Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/59a6b9-cd20-4cd7-b4a7-f0b962f52414/1/W-Ed7FxAC6hVpClmO1QdqKVcg1c.roa
File: W-Ed7FxAC6hVpClmO1QdqKVcg1c.roa (raw, json)
Hash identifier: DM0MLRgiIl08d5rUr/Lov3gZugRUGavFeNPtCFg9RCI=
Subject key identifier: 5B:E1:1D:EC:5C:40:0B:A8:55:A4:29:66:3B:54:1D:A8:A5:5C:83:57
Certificate issuer: /CN=672f0e42b08aa451fc583a358ec370ffbd2dac68
Certificate serial: 0182492BCBB8C7E411CBF9B26FD38256E327
Authority key identifier: 67:2F:0E:42:B0:8A:A4:51:FC:58:3A:35:8E:C3:70:FF:BD:2D:AC:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zy8OQrCKpFH8WDo1jsNw_70trGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/59a6b9-cd20-4cd7-b4a7-f0b962f52414/1/W-Ed7FxAC6hVpClmO1QdqKVcg1c.roa
Signing time: Fri 29 Jul 2022 08:56:23 +0000
ROA not before: Fri 29 Jul 2022 08:56:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51776
IP address blocks: 87.238.138.0/24 maxlen: 24
87.238.137.0/24 maxlen: 24
87.238.136.0/21 maxlen: 24
87.238.142.0/24 maxlen: 24
87.238.141.0/24 maxlen: 24
185.132.128.0/22 maxlen: 24
185.188.53.0/24 maxlen: 24
185.188.52.0/24 maxlen: 24
185.188.55.0/24 maxlen: 24
185.188.54.0/24 maxlen: 24
91.201.213.0/24 maxlen: 24
91.201.212.0/24 maxlen: 24
91.201.212.0/23 maxlen: 24
2a06:56c0::/29 maxlen: 48
2a06:56c0:12::/48 maxlen: 48
2001:67c:3fc::/48 maxlen: 48
2a06:56c3::/32 maxlen: 48
2a06:56c0:11::/48 maxlen: 48
2a06:56c1:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:49:2b:cb:b8:c7:e4:11:cb:f9:b2:6f:d3:82:56:e3:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=672f0e42b08aa451fc583a358ec370ffbd2dac68
Validity
Not Before: Jul 29 08:56:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5be11dec5c400ba855a429663b541da8a55c8357
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:5a:ad:a9:8e:97:91:cc:69:7c:7b:54:c6:d7:
4b:54:8a:b6:ce:46:3d:53:da:f5:f1:25:75:08:57:
5a:da:a8:f3:9f:bf:1e:be:0a:6d:6e:ee:8a:d2:f3:
d2:9f:41:80:1a:c9:c4:7c:90:a8:7a:e8:ef:25:cc:
54:73:af:11:f9:97:5d:8b:ec:e7:41:ea:fa:b8:59:
2b:a6:bd:1e:de:eb:31:bf:b9:36:e3:a4:e4:31:d4:
7b:a5:4f:8f:53:69:ed:5c:a3:12:77:e2:93:34:a8:
19:75:a4:95:90:ec:f2:2a:ee:97:13:77:fe:38:5c:
f6:a6:be:56:27:2e:03:f4:75:46:0f:ee:01:7b:37:
d6:e5:52:34:fe:2b:c3:e7:1f:4c:aa:9d:18:0d:dc:
14:5d:a2:49:e9:2b:31:34:cd:8b:98:8e:69:eb:24:
d8:bc:db:b7:2b:46:9f:a2:71:00:e5:83:46:45:3f:
b6:56:9c:ab:e4:da:cd:2a:7c:a2:12:2e:5e:cb:9d:
d0:51:7b:19:c4:b3:ef:49:fb:b2:67:f0:df:7d:5e:
01:ec:c3:97:01:41:f3:cb:25:14:4e:2b:34:e3:ef:
77:e7:cd:f9:1b:00:63:bd:5b:88:be:ac:95:75:14:
d7:73:53:82:ad:b0:63:29:b6:95:cd:7f:81:4b:77:
a5:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:E1:1D:EC:5C:40:0B:A8:55:A4:29:66:3B:54:1D:A8:A5:5C:83:57
X509v3 Authority Key Identifier:
keyid:67:2F:0E:42:B0:8A:A4:51:FC:58:3A:35:8E:C3:70:FF:BD:2D:AC:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zy8OQrCKpFH8WDo1jsNw_70trGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/59a6b9-cd20-4cd7-b4a7-f0b962f52414/1/W-Ed7FxAC6hVpClmO1QdqKVcg1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/59a6b9-cd20-4cd7-b4a7-f0b962f52414/1/Zy8OQrCKpFH8WDo1jsNw_70trGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.238.136.0/21
