188.132.154.0/24 maxlen: 24
188.132.249.0/24 maxlen: 24
188.132.170.0/24 maxlen: 24
188.132.171.0/24 maxlen: 24
188.132.189.0/24 maxlen: 24
188.132.191.0/24 maxlen: 24
188.132.192.0/24 maxlen: 24
188.132.197.0/24 maxlen: 24
188.132.196.0/24 maxlen: 24
188.132.193.0/24 maxlen: 24
188.132.198.0/24 maxlen: 24
188.132.199.0/24 maxlen: 24
188.132.202.0/24 maxlen: 24
188.132.201.0/24 maxlen: 24
188.132.203.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52803601 (0x325b811)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jan 1 01:54:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=58f2929a3fec776d506d3dee3737ee9fb63e7509
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d8:f2:d5:64:c2:25:f3:16:19:e5:b9:d6:08:
b8:53:a6:cd:84:8c:40:4e:bf:f8:2e:ef:45:79:73:
07:3d:c3:b6:0d:32:74:81:82:10:cf:a5:ac:2a:12:
13:30:c6:48:72:ef:db:b1:bf:eb:70:fe:f7:56:1c:
88:e2:09:28:7e:41:6a:7d:14:36:90:02:02:ec:00:
dd:9c:b4:ce:cf:a0:92:c2:36:1f:66:58:61:f3:a6:
aa:a5:b9:f3:6f:84:9e:22:69:6c:12:59:df:f6:a8:
34:50:30:78:22:6c:f8:df:1f:0b:5b:43:0e:dd:46:
a4:65:91:9b:20:c4:68:b8:62:e4:cb:07:e7:c6:c9:
7a:47:13:14:55:34:5c:3e:74:13:fd:ba:0f:94:b8:
b6:03:44:c7:ab:fc:d4:af:16:9f:65:60:04:55:7f:
cb:de:44:30:0c:82:d8:f4:d4:38:10:26:31:dc:bc:
a7:c1:78:5f:ca:70:6b:4c:cf:10:9e:cf:6c:a3:f1:
61:cf:ee:98:b6:93:c6:07:e6:44:16:2f:7e:c3:f9:
df:60:c2:b1:fc:e1:1c:3c:5a:cd:57:41:13:5d:46:
60:c2:2c:80:a1:6d:9c:1e:3a:c8:ad:24:0a:a4:43:
0e:dd:30:9a:69:e1:bb:96:4f:10:8d:83:3d:12:f9:
c3:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:F2:92:9A:3F:EC:77:6D:50:6D:3D:EE:37:37:EE:9F:B6:3E:75:09
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/WPKSmj_sd21QbT3uNzfun7Y-dQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.154.0/23
188.132.170.0/23
188.132.189.0/24
188.132.191.0-188.132.193.255
188.132.196.0/22
188.132.201.0-188.132.203.255
188.132.249.0/24
Signature Algorithm: sha256WithRSAEncryption
77:d4:76:2b:b3:d2:e8:e1:d2:58:19:ac:5e:d7:5e:82:df:ab:
22:ff:f4:74:1d:04:82:e2:35:54:e5:f3:01:29:4b:40:a8:de:
72:8b:cd:89:6f:e8:09:0d:58:15:c4:c7:5c:21:2d:05:0e:1f:
a3:13:03:58:76:b2:df:ab:0d:1e:75:f2:0e:6d:c4:7d:bb:2e:
6d:ad:73:0b:62:66:95:13:3a:9b:20:4e:36:27:31:85:ea:60:
d6:b4:2a:db:1d:93:24:c3:81:fd:f7:d1:37:0d:89:e0:e2:db:
