Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/bf7a28-bf1e-4835-beed-b3d86aa43bc5/1/wpVotzOu0qtB335cPHHhHeVuFbg.roa
File: wpVotzOu0qtB335cPHHhHeVuFbg.roa (raw, json)
Hash identifier: 48L+9sSpc5SPxHBLnMXiN/anCXUSeuBE8cpHgng/quo=
Subject key identifier: C2:95:68:B7:33:AE:D2:AB:41:DF:7E:5C:3C:71:E1:1D:E5:6E:15:B8
Certificate issuer: /CN=cb20606de730456edd7335cc882cbdf4396f3460
Certificate serial: 33D33E32
Authority key identifier: CB:20:60:6D:E7:30:45:6E:DD:73:35:CC:88:2C:BD:F4:39:6F:34:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yyBgbecwRW7dczXMiCy99DlvNGA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/bf7a28-bf1e-4835-beed-b3d86aa43bc5/1/wpVotzOu0qtB335cPHHhHeVuFbg.roa
Signing time: Sat 01 Jan 2022 05:52:06 +0000
ROA not before: Sat 01 Jan 2022 05:52:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43679
IP address blocks: 78.28.0.0/24 maxlen: 24
93.94.17.0/24 maxlen: 24
93.94.16.0/21 maxlen: 21
93.94.16.0/22 maxlen: 22
93.94.22.0/24 maxlen: 24
93.94.20.0/23 maxlen: 23
93.94.23.0/24 maxlen: 24
2a02:e88::/48 maxlen: 48
2a02:e88::/32 maxlen: 32
2a02:e88::/33 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 869482034 (0x33d33e32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb20606de730456edd7335cc882cbdf4396f3460
Validity
Not Before: Jan 1 05:52:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c29568b733aed2ab41df7e5c3c71e11de56e15b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:33:be:c1:85:1d:f0:5e:37:34:b4:f2:5e:8f:
d5:da:8f:d6:6a:0b:0e:5b:ec:2c:09:8a:42:1c:62:
61:19:b5:9e:7d:b2:13:d7:aa:df:ca:22:dd:5d:2a:
fe:ab:ce:d3:3c:3f:58:04:6a:82:c1:ca:38:44:c0:
a2:db:77:e1:19:fe:a9:61:6c:1e:cf:62:f5:61:66:
71:c4:23:f7:a3:6b:a3:fd:95:67:2b:ef:88:d9:85:
46:03:d5:65:97:5f:eb:a4:6b:85:b4:56:67:7c:08:
fc:8b:ad:7e:14:e9:d1:fd:0f:17:8f:b0:82:aa:a4:
fb:95:70:49:eb:86:0d:54:97:bf:db:70:f9:58:7c:
8f:e7:72:a0:fe:19:68:f2:95:ff:14:e1:12:87:0e:
67:11:3c:7e:84:cf:5b:ab:1b:0c:61:b0:73:26:ea:
c2:f8:47:a3:cf:9c:85:37:d6:fa:17:1c:36:38:40:
86:46:c7:56:f4:d0:f6:2c:d3:6a:e9:74:5a:c2:2a:
33:7b:c2:af:15:70:8c:95:7c:cc:5e:d9:4d:69:4c:
6e:60:57:05:ad:bb:a0:5c:52:b3:3c:1f:28:14:e5:
f5:13:76:4d:f4:53:81:c7:c0:3e:e3:d9:66:12:f4:
3c:df:f6:6a:41:a4:7d:a6:f6:bc:c0:ea:56:84:35:
d5:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:95:68:B7:33:AE:D2:AB:41:DF:7E:5C:3C:71:E1:1D:E5:6E:15:B8
X509v3 Authority Key Identifier:
keyid:CB:20:60:6D:E7:30:45:6E:DD:73:35:CC:88:2C:BD:F4:39:6F:34:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yyBgbecwRW7dczXMiCy99DlvNGA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/bf7a28-bf1e-4835-beed-b3d86aa43bc5/1/wpVotzOu0qtB335cPHHhHeVuFbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/bf7a28-bf1e-4835-beed-b3d86aa43bc5/1/yyBgbecwRW7dczXMiCy99DlvNGA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.28.0.0/24
