Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/WgiovTnRSJWGEGv58sjkZKnCncg.roa
File: WgiovTnRSJWGEGv58sjkZKnCncg.roa (raw, json)
Hash identifier: 08wMEx4FaOnGXtwcm4cNiNat9aFFLwoH6a+zT91BufY=
Subject key identifier: 5A:08:A8:BD:39:D1:48:95:86:10:6B:F9:F2:C8:E4:64:A9:C2:9D:C8
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018452469F5BBFE72F9A70D2020AD78B69AB
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/WgiovTnRSJWGEGv58sjkZKnCncg.roa
Signing time: Mon 07 Nov 2022 13:27:50 +0000
ROA not before: Mon 07 Nov 2022 13:27:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203790
IP address blocks: 45.148.117.0/24 maxlen: 24
45.148.116.0/24 maxlen: 24
45.148.119.0/24 maxlen: 24
194.50.111.0/24 maxlen: 24
2a0e:97c0:460::/44 maxlen: 48
2a0e:b107:12a0::/44 maxlen: 48
2a10:cc40:1d0::/44 maxlen: 48
2a0e:b101::/32 maxlen: 48
2a10:cc41:110::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:52:46:9f:5b:bf:e7:2f:9a:70:d2:02:0a:d7:8b:69:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 7 13:27:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5a08a8bd39d1489586106bf9f2c8e464a9c29dc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ee:c1:92:8e:a5:f7:92:8e:9e:b9:12:06:fc:
9d:60:2f:57:db:9e:f9:29:27:56:f4:6f:78:92:c3:
36:10:84:bf:36:3e:e5:7d:e5:38:b7:df:66:a0:30:
b0:64:d9:c6:7d:c6:c4:73:fb:9b:5c:32:cf:3d:b8:
f8:88:66:17:21:c6:36:a7:b7:00:26:fd:0e:66:1b:
38:4e:0d:9b:95:15:bb:88:32:a4:37:79:ba:5e:96:
87:c0:e5:db:0b:ac:9e:4d:36:ca:b8:8b:c5:3e:1d:
da:e7:d5:03:a1:9f:fd:22:77:f6:4c:77:78:08:25:
07:e1:ef:e8:a0:fd:73:a8:a9:64:d7:5c:32:51:1e:
ee:42:dd:4d:a5:3c:77:c4:7b:4d:4f:b4:48:43:42:
21:7b:ab:72:2a:e2:45:18:c4:9c:89:4d:b1:80:f8:
0e:9a:a3:2c:84:e2:d0:da:da:97:a7:4f:13:18:b3:
ea:50:5a:60:c6:50:a3:3a:69:9a:5a:d9:d8:49:a6:
7f:61:44:93:cf:c9:a1:30:2a:54:40:82:bc:41:39:
a5:85:1e:ef:1e:11:f1:f9:b3:6e:f4:be:68:20:e2:
dc:f6:f6:4e:5a:11:d7:a9:e9:b4:3f:87:d5:d4:4e:
38:b6:55:cd:40:be:9b:01:37:00:dd:46:4e:91:73:
36:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:08:A8:BD:39:D1:48:95:86:10:6B:F9:F2:C8:E4:64:A9:C2:9D:C8
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/WgiovTnRSJWGEGv58sjkZKnCncg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.116.0/23
45.148.119.0/24
194.50.111.0/24
IPv6:
2a0e:97c0:460::/44
2a0e:b101::/32
2a0e:b107:12a0::/44
2a10:cc40:1d0::/44