3d:23:d1:c6:11:f8:33:a6:92:a4:1c:37:13:b7:66:3f:a9:77:
8b:36:e1:5e:56:fb:bc:a0:85:00:31:cb:29:82:46:25:32:08:
f4:a0:66:84:74:02:ad:40:fc:2b:11:43:63:5c:6a:25:94:d6:
3f:6a:78:51:bb:fd:50:c3:0f:30:76:36:b7:ae:6b:9c:82:9f:
7c:c9:d4:98:48:f3:79:f3:f6:54:5c:73:54:f8:32:5d:e5:aa:
66:a5:c2:ac:c2:32:1a:57:4a:c1:7d:3f:15:18:04:4a:a1:b1:
4c:e8:73:2b:ed:71:82:bc:47:99:6f:7c:00:bb:fd:10:5f:6c:
18:f5:44:72:19:b6:84:ea:1a:51:3f:81:28:f4:18:76:6d:ba:
b1:67:6c:eb
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIEAyW4ETANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
OWQ1NzQ0N2UzNDIwYjg1Mzg3NWI2ZmE0MDM3MmFhZGUzMTkyY2EyMB4XDTIyMDEw
MTAxNTQyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNThmMjkyOWEzZmVj
Nzc2ZDUwNmQzZGVlMzczN2VlOWZiNjNlNzUwOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKvY8tVkwiXzFhnludYIuFOmzYSMQE6/+C7vRXlzBz3Dtg0y
dIGCEM+lrCoSEzDGSHLv27G/63D+91YciOIJKH5Ban0UNpACAuwA3Zy0zs+gksI2
H2ZYYfOmqqW582+EniJpbBJZ3/aoNFAweCJs+N8fC1tDDt1GpGWRmyDEaLhi5MsH
58bJekcTFFU0XD50E/26D5S4tgNEx6v81K8Wn2VgBFV/y95EMAyC2PTUOBAmMdy8
p8F4X8pwa0zPEJ7PbKPxYc/umLaTxgfmRBYvfsP532DCsfzhHDxazVdBE11GYMIs
gKFtnB46yK0kCqRDDt0wmmnhu5ZPEI2DPRL5w1ECAwEAAaOCAj0wggI5MB0GA1Ud
DgQWBBRY8pKaP+x3bVBtPe43N+6ftj51CTAfBgNVHSMEGDAWgBTJ1XRH40ILhTh1
tvpANyqt4xksojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lkVjBSLU5DQzRVNGRiYjZRRGNxcmVNWkxLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGQvMTU4NmZkLWZkMmMtNDFmOC04ZmU5LTRlMTk4ZjBhNjAxMy8x
L1dQS1Ntal9zZDIxUWJUM3VOemZ1bjdZLWRRay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGQv
MTU4NmZkLWZkMmMtNDFmOC04ZmU5LTRlMTk4ZjBhNjAxMy8xL3lkVjBSLU5DQzRV
NGRiYjZRRGNxcmVNWkxLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBT
BggrBgEFBQcBBwEB/wREMEIwQAQCAAEwOgMEAbyEmgMEAbyEqgMEALyEvTAMAwQA
vIS/AwQBvITAAwQCvITEMAwDBAC8hMkDBAK8hMgDBAC8hPkwDQYJKoZIhvcNAQEL
BQADggEBAHfUdiuz0ujh0lgZrF7XXoLfqyL/9HQdBILiNVTl8wEpS0Co3nKLzYlv
6AkNWBXEx1whLQUOH6MTA1h2st+rDR518g5txH27Lm2tcwtiZpUTOpsgTjYnMYXq
YNa0KtsdkyTDgf330TcNieDi2z0j0cYR+DOmkqQcNxO3Zj+pd4s24V5W+7yghQAx
yymCRiUyCPSgZoR0Aq1A/CsRQ2NcaiWU1j9qeFG7/VDDDzB2Nreua5yCn3zJ1JhI
83nz9lRcc1T4Ml3lqmalwqzCMhpXSsF9PxUYBEqhsUzocyvtcYK8R5lvfAC7/RBf
bBj1RHIZtoTqGlE/gSj0GHZturFnbOs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:44 2024 by rpki-client on console-fra.rpki-client.org