Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/WYO7am13m_TfE6zr9ZP8MQQo-Ss.roa
File: WYO7am13m_TfE6zr9ZP8MQQo-Ss.roa (raw, json)
Hash identifier: K9iVRDwTJIQuFWxDp5dg1uKeePlcjQKg3OAHxL+qMCI=
Subject key identifier: 59:83:BB:6A:6D:77:9B:F4:DF:13:AC:EB:F5:93:FC:31:04:28:F9:2B
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 018437C7770509BD0F45215E23D45FCAFCAC
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/WYO7am13m_TfE6zr9ZP8MQQo-Ss.roa
Signing time: Wed 02 Nov 2022 09:58:49 +0000
ROA not before: Wed 02 Nov 2022 09:58:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34471
IP address blocks: 185.228.124.0/22 maxlen: 24
185.5.84.0/22 maxlen: 24
185.176.104.0/22 maxlen: 24
46.28.160.0/21 maxlen: 24
185.10.248.0/22 maxlen: 24
91.242.148.0/22 maxlen: 24
109.235.16.0/21 maxlen: 24
176.56.64.0/19 maxlen: 24
193.246.154.0/23 maxlen: 24
193.246.156.0/23 maxlen: 24
89.40.84.0/22 maxlen: 24
185.4.32.0/22 maxlen: 24
31.25.176.0/21 maxlen: 24
185.239.160.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:37:c7:77:05:09:bd:0f:45:21:5e:23:d4:5f:ca:fc:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Nov 2 09:58:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5983bb6a6d779bf4df13acebf593fc310428f92b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:24:2e:86:7b:ec:bf:50:a8:d3:42:68:a0:9d:
0e:d7:4f:5b:15:ee:4a:de:dd:bb:27:12:4b:4b:4a:
79:43:6f:03:a0:fa:1c:16:e9:56:46:73:e6:64:53:
40:e3:e3:7a:b3:d4:be:fc:c0:0f:55:2c:ad:61:e8:
7c:01:40:42:b7:90:fd:e7:dd:04:0d:8e:52:42:e5:
17:73:b6:c4:e4:0a:6f:2a:91:43:d4:36:63:90:c1:
2f:e4:b1:19:30:a1:e9:41:f2:a6:0a:b4:ec:35:40:
73:ec:dd:4c:c2:ed:cc:79:1a:cb:59:ba:27:f0:38:
f4:3a:51:85:79:57:69:47:51:e3:f5:f6:59:a6:e1:
03:ca:3c:ed:01:12:0a:fb:ac:aa:06:cb:db:b2:dd:
b2:77:07:5b:ed:b9:14:65:26:1b:82:92:d3:1e:2d:
78:a3:60:a7:43:3b:70:f5:fd:7c:1d:42:2a:2a:c3:
ca:3a:d3:42:51:9c:03:a9:99:e7:24:89:18:ca:12:
8c:9a:0d:57:26:6a:ed:23:87:d1:bb:0f:d3:34:6e:
b4:01:77:76:58:d7:fd:f9:02:d9:6a:2b:59:50:e1:
ec:56:d3:e8:c9:84:49:c6:9a:d6:c7:71:5f:51:87:
53:71:02:d2:db:60:b3:42:6d:dc:c6:03:a0:e4:86:
e9:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:83:BB:6A:6D:77:9B:F4:DF:13:AC:EB:F5:93:FC:31:04:28:F9:2B
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/WYO7am13m_TfE6zr9ZP8MQQo-Ss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.176.0/21
46.28.160.0/21
89.40.84.0/22
91.242.148.0/22
109.235.16.0/21
176.56.64.0/19
185.4.32.0/22
