Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/4c48bb-366c-41f5-9b2d-530440c4fa29/1/WCU0fiCuAvQNlY_U7aSkXXphes4.roa
File: WCU0fiCuAvQNlY_U7aSkXXphes4.roa (raw, json)
Hash identifier: AZVcjIV6q9pDaRVLgedCM4fu1RMSeaqD58zR+WsSMyQ=
Subject key identifier: 58:25:34:7E:20:AE:02:F4:0D:95:8F:D4:ED:A4:A4:5D:7A:61:7A:CE
Certificate issuer: /CN=1e4a2020b82d0294e90a2d6b2c0f28d1173b6465
Certificate serial: 424A656F
Authority key identifier: 1E:4A:20:20:B8:2D:02:94:E9:0A:2D:6B:2C:0F:28:D1:17:3B:64:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HkogILgtApTpCi1rLA8o0Rc7ZGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/4c48bb-366c-41f5-9b2d-530440c4fa29/1/WCU0fiCuAvQNlY_U7aSkXXphes4.roa
Signing time: Sat 01 Jan 2022 01:50:50 +0000
ROA not before: Sat 01 Jan 2022 01:50:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44453
IP address blocks: 5.132.137.0/24 maxlen: 32
185.2.156.0/22 maxlen: 22
5.198.144.0/20 maxlen: 20
128.204.128.0/19 maxlen: 24
128.204.135.0/24 maxlen: 24
5.132.162.0/24 maxlen: 32
5.132.161.0/24 maxlen: 32
5.132.163.0/24 maxlen: 24
5.132.162.0/23 maxlen: 23
5.132.189.0/24 maxlen: 24
5.132.190.0/24 maxlen: 32
2a03:3180::/32 maxlen: 32
2a03:3180:4000::/36 maxlen: 36
2a03:3180::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1112171887 (0x424a656f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e4a2020b82d0294e90a2d6b2c0f28d1173b6465
Validity
Not Before: Jan 1 01:50:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5825347e20ae02f40d958fd4eda4a45d7a617ace
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c3:c8:f3:18:c5:20:3c:ea:0c:20:53:b0:d7:
76:e1:f7:f0:f0:25:c4:46:8e:12:30:d3:f3:34:f1:
6c:65:93:1b:21:7d:3e:74:d4:0b:83:cc:62:ed:58:
fb:fc:60:39:3c:79:ef:be:0c:36:0f:35:2c:30:4a:
14:6d:84:f5:5b:e8:05:c2:d2:a6:35:d3:c9:9a:3b:
f0:76:b0:d2:5c:56:b4:56:e3:23:54:60:fb:9b:35:
2e:d2:7c:e0:43:31:aa:98:77:fa:d8:b3:61:9e:8d:
1b:83:d7:bd:77:27:31:df:05:09:62:e0:77:2c:52:
c0:9c:4e:d3:b7:f1:1c:a2:ff:30:4d:c4:22:b1:03:
5d:68:13:7e:68:18:27:1b:47:0b:c3:2d:ac:53:a2:
8e:19:a1:e9:e1:d3:87:da:d5:f8:49:4d:3a:3e:93:
6c:fd:21:52:1c:a1:95:58:21:fc:31:e4:5a:13:ec:
55:bd:1f:4c:a2:67:c9:d4:f1:c7:2a:b6:32:55:20:
08:55:62:3a:fe:ea:86:db:0a:b2:7f:b8:6f:7f:86:
1b:8e:c8:0b:4e:9c:08:4c:af:2c:68:7b:f1:2b:50:
36:30:1d:17:eb:c2:84:e3:9d:18:07:ee:81:03:22:
c4:6a:3b:ac:85:1a:92:a7:6f:c3:1d:9e:7f:f4:01:
60:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:25:34:7E:20:AE:02:F4:0D:95:8F:D4:ED:A4:A4:5D:7A:61:7A:CE
X509v3 Authority Key Identifier:
keyid:1E:4A:20:20:B8:2D:02:94:E9:0A:2D:6B:2C:0F:28:D1:17:3B:64:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HkogILgtApTpCi1rLA8o0Rc7ZGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4c48bb-366c-41f5-9b2d-530440c4fa29/1/WCU0fiCuAvQNlY_U7aSkXXphes4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4c48bb-366c-41f5-9b2d-530440c4fa29/1/HkogILgtApTpCi1rLA8o0Rc7ZGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.132.137.0/24
