Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/4bebe7-3f8e-4949-8980-9f6fa0e1a5a5/1/wjTHu-d_-3ABwSCzWUaLejnYpaM.roa
File: wjTHu-d_-3ABwSCzWUaLejnYpaM.roa (raw, json)
Hash identifier: fMU6AXhRoHT3WWBH89JvMLkRjZcK65ia50NsLUjudfM=
Subject key identifier: C2:34:C7:BB:E7:7F:FB:70:01:C1:20:B3:59:46:8B:7A:39:D8:A5:A3
Certificate issuer: /CN=709eb6eaaa49dd6b483e04b1434e4dac79ed9d31
Certificate serial: 0182598681553A3403E5AFDF15DFDDA4FA7E
Authority key identifier: 70:9E:B6:EA:AA:49:DD:6B:48:3E:04:B1:43:4E:4D:AC:79:ED:9D:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cJ626qpJ3WtIPgSxQ05NrHntnTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/4bebe7-3f8e-4949-8980-9f6fa0e1a5a5/1/wjTHu-d_-3ABwSCzWUaLejnYpaM.roa
Signing time: Mon 01 Aug 2022 13:09:23 +0000
ROA not before: Mon 01 Aug 2022 13:09:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30768
IP address blocks: 193.19.83.0/24 maxlen: 24
193.19.82.0/24 maxlen: 24
193.19.82.0/23 maxlen: 24
194.165.0.0/23 maxlen: 24
194.165.0.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:59:86:81:55:3a:34:03:e5:af:df:15:df:dd:a4:fa:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=709eb6eaaa49dd6b483e04b1434e4dac79ed9d31
Validity
Not Before: Aug 1 13:09:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c234c7bbe77ffb7001c120b359468b7a39d8a5a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:61:34:a5:80:12:e4:ce:dd:d9:11:6c:7b:c8:
13:51:2e:ad:a4:13:4e:2a:65:97:8f:21:ab:ee:ee:
6e:d8:00:c7:86:9d:f4:fc:e9:a5:8a:e9:d3:01:01:
c0:08:5d:3c:fd:76:c1:49:3a:aa:ad:7b:55:f2:c4:
c5:7c:60:df:c3:fc:08:49:1c:df:fc:a0:b1:bf:a1:
25:a2:56:b0:86:79:a6:e5:12:b1:dc:d0:28:60:76:
54:72:19:71:64:da:86:b8:39:28:4c:f6:09:f5:14:
52:ff:58:11:06:11:e7:1c:31:08:2e:a0:cf:2a:ab:
72:48:f8:67:e4:44:3a:12:9d:71:a0:87:b1:27:bb:
1d:61:2c:61:90:56:3b:59:63:b4:70:1d:e8:cd:3f:
c2:19:fe:b7:60:4f:e1:9f:a1:0f:8a:3e:a5:16:01:
8d:ef:49:50:88:08:77:a8:f9:33:5d:e5:4e:3d:1b:
9b:50:ec:6e:ba:20:8a:43:86:f2:7d:05:2d:70:63:
e4:45:7b:84:18:07:c3:81:73:90:2c:ef:21:80:64:
26:1d:b1:d1:82:36:05:dd:fa:ec:fe:8f:50:22:5b:
d2:f1:d7:13:1e:fa:a8:b7:6c:1f:f5:a7:68:ba:9f:
56:62:aa:11:51:70:c2:b5:15:1a:fa:6d:b1:a2:92:
11:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:34:C7:BB:E7:7F:FB:70:01:C1:20:B3:59:46:8B:7A:39:D8:A5:A3
X509v3 Authority Key Identifier:
keyid:70:9E:B6:EA:AA:49:DD:6B:48:3E:04:B1:43:4E:4D:AC:79:ED:9D:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJ626qpJ3WtIPgSxQ05NrHntnTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/4bebe7-3f8e-4949-8980-9f6fa0e1a5a5/1/wjTHu-d_-3ABwSCzWUaLejnYpaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/4bebe7-3f8e-4949-8980-9f6fa0e1a5a5/1/cJ626qpJ3WtIPgSxQ05NrHntnTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.19.82.0/23
