Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/8eff42-5b55-4e6f-8222-a52a8795d956/1/W6r9llgzKQVq1Hw3GkFBIdlOJak.roa
File: W6r9llgzKQVq1Hw3GkFBIdlOJak.roa (raw, json)
Hash identifier: QwRfLoU4AkMsEVDsP4reB1qVWoEdItsoHo04MUDhLDY=
Subject key identifier: 5B:AA:FD:96:58:33:29:05:6A:D4:7C:37:1A:41:41:21:D9:4E:25:A9
Certificate issuer: /CN=5bee051a93901ecc01744079aa4ac2fb077b9fc1
Certificate serial: 04319D13
Authority key identifier: 5B:EE:05:1A:93:90:1E:CC:01:74:40:79:AA:4A:C2:FB:07:7B:9F:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W-4FGpOQHswBdEB5qkrC-wd7n8E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/8eff42-5b55-4e6f-8222-a52a8795d956/1/W6r9llgzKQVq1Hw3GkFBIdlOJak.roa
Signing time: Sat 01 Jan 2022 16:06:07 +0000
ROA not before: Sat 01 Jan 2022 16:06:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49558
IP address blocks: 195.20.137.0/24 maxlen: 24
194.4.164.0/22 maxlen: 22
91.228.64.0/22 maxlen: 22
45.128.224.0/22 maxlen: 22
91.213.39.0/24 maxlen: 24
2a0d:8540::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70360339 (0x4319d13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bee051a93901ecc01744079aa4ac2fb077b9fc1
Validity
Not Before: Jan 1 16:06:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5baafd96583329056ad47c371a414121d94e25a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:95:52:a8:f9:47:43:6c:3d:80:14:7d:13:11:
cf:39:c6:0a:35:5b:ec:11:c7:fb:fd:a0:0e:6c:e1:
97:58:6e:c8:11:8d:32:ea:0b:66:4f:74:d6:cd:56:
24:ea:b9:48:44:1b:d0:1f:39:aa:1f:65:43:83:dc:
ca:90:67:ad:9b:31:2c:f1:f9:86:08:cb:2b:0e:83:
fd:66:e4:df:73:06:18:04:75:99:d5:4d:a9:f8:73:
e0:a0:61:7e:78:c9:68:db:0a:df:8f:c9:4e:57:5b:
24:b2:aa:75:5f:1e:e8:2f:89:6b:85:fa:40:42:7a:
61:b2:a0:53:22:d2:cb:a4:ad:cf:aa:e3:2e:05:a2:
f3:0b:0f:e4:90:aa:4f:be:bb:5c:e6:1d:9b:62:1e:
ca:b1:4f:74:94:c3:4a:ec:d8:44:3e:e5:46:dc:b4:
22:5c:b2:e5:fb:74:33:82:16:e3:f2:43:ae:e8:73:
30:35:7a:44:d5:79:d1:83:c3:50:d0:9a:6b:7f:0f:
28:6c:60:53:46:82:d4:59:61:6c:e4:36:7c:85:27:
6e:57:7b:1a:25:26:61:6f:a8:08:93:82:57:6e:a6:
7b:c2:22:55:54:34:3c:32:72:16:7d:8c:79:dc:24:
ce:03:b5:22:a4:e2:92:b4:8b:29:c9:80:81:5e:51:
22:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:AA:FD:96:58:33:29:05:6A:D4:7C:37:1A:41:41:21:D9:4E:25:A9
X509v3 Authority Key Identifier:
keyid:5B:EE:05:1A:93:90:1E:CC:01:74:40:79:AA:4A:C2:FB:07:7B:9F:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W-4FGpOQHswBdEB5qkrC-wd7n8E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/8eff42-5b55-4e6f-8222-a52a8795d956/1/W6r9llgzKQVq1Hw3GkFBIdlOJak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/8eff42-5b55-4e6f-8222-a52a8795d956/1/W-4FGpOQHswBdEB5qkrC-wd7n8E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.224.0/22
