Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/wtU8KHJzkGAIGqi5AASI7Ucnzuw.roa
File: wtU8KHJzkGAIGqi5AASI7Ucnzuw.roa (raw, json)
Hash identifier: sNM+xl4JKw9HfKhfwC9b7XOSzPqD0EOcLnUaoBaQm+I=
Subject key identifier: C2:D5:3C:28:72:73:90:60:08:1A:A8:B9:00:04:88:ED:47:27:CE:EC
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 14BE485F
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/wtU8KHJzkGAIGqi5AASI7Ucnzuw.roa
Signing time: Thu 28 Apr 2022 04:13:12 +0000
ROA not before: Thu 28 Apr 2022 04:13:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48024
IP address blocks: 178.173.224.0/19 maxlen: 24
91.132.57.0/24 maxlen: 24
213.173.32.0/22 maxlen: 22
213.173.32.0/24 maxlen: 24
213.173.34.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 348014687 (0x14be485f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Apr 28 04:13:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c2d53c2872739060081aa8b9000488ed4727ceec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a7:37:51:4a:99:9d:4e:58:0a:79:9b:5d:4d:
bf:4c:f0:b1:fa:69:cb:80:6c:5a:76:82:05:96:74:
4c:b2:c5:69:82:d2:c1:bf:2b:83:f3:75:7f:0b:97:
f9:cd:21:d3:38:c4:13:59:f6:60:79:77:99:06:3b:
df:ff:20:6a:c2:6c:54:a6:30:c8:42:34:b1:57:2d:
4e:cc:1f:b5:d2:00:26:ee:c9:e0:eb:d8:34:64:58:
35:a7:36:d3:12:d8:0f:c5:09:36:91:66:33:5f:01:
b0:7c:3a:bf:2e:52:2c:30:ad:0a:f5:7e:9a:75:7a:
3c:ae:88:c6:01:4e:20:ca:f9:06:b4:57:b1:1f:2c:
70:3d:b0:1e:84:80:d5:81:51:b4:07:77:3c:2f:46:
9d:2c:7e:a8:08:21:8a:c3:6a:ac:d1:66:7a:06:36:
06:99:19:cd:55:d9:ab:ec:17:4a:24:2b:90:e6:53:
a9:1e:80:38:21:ab:1a:28:30:fa:54:35:12:ae:de:
93:73:7a:22:86:8e:73:3f:ba:1a:00:65:3f:08:c2:
c3:d2:81:9e:4e:cb:6b:49:b9:97:56:31:f2:e1:43:
9c:5e:fa:96:bc:42:6a:dd:ed:24:76:79:3f:4b:59:
eb:30:69:db:79:e8:35:cf:75:18:63:ff:b8:7e:b0:
e0:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:D5:3C:28:72:73:90:60:08:1A:A8:B9:00:04:88:ED:47:27:CE:EC
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/wtU8KHJzkGAIGqi5AASI7Ucnzuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.57.0/24
178.173.224.0/19
213.173.32.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:e9:c4:99:ba:38:34:14:cd:10:38:dc:47:3e:74:68:d4:dd:
d3:30:3a:0b:4e:c8:04:f9:74:54:cc:9e:ac:25:a9:f5:c2:52:
f9:58:6e:68:6d:cb:ac:23:df:ae:88:48:07:32:96:fe:58:23:
03:42:07:30:63:14:f0:a9:14:66:8c:94:57:80:cb:2a:54:88:
2d:76:e6:34:b5:23:b2:66:05:21:b6:b1:36:87:76:3c:d7:61:
e5:90:4e:14:c8:5c:70:44:a7:2b:27:1d:3f:12:69:1b:7e:ae:
eb:76:07:ee:ea:ce:53:69:9d:e5:d1:84:12:33:d2:9c:c6:da:
9a:e7:d4:e9:ce:68:8f:21:5d:d9:98:8c:e1:d1:b5:99:80:77:
cc:68:0d:cb:8f:99:6e:2c:95:80:30:bf:a1:93:96:d7:07:26:
a2:06:f6:34:17:a9:68:ce:03:23:1e:99:51:1b:f4:a8:eb:0b:
29:2b:dc:80:51:bb:e8:66:e5:80:26:68:d3:52:d7:5d:8d:87:
2a:20:d8:f0:41:a5:44:0e:d0:3a:49:c5:3e:a8:ad:61:01:0f:
e1:fe:e9:2c:88:8d:bb:d2:15:3e:b7:9e:68:ec:ef:43:7b:b8:
30:50:2b:80:7f:50:c5:f3:6c:16:92:06:e5:92:4f:d8:3a:fe:
04:a8:49:e9
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEFL5IXzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YWMzZGFhMWIxNDg1MGYyZTYxYzU5MmIyMTkxOTE1YTVlNjVhNDc4MB4XDTIyMDQy
ODA0MTMxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzJkNTNjMjg3Mjcz
OTA2MDA4MWFhOGI5MDAwNDg4ZWQ0NzI3Y2VlYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALKnN1FKmZ1OWAp5m11Nv0zwsfppy4BsWnaCBZZ0TLLFaYLS
wb8rg/N1fwuX+c0h0zjEE1n2YHl3mQY73/8gasJsVKYwyEI0sVctTswftdIAJu7J
4OvYNGRYNac20xLYD8UJNpFmM18BsHw6vy5SLDCtCvV+mnV6PK6IxgFOIMr5BrRX
sR8scD2wHoSA1YFRtAd3PC9GnSx+qAghisNqrNFmegY2BpkZzVXZq+wXSiQrkOZT
qR6AOCGrGigw+lQ1Eq7ek3N6IoaOcz+6GgBlPwjCw9KBnk7La0m5l1Yx8uFDnF76
lrxCat3tJHZ5P0tZ6zBp23noNc91GGP/uH6w4CsCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTC1TwocnOQYAgaqLkABIjtRyfO7DAfBgNVHSMEGDAWgBQqw9qhsUhQ8uYc
WSshkZFaXmWkeDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tzUGFvYkZJVVBMbUhGa3JJWkdSV2w1bHBIZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvNDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8x
L3d0VThLSEp6a0dBSUdxaTVBQVNJN1Vjbnp1dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
NDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8xL0tzUGFvYkZJVVBM
bUhGa3JJWkdSV2w1bHBIZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAFuEOQMEBbKt4AMEAtWtIDANBgkq
hkiG9w0BAQsFAAOCAQEAf+nEmbo4NBTNEDjcRz50aNTd0zA6C07IBPl0VMyerCWp
9cJS+VhuaG3LrCPfrohIBzKW/lgjA0IHMGMU8KkUZoyUV4DLKlSILXbmNLUjsmYF
IbaxNod2PNdh5ZBOFMhccESnKycdPxJpG36u63YH7urOU2md5dGEEjPSnMbamufU
6c5ojyFd2ZiM4dG1mYB3zGgNy4+ZbiyVgDC/oZOW1wcmogb2NBepaM4DIx6ZURv0
qOsLKSvcgFG76GblgCZo01LXXY2HKiDY8EGlRA7QOknFPqitYQEP4f7pLIiNu9IV
PreeaOzvQ3u4MFArgH9QxfNsFpIG5ZJP2Dr+BKhJ6Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:45 2023 by rpki-client on console-fra.rpki-client.org