Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/03c430-fb04-40ea-85d1-c92c6165de18/1/woONh_4aTYDXhMo0aqeNpB7j18s.roa
File: woONh_4aTYDXhMo0aqeNpB7j18s.roa (raw, json)
Hash identifier: vSMqpfRuellbmwu7She3XdahjNmHVcpW1h6nOCF/I7w=
Subject key identifier: C2:83:8D:87:FE:1A:4D:80:D7:84:CA:34:6A:A7:8D:A4:1E:E3:D7:CB
Certificate issuer: /CN=d3860a9b36585fb8aa051fc37fcc6a0773990cbf
Certificate serial: 0183B6B5A74520C8FB6F261C9F74621CA0B6
Authority key identifier: D3:86:0A:9B:36:58:5F:B8:AA:05:1F:C3:7F:CC:6A:07:73:99:0C:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/04YKmzZYX7iqBR_Df8xqB3OZDL8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/03c430-fb04-40ea-85d1-c92c6165de18/1/woONh_4aTYDXhMo0aqeNpB7j18s.roa
Signing time: Sat 08 Oct 2022 08:28:21 +0000
ROA not before: Sat 08 Oct 2022 08:28:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62303
IP address blocks: 185.235.81.0/24 maxlen: 24
185.235.82.0/24 maxlen: 24
2a0d:4d00:81::/48 maxlen: 48
2a0d:4d00:82::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b6:b5:a7:45:20:c8:fb:6f:26:1c:9f:74:62:1c:a0:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3860a9b36585fb8aa051fc37fcc6a0773990cbf
Validity
Not Before: Oct 8 08:28:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c2838d87fe1a4d80d784ca346aa78da41ee3d7cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:67:f9:6c:da:53:23:cc:b9:24:07:f7:bc:9b:
47:7d:f9:a7:ea:b8:a6:f0:e5:f9:dc:5a:8b:4f:bf:
f5:52:28:59:ad:0d:e3:5c:eb:fa:8b:2a:2a:7b:40:
72:c0:ac:32:b3:69:ab:35:79:15:22:0d:04:c2:8a:
5f:fe:9f:b4:b1:55:83:a9:fe:17:80:1f:d7:8a:5c:
80:11:e0:82:2d:bc:b5:e0:c7:8e:5e:56:a3:ae:f0:
6b:c3:0d:bf:ac:46:4f:34:95:83:eb:b4:fb:1f:2f:
b5:e8:d4:dd:c3:36:97:fd:fe:03:d1:45:64:3d:0d:
c9:86:53:1b:76:22:cc:cc:b6:cb:b1:31:08:35:7e:
d2:3b:48:7e:44:1a:eb:29:cf:f4:4f:05:17:1e:56:
c8:bb:78:93:e1:24:a9:90:40:df:ae:59:fa:12:e2:
e0:f1:35:85:1b:ce:8a:39:3e:4e:b7:bf:e9:e6:3a:
7f:c5:e8:c1:21:72:ba:df:c6:8f:11:bc:bb:6b:a0:
b6:9a:c3:50:92:0e:ef:63:c9:3c:05:df:0f:ab:51:
0e:e9:52:e0:86:22:ce:96:6c:20:c7:21:0a:84:90:
64:de:a9:62:ef:0e:e8:17:42:87:37:ca:c5:01:d9:
c0:f6:54:1f:31:01:f2:09:ff:63:7d:ea:57:81:58:
e4:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:83:8D:87:FE:1A:4D:80:D7:84:CA:34:6A:A7:8D:A4:1E:E3:D7:CB
X509v3 Authority Key Identifier:
keyid:D3:86:0A:9B:36:58:5F:B8:AA:05:1F:C3:7F:CC:6A:07:73:99:0C:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/04YKmzZYX7iqBR_Df8xqB3OZDL8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/03c430-fb04-40ea-85d1-c92c6165de18/1/woONh_4aTYDXhMo0aqeNpB7j18s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/03c430-fb04-40ea-85d1-c92c6165de18/1/04YKmzZYX7iqBR_Df8xqB3OZDL8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.81.0-185.235.82.255