91.201.212.0/23
185.132.128.0/22
185.188.52.0/22
IPv6:
2001:67c:3fc::/48
2a06:56c0::/29
Signature Algorithm: sha256WithRSAEncryption
c5:da:b8:27:a3:b7:e4:5b:64:82:9a:7a:82:9e:4c:db:24:82:
c6:2a:b7:e1:83:c8:9e:bf:4a:41:aa:ae:5a:47:cb:e0:29:bb:
d6:53:a1:d1:74:ba:df:7f:d2:3f:d5:d2:2a:49:bc:87:14:7d:
33:4e:e1:80:ee:11:2c:31:70:f7:05:b7:9b:99:24:83:2d:5e:
0c:dd:af:69:50:a2:37:54:19:72:84:4c:58:c3:78:a5:78:ba:
18:28:f6:ee:e4:4d:11:65:d8:00:bc:fc:96:6b:ce:c0:c4:0d:
5d:13:e6:db:35:c7:44:cc:df:ea:c3:14:d4:32:73:88:26:93:
44:6b:a3:9e:a2:32:73:68:c5:bb:23:69:83:e0:d0:86:39:fc:
64:a2:ed:6d:51:3f:fc:cd:00:c4:a6:1e:60:b0:6e:e1:a8:7f:
96:9d:38:f1:a1:b0:d8:6e:12:3e:30:cd:25:8f:7e:ce:50:2d:
11:3a:5e:f0:d1:dc:80:72:97:da:c0:67:bb:c0:77:e7:0f:07:
87:59:59:19:61:0e:e5:3f:d2:7f:3f:36:df:79:d7:ea:cf:28:
13:7d:40:7f:60:1e:42:85:a6:5a:bc:52:11:1d:46:45:9f:a6:
ae:f8:96:48:63:3b:f7:14:20:54:c0:41:f9:6c:66:3a:5f:a6:
38:80:8b:a5
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYJJK8u4x+QRy/myb9OCVuMnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3MmYwZTQyYjA4YWE0NTFmYzU4M2EzNThlYzM3MGZmYmQy
ZGFjNjgwHhcNMjIwNzI5MDg1NjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmUxMWRlYzVjNDAwYmE4NTVhNDI5NjYzYjU0MWRhOGE1NWM4MzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1qtqY6XkcxpfHtUxtdLVIq2zkY9
U9r18SV1CFda2qjzn78evgptbu6K0vPSn0GAGsnEfJCoeujvJcxUc68R+Zddi+zn
Qer6uFkrpr0e3usxv7k246TkMdR7pU+PU2ntXKMSd+KTNKgZdaSVkOzyKu6XE3f+
OFz2pr5WJy4D9HVGD+4BezfW5VI0/ivD5x9Mqp0YDdwUXaJJ6SsxNM2LmI5p6yTY
vNu3K0afonEA5YNGRT+2Vpyr5NrNKnyiEi5ey53QUXsZxLPvSfuyZ/DffV4B7MOX
AUHzyyUUTis04+935835GwBjvVuIvqyVdRTXc1OCrbBjKbaVzX+BS3elQQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFFvhHexcQAuoVaQpZjtUHailXINXMB8GA1UdIwQY
MBaAFGcvDkKwiqRR/Fg6NY7DcP+9LaxoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnk4T1FyQ0twRkg4V0RvMWpzTndfNzB0ckdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My81OWE2YjktY2QyMC00Y2Q3LWI0YTct
ZjBiOTYyZjUyNDE0LzEvVy1FZDdGeEFDNmhWcENsbU8xUWRxS1ZjZzFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My81OWE2YjktY2QyMC00Y2Q3LWI0YTctZjBiOTYyZjUyNDE0
LzEvWnk4T1FyQ0twRkg4V0RvMWpzTndfNzB0ckdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAeBAIAATAYAwQDV+6IAwQB
W8nUAwQCuYSAAwQCubw0MBYEAgACMBADBwAgAQZ8A/wDBQMqBlbAMA0GCSqGSIb3
DQEBCwUAA4IBAQDF2rgno7fkW2SCmnqCnkzbJILGKrfhg8iev0pBqq5aR8vgKbvW
U6HRdLrff9I/1dIqSbyHFH0zTuGA7hEsMXD3BbebmSSDLV4M3a9pUKI3VBlyhExY
w3ileLoYKPbu5E0RZdgAvPyWa87AxA1dE+bbNcdEzN/qwxTUMnOIJpNEa6OeojJz
aMW7I2mD4NCGOfxkou1tUT/8zQDEph5gsG7hqH+WnTjxobDYbhI+MM0lj37OUC0R
Ol7w0dyAcpfawGe7wHfnDweHWVkZYQ7lP9J/PzbfedfqzygTfUB/YB5ChaZavFIR
HUZFn6au+JZIYzv3FCBUwEH5bGY6X6Y4gIul
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:35 2023 by rpki-client on console-fra.rpki-client.org