Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/wd5Nxx2vtyS-hBnVn6kZ5lfZnzo.roa
File: wd5Nxx2vtyS-hBnVn6kZ5lfZnzo.roa (raw, json)
Hash identifier: fYB+D4PL0ETinLXxzZTgoZeLBSYi4vDITQk4jsgsaus=
Subject key identifier: C1:DE:4D:C7:1D:AF:B7:24:BE:84:19:D5:9F:A9:19:E6:57:D9:9F:3A
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 39DC67AC
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/wd5Nxx2vtyS-hBnVn6kZ5lfZnzo.roa
Signing time: Wed 06 Apr 2022 07:43:32 +0000
ROA not before: Wed 06 Apr 2022 07:43:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44889
IP address blocks: 212.16.64.0/19 maxlen: 24
46.38.140.0/24 maxlen: 24
212.16.72.0/24 maxlen: 25
212.80.0.0/19 maxlen: 24
185.24.148.0/24 maxlen: 24
46.38.129.0/24 maxlen: 24
46.38.131.0/24 maxlen: 24
2a00:7d80::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 970745772 (0x39dc67ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Apr 6 07:43:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c1de4dc71dafb724be8419d59fa919e657d99f3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ba:13:7e:4c:e6:5e:92:ca:4b:e5:d7:ca:7e:
7b:72:e4:f1:a4:c8:5e:40:fd:95:a8:96:92:fa:ef:
b4:6d:c6:05:98:aa:e1:0b:49:b5:df:9f:4d:e6:3d:
94:f7:7a:fe:e6:ba:ac:06:8b:86:b4:e5:4e:f8:09:
20:92:58:18:50:1a:36:23:9d:94:49:e1:41:ec:b9:
ba:3d:b2:14:e6:75:53:ad:fd:18:3c:3c:f1:e4:53:
d9:f9:2f:dc:2f:99:d6:d6:e1:7d:7a:c4:34:a4:06:
ec:26:0c:54:dc:9e:f8:01:99:da:9e:ab:ec:60:7b:
07:ed:ee:d3:b4:f4:e4:c0:d0:b9:78:8f:87:74:86:
c5:88:f6:f1:af:92:f1:53:6f:25:4b:47:e7:16:7e:
7b:41:80:8f:ab:6d:85:ff:e0:21:d3:8c:05:d6:e5:
de:12:6e:85:1a:26:1e:73:85:c8:67:17:09:50:b5:
0c:93:64:e0:33:7d:bb:9e:a0:1c:6c:d7:de:ac:5a:
00:18:a7:96:e3:db:c2:bc:19:af:4b:f2:a3:b4:2b:
50:c2:63:db:55:f3:d8:ab:10:c4:1b:42:68:c3:7f:
2e:44:48:1c:7a:66:c4:ed:27:fb:cf:59:58:44:4e:
f4:94:14:dd:1d:25:3c:9c:ab:35:e8:8c:82:f4:79:
45:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:DE:4D:C7:1D:AF:B7:24:BE:84:19:D5:9F:A9:19:E6:57:D9:9F:3A
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/wd5Nxx2vtyS-hBnVn6kZ5lfZnzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.129.0/24
46.38.131.0/24
46.38.140.0/24
185.24.148.0/24
212.16.64.0/19
212.80.0.0/19
IPv6:
2a00:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
24:f4:88:34:4a:ab:be:d8:09:1e:4d:4e:86:48:82:61:46:75:
12:76:84:d4:8c:df:44:67:1a:2b:74:ba:19:ff:8d:bf:3d:a0:
9d:7a:4a:30:32:30:d0:cc:e0:c5:c1:49:bc:f3:3f:8b:56:21:
