Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/63564f-aca1-463d-be1e-e5520aa7ba37/1/WVq_QbLYu4oN9q1qW-0TaSYmqmM.roa
File: WVq_QbLYu4oN9q1qW-0TaSYmqmM.roa (raw, json)
Hash identifier: rUl/Wh2LXbN0DgJRh6jp8YiArv6ekci5IEuLvR4LCT4=
Subject key identifier: 59:5A:BF:41:B2:D8:BB:8A:0D:F6:AD:6A:5B:ED:13:69:26:26:AA:63
Certificate issuer: /CN=f563da6eb3b7a07fdc4525883004970d640b036b
Certificate serial: 0184A9FC9731A2613E5A4752EB9669412961
Authority key identifier: F5:63:DA:6E:B3:B7:A0:7F:DC:45:25:88:30:04:97:0D:64:0B:03:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9WPabrO3oH_cRSWIMASXDWQLA2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/63564f-aca1-463d-be1e-e5520aa7ba37/1/WVq_QbLYu4oN9q1qW-0TaSYmqmM.roa
Signing time: Thu 24 Nov 2022 14:13:33 +0000
ROA not before: Thu 24 Nov 2022 14:13:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6661
IP address blocks: 213.166.32.0/19 maxlen: 24
107.183.0.0/17 maxlen: 24
213.135.224.0/19 maxlen: 24
88.207.128.0/17 maxlen: 24
146.0.216.0/21 maxlen: 24
78.141.128.0/18 maxlen: 24
185.32.236.0/22 maxlen: 24
37.157.152.0/21 maxlen: 24
194.154.192.0/19 maxlen: 24
87.240.192.0/18 maxlen: 24
178.254.64.0/18 maxlen: 24
146.0.212.0/22 maxlen: 24
188.115.0.0/18 maxlen: 24
83.99.0.0/17 maxlen: 24
146.0.128.0/18 maxlen: 24
195.46.224.0/19 maxlen: 24
2001:7e8::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a9:fc:97:31:a2:61:3e:5a:47:52:eb:96:69:41:29:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f563da6eb3b7a07fdc4525883004970d640b036b
Validity
Not Before: Nov 24 14:13:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=595abf41b2d8bb8a0df6ad6a5bed13692626aa63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a6:82:bb:88:aa:4a:aa:9d:58:41:90:46:94:
fd:1d:09:5d:cb:4b:c1:fc:fb:31:88:eb:ad:4a:06:
cf:9a:5e:be:7f:ae:be:89:25:7b:b7:9b:f4:0e:4d:
46:16:12:5b:c0:20:c4:6d:02:f8:22:a8:4b:2c:4e:
31:34:81:65:77:90:eb:90:4e:80:21:54:35:f1:d6:
0d:de:90:1b:d9:68:a5:3b:ed:dc:e6:47:33:bf:f9:
59:4c:f0:07:ca:8d:cf:53:ee:48:6e:9e:76:ff:ef:
49:4b:58:fb:87:aa:74:95:41:ce:69:48:8a:8b:91:
1f:a7:b0:77:a4:7f:eb:49:fd:2a:47:56:46:0a:98:
36:c6:94:7e:a9:11:9d:58:c7:d3:71:2c:44:c0:58:
f0:61:17:57:c6:17:21:9b:2f:68:74:02:64:44:70:
05:09:d5:0b:84:9f:b6:08:15:82:dd:fe:18:6f:5f:
4f:4b:c1:41:27:ff:f8:42:69:f1:6e:7c:92:d7:97:
43:8d:96:2e:69:59:c0:6c:c2:04:f6:d7:fd:8b:b1:
ce:ab:5a:07:15:d4:d7:be:69:ab:b3:a0:f1:d5:a4:
ff:4e:d4:86:d5:63:4c:0e:48:d8:e7:3b:69:d6:d9:
3f:af:75:23:a7:a0:51:34:c1:51:1e:45:ed:f0:aa:
aa:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:5A:BF:41:B2:D8:BB:8A:0D:F6:AD:6A:5B:ED:13:69:26:26:AA:63
X509v3 Authority Key Identifier:
keyid:F5:63:DA:6E:B3:B7:A0:7F:DC:45:25:88:30:04:97:0D:64:0B:03:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9WPabrO3oH_cRSWIMASXDWQLA2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/63564f-aca1-463d-be1e-e5520aa7ba37/1/WVq_QbLYu4oN9q1qW-0TaSYmqmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/63564f-aca1-463d-be1e-e5520aa7ba37/1/9WPabrO3oH_cRSWIMASXDWQLA2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.157.152.0/21
