Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/03c430-fb04-40ea-85d1-c92c6165de18/1/WfisY2DUHBSIK9Gs8eP1iip-n-E.roa
File: WfisY2DUHBSIK9Gs8eP1iip-n-E.roa (raw, json)
Hash identifier: 9ABgbk5k0Hg3eWlssQpK8gOYbUDoebudpKx0MFooTbw=
Subject key identifier: 59:F8:AC:63:60:D4:1C:14:88:2B:D1:AC:F1:E3:F5:8A:2A:7E:9F:E1
Certificate issuer: /CN=d3860a9b36585fb8aa051fc37fcc6a0773990cbf
Certificate serial: 01830CAEC09DCA6BDD4B4AB71EE6C0E2430A
Authority key identifier: D3:86:0A:9B:36:58:5F:B8:AA:05:1F:C3:7F:CC:6A:07:73:99:0C:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/04YKmzZYX7iqBR_Df8xqB3OZDL8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/03c430-fb04-40ea-85d1-c92c6165de18/1/WfisY2DUHBSIK9Gs8eP1iip-n-E.roa
Signing time: Mon 05 Sep 2022 08:05:22 +0000
ROA not before: Mon 05 Sep 2022 08:05:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44794
IP address blocks: 185.235.80.0/24 maxlen: 24
2a0d:4d00::/48 maxlen: 48
2a0d:4d00:80::/48 maxlen: 48
2a0d:4d00:3::/48 maxlen: 48
2a0d:4d00:1::/48 maxlen: 48
2a0d:4d00:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:0c:ae:c0:9d:ca:6b:dd:4b:4a:b7:1e:e6:c0:e2:43:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3860a9b36585fb8aa051fc37fcc6a0773990cbf
Validity
Not Before: Sep 5 08:05:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=59f8ac6360d41c14882bd1acf1e3f58a2a7e9fe1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:44:25:c7:8a:07:c4:dc:34:e2:a4:69:96:de:
aa:2e:2b:ab:1a:1e:9f:3a:58:90:17:bc:7a:18:6a:
cd:c9:16:82:fe:94:17:1e:42:25:66:55:dc:78:3e:
bd:e0:25:91:8e:b5:f1:08:20:3f:da:9b:ae:6c:60:
f4:4b:c0:ce:ec:eb:87:ea:2a:57:c2:ad:52:68:66:
74:9c:f5:3f:74:6e:87:54:77:0f:af:9a:b9:87:83:
40:fb:72:ab:70:04:97:b5:df:b3:e6:3a:d8:e0:ee:
45:02:e0:52:eb:db:78:21:40:ec:15:63:0d:cd:c1:
54:a3:09:46:33:6f:da:b5:ef:8b:5d:c0:3e:37:51:
54:a7:f0:7c:8c:de:14:a3:cb:bf:2b:4a:e0:03:1f:
77:fc:1b:7b:1c:90:f1:f3:d8:0b:87:7e:48:ad:15:
c3:00:ce:d2:84:63:25:51:5d:ae:7b:88:9f:cd:4a:
ef:64:b3:0f:14:2f:51:8e:26:bd:39:f6:8c:a5:35:
cc:06:b8:aa:6c:f7:89:10:32:24:01:88:b8:df:4f:
a3:bb:aa:05:49:da:8c:8c:c8:5e:f7:90:7d:01:b1:
1e:73:e0:08:68:92:33:81:cc:e6:78:be:3a:62:ed:
1b:9c:78:4b:62:f0:b4:5f:2b:3a:dd:af:4a:f3:75:
01:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:F8:AC:63:60:D4:1C:14:88:2B:D1:AC:F1:E3:F5:8A:2A:7E:9F:E1
X509v3 Authority Key Identifier:
keyid:D3:86:0A:9B:36:58:5F:B8:AA:05:1F:C3:7F:CC:6A:07:73:99:0C:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/04YKmzZYX7iqBR_Df8xqB3OZDL8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/03c430-fb04-40ea-85d1-c92c6165de18/1/WfisY2DUHBSIK9Gs8eP1iip-n-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/03c430-fb04-40ea-85d1-c92c6165de18/1/04YKmzZYX7iqBR_Df8xqB3OZDL8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.80.0/24
