Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/WweJwPiqvnL7ompHRJ3vfTYeggM.roa
File: WweJwPiqvnL7ompHRJ3vfTYeggM.roa (raw, json)
Hash identifier: gjwiIFD8kRPdWK2ClTdr6fK634Rlk8dR5p8mekhUeyo=
Subject key identifier: 5B:07:89:C0:F8:AA:BE:72:FB:A2:6A:47:44:9D:EF:7D:36:1E:82:03
Certificate issuer: /CN=3cdcc8bcdb6c744acdf43dd72d68d20451a179f6
Certificate serial: 030AD0EF
Authority key identifier: 3C:DC:C8:BC:DB:6C:74:4A:CD:F4:3D:D7:2D:68:D2:04:51:A1:79:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PNzIvNtsdErN9D3XLWjSBFGhefY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/WweJwPiqvnL7ompHRJ3vfTYeggM.roa
Signing time: Sat 01 Jan 2022 02:53:41 +0000
ROA not before: Sat 01 Jan 2022 02:53:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 152.89.192.0/23 maxlen: 24
152.89.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 51040495 (0x30ad0ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cdcc8bcdb6c744acdf43dd72d68d20451a179f6
Validity
Not Before: Jan 1 02:53:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5b0789c0f8aabe72fba26a47449def7d361e8203
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:81:da:97:77:14:9e:d4:10:a9:00:6d:12:c1:
23:0c:81:69:9a:51:98:f7:5d:54:ae:20:55:cd:44:
ee:9d:d5:13:c0:9f:e1:68:b0:5f:16:6e:fb:c1:39:
f3:99:16:22:0f:17:b5:4c:67:6f:1c:49:5c:56:c3:
78:e9:f2:78:07:e1:fe:3d:b2:a8:45:0f:e8:2e:28:
04:7b:b9:ab:df:f5:8f:70:89:59:16:e3:da:34:a2:
c7:45:7b:7c:9f:91:ea:48:b0:74:3b:d6:18:7f:a5:
be:4e:81:b0:3d:75:db:6c:ac:26:f1:a1:23:38:a4:
54:6e:c1:60:c8:b3:27:39:62:82:22:99:bf:79:e4:
10:28:6d:29:57:02:77:fa:b1:30:65:03:26:fc:64:
a9:b7:14:ef:a3:7c:ad:14:ac:74:d7:fa:aa:e9:52:
e8:ef:89:12:2c:ba:d7:9c:ca:f5:93:28:46:91:03:
39:b1:bf:24:73:28:b9:42:3f:05:a7:c5:33:05:02:
14:0b:d5:10:02:e3:f3:76:1d:85:e4:0d:71:85:8e:
e6:30:9e:ec:77:7e:32:ab:97:8b:d3:8c:2e:6b:b1:
3d:8a:09:6f:bc:c8:d0:34:9d:45:b3:dc:f4:bc:04:
c4:26:c9:15:3a:9f:5f:12:f6:d5:a9:51:be:61:67:
58:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:07:89:C0:F8:AA:BE:72:FB:A2:6A:47:44:9D:EF:7D:36:1E:82:03
X509v3 Authority Key Identifier:
keyid:3C:DC:C8:BC:DB:6C:74:4A:CD:F4:3D:D7:2D:68:D2:04:51:A1:79:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PNzIvNtsdErN9D3XLWjSBFGhefY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/WweJwPiqvnL7ompHRJ3vfTYeggM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/PNzIvNtsdErN9D3XLWjSBFGhefY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.192.0/23
152.89.195.0/24
Signature Algorithm: sha256WithRSAEncryption