5.132.161.0-5.132.163.255
5.132.189.0-5.132.190.255
5.198.144.0/20
128.204.128.0/19
185.2.156.0/22
IPv6:
2a03:3180::/32
Signature Algorithm: sha256WithRSAEncryption
a1:12:71:57:ee:d2:d8:fd:00:77:ef:04:82:5e:16:2e:2d:64:
9b:b3:4a:16:14:f3:45:95:a7:d0:57:00:25:46:77:9c:f9:e0:
54:46:ea:0f:3e:41:b7:3c:b7:8f:57:e7:fb:53:70:69:1d:01:
44:63:3a:97:ae:00:0f:b6:0e:6a:8d:75:6a:93:8c:0b:e9:fd:
b3:40:ce:d5:cf:d7:8f:7f:73:43:cb:89:c9:c5:0f:4e:8c:69:
44:84:bd:ee:54:63:20:8d:8f:0c:42:ed:d9:89:c7:25:c7:d5:
39:84:d4:66:63:fa:5d:fc:e2:51:16:b9:d5:e7:a7:2d:10:cb:
c5:88:4d:7d:3e:21:93:bf:47:eb:3f:5d:fd:4b:0d:c8:d9:c0:
e7:c9:a3:bb:42:0f:02:bd:b9:d3:f3:9f:f5:d8:85:7e:a9:c5:
9b:ff:78:b3:7d:75:58:bb:b1:bc:75:96:c5:6c:e8:83:08:7e:
e7:f4:7f:ee:c7:99:ef:79:7a:0d:de:ef:b7:99:70:3b:b7:65:
b3:47:1d:42:1a:8a:bc:4d:0a:e5:29:c6:58:46:b1:3e:f1:ad:
9c:9d:c0:4f:bc:fe:ae:ab:1a:92:39:6b:71:8c:38:51:ad:0d:
90:51:4f:b5:45:95:db:3e:d2:bf:aa:73:17:ab:ef:e8:fd:19:
8f:07:71:11
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIEQkplbzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZTRhMjAyMGI4MmQwMjk0ZTkwYTJkNmIyYzBmMjhkMTE3M2I2NDY1MB4XDTIyMDEw
MTAxNTA1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTgyNTM0N2UyMGFl
MDJmNDBkOTU4ZmQ0ZWRhNGE0NWQ3YTYxN2FjZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK3DyPMYxSA86gwgU7DXduH38PAlxEaOEjDT8zTxbGWTGyF9
PnTUC4PMYu1Y+/xgOTx5774MNg81LDBKFG2E9VvoBcLSpjXTyZo78Haw0lxWtFbj
I1Rg+5s1LtJ84EMxqph3+tizYZ6NG4PXvXcnMd8FCWLgdyxSwJxO07fxHKL/ME3E
IrEDXWgTfmgYJxtHC8MtrFOijhmh6eHTh9rV+ElNOj6TbP0hUhyhlVgh/DHkWhPs
Vb0fTKJnydTxxyq2MlUgCFViOv7qhtsKsn+4b3+GG47IC06cCEyvLGh78StQNjAd
F+vChOOdGAfugQMixGo7rIUakqdvwx2ef/QBYEcCAwEAAaOCAkYwggJCMB0GA1Ud
DgQWBBRYJTR+IK4C9A2Vj9TtpKRdemF6zjAfBgNVHSMEGDAWgBQeSiAguC0ClOkK
LWssDyjRFztkZTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hrb2dJTGd0QXBUcENpMXJMQThvMFJjN1pHVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGMvNGM0OGJiLTM2NmMtNDFmNS05YjJkLTUzMDQ0MGM0ZmEyOS8x
L1dDVTBmaUN1QXZRTmxZX1U3YVNrWFhwaGVzNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGMv
NGM0OGJiLTM2NmMtNDFmNS05YjJkLTUzMDQ0MGM0ZmEyOS8xL0hrb2dJTGd0QXBU
cENpMXJMQThvMFJjN1pHVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBc
BggrBgEFBQcBBwEB/wRNMEswOgQCAAEwNAMEAAWEiTAMAwQABYShAwQCBYSgMAwD
BAAFhL0DBAAFhL4DBAQFxpADBAWAzIADBAK5ApwwDQQCAAIwBwMFACoDMYAwDQYJ
KoZIhvcNAQELBQADggEBAKEScVfu0tj9AHfvBIJeFi4tZJuzShYU80WVp9BXACVG
d5z54FRG6g8+Qbc8t49X5/tTcGkdAURjOpeuAA+2DmqNdWqTjAvp/bNAztXP149/
c0PLicnFD06MaUSEve5UYyCNjwxC7dmJxyXH1TmE1GZj+l384lEWudXnpy0Qy8WI
TX0+IZO/R+s/Xf1LDcjZwOfJo7tCDwK9udPzn/XYhX6pxZv/eLN9dVi7sbx1lsVs
6IMIfuf0f+7Hme95eg3e77eZcDu3ZbNHHUIairxNCuUpxlhGsT7xrZydwE+8/q6r
GpI5a3GMOFGtDZBRT7VFlds+0r+qcxer7+j9GY8HcRE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:13 2023 by rpki-client on console-fra.rpki-client.org