IPv6:
2a0d:4d00::/46
2a0d:4d00:80::/48
Signature Algorithm: sha256WithRSAEncryption
7e:74:98:09:63:8e:e3:d5:a3:4d:67:a3:9c:12:7a:4b:cc:e1:
42:29:0f:37:27:8a:8c:04:b0:e5:0e:0a:e0:62:8e:18:06:28:
cb:45:ee:aa:97:57:13:d2:85:ae:ce:91:28:6a:57:fc:e7:7e:
98:1e:a3:9f:3c:e3:57:55:55:b4:d0:e6:c4:97:ca:64:6a:d3:
0d:7c:d5:87:f3:96:f4:d3:be:d1:61:65:64:60:93:2d:98:0d:
5c:bc:bd:89:19:ab:46:4c:03:61:e3:5d:c2:a6:c7:10:f5:de:
aa:3b:b4:fc:1b:04:ed:b0:93:f2:9c:12:4a:64:10:2b:a1:ec:
50:f8:44:91:c5:23:59:65:79:69:87:91:d8:b9:25:b5:ab:e8:
aa:6f:3b:d4:88:07:ea:55:bf:f1:17:11:b2:33:9a:cc:79:99:
37:89:37:e1:67:72:18:7e:cd:02:e9:8b:26:43:40:7a:f0:67:
c2:5c:09:5b:2e:43:00:63:5f:8d:d2:e3:5d:ae:78:5c:2e:30:
e5:bc:70:92:ca:9b:11:a0:62:67:c1:a7:22:72:84:72:f6:8d:
76:ad:b0:0a:4f:34:15:21:4f:0e:7e:0b:2d:77:09:81:eb:f8:
fb:0a:c3:a4:2d:e5:9e:c5:4a:da:38:49:4a:e2:cb:fc:7d:5b:
20:9f:ab:5f
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYMMrsCdymvdS0q3HubA4kMKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzODYwYTliMzY1ODVmYjhhYTA1MWZjMzdmY2M2YTA3NzM5
OTBjYmYwHhcNMjIwOTA1MDgwNTIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWY4YWM2MzYwZDQxYzE0ODgyYmQxYWNmMWUzZjU4YTJhN2U5ZmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAikQlx4oHxNw04qRplt6qLiurGh6f
OliQF7x6GGrNyRaC/pQXHkIlZlXceD694CWRjrXxCCA/2puubGD0S8DO7OuH6ipX
wq1SaGZ0nPU/dG6HVHcPr5q5h4NA+3KrcASXtd+z5jrY4O5FAuBS69t4IUDsFWMN
zcFUowlGM2/ate+LXcA+N1FUp/B8jN4Uo8u/K0rgAx93/Bt7HJDx89gLh35IrRXD
AM7ShGMlUV2ue4ifzUrvZLMPFC9Rjia9OfaMpTXMBriqbPeJEDIkAYi430+ju6oF
SdqMjMhe95B9AbEec+AIaJIzgczmeL46Yu0bnHhLYvC0Xys63a9K83UBDQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFFn4rGNg1BwUiCvRrPHj9Yoqfp/hMB8GA1UdIwQY
MBaAFNOGCps2WF+4qgUfw3/MagdzmQy/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDRZS216WllYN2lxQlJfRGY4eHFCM09aREw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8wM2M0MzAtZmIwNC00MGVhLTg1ZDEt
YzkyYzYxNjVkZTE4LzEvV2Zpc1kyRFVIQlNJSzlHczhlUDFpaXAtbi1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8wM2M0MzAtZmIwNC00MGVhLTg1ZDEtYzkyYzYxNjVkZTE4
LzEvMDRZS216WllYN2lxQlJfRGY4eHFCM09aREw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAuetQMBgE
AgACMBIDBwIqDU0AAAADBwAqDU0AAIAwDQYJKoZIhvcNAQELBQADggEBAH50mAlj
juPVo01no5wSekvM4UIpDzcniowEsOUOCuBijhgGKMtF7qqXVxPSha7OkShqV/zn
fpgeo58841dVVbTQ5sSXymRq0w181YfzlvTTvtFhZWRgky2YDVy8vYkZq0ZMA2Hj
XcKmxxD13qo7tPwbBO2wk/KcEkpkECuh7FD4RJHFI1lleWmHkdi5JbWr6KpvO9SI
B+pVv/EXEbIzmsx5mTeJN+Fnchh+zQLpiyZDQHrwZ8JcCVsuQwBjX43S412ueFwu
MOW8cJLKmxGgYmfBpyJyhHL2jXatsApPNBUhTw5+Cy13CYHr+PsKw6Qt5Z7FSto4
SUriy/x9WyCfq18=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:00 2023 by rpki-client on console-fra.rpki-client.org