Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/7a7ce6-06a6-41d3-b5fa-97174a96e815/1/wTzHXK6ZtqQRc28uFPKDF7W2P5o.roa
File: wTzHXK6ZtqQRc28uFPKDF7W2P5o.roa (raw, json)
Hash identifier: WKKvQJ82b+5nY2GO+z/+f5q1mwDK32XdeuXQNQs5fQw=
Subject key identifier: C1:3C:C7:5C:AE:99:B6:A4:11:73:6F:2E:14:F2:83:17:B5:B6:3F:9A
Certificate issuer: /CN=bb4bbd334581ddcdd935bcef47d9a04cbce5fded
Certificate serial: 23B977F6
Authority key identifier: BB:4B:BD:33:45:81:DD:CD:D9:35:BC:EF:47:D9:A0:4C:BC:E5:FD:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u0u9M0WB3c3ZNbzvR9mgTLzl_e0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/7a7ce6-06a6-41d3-b5fa-97174a96e815/1/wTzHXK6ZtqQRc28uFPKDF7W2P5o.roa
Signing time: Sat 01 Jan 2022 08:01:35 +0000
ROA not before: Sat 01 Jan 2022 08:01:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199408
IP address blocks: 185.14.168.0/22 maxlen: 22
91.195.1.0/24 maxlen: 24
91.195.0.0/23 maxlen: 23
2a03:aec0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 599357430 (0x23b977f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb4bbd334581ddcdd935bcef47d9a04cbce5fded
Validity
Not Before: Jan 1 08:01:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c13cc75cae99b6a411736f2e14f28317b5b63f9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:5f:b8:44:a2:b0:5e:ee:8c:b2:be:1c:94:77:
aa:e5:51:84:90:60:9a:97:f6:23:78:06:2e:f1:c7:
f0:08:c9:5d:c1:40:b9:31:be:d0:8f:b5:32:16:64:
f0:aa:c8:d9:da:0d:c8:42:14:2f:e1:4c:77:6a:ff:
ee:29:10:f7:f4:1c:93:54:9e:ba:3a:13:f1:72:4d:
5a:4f:a9:15:a4:c3:b9:e2:5a:92:97:16:73:fa:42:
f1:04:01:7e:09:16:ac:1c:fb:de:9c:30:0a:ee:80:
fb:38:da:d5:76:7d:c9:26:e9:a8:9e:d0:fc:15:7f:
df:51:5a:e7:f4:81:e9:0d:1c:03:8a:5b:67:e9:4b:
fb:cb:a5:91:18:07:33:b6:7e:40:47:1b:2e:d7:35:
28:7c:21:83:b9:a3:a4:24:70:98:3f:65:ca:9d:ff:
9b:1f:6e:21:31:be:bd:c2:dd:1e:66:cd:41:16:9c:
f2:af:c7:d5:1f:34:1d:3f:a5:41:f2:44:ab:4b:65:
9b:07:09:52:39:e5:f1:76:d6:4d:07:d9:eb:9d:a2:
bd:8a:a6:b2:22:50:f5:e0:b2:58:ec:0c:65:11:44:
e8:88:d6:c7:49:75:a8:cb:44:42:ac:e5:92:d4:fd:
37:cf:96:16:41:0d:90:23:ad:f4:3d:48:f1:c9:00:
3f:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:3C:C7:5C:AE:99:B6:A4:11:73:6F:2E:14:F2:83:17:B5:B6:3F:9A
X509v3 Authority Key Identifier:
keyid:BB:4B:BD:33:45:81:DD:CD:D9:35:BC:EF:47:D9:A0:4C:BC:E5:FD:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u0u9M0WB3c3ZNbzvR9mgTLzl_e0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/7a7ce6-06a6-41d3-b5fa-97174a96e815/1/wTzHXK6ZtqQRc28uFPKDF7W2P5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/7a7ce6-06a6-41d3-b5fa-97174a96e815/1/u0u9M0WB3c3ZNbzvR9mgTLzl_e0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.0.0/23
