Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/ae4547-2ca2-4cbd-a1b5-3cf3b463a86a/1/1--wycDYNNbfpyg8btcdX7mdEJ0k.roa
File: 1--wycDYNNbfpyg8btcdX7mdEJ0k.roa (raw, json)
Hash identifier: H+WgA6IZF2LKH/hyeT5QOOdShfRzk7+la9hsOL+uvnI=
Subject key identifier: FB:EC:32:70:36:0D:35:B7:E9:CA:0F:1B:B5:C7:57:EE:67:44:27:49
Certificate issuer: /CN=03f7e7cf8176e302764d48299fc22a9bdc6ba683
Certificate serial: 018410C00ACC9452DC71CF766A4B74B0CDE3
Authority key identifier: 03:F7:E7:CF:81:76:E3:02:76:4D:48:29:9F:C2:2A:9B:DC:6B:A6:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A_fnz4F24wJ2TUgpn8Iqm9xrpoM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/ae4547-2ca2-4cbd-a1b5-3cf3b463a86a/1/1--wycDYNNbfpyg8btcdX7mdEJ0k.roa
Signing time: Tue 25 Oct 2022 20:05:31 +0000
ROA not before: Tue 25 Oct 2022 20:05:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205943
IP address blocks: 185.201.70.0/24 maxlen: 24
185.201.69.0/24 maxlen: 24
185.201.68.0/24 maxlen: 24
2a0a:bf40::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:10:c0:0a:cc:94:52:dc:71:cf:76:6a:4b:74:b0:cd:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03f7e7cf8176e302764d48299fc22a9bdc6ba683
Validity
Not Before: Oct 25 20:05:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fbec3270360d35b7e9ca0f1bb5c757ee67442749
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ff:b5:81:c0:0d:c6:c5:25:9a:e4:ef:68:05:
c2:c5:df:72:77:e9:2a:3d:5a:a5:b8:fb:91:7d:27:
19:7b:a5:d7:b4:1c:1f:2f:d6:cc:69:ee:76:cc:fa:
48:98:3e:d3:ae:94:ce:30:02:6c:b0:92:e7:be:5d:
14:1d:99:60:43:a6:fe:3a:26:d2:05:11:24:cc:b3:
6f:20:59:cb:bd:5e:33:b3:53:bf:bc:21:4d:1b:81:
bc:0a:a4:e8:0a:04:8c:ae:e7:cf:e4:91:8a:8d:dd:
26:00:96:a4:2b:4d:e7:21:8c:e3:52:75:97:45:7a:
6c:0a:e0:10:f3:61:97:ad:e2:c7:d2:02:c8:28:d3:
75:b5:ed:84:d2:ca:1f:3d:e5:c7:4f:3c:8e:3f:9b:
73:eb:8e:e8:c4:27:4a:ed:53:08:2d:c7:ae:2b:8d:
d3:05:cb:2e:ca:a6:86:3a:41:40:ee:e0:68:9c:47:
74:9b:65:73:98:d0:e6:e8:5f:2d:fc:e0:30:1c:ef:
3a:0e:44:63:e1:97:7d:43:ad:ab:82:dc:66:da:a0:
9c:c5:58:64:b1:49:37:4f:7f:8a:c9:18:b0:e7:97:
59:cd:87:e1:04:be:cf:fe:fe:ad:fc:08:3f:44:41:
40:68:67:96:c3:1c:7a:9f:56:08:32:02:39:b8:1c:
db:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:EC:32:70:36:0D:35:B7:E9:CA:0F:1B:B5:C7:57:EE:67:44:27:49
X509v3 Authority Key Identifier:
keyid:03:F7:E7:CF:81:76:E3:02:76:4D:48:29:9F:C2:2A:9B:DC:6B:A6:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A_fnz4F24wJ2TUgpn8Iqm9xrpoM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/ae4547-2ca2-4cbd-a1b5-3cf3b463a86a/1/1--wycDYNNbfpyg8btcdX7mdEJ0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/ae4547-2ca2-4cbd-a1b5-3cf3b463a86a/1/A_fnz4F24wJ2TUgpn8Iqm9xrpoM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.201.68.0-185.201.70.255
