Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/cfc0d1-d095-4b1b-9b5d-3985299fad6d/1/wL8OVs4htQ-q9N5w_xTdfTHOmLY.roa
File: wL8OVs4htQ-q9N5w_xTdfTHOmLY.roa (raw, json)
Hash identifier: 1XX7eSA4gCaSWXCPdPVFt+dVO5Yyr7dRzU9YlAOHcBU=
Subject key identifier: C0:BF:0E:56:CE:21:B5:0F:AA:F4:DE:70:FF:14:DD:7D:31:CE:98:B6
Certificate issuer: /CN=20eee05da183dee2b8118141956462c9240d7876
Certificate serial: 04758652
Authority key identifier: 20:EE:E0:5D:A1:83:DE:E2:B8:11:81:41:95:64:62:C9:24:0D:78:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IO7gXaGD3uK4EYFBlWRiySQNeHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/cfc0d1-d095-4b1b-9b5d-3985299fad6d/1/wL8OVs4htQ-q9N5w_xTdfTHOmLY.roa
Signing time: Sat 01 Jan 2022 05:06:23 +0000
ROA not before: Sat 01 Jan 2022 05:06:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205584
IP address blocks: 185.215.29.0/24 maxlen: 24
185.215.28.0/24 maxlen: 24
185.215.28.0/22 maxlen: 24
185.215.31.0/24 maxlen: 24
185.215.30.0/24 maxlen: 24
193.105.168.0/24 maxlen: 24
195.78.98.0/23 maxlen: 24
2a0b:a2c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74810962 (0x4758652)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20eee05da183dee2b8118141956462c9240d7876
Validity
Not Before: Jan 1 05:06:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c0bf0e56ce21b50faaf4de70ff14dd7d31ce98b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f1:01:f5:13:85:6d:85:a3:b0:e4:02:8c:6a:
dd:a5:81:fc:41:24:2b:1d:03:48:c7:cf:b9:a5:3b:
43:d0:c2:80:50:26:36:df:40:87:ce:45:f8:62:8a:
01:0b:51:9a:2d:90:72:4b:43:14:9e:d6:aa:64:77:
f4:96:40:2d:d0:ba:32:b4:b5:a8:cc:64:00:44:f3:
d3:ea:69:0f:dd:0f:53:e1:7f:c6:cc:15:84:ff:f2:
06:ec:09:35:e9:a2:33:85:5b:9a:f5:9b:d7:c4:03:
4b:27:ab:7f:6f:e5:ce:14:c5:3b:97:19:c8:c9:fd:
7d:2d:6f:24:eb:f6:d0:03:1c:22:0c:96:05:67:a7:
65:23:9f:4a:1d:00:00:f1:53:28:38:ef:41:71:83:
a6:e0:a5:13:c2:7a:77:07:83:74:09:2c:6e:90:92:
3c:07:74:95:7f:2b:1f:6f:1e:ef:a0:6a:0d:c6:91:
ca:f5:f4:c3:f8:42:93:50:93:da:c0:d4:9e:89:85:
b8:56:64:5f:3f:12:fc:ea:29:97:4a:84:91:4e:cf:
8f:92:ba:43:52:df:a3:8e:7c:4e:80:86:97:89:c2:
69:b5:c1:64:dd:b9:5e:75:f1:2e:de:cd:ad:02:ac:
39:d7:42:0c:bf:d2:21:b3:8d:18:55:1a:1a:ee:53:
2a:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:BF:0E:56:CE:21:B5:0F:AA:F4:DE:70:FF:14:DD:7D:31:CE:98:B6
X509v3 Authority Key Identifier:
keyid:20:EE:E0:5D:A1:83:DE:E2:B8:11:81:41:95:64:62:C9:24:0D:78:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IO7gXaGD3uK4EYFBlWRiySQNeHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/cfc0d1-d095-4b1b-9b5d-3985299fad6d/1/wL8OVs4htQ-q9N5w_xTdfTHOmLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/cfc0d1-d095-4b1b-9b5d-3985299fad6d/1/IO7gXaGD3uK4EYFBlWRiySQNeHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.215.28.0/22
