Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/WyVwGQ9j4m5SemyzMD6d8sdQnbc.roa
File: WyVwGQ9j4m5SemyzMD6d8sdQnbc.roa (raw, json)
Hash identifier: LTe4y+uBS1o4HIH6hYba8asO9scUoR4mIjDh09ljnS8=
Subject key identifier: 5B:25:70:19:0F:63:E2:6E:52:7A:6C:B3:30:3E:9D:F2:C7:50:9D:B7
Certificate issuer: /CN=b409168fdb52e9b7d1a7a5e8f518edfbc2c3f9af
Certificate serial: 01853E242864A74F82AC8A952F954AD86DA7
Authority key identifier: B4:09:16:8F:DB:52:E9:B7:D1:A7:A5:E8:F5:18:ED:FB:C2:C3:F9:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/WyVwGQ9j4m5SemyzMD6d8sdQnbc.roa
Signing time: Fri 23 Dec 2022 08:40:34 +0000
ROA not before: Fri 23 Dec 2022 08:40:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41421
IP address blocks: 91.132.112.0/23 maxlen: 23
185.194.212.0/22 maxlen: 24
188.65.40.0/21 maxlen: 21
37.157.200.0/21 maxlen: 21
193.91.4.0/24 maxlen: 24
193.91.12.0/23 maxlen: 23
31.214.137.0/24 maxlen: 24
89.250.192.0/20 maxlen: 20
31.214.138.0/24 maxlen: 24
194.5.180.0/24 maxlen: 24
31.214.140.0/24 maxlen: 24
31.214.145.0/24 maxlen: 24
185.53.132.0/22 maxlen: 24
159.253.240.0/21 maxlen: 21
185.128.156.0/22 maxlen: 22
2a02:4c80::/32 maxlen: 32
2a01:b8e0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3e:24:28:64:a7:4f:82:ac:8a:95:2f:95:4a:d8:6d:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b409168fdb52e9b7d1a7a5e8f518edfbc2c3f9af
Validity
Not Before: Dec 23 08:40:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5b2570190f63e26e527a6cb3303e9df2c7509db7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c6:63:9f:b8:54:3f:12:2d:86:30:5a:fd:12:
aa:7e:84:bf:92:dc:a9:0a:5f:89:97:dd:2f:58:cc:
f6:37:23:d5:6d:54:2b:1d:36:cb:ac:78:36:16:18:
8d:08:b0:1f:10:44:6c:6a:fc:df:08:92:b1:5a:f6:
f8:90:72:cb:0a:bf:f8:ce:ac:04:21:66:7d:6b:62:
cb:20:ee:a5:fd:7e:d0:ab:6d:47:11:16:f6:21:7c:
f2:15:28:4b:26:be:67:35:d7:5f:b2:bf:ae:75:03:
d3:b6:84:24:bc:f3:6f:cc:fe:ca:bb:80:c2:8c:4b:
d8:be:be:18:b2:41:71:d2:70:b9:b3:db:f8:87:14:
99:e8:1a:6a:d2:a1:0b:fe:dd:53:8a:f4:54:10:21:
83:08:a8:ac:13:c8:15:0d:ae:87:cf:10:4c:65:06:
87:64:09:96:f1:e1:25:09:bb:02:32:e9:50:46:f4:
af:89:46:8b:5d:f8:41:8e:24:27:6f:01:e9:ca:b0:
24:3b:67:bc:c7:ed:0f:d6:59:dc:31:4c:94:12:7e:
fa:19:67:9f:10:01:e2:cf:42:04:4e:41:7e:19:74:
61:ba:21:4e:32:ae:71:1b:0f:de:7b:3c:9f:06:26:
21:b8:89:b4:d7:8c:4a:31:35:ca:37:86:c9:e8:2f:
ce:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:25:70:19:0F:63:E2:6E:52:7A:6C:B3:30:3E:9D:F2:C7:50:9D:B7
X509v3 Authority Key Identifier:
keyid:B4:09:16:8F:DB:52:E9:B7:D1:A7:A5:E8:F5:18:ED:FB:C2:C3:F9:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/WyVwGQ9j4m5SemyzMD6d8sdQnbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.137.0-31.214.138.255
31.214.140.0/24
31.214.145.0/24
37.157.200.0/21
89.250.192.0/20
91.132.112.0/23
159.253.240.0/21
185.53.132.0/22
185.128.156.0/22
185.194.212.0/22
