Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/d5ffe7-3b48-4f80-8d6a-317c2fb0a35b/1/wK2QDlXp97G4eZ2idUjIlqhi_fQ.roa
File: wK2QDlXp97G4eZ2idUjIlqhi_fQ.roa (raw, json)
Hash identifier: EzVOjJD9NnGf1zDdSjLFu54NL87PuaHsjjdLZP4YsLk=
Subject key identifier: C0:AD:90:0E:55:E9:F7:B1:B8:79:9D:A2:75:48:C8:96:A8:62:FD:F4
Certificate issuer: /CN=51618df006d548d1d87ed6419550662db6fc0606
Certificate serial: 0183171F7F82A1509E05A997AB090F3E7E9A
Authority key identifier: 51:61:8D:F0:06:D5:48:D1:D8:7E:D6:41:95:50:66:2D:B6:FC:06:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UWGN8AbVSNHYftZBlVBmLbb8BgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/d5ffe7-3b48-4f80-8d6a-317c2fb0a35b/1/wK2QDlXp97G4eZ2idUjIlqhi_fQ.roa
Signing time: Wed 07 Sep 2022 08:44:43 +0000
ROA not before: Wed 07 Sep 2022 08:44:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31257
IP address blocks: 176.116.160.0/21 maxlen: 21
176.116.160.0/20 maxlen: 20
176.116.168.0/21 maxlen: 21
176.116.182.0/23 maxlen: 23
176.116.180.0/22 maxlen: 22
176.116.180.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:17:1f:7f:82:a1:50:9e:05:a9:97:ab:09:0f:3e:7e:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51618df006d548d1d87ed6419550662db6fc0606
Validity
Not Before: Sep 7 08:44:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c0ad900e55e9f7b1b8799da27548c896a862fdf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:5c:2a:98:ae:a1:54:23:81:ab:a6:ed:08:c2:
7e:58:eb:64:d3:dc:8a:c8:f3:a9:14:64:bd:05:37:
db:65:9f:08:fa:ec:4b:c2:6b:6e:d0:08:90:2d:cb:
58:56:59:b0:92:f0:15:11:ea:c0:4a:1c:70:07:c8:
92:28:ac:7c:4d:0a:34:c4:e7:d8:69:01:5f:73:90:
52:ac:29:b2:6f:ca:1c:47:f7:dd:8a:c0:a0:29:2b:
a1:cb:2f:1a:6b:7d:f7:1a:24:e6:62:51:65:da:ad:
ad:b4:7f:5e:f1:bd:e9:d6:d6:21:38:bc:a6:16:14:
65:dd:1a:c1:32:dd:9b:c8:98:02:01:b4:6b:a5:47:
58:a7:0c:5e:85:e7:96:33:ba:f5:1b:06:33:14:ed:
98:f9:e4:d4:5a:0a:25:d1:bf:6a:3f:9d:1f:1e:9c:
29:9a:0b:c8:da:fe:94:58:52:00:22:db:0d:d2:2e:
27:08:1e:73:eb:2d:a7:f7:46:3a:61:00:ee:6a:7b:
64:9a:1a:f7:61:86:ee:fd:a6:1c:8a:5b:a3:85:80:
57:a3:29:59:fc:a7:e8:01:10:02:87:0d:2c:46:8a:
0b:fd:02:da:e3:22:af:95:d1:1f:16:22:be:e5:49:
79:e0:a7:1a:3c:1d:1f:78:e3:7c:49:e6:54:58:76:
11:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:AD:90:0E:55:E9:F7:B1:B8:79:9D:A2:75:48:C8:96:A8:62:FD:F4
X509v3 Authority Key Identifier:
keyid:51:61:8D:F0:06:D5:48:D1:D8:7E:D6:41:95:50:66:2D:B6:FC:06:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UWGN8AbVSNHYftZBlVBmLbb8BgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/d5ffe7-3b48-4f80-8d6a-317c2fb0a35b/1/wK2QDlXp97G4eZ2idUjIlqhi_fQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/d5ffe7-3b48-4f80-8d6a-317c2fb0a35b/1/UWGN8AbVSNHYftZBlVBmLbb8BgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.116.160.0/20