185.14.168.0/22
IPv6:
2a03:aec0::/32
Signature Algorithm: sha256WithRSAEncryption
12:2a:81:02:63:31:cb:e7:81:d7:8f:62:7e:ce:d9:e8:65:83:
63:a4:cc:38:fa:31:d9:a2:3f:4c:42:3d:1c:d3:d4:8d:0f:85:
3d:03:a5:7a:0c:e2:e7:e6:96:47:8a:3f:e0:dd:9a:1c:40:23:
f1:fa:68:6a:34:e7:c8:21:44:5c:87:34:62:66:59:5a:d4:58:
42:4a:d0:3e:7c:a3:c2:5d:34:e2:f1:01:8f:c4:1c:a4:71:c2:
24:3d:e5:76:eb:9c:ec:3b:d8:7a:b0:70:bd:7e:c9:95:ee:f5:
6e:b8:9b:aa:d1:50:a7:b5:ec:f8:97:09:31:78:68:1f:0b:54:
a5:8f:03:59:dc:30:23:77:d3:08:f0:e8:34:2c:a8:a6:f0:b6:
f3:7a:2b:cf:12:92:08:5f:ca:af:4d:f2:58:6a:3d:5b:49:7f:
07:32:07:ee:5c:18:6b:d1:da:d2:5a:84:1f:d2:9e:5b:93:3a:
ce:3b:fd:58:1d:95:89:ca:57:f9:ab:bf:24:6d:dd:e0:40:e0:
27:f2:93:d0:4d:2a:c7:c2:3e:a9:60:b1:09:ff:da:73:74:ae:
c2:af:e1:49:cb:13:a3:86:02:69:ae:6b:21:12:20:75:dc:8e:
72:42:f5:fb:d5:68:4e:06:8f:5c:03:a7:1d:0b:30:f9:e1:ab:
1f:65:96:44
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEI7l39jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YjRiYmQzMzQ1ODFkZGNkZDkzNWJjZWY0N2Q5YTA0Y2JjZTVmZGVkMB4XDTIyMDEw
MTA4MDEzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzEzY2M3NWNhZTk5
YjZhNDExNzM2ZjJlMTRmMjgzMTdiNWI2M2Y5YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKlfuESisF7ujLK+HJR3quVRhJBgmpf2I3gGLvHH8AjJXcFA
uTG+0I+1MhZk8KrI2doNyEIUL+FMd2r/7ikQ9/Qck1SeujoT8XJNWk+pFaTDueJa
kpcWc/pC8QQBfgkWrBz73pwwCu6A+zja1XZ9ySbpqJ7Q/BV/31Fa5/SB6Q0cA4pb
Z+lL+8ulkRgHM7Z+QEcbLtc1KHwhg7mjpCRwmD9lyp3/mx9uITG+vcLdHmbNQRac
8q/H1R80HT+lQfJEq0tlmwcJUjnl8XbWTQfZ652ivYqmsiJQ9eCyWOwMZRFE6IjW
x0l1qMtEQqzlktT9N8+WFkENkCOt9D1I8ckAPxcCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBTBPMdcrpm2pBFzby4U8oMXtbY/mjAfBgNVHSMEGDAWgBS7S70zRYHdzdk1
vO9H2aBMvOX97TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3UwdTlNMFdCM2MzWk5ienZSOW1nVEx6bF9lMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTgvN2E3Y2U2LTA2YTYtNDFkMy1iNWZhLTk3MTc0YTk2ZTgxNS8x
L3dUekhYSzZadHFRUmMyOHVGUEtERjdXMlA1by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgv
N2E3Y2U2LTA2YTYtNDFkMy1iNWZhLTk3MTc0YTk2ZTgxNS8xL3UwdTlNMFdCM2Mz
Wk5ienZSOW1nVEx6bF9lMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAVvDAAMEArkOqDANBAIAAjAHAwUA
KgOuwDANBgkqhkiG9w0BAQsFAAOCAQEAEiqBAmMxy+eB149ifs7Z6GWDY6TMOPox
2aI/TEI9HNPUjQ+FPQOlegzi5+aWR4o/4N2aHEAj8fpoajTnyCFEXIc0YmZZWtRY
QkrQPnyjwl004vEBj8QcpHHCJD3lduuc7DvYerBwvX7Jle71bribqtFQp7Xs+JcJ
MXhoHwtUpY8DWdwwI3fTCPDoNCyopvC283orzxKSCF/Kr03yWGo9W0l/BzIH7lwY
a9Ha0lqEH9KeW5M6zjv9WB2VicpX+au/JG3d4EDgJ/KT0E0qx8I+qWCxCf/ac3Su
wq/hScsTo4YCaa5rIRIgddyOckL1+9VoTgaPXAOnHQsw+eGrH2WWRA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:33 2023 by rpki-client on console-ams.rpki-client.org