193.105.168.0/24
195.78.98.0/23
IPv6:
2a0b:a2c0::/29
Signature Algorithm: sha256WithRSAEncryption
2b:28:f7:60:b2:de:92:9c:4e:00:44:fe:62:92:0c:0d:48:a1:
70:b2:46:e2:9b:06:f1:03:b7:fe:ec:04:8a:38:c8:3b:3e:f2:
31:bd:63:45:c0:7e:b1:06:d8:26:83:0f:ff:0e:3e:da:ad:8b:
07:80:e4:6b:de:34:58:4a:59:a8:48:87:5a:b4:58:f2:a8:16:
b7:1b:1a:a1:c6:03:64:42:0e:51:38:de:44:44:ad:e0:13:30:
8f:63:d3:d6:3c:68:17:2e:9f:4e:74:42:ae:bd:c4:3b:da:8d:
67:ad:1f:fc:2e:26:4e:e6:07:37:45:8d:59:84:24:54:cc:e3:
71:41:28:58:19:b9:2c:14:42:c6:5f:65:92:a8:42:29:a7:c9:
09:9d:8f:05:b3:c7:0f:5f:06:65:e3:a4:52:51:d4:11:64:42:
fd:26:95:8e:37:1f:b7:f0:94:f2:26:30:8c:48:58:e9:c4:60:
7f:7b:75:93:07:75:30:6d:64:71:19:21:66:e5:80:60:cc:d5:
1a:79:80:fb:e3:67:97:4c:21:dd:52:3b:d0:b8:0b:00:76:f9:
58:ad:23:73:3c:90:32:b0:0f:17:4b:94:d5:a1:42:25:cb:60:
4f:5d:37:dc:1d:99:1b:91:38:ae:32:a5:d7:e1:23:0c:2b:e8:
cb:3a:46:62
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEBHWGUjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MGVlZTA1ZGExODNkZWUyYjgxMTgxNDE5NTY0NjJjOTI0MGQ3ODc2MB4XDTIyMDEw
MTA1MDYyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzBiZjBlNTZjZTIx
YjUwZmFhZjRkZTcwZmYxNGRkN2QzMWNlOThiNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALHxAfUThW2Fo7DkAoxq3aWB/EEkKx0DSMfPuaU7Q9DCgFAm
Nt9Ah85F+GKKAQtRmi2QcktDFJ7WqmR39JZALdC6MrS1qMxkAETz0+ppD90PU+F/
xswVhP/yBuwJNemiM4VbmvWb18QDSyerf2/lzhTFO5cZyMn9fS1vJOv20AMcIgyW
BWenZSOfSh0AAPFTKDjvQXGDpuClE8J6dweDdAksbpCSPAd0lX8rH28e76BqDcaR
yvX0w/hCk1CT2sDUnomFuFZkXz8S/Oopl0qEkU7Pj5K6Q1Lfo458ToCGl4nCabXB
ZN25XnXxLt7NrQKsOddCDL/SIbONGFUaGu5TKpUCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBTAvw5WziG1D6r03nD/FN19Mc6YtjAfBgNVHSMEGDAWgBQg7uBdoYPe4rgR
gUGVZGLJJA14djAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lPN2dYYUdEM3VLNEVZRkJsV1JpeVNRTmVIWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvY2ZjMGQxLWQwOTUtNGIxYi05YjVkLTM5ODUyOTlmYWQ2ZC8x
L3dMOE9WczRodFEtcTlONXdfeFRkZlRIT21MWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
Y2ZjMGQxLWQwOTUtNGIxYi05YjVkLTM5ODUyOTlmYWQ2ZC8xL0lPN2dYYUdEM3VL
NEVZRkJsV1JpeVNRTmVIWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEArnXHAMEAMFpqAMEAcNOYjANBAIA
AjAHAwUDKguiwDANBgkqhkiG9w0BAQsFAAOCAQEAKyj3YLLekpxOAET+YpIMDUih
cLJG4psG8QO3/uwEijjIOz7yMb1jRcB+sQbYJoMP/w4+2q2LB4Dka940WEpZqEiH
WrRY8qgWtxsaocYDZEIOUTjeRESt4BMwj2PT1jxoFy6fTnRCrr3EO9qNZ60f/C4m
TuYHN0WNWYQkVMzjcUEoWBm5LBRCxl9lkqhCKafJCZ2PBbPHD18GZeOkUlHUEWRC
/SaVjjcft/CU8iYwjEhY6cRgf3t1kwd1MG1kcRkhZuWAYMzVGnmA++Nnl0wh3VI7
0LgLAHb5WK0jczyQMrAPF0uU1aFCJctgT1033B2ZG5E4rjKl1+EjDCvoyzpGYg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:06 2023 by rpki-client on console-ams.rpki-client.org