91.213.39.0/24
91.228.64.0/22
194.4.164.0/22
195.20.137.0/24
IPv6:
2a0d:8540::/29
Signature Algorithm: sha256WithRSAEncryption
4a:c0:4a:8a:51:f2:1c:67:f7:c2:f2:85:66:73:f9:d2:d1:c0:
4a:08:29:b6:ff:37:25:f1:85:6a:ca:84:4f:21:d2:a3:b1:e3:
64:de:af:2c:b7:43:37:46:ad:b5:b5:54:d2:11:bb:af:3f:7e:
55:7e:a0:27:52:cb:e1:e0:23:f5:4e:7d:0a:b2:d5:c0:2e:13:
a8:23:92:11:ea:57:49:7c:1b:97:ed:c8:48:19:4e:65:f5:d8:
d6:92:d2:88:57:7b:f1:5b:92:19:d1:56:f9:d7:2a:a0:69:99:
79:10:60:c7:49:d3:b3:fd:45:ec:a6:88:39:c8:0d:20:ab:65:
48:64:88:92:3b:4e:53:a9:e4:fb:f4:78:80:e6:76:1a:b8:5c:
60:b7:e5:1f:e4:f4:16:07:2e:72:6f:1a:4e:4e:c3:ee:95:de:
84:fe:c9:bb:60:55:97:8d:f2:ea:ec:9e:e8:e6:26:8e:85:6c:
ca:b5:e8:5d:bd:08:f6:f8:a6:d2:51:39:1c:72:28:fb:34:d9:
38:87:bb:b7:fa:0f:a9:b1:38:0d:e1:30:f2:63:4e:24:a6:2e:
2c:07:97:6c:8d:a2:69:b7:ea:91:bc:d5:a5:c0:32:1f:f6:bd:
61:1a:8d:1e:66:e7:22:0e:11:e1:e9:92:89:59:cb:4f:5a:61:
d0:fe:56:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEBDGdEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YmVlMDUxYTkzOTAxZWNjMDE3NDQwNzlhYTRhYzJmYjA3N2I5ZmMxMB4XDTIyMDEw
MTE2MDYwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWJhYWZkOTY1ODMz
MjkwNTZhZDQ3YzM3MWE0MTQxMjFkOTRlMjVhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMyVUqj5R0NsPYAUfRMRzznGCjVb7BHH+/2gDmzhl1huyBGN
MuoLZk901s1WJOq5SEQb0B85qh9lQ4PcypBnrZsxLPH5hgjLKw6D/Wbk33MGGAR1
mdVNqfhz4KBhfnjJaNsK34/JTldbJLKqdV8e6C+Ja4X6QEJ6YbKgUyLSy6Stz6rj
LgWi8wsP5JCqT767XOYdm2IeyrFPdJTDSuzYRD7lRty0Ilyy5ft0M4IW4/JDruhz
MDV6RNV50YPDUNCaa38PKGxgU0aC1FlhbOQ2fIUnbld7GiUmYW+oCJOCV26me8Ii
VVQ0PDJyFn2MedwkzgO1IqTikrSLKcmAgV5RIs0CAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBRbqv2WWDMpBWrUfDcaQUEh2U4lqTAfBgNVHSMEGDAWgBRb7gUak5AezAF0
QHmqSsL7B3ufwTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ctNEZHcE9RSHN3QmRFQjVxa3JDLXdkN244RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjYvOGVmZjQyLTViNTUtNGU2Zi04MjIyLWE1MmE4Nzk1ZDk1Ni8x
L1c2cjlsbGd6S1FWcTFIdzNHa0ZCSWRsT0phay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYv
OGVmZjQyLTViNTUtNGU2Zi04MjIyLWE1MmE4Nzk1ZDk1Ni8xL1ctNEZHcE9RSHN3
QmRFQjVxa3JDLXdkN244RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAi2A4AMEAFvVJwMEAlvkQAMEAsIE
pAMEAMMUiTANBAIAAjAHAwUDKg2FQDANBgkqhkiG9w0BAQsFAAOCAQEASsBKilHy
HGf3wvKFZnP50tHASggptv83JfGFasqETyHSo7HjZN6vLLdDN0attbVU0hG7rz9+
VX6gJ1LL4eAj9U59CrLVwC4TqCOSEepXSXwbl+3ISBlOZfXY1pLSiFd78VuSGdFW
+dcqoGmZeRBgx0nTs/1F7KaIOcgNIKtlSGSIkjtOU6nk+/R4gOZ2GrhcYLflH+T0
Fgcucm8aTk7D7pXehP7Ju2BVl43y6uye6OYmjoVsyrXoXb0I9vim0lE5HHIo+zTZ
OIe7t/oPqbE4DeEw8mNOJKYuLAeXbI2iabfqkbzVpcAyH/a9YRqNHmbnIg4R4emS
iVnLT1ph0P5WqA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:56 2023 by rpki-client on console-ams.rpki-client.org