Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/wh5HCThAq03jMn7YXe_qscx_x5k.roa
File: wh5HCThAq03jMn7YXe_qscx_x5k.roa (raw, json)
Hash identifier: lH2nOEUwEWm4rzeq2r04y75A1ubmxWV+ZK1Fge2Gorc=
Subject key identifier: C2:1E:47:09:38:40:AB:4D:E3:32:7E:D8:5D:EF:EA:B1:CC:7F:C7:99
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 132D6A69
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/wh5HCThAq03jMn7YXe_qscx_x5k.roa
Signing time: Sat 01 Jan 2022 04:02:59 +0000
ROA not before: Sat 01 Jan 2022 04:02:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49100
IP address blocks: 188.253.96.0/19 maxlen: 24
185.215.244.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 321743465 (0x132d6a69)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 1 04:02:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c21e47093840ab4de3327ed85defeab1cc7fc799
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ac:b4:85:71:a7:f2:26:a4:37:5a:f4:80:ed:
7d:18:b9:42:cd:b5:9a:d9:5d:55:c7:59:4e:48:ff:
59:62:c1:e9:b4:88:d3:40:12:2e:34:76:47:63:2e:
4d:01:06:8c:de:5a:d6:88:f4:6c:88:0c:75:37:fe:
68:18:d5:38:a2:a8:fd:28:06:7b:3a:48:f1:a9:e7:
d5:81:07:19:3b:a4:7e:0f:69:e8:f3:6a:b3:27:24:
df:3b:7b:5a:0b:dd:2c:3f:ea:b6:5a:89:37:08:1d:
25:14:2a:aa:a7:60:ee:b2:c8:6c:f1:12:2c:25:cf:
e7:54:51:43:db:91:4c:62:fb:c2:b3:3e:ea:96:29:
69:fa:99:be:5d:9a:29:76:8c:88:5b:aa:7c:42:af:
28:79:70:9f:79:3a:8e:89:4a:79:27:d2:ec:cf:ab:
18:66:75:00:5a:dd:7e:c4:d5:38:c3:10:c2:40:38:
ca:16:0f:a1:a2:79:74:c2:d9:90:fd:b4:93:ac:15:
ba:17:0b:19:67:af:42:7c:ed:36:33:3e:f7:7b:9d:
0c:18:56:88:fe:39:d5:fd:90:f9:97:09:c2:94:dc:
7b:87:28:6b:4e:d9:c2:b4:4e:57:bd:ce:16:e4:ba:
e5:d1:3f:c6:18:74:5d:93:9e:a4:b8:df:ff:76:94:
f3:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:1E:47:09:38:40:AB:4D:E3:32:7E:D8:5D:EF:EA:B1:CC:7F:C7:99
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/wh5HCThAq03jMn7YXe_qscx_x5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.215.244.0/24
188.253.96.0/19
Signature Algorithm: sha256WithRSAEncryption
02:98:6f:c7:88:97:57:e7:9b:d4:66:6d:3f:4a:6f:d9:9d:fd:
50:cf:2c:63:01:12:4b:6b:0d:9b:57:dc:4d:cd:18:7d:5b:d6:
99:b2:a4:57:e4:60:f5:54:f5:d4:5b:8d:ab:9f:84:37:2b:09:
08:50:ac:4b:98:a2:02:e8:2c:77:1b:42:45:31:88:69:b8:2e:
67:87:d2:e2:ff:59:0b:49:89:a1:5d:73:4b:57:11:6f:7f:ba:
62:cf:f5:8d:97:bd:38:20:c9:36:ac:9d:b5:89:ff:7a:90:a7:
4f:1b:dd:59:5f:d1:3a:6c:f5:88:5f:d0:32:11:59:7d:b2:67:
54:fb:d8:99:7c:6b:45:b5:0b:d0:13:f5:a1:a7:bd:fa:a1:af:
66:fe:f7:66:77:ae:5d:2d:4f:4b:55:00:54:d4:46:28:23:e8:
ab:ab:da:fa:85:08:d9:d5:97:8b:b0:42:6f:43:80:9c:68:52:
0f:2c:18:27:14:ac:f1:ea:90:1b:f9:a8:a0:f4:15:12:13:f1:
fe:6e:ff:73:c9:29:bd:b7:db:2b:8d:83:49:57:da:9c:f3:9b:
ee:fb:a2:ca:8a:de:cb:13:e0:16:a5:e0:8c:cb:df:ca:fb:2b:
e1:6d:18:0b:e7:ea:3c:e5:ea:95:57:34:02:1f:90:c1:f0:d0:
63:02:5b:31
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEEy1qaTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YWMzZGFhMWIxNDg1MGYyZTYxYzU5MmIyMTkxOTE1YTVlNjVhNDc4MB4XDTIyMDEw
MTA0MDI1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzIxZTQ3MDkzODQw
YWI0ZGUzMzI3ZWQ4NWRlZmVhYjFjYzdmYzc5OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANastIVxp/ImpDda9IDtfRi5Qs21mtldVcdZTkj/WWLB6bSI
00ASLjR2R2MuTQEGjN5a1oj0bIgMdTf+aBjVOKKo/SgGezpI8ann1YEHGTukfg9p
6PNqsyck3zt7WgvdLD/qtlqJNwgdJRQqqqdg7rLIbPESLCXP51RRQ9uRTGL7wrM+
6pYpafqZvl2aKXaMiFuqfEKvKHlwn3k6jolKeSfS7M+rGGZ1AFrdfsTVOMMQwkA4
yhYPoaJ5dMLZkP20k6wVuhcLGWevQnztNjM+93udDBhWiP451f2Q+ZcJwpTce4co
a07ZwrROV73OFuS65dE/xhh0XZOepLjf/3aU850CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTCHkcJOECrTeMyfthd7+qxzH/HmTAfBgNVHSMEGDAWgBQqw9qhsUhQ8uYc
WSshkZFaXmWkeDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tzUGFvYkZJVVBMbUhGa3JJWkdSV2w1bHBIZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvNDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8x
L3doNUhDVGhBcTAzak1uN1lYZV9xc2N4X3g1ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
NDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8xL0tzUGFvYkZJVVBM
bUhGa3JJWkdSV2w1bHBIZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALnX9AMEBbz9YDANBgkqhkiG9w0B
AQsFAAOCAQEAAphvx4iXV+eb1GZtP0pv2Z39UM8sYwESS2sNm1fcTc0YfVvWmbKk
V+Rg9VT11FuNq5+ENysJCFCsS5iiAugsdxtCRTGIabguZ4fS4v9ZC0mJoV1zS1cR
b3+6Ys/1jZe9OCDJNqydtYn/epCnTxvdWV/ROmz1iF/QMhFZfbJnVPvYmXxrRbUL
0BP1oae9+qGvZv73ZneuXS1PS1UAVNRGKCPoq6va+oUI2dWXi7BCb0OAnGhSDywY
JxSs8eqQG/mooPQVEhPx/m7/c8kpvbfbK42DSVfanPOb7vuiyoreyxPgFqXgjMvf
yvsr4W0YC+fqPOXqlVc0Ah+QwfDQYwJbMQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:45 2023 by rpki-client on console-fra.rpki-client.org