176.116.180.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:e6:11:42:3a:fb:cf:15:01:ce:20:d1:d0:9b:bb:e2:75:81:
bb:d8:4f:2c:4c:c4:18:a1:dd:a4:b5:48:1d:a1:e2:0d:17:a0:
cb:85:ab:a9:57:9f:e3:02:8f:f1:02:ca:59:2b:6a:82:5a:0f:
e5:ec:f1:e1:a5:f6:a9:14:8b:31:d1:bf:52:00:7f:63:55:4a:
4e:82:85:fc:14:20:b0:8a:cd:4d:28:51:bc:63:f2:06:40:6e:
83:f5:5d:f9:04:03:40:14:b3:f3:bc:ad:e5:3f:17:53:84:8f:
0f:ac:0c:40:62:ad:d3:e3:35:45:24:96:c1:58:42:ae:f3:42:
4a:40:50:55:52:04:34:df:20:02:3f:c8:71:a8:ad:de:4c:8f:
68:7b:a4:a8:ed:75:76:26:b6:ac:f8:a2:c6:a1:98:89:d9:7c:
b3:b8:94:24:a1:44:eb:7a:2e:b2:f9:a5:2a:51:0d:1d:94:d6:
9a:9e:b4:5a:e4:ed:f5:9c:fa:ac:ab:8f:e7:41:5f:41:97:70:
2d:cc:fd:46:9c:08:24:0f:16:fc:01:31:c6:48:4d:5e:f9:13:
88:ce:30:2c:b0:e8:ed:90:25:15:11:93:2d:c6:fe:44:58:06:
3d:0e:b0:59:13:ab:cd:57:2c:41:77:e1:3f:1a:84:3d:f0:db:
0f:74:78:a9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYMXH3+CoVCeBamXqwkPPn6aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxNjE4ZGYwMDZkNTQ4ZDFkODdlZDY0MTk1NTA2NjJkYjZm
YzA2MDYwHhcNMjIwOTA3MDg0NDQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGFkOTAwZTU1ZTlmN2IxYjg3OTlkYTI3NTQ4Yzg5NmE4NjJmZGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFwqmK6hVCOBq6btCMJ+WOtk09yK
yPOpFGS9BTfbZZ8I+uxLwmtu0AiQLctYVlmwkvAVEerAShxwB8iSKKx8TQo0xOfY
aQFfc5BSrCmyb8ocR/fdisCgKSuhyy8aa333GiTmYlFl2q2ttH9e8b3p1tYhOLym
FhRl3RrBMt2byJgCAbRrpUdYpwxeheeWM7r1GwYzFO2Y+eTUWgol0b9qP50fHpwp
mgvI2v6UWFIAItsN0i4nCB5z6y2n90Y6YQDuantkmhr3YYbu/aYcilujhYBXoylZ
/KfoARAChw0sRooL/QLa4yKvldEfFiK+5Ul54KcaPB0feON8SeZUWHYRFQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMCtkA5V6fexuHmdonVIyJaoYv30MB8GA1UdIwQY
MBaAFFFhjfAG1UjR2H7WQZVQZi22/AYGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVdHTjhBYlZTTkhZZnRaQmxWQm1MYmI4QmdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9kNWZmZTctM2I0OC00ZjgwLThkNmEt
MzE3YzJmYjBhMzViLzEvd0syUURsWHA5N0c0ZVoyaWRVaklscWhpX2ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9kNWZmZTctM2I0OC00ZjgwLThkNmEtMzE3YzJmYjBhMzVi
LzEvVVdHTjhBYlZTTkhZZnRaQmxWQm1MYmI4QmdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEsHSgAwQC
sHS0MA0GCSqGSIb3DQEBCwUAA4IBAQAb5hFCOvvPFQHOINHQm7vidYG72E8sTMQY
od2ktUgdoeINF6DLhaupV5/jAo/xAspZK2qCWg/l7PHhpfapFIsx0b9SAH9jVUpO
goX8FCCwis1NKFG8Y/IGQG6D9V35BANAFLPzvK3lPxdThI8PrAxAYq3T4zVFJJbB
WEKu80JKQFBVUgQ03yACP8hxqK3eTI9oe6So7XV2Jras+KLGoZiJ2XyzuJQkoUTr
ei6y+aUqUQ0dlNaanrRa5O31nPqsq4/nQV9Bl3AtzP1GnAgkDxb8ATHGSE1e+ROI
zjAssOjtkCUVEZMtxv5EWAY9DrBZE6vNVyxBd+E/GoQ98NsPdHip
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:58 2024 by rpki-client on console-fra.rpki-client.org