IPv6:
2a0a:bf40::/36
Signature Algorithm: sha256WithRSAEncryption
31:51:bd:ee:78:4e:4b:c0:48:9f:b0:17:ec:61:2f:35:30:08:
29:84:e3:c9:2a:15:46:df:e1:63:dd:39:d3:61:d5:ba:3f:91:
98:8c:46:68:c3:db:0d:70:f1:7c:39:a6:28:70:9c:6d:82:ed:
cb:f6:5f:b8:2b:6e:09:ed:e9:22:f0:13:cf:eb:ac:a7:2b:b0:
9f:7b:ce:6d:d3:ac:67:8d:1e:b2:9c:39:ed:23:f5:34:05:50:
a6:7a:37:4a:9b:ea:08:02:12:ad:9a:68:6e:4d:1a:8f:7a:96:
ab:f7:30:15:ed:d3:6d:c7:2e:4e:e4:dc:0e:7e:f9:8c:0f:27:
01:9b:30:c7:f0:0e:4a:5a:3d:d9:fd:07:9a:90:b0:ef:d1:79:
62:b4:d1:de:0c:70:ad:3c:02:5a:1d:80:57:13:da:30:9e:ee:
2a:f3:21:48:7e:2d:79:4f:2f:51:32:90:38:58:65:c6:9a:ee:
13:ef:f3:35:43:cc:9a:59:67:a5:81:8d:19:57:f3:42:bb:fa:
24:09:28:80:5f:22:50:23:41:97:33:be:bf:69:05:88:cf:d1:
9c:45:d3:57:7b:ac:5a:38:97:32:a8:d6:0d:67:0c:3e:8b:ba:
0b:38:ad:c8:4f:63:fd:1d:e2:2d:df:00:bb:f3:73:76:52:1f:
dd:a8:9f:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYQQwArMlFLccc92akt0sM3jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzZjdlN2NmODE3NmUzMDI3NjRkNDgyOTlmYzIyYTliZGM2
YmE2ODMwHhcNMjIxMDI1MjAwNTMxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmVjMzI3MDM2MGQzNWI3ZTljYTBmMWJiNWM3NTdlZTY3NDQyNzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmf+1gcANxsUlmuTvaAXCxd9yd+kq
PVqluPuRfScZe6XXtBwfL9bMae52zPpImD7TrpTOMAJssJLnvl0UHZlgQ6b+OibS
BREkzLNvIFnLvV4zs1O/vCFNG4G8CqToCgSMrufP5JGKjd0mAJakK03nIYzjUnWX
RXpsCuAQ82GXreLH0gLIKNN1te2E0sofPeXHTzyOP5tz647oxCdK7VMILceuK43T
BcsuyqaGOkFA7uBonEd0m2VzmNDm6F8t/OAwHO86DkRj4Zd9Q62rgtxm2qCcxVhk
sUk3T3+KyRiw55dZzYfhBL7P/v6t/Ag/REFAaGeWwxx6n1YIMgI5uBzbwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPvsMnA2DTW36coPG7XHV+5nRCdJMB8GA1UdIwQY
MBaAFAP358+BduMCdk1IKZ/CKpvca6aDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQV9mbno0RjI0d0oyVFVncG44SXFtOXhycG9NLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9hZTQ1NDctMmNhMi00Y2JkLWExYjUt
M2NmM2I0NjNhODZhLzEvMS0td3ljRFlOTmJmcHlnOGJ0Y2RYN21kRUoway5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGQvYWU0NTQ3LTJjYTItNGNiZC1hMWI1LTNjZjNiNDYzYTg2
YS8xL0FfZm56NEYyNHdKMlRVZ3BuOElxbTl4cnBvTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwFAQCAAEwDjAMAwQCuclE
AwQAuclGMA4EAgACMAgDBgQqCr9AADANBgkqhkiG9w0BAQsFAAOCAQEAMVG97nhO
S8BIn7AX7GEvNTAIKYTjySoVRt/hY90502HVuj+RmIxGaMPbDXDxfDmmKHCcbYLt
y/ZfuCtuCe3pIvATz+uspyuwn3vObdOsZ40espw57SP1NAVQpno3SpvqCAISrZpo
bk0aj3qWq/cwFe3TbccuTuTcDn75jA8nAZswx/AOSlo92f0HmpCw79F5YrTR3gxw
rTwCWh2AVxPaMJ7uKvMhSH4teU8vUTKQOFhlxpruE+/zNUPMmllnpYGNGVfzQrv6
JAkogF8iUCNBlzO+v2kFiM/RnEXTV3usWjiXMqjWDWcMPou6CzityE9j/R3iLd8A
u/NzdlIf3aif0A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:05 2024 by rpki-client on console-ams.rpki-client.org