185.5.84.0/22
185.10.248.0/22
185.176.104.0/22
185.228.124.0/22
185.239.160.0/22
193.246.154.0-193.246.157.255
Signature Algorithm: sha256WithRSAEncryption
2e:7c:6d:d7:c9:74:dc:90:ae:94:22:32:2f:23:d3:88:11:26:
64:c3:85:d9:ad:7f:ef:b3:c1:e0:23:a8:c1:f4:d1:01:f5:d0:
c8:99:0c:0c:d0:28:98:78:78:33:db:41:e2:7b:1b:cd:fd:af:
7d:38:6c:f9:4c:07:d8:12:62:16:8b:4a:cc:83:82:17:9b:f9:
a1:08:38:42:07:e1:ac:c2:08:8a:2b:9d:7e:60:4c:1b:10:dc:
0e:cf:83:a0:92:31:08:31:d2:0f:91:e2:0a:7a:14:f1:5b:42:
62:79:0d:d5:f0:a8:2e:71:23:b9:2b:04:67:3c:1b:67:82:8b:
d0:a8:a2:56:92:b5:8d:5b:2f:d3:5c:ef:bb:3a:14:3b:2f:b4:
a8:9a:fb:19:f3:5d:3e:e1:1a:ee:1a:40:37:8e:35:d6:bd:a7:
44:ec:b1:36:1a:02:de:21:e6:e8:62:da:2d:b0:4b:ce:68:af:
19:82:33:ac:5c:69:cb:3c:06:a1:e2:bf:9c:15:a2:a1:94:cd:
05:9f:84:f6:16:ca:23:d4:0e:56:50:dd:53:2b:79:4a:19:df:
28:83:02:a7:06:28:76:04:56:48:53:13:1b:b5:bf:df:9e:5c:
f1:65:3e:25:eb:1c:da:ee:4f:1e:5a:5c:92:b5:05:81:af:ac:
42:39:95:4c
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYQ3x3cFCb0PRSFeI9RfyvysMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjIxMTAyMDk1ODQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTgzYmI2YTZkNzc5YmY0ZGYxM2FjZWJmNTkzZmMzMTA0MjhmOTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCQuhnvsv1Co00JooJ0O109bFe5K
3t27JxJLS0p5Q28DoPocFulWRnPmZFNA4+N6s9S+/MAPVSytYeh8AUBCt5D9590E
DY5SQuUXc7bE5ApvKpFD1DZjkMEv5LEZMKHpQfKmCrTsNUBz7N1Mwu3MeRrLWbon
8Dj0OlGFeVdpR1Hj9fZZpuEDyjztARIK+6yqBsvbst2ydwdb7bkUZSYbgpLTHi14
o2CnQztw9f18HUIqKsPKOtNCUZwDqZnnJIkYyhKMmg1XJmrtI4fRuw/TNG60AXd2
WNf9+QLZaitZUOHsVtPoyYRJxprWx3FfUYdTcQLS22CzQm3cxgOg5IbpswIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFFmDu2ptd5v03xOs6/WT/DEEKPkrMB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvV1lPN2FtMTNtX1RmRTZ6cjlaUDhNUVFvLVNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQDHxmwAwQD
LhygAwQCWShUAwQCW/KUAwQDbesQAwQFsDhAAwQCuQQgAwQCuQVUAwQCuQr4AwQC
ubBoAwQCueR8AwQCue+gMAwDBAHB9poDBAHB9pwwDQYJKoZIhvcNAQELBQADggEB
AC58bdfJdNyQrpQiMi8j04gRJmTDhdmtf++zweAjqMH00QH10MiZDAzQKJh4eDPb
QeJ7G839r304bPlMB9gSYhaLSsyDgheb+aEIOEIH4azCCIornX5gTBsQ3A7Pg6CS
MQgx0g+R4gp6FPFbQmJ5DdXwqC5xI7krBGc8G2eCi9CoolaStY1bL9Nc77s6FDsv
tKia+xnzXT7hGu4aQDeONda9p0TssTYaAt4h5uhi2i2wS85orxmCM6xcacs8BqHi
v5wVoqGUzQWfhPYWyiPUDlZQ3VMreUoZ3yiDAqcGKHYEVkhTExu1v9+eXPFlPiXr
HNruTx5aXJK1BYGvrEI5lUw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:53 2023 by rpki-client on console-ams.rpki-client.org