Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/2dc136-400d-40e7-ad86-8ce60a5c8b1f/1/w_pbA16f5HGvGNawUWm7_1hsAZE.roa
File: w_pbA16f5HGvGNawUWm7_1hsAZE.roa (raw, json)
Hash identifier: vvZE8Pz0By8BO9jVGihV3gwYgOYTw4SWD+qs1e6QKh4=
Subject key identifier: C3:FA:5B:03:5E:9F:E4:71:AF:18:D6:B0:51:69:BB:FF:58:6C:01:91
Certificate issuer: /CN=f80e017cf1711519b0ff9f65858c491b2fa5d40b
Certificate serial: 02B55666
Authority key identifier: F8:0E:01:7C:F1:71:15:19:B0:FF:9F:65:85:8C:49:1B:2F:A5:D4:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-A4BfPFxFRmw_59lhYxJGy-l1As.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/2dc136-400d-40e7-ad86-8ce60a5c8b1f/1/w_pbA16f5HGvGNawUWm7_1hsAZE.roa
Signing time: Sat 01 Jan 2022 10:02:49 +0000
ROA not before: Sat 01 Jan 2022 10:02:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42369
IP address blocks: 94.176.160.0/23 maxlen: 23
94.176.160.0/24 maxlen: 24
185.235.147.0/24 maxlen: 24
94.176.161.0/24 maxlen: 24
188.240.51.0/24 maxlen: 24
2a10:8b40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45438566 (0x2b55666)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f80e017cf1711519b0ff9f65858c491b2fa5d40b
Validity
Not Before: Jan 1 10:02:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c3fa5b035e9fe471af18d6b05169bbff586c0191
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:8c:9f:4f:e9:48:7f:d6:56:35:2b:61:cf:08:
ed:81:a4:58:41:9a:b5:fe:b0:cb:8f:94:80:42:0d:
69:64:8f:84:1d:22:6d:1b:63:53:09:73:b7:28:cf:
0b:02:6c:2f:2b:67:05:58:17:35:7f:41:d0:37:42:
09:fd:b5:d9:8b:ea:30:d4:44:70:6a:00:e3:c8:93:
65:73:6c:bf:5b:9e:51:fc:72:8c:cc:35:6c:f3:fd:
92:b5:f7:43:e4:20:8a:c3:4a:b5:0e:d8:b2:29:1f:
e9:dd:10:c7:bb:ff:a7:ef:69:6c:c5:fc:55:39:6c:
5d:59:58:ea:2b:d4:3a:05:68:d0:e1:66:ec:da:a9:
c8:cf:40:4c:26:57:9a:bf:21:e4:4f:37:83:94:b8:
47:77:35:a1:de:14:43:06:fa:95:b8:8e:47:81:19:
e8:48:9a:1f:83:0b:3a:1c:9f:27:bc:34:3c:22:23:
c6:96:16:9c:73:9b:5d:c7:c8:cb:5c:ff:ce:f6:f8:
45:37:8e:0c:0e:9d:c8:55:eb:dc:54:71:5d:64:06:
c8:f1:38:ca:c3:29:07:cc:2c:46:7b:91:a3:99:29:
c4:49:19:bb:bc:8c:6b:28:35:cc:55:d9:c2:0e:3a:
83:2c:25:8b:b7:63:20:d7:e7:1f:9f:0e:72:20:f0:
aa:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:FA:5B:03:5E:9F:E4:71:AF:18:D6:B0:51:69:BB:FF:58:6C:01:91
X509v3 Authority Key Identifier:
keyid:F8:0E:01:7C:F1:71:15:19:B0:FF:9F:65:85:8C:49:1B:2F:A5:D4:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-A4BfPFxFRmw_59lhYxJGy-l1As.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/2dc136-400d-40e7-ad86-8ce60a5c8b1f/1/w_pbA16f5HGvGNawUWm7_1hsAZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/2dc136-400d-40e7-ad86-8ce60a5c8b1f/1/1-A4BfPFxFRmw_59lhYxJGy-l1As.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.176.160.0/23