78.141.128.0/18
83.99.0.0/17
87.240.192.0/18
88.207.128.0/17
107.183.0.0/17
146.0.128.0/18
146.0.212.0-146.0.223.255
178.254.64.0/18
185.32.236.0/22
188.115.0.0/18
194.154.192.0/19
195.46.224.0/19
213.135.224.0/19
213.166.32.0/19
IPv6:
2001:7e8::/32
Signature Algorithm: sha256WithRSAEncryption
58:b6:49:a2:48:97:68:5b:8e:db:d8:2b:66:83:b4:6b:ce:4d:
a2:63:38:68:92:56:8a:05:cc:de:74:5c:8b:fc:2b:07:de:50:
e6:d3:1d:4c:1d:dd:f4:93:88:63:a3:35:c6:21:49:04:97:ad:
4c:29:60:c2:82:80:2f:69:ed:14:67:04:36:92:8a:f4:a8:5e:
8d:bc:fd:36:05:ec:d6:04:28:30:8f:b1:31:b2:0c:7a:a2:58:
15:7e:1d:0b:f9:8b:8e:3d:c0:2a:44:0d:a8:98:d9:a3:f6:30:
ae:ec:bf:02:75:0f:2e:ad:6d:2f:78:fa:bf:1a:b3:37:8d:e7:
d5:f1:7c:0b:0b:7c:cf:51:54:23:cb:da:20:54:e4:9b:8d:af:
7e:3a:f0:1a:9b:28:20:fc:1b:c6:46:7c:95:1d:0c:20:8b:96:
f6:fc:42:39:e4:e6:58:6c:0b:b9:71:fa:e2:d9:e5:6b:f2:f4:
16:47:fa:bd:9e:ad:7e:fe:fa:82:0c:25:2f:63:33:84:5a:42:
c7:a3:c3:dd:58:97:36:ff:32:7f:f6:d0:05:09:04:37:19:c0:
74:ae:8a:55:70:c7:09:c1:6e:35:f6:ce:9e:e5:c7:01:a6:05:
4a:b9:d4:d2:ce:53:45:33:00:73:37:69:46:c3:b2:35:98:f0:
8b:f6:bb:5e
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAYSp/JcxomE+WkdS65ZpQSlhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1NjNkYTZlYjNiN2EwN2ZkYzQ1MjU4ODMwMDQ5NzBkNjQw
YjAzNmIwHhcNMjIxMTI0MTQxMzMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTVhYmY0MWIyZDhiYjhhMGRmNmFkNmE1YmVkMTM2OTI2MjZhYTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKaCu4iqSqqdWEGQRpT9HQldy0vB
/PsxiOutSgbPml6+f66+iSV7t5v0Dk1GFhJbwCDEbQL4IqhLLE4xNIFld5DrkE6A
IVQ18dYN3pAb2WilO+3c5kczv/lZTPAHyo3PU+5Ibp52/+9JS1j7h6p0lUHOaUiK
i5Efp7B3pH/rSf0qR1ZGCpg2xpR+qRGdWMfTcSxEwFjwYRdXxhchmy9odAJkRHAF
CdULhJ+2CBWC3f4Yb19PS8FBJ//4QmnxbnyS15dDjZYuaVnAbMIE9tf9i7HOq1oH
FdTXvmmrs6Dx1aT/TtSG1WNMDkjY5ztp1tk/r3Ujp6BRNMFRHkXt8KqqmwIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFFlav0Gy2LuKDfatalvtE2kmJqpjMB8GA1UdIwQY
MBaAFPVj2m6zt6B/3EUliDAElw1kCwNrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVdQYWJyTzNvSF9jUlNXSU1BU1hEV1FMQTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy82MzU2NGYtYWNhMS00NjNkLWJlMWUt
ZTU1MjBhYTdiYTM3LzEvV1ZxX1FiTFl1NG9OOXExcVctMFRhU1ltcW1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy82MzU2NGYtYWNhMS00NjNkLWJlMWUtZTU1MjBhYTdiYTM3
LzEvOVdQYWJyTzNvSF9jUlNXSU1BU1hEV1FMQTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwaAQCAAEwYgMEAyWdmAME
Bk6NgAMEB1NjAAMEBlfwwAMEB1jPgAMEB2u3AAMEBpIAgDAMAwQCkgDUAwQFkgDA
AwQGsv5AAwQCuSDsAwQGvHMAAwQFwprAAwQFwy7gAwQF1YfgAwQF1aYgMA0EAgAC
MAcDBQAgAQfoMA0GCSqGSIb3DQEBCwUAA4IBAQBYtkmiSJdoW47b2Ctmg7Rrzk2i
YzhoklaKBczedFyL/CsH3lDm0x1MHd30k4hjozXGIUkEl61MKWDCgoAvae0UZwQ2
kor0qF6NvP02BezWBCgwj7Exsgx6olgVfh0L+YuOPcAqRA2omNmj9jCu7L8CdQ8u
rW0vePq/GrM3jefV8XwLC3zPUVQjy9ogVOSbja9+OvAamygg/BvGRnyVHQwgi5b2
/EI55OZYbAu5cfri2eVr8vQWR/q9nq1+/vqCDCUvYzOEWkLHo8PdWJc2/zJ/9tAF
CQQ3GcB0ropVcMcJwW419s6e5ccBpgVKudTSzlNFMwBzN2lGw7I1mPCL9rte
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:32 2023 by rpki-client on console-ams.rpki-client.org