Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/9c5359-3452-42f3-880b-82d9a9eb430c/1/WYaegW1K9tyMfc1bys8k7PXMSUk.roa
File: WYaegW1K9tyMfc1bys8k7PXMSUk.roa (raw, json)
Hash identifier: h5uDvEJv3tY06N2kjyqKWpcENivzfoeXxeNsit0qdIw=
Subject key identifier: 59:86:9E:81:6D:4A:F6:DC:8C:7D:CD:5B:CA:CF:24:EC:F5:CC:49:49
Certificate issuer: /CN=7ed500164f0738135b9aec04e38fc24cb90e0f5f
Certificate serial: 04AA81AC
Authority key identifier: 7E:D5:00:16:4F:07:38:13:5B:9A:EC:04:E3:8F:C2:4C:B9:0E:0F:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ftUAFk8HOBNbmuwE44_CTLkOD18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/9c5359-3452-42f3-880b-82d9a9eb430c/1/WYaegW1K9tyMfc1bys8k7PXMSUk.roa
Signing time: Thu 24 Mar 2022 09:23:40 +0000
ROA not before: Thu 24 Mar 2022 09:23:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204279
IP address blocks: 185.49.244.0/22 maxlen: 22
185.108.250.0/24 maxlen: 24
185.108.249.0/24 maxlen: 24
185.108.248.0/22 maxlen: 22
178.249.192.0/21 maxlen: 23
178.249.192.0/23 maxlen: 24
178.249.194.0/23 maxlen: 24
153.94.16.0/20 maxlen: 20
2a06:4942:200::/40 maxlen: 40
2a06:4942::/41 maxlen: 41
2a01:a4a0::/32 maxlen: 32
2a06:4940::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78283180 (0x4aa81ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ed500164f0738135b9aec04e38fc24cb90e0f5f
Validity
Not Before: Mar 24 09:23:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=59869e816d4af6dc8c7dcd5bcacf24ecf5cc4949
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:48:4e:94:e9:4a:73:68:96:e6:db:39:b5:76:
ac:33:4e:86:12:97:56:77:05:16:17:53:75:80:60:
bd:74:c0:ac:c5:09:50:e4:13:63:1c:53:a9:33:d2:
98:4b:06:15:c6:24:e2:00:d5:20:1c:fd:15:8a:12:
29:59:b6:ea:b7:19:9f:6e:1c:e8:9f:89:1f:dd:16:
64:ff:83:2d:06:41:f5:9a:72:35:a1:28:1e:b2:d8:
6b:47:6c:9c:08:b4:ed:99:83:af:64:e2:cb:bb:c7:
f8:de:1b:c4:78:f3:65:f6:34:da:80:36:7f:14:3d:
91:02:b2:4b:83:fd:6b:f9:a4:20:3c:85:91:9d:02:
71:ae:a6:6b:3d:a0:1d:e7:c0:96:1b:b2:49:5f:54:
96:b3:2f:20:90:74:f8:53:07:1b:c1:b0:07:12:12:
86:12:0e:d4:e3:61:57:0a:29:87:28:be:24:44:4c:
c4:10:69:44:15:78:cb:2b:c0:5f:12:5c:e3:10:5c:
28:68:57:c8:92:16:91:27:fc:f8:61:2b:8e:f4:6d:
27:22:32:30:4e:2c:1a:a2:64:57:20:a6:36:01:bf:
0f:e3:08:13:d6:95:a4:77:9f:1c:c4:20:0d:63:ec:
af:00:0b:b0:22:00:10:46:3d:fa:8e:4d:bd:fc:3a:
41:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:86:9E:81:6D:4A:F6:DC:8C:7D:CD:5B:CA:CF:24:EC:F5:CC:49:49
X509v3 Authority Key Identifier:
keyid:7E:D5:00:16:4F:07:38:13:5B:9A:EC:04:E3:8F:C2:4C:B9:0E:0F:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ftUAFk8HOBNbmuwE44_CTLkOD18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/9c5359-3452-42f3-880b-82d9a9eb430c/1/WYaegW1K9tyMfc1bys8k7PXMSUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/9c5359-3452-42f3-880b-82d9a9eb430c/1/ftUAFk8HOBNbmuwE44_CTLkOD18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.94.16.0/20
