Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/WlFfrlwJgmmxSg5d30i8JCtGfPU.roa
File: WlFfrlwJgmmxSg5d30i8JCtGfPU.roa (raw, json)
Hash identifier: rLQSa+yof2OzsFPs1+87HQyfH1nK5wnZgoB8DBuESd8=
Subject key identifier: 5A:51:5F:AE:5C:09:82:69:B1:4A:0E:5D:DF:48:BC:24:2B:46:7C:F5
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 018392E6E401F8D562BA3C29B930CFA8AC0C
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/WlFfrlwJgmmxSg5d30i8JCtGfPU.roa
Signing time: Sat 01 Oct 2022 09:35:48 +0000
ROA not before: Sat 01 Oct 2022 09:35:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61135
IP address blocks: 212.68.35.0/24 maxlen: 24
188.132.249.0/24 maxlen: 24
188.132.155.0/24 maxlen: 24
188.132.154.0/24 maxlen: 24
188.132.189.0/24 maxlen: 24
188.132.191.0/24 maxlen: 24
78.135.73.0/24 maxlen: 24
78.135.86.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:92:e6:e4:01:f8:d5:62:ba:3c:29:b9:30:cf:a8:ac:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Oct 1 09:35:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5a515fae5c098269b14a0e5ddf48bc242b467cf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:4a:b6:ff:0b:59:8e:e3:62:a5:1f:55:51:a3:
95:7f:a1:40:f8:de:ef:a7:ee:1c:c2:9a:89:9c:44:
f7:bc:c9:ea:19:54:fa:85:ad:57:bd:dc:47:0a:ef:
b7:54:cd:87:e8:41:17:fd:95:06:98:d1:89:da:1d:
7c:8b:0b:5f:31:85:56:8e:33:89:0c:bc:1e:5f:e4:
fb:c1:6e:a1:89:7b:57:0f:fb:04:aa:9f:f8:10:f4:
0c:ea:a8:d0:61:6a:57:94:1e:82:b9:52:c4:2b:84:
e4:8b:2c:a1:94:01:9a:98:f2:29:ad:94:0f:63:94:
c5:da:46:e1:22:81:53:48:52:b0:53:bb:9f:20:bb:
ca:58:d4:7d:d8:cb:6a:79:ea:16:f2:a2:19:db:a4:
1e:ee:d8:80:5f:67:a6:94:97:1f:5e:4e:34:de:70:
df:b3:9f:96:35:ba:03:ca:7a:37:9b:07:28:14:7e:
b7:4a:d2:7e:e9:ef:41:c0:4a:8b:d8:c2:1f:63:f0:
8d:45:6e:ac:d6:cc:b9:bd:f7:26:84:59:a0:ad:79:
69:d5:fa:5f:2d:e6:5f:a5:0e:e1:c8:77:22:40:a6:
2d:5f:fb:61:aa:b2:5b:92:05:b7:4a:7c:40:fc:b1:
44:c5:ed:5f:a8:12:ec:98:82:52:9b:9a:6e:da:78:
34:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:51:5F:AE:5C:09:82:69:B1:4A:0E:5D:DF:48:BC:24:2B:46:7C:F5
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/WlFfrlwJgmmxSg5d30i8JCtGfPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.135.73.0/24
78.135.86.0/24
188.132.154.0/23
188.132.189.0/24
188.132.191.0/24
188.132.249.0/24
212.68.35.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:a3:9c:7e:e9:ec:da:30:ad:1e:b4:0d:a3:76:44:45:99:61:
42:5f:59:5c:fa:fa:50:1e:99:88:4f:ba:39:05:39:3f:52:b9:
38:cd:41:4b:d5:d5:5f:cc:b4:ee:70:73:06:10:97:0b:9e:db:
47:84:61:55:8e:d2:e1:40:b8:44:2a:ae:05:b3:15:ce:71:32:
22:d6:31:f0:c7:13:af:82:d5:09:df:08:5f:e7:1e:6c:50:92:
65:1f:ff:0c:6c:94:8c:86:5f:d9:8b:8c:01:ea:38:8b:45:28:
40:16:60:0d:04:ca:45:13:b8:9f:23:1b:26:84:32:fa:d4:1c:
29:14:10:bd:20:b2:fa:45:6f:b3:1d:07:20:4a:9b:8f:a8:bb:
45:5e:50:57:d4:2a:ef:04:d5:a5:7c:d9:01:a0:16:45:e9:80:
c8:58:f4:ae:a7:f1:d1:2f:35:d9:f3:3e:6f:a5:17:c4:d2:26:
d4:71:dc:48:01:9e:69:83:cf:14:6f:4c:7f:cb:7b:64:50:07:
dc:cb:5c:95:5f:57:2a:6e:59:f6:fb:92:0f:49:08:db:7c:0e:
12:26:18:fe:21:9a:e9:21:cf:c5:ff:30:0b:c5:bc:5e:3b:90:
22:ab:6b:0f:cd:fd:b7:c7:82:c9:d9:e5:98:4c:c4:c9:11:00:
a5:c8:11:0d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYOS5uQB+NViujwpuTDPqKwMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjIxMDAxMDkzNTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTUxNWZhZTVjMDk4MjY5YjE0YTBlNWRkZjQ4YmMyNDJiNDY3Y2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0q2/wtZjuNipR9VUaOVf6FA+N7v
p+4cwpqJnET3vMnqGVT6ha1XvdxHCu+3VM2H6EEX/ZUGmNGJ2h18iwtfMYVWjjOJ
DLweX+T7wW6hiXtXD/sEqp/4EPQM6qjQYWpXlB6CuVLEK4TkiyyhlAGamPIprZQP
Y5TF2kbhIoFTSFKwU7ufILvKWNR92MtqeeoW8qIZ26Qe7tiAX2emlJcfXk403nDf
s5+WNboDyno3mwcoFH63StJ+6e9BwEqL2MIfY/CNRW6s1sy5vfcmhFmgrXlp1fpf
LeZfpQ7hyHciQKYtX/thqrJbkgW3SnxA/LFExe1fqBLsmIJSm5pu2ng0XwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFFpRX65cCYJpsUoOXd9IvCQrRnz1MB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvV2xGZnJsd0pnbW14U2c1ZDMwaThKQ3RHZlBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQATodJAwQA
TodWAwQBvISaAwQAvIS9AwQAvIS/AwQAvIT5AwQA1EQjMA0GCSqGSIb3DQEBCwUA
A4IBAQCKo5x+6ezaMK0etA2jdkRFmWFCX1lc+vpQHpmIT7o5BTk/Urk4zUFL1dVf
zLTucHMGEJcLnttHhGFVjtLhQLhEKq4FsxXOcTIi1jHwxxOvgtUJ3whf5x5sUJJl
H/8MbJSMhl/Zi4wB6jiLRShAFmANBMpFE7ifIxsmhDL61BwpFBC9ILL6RW+zHQcg
SpuPqLtFXlBX1CrvBNWlfNkBoBZF6YDIWPSup/HRLzXZ8z5vpRfE0ibUcdxIAZ5p
g88Ub0x/y3tkUAfcy1yVX1cqbln2+5IPSQjbfA4SJhj+IZrpIc/F/zALxbxeO5Ai
q2sPzf23x4LJ2eWYTMTJEQClyBEN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:44 2024 by rpki-client on console-fra.rpki-client.org