96:5d:ca:34:83:ee:87:6c:db:e7:88:3f:83:ff:fb:83:b6:36:
73:04:8d:63:ee:e0:70:95:6c:3b:7e:a7:ed:4c:3f:75:35:18:
da:b1:ae:2f:c0:7f:c3:2f:f2:e3:ca:66:bc:3b:fc:54:06:dd:
a3:9c:73:68:8c:d3:3e:92:28:4e:eb:e0:f1:d3:c4:07:4b:a0:
ee:bb:05:d0:5e:c9:7a:01:27:6e:d9:49:62:41:04:8e:f7:50:
90:ea:8b:87:50:a7:cc:16:b9:47:d8:f0:77:d2:89:97:d7:42:
0d:23:5e:6e:d4:90:94:92:7b:b4:e8:6c:24:ad:99:9a:ac:86:
ec:cb:82:b1:1d:eb:55:32:b8:11:35:12:90:fc:cf:54:1d:92:
20:ad:eb:ee:e5:e8:a3:89:09:b4:43:6a:01:61:9c:e6:08:53:
23:73:c1:e2:44:bc:b1:a5:c4:10:c9:95:e6:11:ee:34:ea:e8:
aa:a4:d1:cb:ed:85:79:41:db:8c:da:1a:99:ee:ab:fc:6c:c5:
dd:2c:97:94:38:c4:25:9d:b1:d3:77:39:ad:03:cf:fd:b1:98:
68:b7:90:08:8d:b7:57:70:82:96:d6:47:3c:3a:ec:4f:16:fa:
f6:f3:02:81:e9:de:a6:88:3f:4a:cb:c1:0f:12:5c:37:0f:7c:
b5:ef:9f:83
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAwrQ7zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
Y2RjYzhiY2RiNmM3NDRhY2RmNDNkZDcyZDY4ZDIwNDUxYTE3OWY2MB4XDTIyMDEw
MTAyNTM0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWIwNzg5YzBmOGFh
YmU3MmZiYTI2YTQ3NDQ5ZGVmN2QzNjFlODIwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMuB2pd3FJ7UEKkAbRLBIwyBaZpRmPddVK4gVc1E7p3VE8Cf
4WiwXxZu+8E585kWIg8XtUxnbxxJXFbDeOnyeAfh/j2yqEUP6C4oBHu5q9/1j3CJ
WRbj2jSix0V7fJ+R6kiwdDvWGH+lvk6BsD1122ysJvGhIzikVG7BYMizJzligiKZ
v3nkEChtKVcCd/qxMGUDJvxkqbcU76N8rRSsdNf6qulS6O+JEiy615zK9ZMoRpED
ObG/JHMouUI/BafFMwUCFAvVEALj83YdheQNcYWO5jCe7Hd+MquXi9OMLmuxPYoJ
b7zI0DSdRbPc9LwExCbJFTqfXxL21alRvmFnWIECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRbB4nA+Kq+cvuiakdEne99Nh6CAzAfBgNVHSMEGDAWgBQ83Mi822x0Ss30
PdctaNIEUaF59jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BOekl2TnRzZEVyTjlEM1hMV2pTQkZHaGVmWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzEvMzU2ODI2LWZjMTAtNGFhOS05NmE0LTYzN2IzNzFkYThlNi8x
L1d3ZUp3UGlxdm5MN29tcEhSSjN2ZlRZZWdnTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzEv
MzU2ODI2LWZjMTAtNGFhOS05NmE0LTYzN2IzNzFkYThlNi8xL1BOekl2TnRzZEVy
TjlEM1hMV2pTQkZHaGVmWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAZhZwAMEAJhZwzANBgkqhkiG9w0B
AQsFAAOCAQEAll3KNIPuh2zb54g/g//7g7Y2cwSNY+7gcJVsO36n7Uw/dTUY2rGu
L8B/wy/y48pmvDv8VAbdo5xzaIzTPpIoTuvg8dPEB0ug7rsF0F7JegEnbtlJYkEE
jvdQkOqLh1CnzBa5R9jwd9KJl9dCDSNebtSQlJJ7tOhsJK2ZmqyG7MuCsR3rVTK4
ETUSkPzPVB2SIK3r7uXoo4kJtENqAWGc5ghTI3PB4kS8saXEEMmV5hHuNOroqqTR
y+2FeUHbjNoame6r/GzF3SyXlDjEJZ2x03c5rQPP/bGYaLeQCI23V3CCltZHPDrs
Txb69vMCgenepog/SsvBDxJcNw98te+fgw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:28 2023 by rpki-client on console-ams.rpki-client.org