IPv6:
2a0d:4d00:81::-2a0d:4d00:82:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1c:fc:5d:16:18:d2:33:e3:db:b6:4a:ea:e2:b6:43:dc:79:28:
34:71:9d:c2:bf:4b:89:d0:a4:e7:64:81:bc:98:44:03:28:f0:
12:c2:f8:7e:6d:b8:58:bc:6e:ff:66:81:b5:a7:8e:d6:d7:65:
09:32:5b:8f:af:7b:be:da:1d:4d:a0:bb:26:20:11:21:bb:c2:
ad:cc:5d:0d:3c:69:bd:ae:b6:8b:34:52:25:88:de:f3:25:c4:
ed:1e:05:50:c3:6a:68:45:3d:40:c8:38:08:29:d1:2a:12:c7:
ed:75:13:c6:c1:ec:24:41:ea:8c:a3:0f:1a:06:d8:a9:56:15:
b5:79:71:be:5f:66:e8:e1:a0:24:1a:93:d0:15:f4:69:e1:18:
54:96:39:87:56:9a:e7:9c:89:bc:65:e3:8c:a4:e3:7e:39:a5:
55:24:73:6e:ef:84:e8:4c:ef:b3:4a:76:14:9e:fa:d4:7d:00:
7a:e2:f1:e8:bb:e7:3b:c5:98:f8:83:5d:5f:25:df:03:35:0d:
5c:50:6a:64:5f:aa:d4:56:3f:f9:ee:3d:f9:43:fd:25:08:3b:
cf:58:d1:4a:6c:24:87:19:b4:2d:a1:d9:0c:73:b7:ae:dd:e6:
dd:52:b2:bf:a5:44:4f:30:ce:44:e2:1a:ce:e6:bb:5b:bd:ae:
25:02:05:08
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYO2tadFIMj7byYcn3RiHKC2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzODYwYTliMzY1ODVmYjhhYTA1MWZjMzdmY2M2YTA3NzM5
OTBjYmYwHhcNMjIxMDA4MDgyODIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjgzOGQ4N2ZlMWE0ZDgwZDc4NGNhMzQ2YWE3OGRhNDFlZTNkN2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Gf5bNpTI8y5JAf3vJtHffmn6rim
8OX53FqLT7/1UihZrQ3jXOv6iyoqe0BywKwys2mrNXkVIg0Ewopf/p+0sVWDqf4X
gB/XilyAEeCCLby14MeOXlajrvBrww2/rEZPNJWD67T7Hy+16NTdwzaX/f4D0UVk
PQ3JhlMbdiLMzLbLsTEINX7SO0h+RBrrKc/0TwUXHlbIu3iT4SSpkEDfrln6EuLg
8TWFG86KOT5Ot7/p5jp/xejBIXK638aPEby7a6C2msNQkg7vY8k8Bd8Pq1EO6VLg
hiLOlmwgxyEKhJBk3qli7w7oF0KHN8rFAdnA9lQfMQHyCf9jfepXgVjkYwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMKDjYf+Gk2A14TKNGqnjaQe49fLMB8GA1UdIwQY
MBaAFNOGCps2WF+4qgUfw3/MagdzmQy/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDRZS216WllYN2lxQlJfRGY4eHFCM09aREw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8wM2M0MzAtZmIwNC00MGVhLTg1ZDEt
YzkyYzYxNjVkZTE4LzEvd29PTmhfNGFUWURYaE1vMGFxZU5wQjdqMThzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8wM2M0MzAtZmIwNC00MGVhLTg1ZDEtYzkyYzYxNjVkZTE4
LzEvMDRZS216WllYN2lxQlJfRGY4eHFCM09aREw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAUBAIAATAOMAwDBAC561ED
BAC561IwGgQCAAIwFDASAwcAKg1NAACBAwcAKg1NAACCMA0GCSqGSIb3DQEBCwUA
A4IBAQAc/F0WGNIz49u2SuritkPceSg0cZ3Cv0uJ0KTnZIG8mEQDKPASwvh+bbhY
vG7/ZoG1p47W12UJMluPr3u+2h1NoLsmIBEhu8KtzF0NPGm9rraLNFIliN7zJcTt
HgVQw2poRT1AyDgIKdEqEsftdRPGwewkQeqMow8aBtipVhW1eXG+X2bo4aAkGpPQ
FfRp4RhUljmHVprnnIm8ZeOMpON+OaVVJHNu74ToTO+zSnYUnvrUfQB64vHou+c7
xZj4g11fJd8DNQ1cUGpkX6rUVj/57j35Q/0lCDvPWNFKbCSHGbQtodkMc7eu3ebd
UrK/pURPMM5E4hrO5rtbva4lAgUI
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:42 2023 by rpki-client on console-ams.rpki-client.org