93.94.16.0/21
IPv6:
2a02:e88::/32
Signature Algorithm: sha256WithRSAEncryption
0a:7b:11:8c:4b:35:22:36:de:0c:bb:ea:2d:ca:30:c6:2a:05:
78:7b:f4:48:6d:60:21:c9:7a:07:b9:78:c1:4c:43:9c:d7:7c:
6c:5d:f5:e0:5c:94:96:76:e4:ab:fa:bb:ec:2e:31:15:e4:1d:
bf:e8:6d:cc:1d:4e:af:6d:2b:6d:a4:c7:89:38:df:4b:60:ea:
e8:e8:a4:30:92:e4:40:26:8c:5f:88:52:52:8a:40:df:f5:7d:
96:08:fb:ba:36:19:99:88:1a:a1:6c:2a:ae:32:07:7b:c2:d3:
e2:2c:21:65:40:e4:59:37:56:9a:98:e3:d2:04:e4:9d:ca:ce:
b0:d6:2f:73:fc:6c:b2:93:e4:11:6b:73:aa:c7:7f:76:63:5c:
cf:39:ef:06:40:7f:72:11:67:31:30:bf:18:12:e4:9d:5b:ff:
00:cf:e5:45:e8:ee:66:65:bf:6a:5b:25:18:a0:77:84:3a:65:
72:21:87:a0:f3:7c:cf:f3:a4:eb:18:9c:5c:9b:1a:78:92:9a:
3a:53:22:da:d1:4e:61:70:05:a7:13:ad:23:f3:f8:74:72:70:
77:cb:15:1d:fb:4a:29:a6:90:3d:21:60:61:8f:d0:5f:fa:24:
40:ea:02:da:7f:77:02:61:db:9c:ce:59:1a:29:05:57:ea:81:
b2:10:07:ca
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEM9M+MjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YjIwNjA2ZGU3MzA0NTZlZGQ3MzM1Y2M4ODJjYmRmNDM5NmYzNDYwMB4XDTIyMDEw
MTA1NTIwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzI5NTY4YjczM2Fl
ZDJhYjQxZGY3ZTVjM2M3MWUxMWRlNTZlMTViODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK4zvsGFHfBeNzS08l6P1dqP1moLDlvsLAmKQhxiYRm1nn2y
E9eq38oi3V0q/qvO0zw/WARqgsHKOETAott34Rn+qWFsHs9i9WFmccQj96Nro/2V
ZyvviNmFRgPVZZdf66RrhbRWZ3wI/IutfhTp0f0PF4+wgqqk+5VwSeuGDVSXv9tw
+Vh8j+dyoP4ZaPKV/xThEocOZxE8foTPW6sbDGGwcybqwvhHo8+chTfW+hccNjhA
hkbHVvTQ9izTaul0WsIqM3vCrxVwjJV8zF7ZTWlMbmBXBa27oFxSszwfKBTl9RN2
TfRTgcfAPuPZZhL0PN/2akGkfab2vMDqVoQ11ckCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBTClWi3M67Sq0Hfflw8ceEd5W4VuDAfBgNVHSMEGDAWgBTLIGBt5zBFbt1z
NcyILL30OW80YDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3l5QmdiZWN3Ulc3ZGN6WE1pQ3k5OURsdk5HQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTQvYmY3YTI4LWJmMWUtNDgzNS1iZWVkLWIzZDg2YWE0M2JjNS8x
L3dwVm90ek91MHF0QjMzNWNQSEhoSGVWdUZiZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTQv
YmY3YTI4LWJmMWUtNDgzNS1iZWVkLWIzZDg2YWE0M2JjNS8xL3l5QmdiZWN3Ulc3
ZGN6WE1pQ3k5OURsdk5HQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAE4cAAMEA11eEDANBAIAAjAHAwUA
KgIOiDANBgkqhkiG9w0BAQsFAAOCAQEACnsRjEs1IjbeDLvqLcowxioFeHv0SG1g
Icl6B7l4wUxDnNd8bF314FyUlnbkq/q77C4xFeQdv+htzB1Or20rbaTHiTjfS2Dq
6OikMJLkQCaMX4hSUopA3/V9lgj7ujYZmYgaoWwqrjIHe8LT4iwhZUDkWTdWmpjj
0gTkncrOsNYvc/xsspPkEWtzqsd/dmNczznvBkB/chFnMTC/GBLknVv/AM/lReju
ZmW/alslGKB3hDplciGHoPN8z/Ok6xicXJsaeJKaOlMi2tFOYXAFpxOtI/P4dHJw
d8sVHftKKaaQPSFgYY/QX/okQOoC2n93AmHbnM5ZGikFV+qBshAHyg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:43 2024 by rpki-client on console-fra.rpki-client.org