194.165.0.0/23
Signature Algorithm: sha256WithRSAEncryption
ce:ec:c4:d7:7f:b6:63:99:7f:54:a4:ac:a2:c7:77:51:3b:27:
37:e2:03:d3:ef:5d:08:ae:33:e5:e4:eb:44:57:79:70:76:14:
6a:13:61:82:2c:41:61:31:03:8b:c6:98:26:22:ff:5e:c2:af:
dd:34:12:b5:73:e3:cd:5d:8c:d1:c7:0a:63:d9:39:73:63:1b:
c5:30:2e:8e:ce:fc:b3:a3:28:79:85:a8:39:a1:6b:68:84:89:
90:ec:0e:3b:8b:6c:74:b7:75:73:78:05:bd:82:16:b3:36:88:
a7:08:fe:26:0b:cc:80:4b:e3:24:42:9f:0c:36:0f:d5:50:0e:
e5:b0:03:9e:a4:0a:54:85:42:12:67:92:bb:07:b4:b4:2a:ae:
34:d6:33:4c:df:e6:ae:39:de:f7:8d:77:5f:4f:be:c5:0c:b8:
31:94:e5:e4:db:bf:bc:ac:15:79:f7:06:c2:95:92:a1:88:a3:
ce:23:8d:f3:d9:df:21:ff:55:67:77:41:57:b5:80:a7:30:b4:
f0:32:3b:79:dc:b9:b0:bf:45:0b:42:4b:10:a6:a6:8e:e9:1a:
a7:da:ff:53:0f:b8:8b:75:69:11:6a:a3:d8:bb:79:48:cb:fe:
38:51:f3:67:5d:f9:43:9b:d1:e9:47:8c:fd:b1:96:8d:8c:5a:
96:6e:18:f3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYJZhoFVOjQD5a/fFd/dpPp+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwOWViNmVhYWE0OWRkNmI0ODNlMDRiMTQzNGU0ZGFjNzll
ZDlkMzEwHhcNMjIwODAxMTMwOTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjM0YzdiYmU3N2ZmYjcwMDFjMTIwYjM1OTQ2OGI3YTM5ZDhhNWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWE0pYAS5M7d2RFse8gTUS6tpBNO
KmWXjyGr7u5u2ADHhp30/OmliunTAQHACF08/XbBSTqqrXtV8sTFfGDfw/wISRzf
/KCxv6Elolawhnmm5RKx3NAoYHZUchlxZNqGuDkoTPYJ9RRS/1gRBhHnHDEILqDP
KqtySPhn5EQ6Ep1xoIexJ7sdYSxhkFY7WWO0cB3ozT/CGf63YE/hn6EPij6lFgGN
70lQiAh3qPkzXeVOPRubUOxuuiCKQ4byfQUtcGPkRXuEGAfDgXOQLO8hgGQmHbHR
gjYF3frs/o9QIlvS8dcTHvqot2wf9adoup9WYqoRUXDCtRUa+m2xopIRKQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMI0x7vnf/twAcEgs1lGi3o52KWjMB8GA1UdIwQY
MBaAFHCetuqqSd1rSD4EsUNOTax57Z0xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0o2MjZxcEozV3RJUGdTeFEwNU5ySG50blRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy80YmViZTctM2Y4ZS00OTQ5LTg5ODAt
OWY2ZmEwZTFhNWE1LzEvd2pUSHUtZF8tM0FCd1NDeldVYUxlam5ZcGFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy80YmViZTctM2Y4ZS00OTQ5LTg5ODAtOWY2ZmEwZTFhNWE1
LzEvY0o2MjZxcEozV3RJUGdTeFEwNU5ySG50blRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwRNSAwQB
wqUAMA0GCSqGSIb3DQEBCwUAA4IBAQDO7MTXf7ZjmX9UpKyix3dROyc34gPT710I
rjPl5OtEV3lwdhRqE2GCLEFhMQOLxpgmIv9ewq/dNBK1c+PNXYzRxwpj2TlzYxvF
MC6Ozvyzoyh5hag5oWtohImQ7A47i2x0t3VzeAW9ghazNoinCP4mC8yAS+MkQp8M
Ng/VUA7lsAOepApUhUISZ5K7B7S0Kq401jNM3+auOd73jXdfT77FDLgxlOXk27+8
rBV59wbClZKhiKPOI43z2d8h/1Vnd0FXtYCnMLTwMjt53Lmwv0ULQksQpqaO6Rqn
2v9TD7iLdWkRaqPYu3lIy/44UfNnXflDm9HpR4z9sZaNjFqWbhjz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:03 2024 by rpki-client on console-ams.rpki-client.org