185.235.147.0/24
188.240.51.0/24
IPv6:
2a10:8b40::/32
Signature Algorithm: sha256WithRSAEncryption
56:30:15:65:ce:0a:52:17:f6:5c:12:b3:32:ad:89:5d:3e:81:
b2:a6:e5:8d:11:0e:14:7f:ec:08:d1:74:28:e2:c6:77:5d:cb:
ea:60:f0:c3:8b:2d:5f:b0:5e:f2:95:3e:a4:c8:a8:f5:a7:7a:
95:42:f6:e6:a2:d3:7d:c3:d8:b1:65:c5:37:83:5c:7e:07:60:
13:0b:cf:6b:74:86:9b:67:9f:be:fb:cd:2d:6a:a9:8e:80:8e:
4e:b7:c4:0f:c8:dc:97:65:d7:8a:7f:c6:bc:e2:b0:54:26:f9:
d3:42:76:b1:f0:dd:ef:f3:e1:76:db:26:b5:41:5a:32:04:66:
e8:0b:b8:74:9d:86:4d:09:aa:09:7f:a5:1f:13:be:ca:05:9f:
11:63:ed:60:a3:78:ab:b1:d8:be:82:3e:44:62:a4:23:49:5c:
50:7b:bb:50:a5:45:94:10:1d:53:dd:63:e7:f3:be:ba:d5:4c:
5c:bf:92:91:c9:72:f1:84:36:71:f0:86:04:b5:a1:1a:a2:db:
58:8a:3b:89:e2:6a:e3:53:88:e6:91:6f:31:89:dc:be:bb:46:
9e:3a:3a:b6:a1:62:6a:3e:03:ad:fd:ec:10:87:74:23:50:cb:
15:a2:5f:c5:3d:3a:b6:52:0c:36:1e:23:37:83:c2:71:3e:a3:
be:22:0b:dc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIEArVWZjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ODBlMDE3Y2YxNzExNTE5YjBmZjlmNjU4NThjNDkxYjJmYTVkNDBiMB4XDTIyMDEw
MTEwMDI0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzNmYTViMDM1ZTlm
ZTQ3MWFmMThkNmIwNTE2OWJiZmY1ODZjMDE5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANeMn0/pSH/WVjUrYc8I7YGkWEGatf6wy4+UgEINaWSPhB0i
bRtjUwlztyjPCwJsLytnBVgXNX9B0DdCCf212YvqMNREcGoA48iTZXNsv1ueUfxy
jMw1bPP9krX3Q+QgisNKtQ7Ysikf6d0Qx7v/p+9pbMX8VTlsXVlY6ivUOgVo0OFm
7NqpyM9ATCZXmr8h5E83g5S4R3c1od4UQwb6lbiOR4EZ6EiaH4MLOhyfJ7w0PCIj
xpYWnHObXcfIy1z/zvb4RTeODA6dyFXr3FRxXWQGyPE4ysMpB8wsRnuRo5kpxEkZ
u7yMayg1zFXZwg46gywli7djINfnH58OciDwqnMCAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBTD+lsDXp/kca8Y1rBRabv/WGwBkTAfBgNVHSMEGDAWgBT4DgF88XEVGbD/
n2WFjEkbL6XUCzAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtQTRCZlBGeEZSbXdfNTlsaFl4Skd5LWwxQXMuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzg3LzJkYzEzNi00MDBkLTQwZTctYWQ4Ni04Y2U2MGE1YzhiMWYv
MS93X3BiQTE2ZjVIR3ZHTmF3VVdtN18xaHNBWkUucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg3
LzJkYzEzNi00MDBkLTQwZTctYWQ4Ni04Y2U2MGE1YzhiMWYvMS8xLUE0QmZQRnhG
Um13XzU5bGhZeEpHeS1sMUFzLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBXrCgAwQAueuTAwQAvPAzMA0E
AgACMAcDBQAqEItAMA0GCSqGSIb3DQEBCwUAA4IBAQBWMBVlzgpSF/ZcErMyrYld
PoGypuWNEQ4Uf+wI0XQo4sZ3XcvqYPDDiy1fsF7ylT6kyKj1p3qVQvbmotN9w9ix
ZcU3g1x+B2ATC89rdIabZ5+++80taqmOgI5Ot8QPyNyXZdeKf8a84rBUJvnTQnax
8N3v8+F22ya1QVoyBGboC7h0nYZNCaoJf6UfE77KBZ8RY+1go3irsdi+gj5EYqQj
SVxQe7tQpUWUEB1T3WPn87661Uxcv5KRyXLxhDZx8IYEtaEaottYijuJ4mrjU4jm
kW8xidy+u0aeOjq2oWJqPgOt/ewQh3QjUMsVol/FPTq2Ugw2HiM3g8JxPqO+Igvc
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:58 2023 by rpki-client on console-fra.rpki-client.org