2a10:cc41:110::/44
Signature Algorithm: sha256WithRSAEncryption
8e:6b:09:2e:bf:a2:9f:00:a1:b4:d7:e4:c8:ab:3a:ff:51:ef:
1e:67:20:ef:53:fa:6b:e8:ea:35:c9:6e:c5:4b:56:da:7f:ea:
bf:e5:c7:95:49:6b:4c:d1:88:0b:e9:5b:63:83:14:c2:5f:36:
6f:05:61:c0:d5:79:ed:04:4b:40:16:d4:7e:1e:af:a6:18:be:
22:57:88:e1:88:e1:92:3f:b0:89:31:f3:cb:b3:b0:3b:cf:9a:
a4:e2:59:e1:1b:a3:b1:10:e0:28:ed:df:5d:6a:c2:71:3a:09:
f5:1a:dd:4b:06:9c:c1:9b:6b:a8:73:54:77:03:29:7c:39:ef:
c9:24:b2:e8:23:b8:60:a4:a4:76:77:40:2a:81:a4:b2:fe:4d:
f5:85:4b:5f:51:71:9c:05:95:aa:58:f1:95:06:b8:24:a3:32:
c8:95:89:40:d1:8a:93:02:1c:a2:a9:24:ef:f8:ea:a5:33:ee:
69:56:48:4f:ef:e2:eb:d3:ba:82:62:4b:57:8f:b3:ff:26:50:
1d:f6:67:16:9f:6c:16:df:b2:2d:e9:b2:9b:c2:70:32:be:5e:
e0:c1:f4:64:d6:cb:61:70:1a:56:b6:14:5d:23:b7:ae:ac:83:
19:06:63:6c:5c:72:7c:ab:85:b9:22:59:06:14:30:4c:05:ff:
04:94:5a:0d
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYRSRp9bv+cvmnDSAgrXi2mrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMTA3MTMyNzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTA4YThiZDM5ZDE0ODk1ODYxMDZiZjlmMmM4ZTQ2NGE5YzI5ZGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAue7Bko6l95KOnrkSBvydYC9X2575
KSdW9G94ksM2EIS/Nj7lfeU4t99moDCwZNnGfcbEc/ubXDLPPbj4iGYXIcY2p7cA
Jv0OZhs4Tg2blRW7iDKkN3m6XpaHwOXbC6yeTTbKuIvFPh3a59UDoZ/9Inf2THd4
CCUH4e/ooP1zqKlk11wyUR7uQt1NpTx3xHtNT7RIQ0Ihe6tyKuJFGMSciU2xgPgO
mqMshOLQ2tqXp08TGLPqUFpgxlCjOmmaWtnYSaZ/YUSTz8mhMCpUQIK8QTmlhR7v
HhHx+bNu9L5oIOLc9vZOWhHXqem0P4fV1E44tlXNQL6bATcA3UZOkXM2HQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFFoIqL050UiVhhBr+fLI5GSpwp3IMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvV2dpb3ZUblJTSldHRUd2NThzamtaS25DbmNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTAYBAIAATASAwQBLZR0AwQA
LZR3AwQAwjJvMDEEAgACMCsDBwQqDpfABGADBQAqDrEBAwcEKg6xBxKgAwcEKhDM
QAHQAwcEKhDMQQEQMA0GCSqGSIb3DQEBCwUAA4IBAQCOawkuv6KfAKG01+TIqzr/
Ue8eZyDvU/pr6Oo1yW7FS1baf+q/5ceVSWtM0YgL6VtjgxTCXzZvBWHA1XntBEtA
FtR+Hq+mGL4iV4jhiOGSP7CJMfPLs7A7z5qk4lnhG6OxEOAo7d9dasJxOgn1Gt1L
BpzBm2uoc1R3Ayl8Oe/JJLLoI7hgpKR2d0AqgaSy/k31hUtfUXGcBZWqWPGVBrgk
ozLIlYlA0YqTAhyiqSTv+OqlM+5pVkhP7+Lr07qCYktXj7P/JlAd9mcWn2wW37It
6bKbwnAyvl7gwfRk1sthcBpWthRdI7eurIMZBmNsXHJ8q4W5IlkGFDBMBf8ElFoN
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:16 2023 by rpki-client on console-fra.rpki-client.org