3d:57:51:cb:04:a2:d4:c7:92:68:8b:23:a4:74:f9:2f:d4:54:
53:59:87:21:95:b0:01:aa:07:56:18:f7:70:51:b5:e7:7e:36:
59:f3:34:60:3b:28:ee:64:4c:1f:9b:ca:93:3a:18:a9:d4:63:
8b:7f:f7:2e:62:bc:c0:31:c7:5b:e6:d9:08:50:3d:8f:5c:79:
38:3c:df:b9:09:35:fa:13:7e:4c:29:f1:07:a7:22:7b:8d:34:
0d:64:05:7d:69:9d:3f:c6:a2:34:88:b8:b6:a9:79:f2:7d:43:
5e:12:7d:64:91:44:71:9a:06:55:60:09:43:dc:63:a6:53:7d:
d3:c9:66:be:1d:b5:f1:5b:5b:a1:4b:05:5c:ca:f1:a3:df:3c:
fa:0b:0d:1a:f7:4a:1c:03:30:0c:60:2c:0f:b2:1f:62:5b:5f:
2b:59:ea:14:cc:06:87:a2:61:7f:8c:2a:e8:65:6b:14:71:95:
fb:43:08:55:6e:71:c5:47:e7:ef:8e:4c:30:52:ff:f1:fc:e1:
75:20:3d:f8
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEOdxnrDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NzI5NDVmNTcxMDMxNTNhMDc4NTRlNzRlMjI3ZjJhZWMxYzVmNDMwMB4XDTIyMDQw
NjA3NDMzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzFkZTRkYzcxZGFm
YjcyNGJlODQxOWQ1OWZhOTE5ZTY1N2Q5OWYzYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALm6E35M5l6Sykvl18p+e3Lk8aTIXkD9laiWkvrvtG3GBZiq
4QtJtd+fTeY9lPd6/ua6rAaLhrTlTvgJIJJYGFAaNiOdlEnhQey5uj2yFOZ1U639
GDw88eRT2fkv3C+Z1tbhfXrENKQG7CYMVNye+AGZ2p6r7GB7B+3u07T05MDQuXiP
h3SGxYj28a+S8VNvJUtH5xZ+e0GAj6tthf/gIdOMBdbl3hJuhRomHnOFyGcXCVC1
DJNk4DN9u56gHGzX3qxaABinluPbwrwZr0vyo7QrUMJj21Xz2KsQxBtCaMN/LkRI
HHpmxO0n+89ZWERO9JQU3R0lPJyrNeiMgvR5RTkCAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBTB3k3HHa+3JL6EGdWfqRnmV9mfOjAfBgNVHSMEGDAWgBS3KUX1cQMVOgeF
TnTiJ/KuwcX0MDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3R5bEY5WEVERlRvSGhVNTA0aWZ5cnNIRjlEQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjEvNWY2OTA2LTNmYjAtNGRmZi04ZDAxLTJhMDljYzUzYTgwNS8x
L3dkNU54eDJ2dHlTLWhCblZuNmtaNWxmWm56by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjEv
NWY2OTA2LTNmYjAtNGRmZi04ZDAxLTJhMDljYzUzYTgwNS8xL3R5bEY5WEVERlRv
SGhVNTA0aWZ5cnNIRjlEQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAC4mgQMEAC4mgwMEAC4mjAMEALkY
lAMEBdQQQAMEBdRQADANBAIAAjAHAwUDKgB9gDANBgkqhkiG9w0BAQsFAAOCAQEA
JPSINEqrvtgJHk1OhkiCYUZ1EnaE1IzfRGcaK3S6Gf+Nvz2gnXpKMDIw0MzgxcFJ
vPM/i1YhPVdRywSi1MeSaIsjpHT5L9RUU1mHIZWwAaoHVhj3cFG15342WfM0YDso
7mRMH5vKkzoYqdRji3/3LmK8wDHHW+bZCFA9j1x5ODzfuQk1+hN+TCnxB6cie400
DWQFfWmdP8aiNIi4tql58n1DXhJ9ZJFEcZoGVWAJQ9xjplN908lmvh218VtboUsF
XMrxo988+gsNGvdKHAMwDGAsD7IfYltfK1nqFMwGh6Jhf4wq6GVrFHGV+0MIVW5x
xUfn745MMFL/8fzhdSA9+A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:56:58 2023 by rpki-client on console-fra.rpki-client.org