178.249.192.0/21
185.49.244.0/22
185.108.248.0/22
IPv6:
2a01:a4a0::/32
2a06:4940::/29
Signature Algorithm: sha256WithRSAEncryption
62:23:fa:60:be:46:6b:60:51:40:bc:17:dd:a7:c8:99:aa:b9:
30:2e:d9:01:0e:ed:d2:d7:a4:34:dc:40:b5:cc:a7:26:d5:c4:
12:e7:14:26:4f:a8:fa:bf:49:ad:eb:d9:b3:66:09:54:e8:13:
3c:9f:95:1a:c3:0b:a8:ae:67:fe:25:ba:7e:ce:37:4a:cc:ea:
9f:ba:ef:c6:3f:89:08:72:00:80:d7:74:f3:29:bb:ac:20:fe:
ee:83:7f:7b:65:22:0e:cb:2c:6e:ff:75:0a:b2:9c:a2:ff:21:
90:a5:83:2f:7b:20:03:92:c7:9f:ba:52:47:6a:cd:5b:bf:8c:
85:1b:c2:dd:2d:15:23:40:ca:cb:39:c5:db:98:70:39:ee:85:
0e:3f:1f:50:48:08:f1:74:02:86:21:40:74:e6:f0:d1:da:b2:
18:95:f1:c2:ff:e0:c8:7b:a6:e6:39:12:aa:a5:14:66:73:cc:
44:92:80:05:ee:00:b9:cd:0d:30:2b:28:0b:02:83:7a:72:65:
e0:6c:ec:14:45:d3:f9:5a:a2:2f:1a:3c:a3:87:e5:ba:87:71:
f3:c2:5d:51:67:f9:a6:8e:e5:db:c0:d3:7a:23:26:9b:17:f1:
96:eb:97:c9:de:78:2c:e3:28:ad:9c:3a:c7:ae:12:21:5b:32:
ec:36:1a:6a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIEBKqBrDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZWQ1MDAxNjRmMDczODEzNWI5YWVjMDRlMzhmYzI0Y2I5MGUwZjVmMB4XDTIyMDMy
NDA5MjM0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTk4NjllODE2ZDRh
ZjZkYzhjN2RjZDViY2FjZjI0ZWNmNWNjNDk0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJFITpTpSnNolubbObV2rDNOhhKXVncFFhdTdYBgvXTArMUJ
UOQTYxxTqTPSmEsGFcYk4gDVIBz9FYoSKVm26rcZn24c6J+JH90WZP+DLQZB9Zpy
NaEoHrLYa0dsnAi07ZmDr2Tiy7vH+N4bxHjzZfY02oA2fxQ9kQKyS4P9a/mkIDyF
kZ0Cca6maz2gHefAlhuySV9UlrMvIJB0+FMHG8GwBxIShhIO1ONhVwophyi+JERM
xBBpRBV4yyvAXxJc4xBcKGhXyJIWkSf8+GErjvRtJyIyME4sGqJkVyCmNgG/D+MI
E9aVpHefHMQgDWPsrwALsCIAEEY9+o5Nvfw6QbsCAwEAAaOCAjEwggItMB0GA1Ud
DgQWBBRZhp6BbUr23Ix9zVvKzyTs9cxJSTAfBgNVHSMEGDAWgBR+1QAWTwc4E1ua
7ATjj8JMuQ4PXzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2Z0VUFGazhIT0JOYm11d0U0NF9DVExrT0QxOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvOWM1MzU5LTM0NTItNDJmMy04ODBiLTgyZDlhOWViNDMwYy8x
L1dZYWVnVzFLOXR5TWZjMWJ5czhrN1BYTVNVay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
OWM1MzU5LTM0NTItNDJmMy04ODBiLTgyZDlhOWViNDMwYy8xL2Z0VUFGazhIT0JO
Ym11d0U0NF9DVExrT0QxOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBH
BggrBgEFBQcBBwEB/wQ4MDYwHgQCAAEwGAMEBJleEAMEA7L5wAMEArkx9AMEArls
+DAUBAIAAjAOAwUAKgGkoAMFAyoGSUAwDQYJKoZIhvcNAQELBQADggEBAGIj+mC+
RmtgUUC8F92nyJmquTAu2QEO7dLXpDTcQLXMpybVxBLnFCZPqPq/Sa3r2bNmCVTo
EzyflRrDC6iuZ/4lun7ON0rM6p+678Y/iQhyAIDXdPMpu6wg/u6Df3tlIg7LLG7/
dQqynKL/IZClgy97IAOSx5+6UkdqzVu/jIUbwt0tFSNAyss5xduYcDnuhQ4/H1BI
CPF0AoYhQHTm8NHashiV8cL/4Mh7puY5EqqlFGZzzESSgAXuALnNDTArKAsCg3py
ZeBs7BRF0/laoi8aPKOH5bqHcfPCXVFn+aaO5dvA03ojJpsX8Zbrl8neeCzjKK2c
OseuEiFbMuw2Gmo=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:23 2023 by rpki-client on console-ams.rpki-client.org