188.65.40.0/21
193.91.4.0/24
193.91.12.0/23
194.5.180.0/24
IPv6:
2a01:b8e0::/32
2a02:4c80::/32
Signature Algorithm: sha256WithRSAEncryption
4b:ce:8e:69:bc:67:f2:12:c6:2b:4b:53:25:8c:18:1a:6b:6a:
94:60:df:95:67:27:a7:1f:42:ef:bb:91:07:19:d5:15:3a:b7:
8f:25:05:77:93:01:4e:48:3a:a3:d8:c0:07:17:14:61:3b:30:
76:82:05:62:d9:ee:aa:f0:34:b3:ff:52:bd:f3:49:5e:32:b6:
82:a3:a7:a7:c0:67:80:26:c2:55:28:b7:16:4c:90:d4:bb:96:
b2:15:b9:f2:45:92:40:4b:9f:6f:d7:73:6f:18:a7:e7:73:d8:
a3:67:9d:60:24:d1:28:14:77:20:e9:11:76:12:29:e3:ee:0f:
20:67:36:ff:ae:54:b2:46:51:20:8a:5e:cc:2c:4c:23:ff:8a:
cf:62:4c:c6:70:f4:d6:2f:21:47:56:cc:73:03:f6:3a:66:10:
1f:b5:47:35:93:21:2c:91:5b:81:de:3d:b0:18:97:0e:2e:5d:
25:f0:7f:78:5e:75:ff:b2:0c:ec:9c:28:23:28:8b:33:6c:09:
1e:01:83:fa:30:45:1b:cc:ba:01:44:9c:ec:a4:a9:47:ab:b3:
a5:57:09:0d:1a:07:ea:01:f7:ed:21:f7:9e:bd:68:c2:3f:a1:
1f:8f:d8:7f:83:bc:71:8d:67:4d:3d:be:6c:c2:d9:5e:12:f5:
72:3f:ff:06
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAYU+JChkp0+CrIqVL5VK2G2nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MDkxNjhmZGI1MmU5YjdkMWE3YTVlOGY1MThlZGZiYzJj
M2Y5YWYwHhcNMjIxMjIzMDg0MDM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjI1NzAxOTBmNjNlMjZlNTI3YTZjYjMzMDNlOWRmMmM3NTA5ZGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8Zjn7hUPxIthjBa/RKqfoS/ktyp
Cl+Jl90vWMz2NyPVbVQrHTbLrHg2FhiNCLAfEERsavzfCJKxWvb4kHLLCr/4zqwE
IWZ9a2LLIO6l/X7Qq21HERb2IXzyFShLJr5nNddfsr+udQPTtoQkvPNvzP7Ku4DC
jEvYvr4YskFx0nC5s9v4hxSZ6Bpq0qEL/t1TivRUECGDCKisE8gVDa6HzxBMZQaH
ZAmW8eElCbsCMulQRvSviUaLXfhBjiQnbwHpyrAkO2e8x+0P1lncMUyUEn76GWef
EAHiz0IETkF+GXRhuiFOMq5xGw/eezyfBiYhuIm014xKMTXKN4bJ6C/O7wIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFFslcBkPY+JuUnpsszA+nfLHUJ23MB8GA1UdIwQY
MBaAFLQJFo/bUum30ael6PUY7fvCw/mvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEFrV2o5dFM2YmZScDZYbzlSanQtOExELWE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8zNmJhOWQtMzNhZi00Y2YzLWEyN2Qt
ZmE3MThhYzlkNzU4LzEvV3lWd0dROWo0bTVTZW15ek1ENmQ4c2RRbmJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8zNmJhOWQtMzNhZi00Y2YzLWEyN2QtZmE3MThhYzlkNzU4
LzEvdEFrV2o5dFM2YmZScDZYbzlSanQtOExELWE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHowYgQCAAEwXDAMAwQAH9aJ
AwQAH9aKAwQAH9aMAwQAH9aRAwQDJZ3IAwQEWfrAAwQBW4RwAwQDn/3wAwQCuTWE
AwQCuYCcAwQCucLUAwQDvEEoAwQAwVsEAwQBwVsMAwQAwgW0MBQEAgACMA4DBQAq
AbjgAwUAKgJMgDANBgkqhkiG9w0BAQsFAAOCAQEAS86Oabxn8hLGK0tTJYwYGmtq
lGDflWcnpx9C77uRBxnVFTq3jyUFd5MBTkg6o9jABxcUYTswdoIFYtnuqvA0s/9S
vfNJXjK2gqOnp8BngCbCVSi3FkyQ1LuWshW58kWSQEufb9dzbxin53PYo2edYCTR
KBR3IOkRdhIp4+4PIGc2/65UskZRIIpezCxMI/+Kz2JMxnD01i8hR1bMcwP2OmYQ
H7VHNZMhLJFbgd49sBiXDi5dJfB/eF51/7IM7JwoIyiLM2wJHgGD+jBFG8y6AUSc
7KSpR6uzpVcJDRoH6gH37SH3nr1owj+hH4/Yf4O8cY1nTT2+bMLZXhL1cj//Bg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:14 2024 by rpki-client on console-fra.rpki-client.org