Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/b5d9e0-c6b4-46f6-b45e-c56f177709de/1/Wchn4aBO1DBvuFqODvPTq5QGW5A.roa
File: Wchn4aBO1DBvuFqODvPTq5QGW5A.roa (raw, json)
Hash identifier: YykNwpPVU6TlJNgvmla0b39/Z3fNACWhhlbODyQ4W9E=
Subject key identifier: 59:C8:67:E1:A0:4E:D4:30:6F:B8:5A:8E:0E:F3:D3:AB:94:06:5B:90
Certificate issuer: /CN=0952ce4dd8640276f4c1841adb3a742f544924ea
Certificate serial: 0A9BE53D
Authority key identifier: 09:52:CE:4D:D8:64:02:76:F4:C1:84:1A:DB:3A:74:2F:54:49:24:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CVLOTdhkAnb0wYQa2zp0L1RJJOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/b5d9e0-c6b4-46f6-b45e-c56f177709de/1/Wchn4aBO1DBvuFqODvPTq5QGW5A.roa
Signing time: Sat 01 Jan 2022 13:06:10 +0000
ROA not before: Sat 01 Jan 2022 13:06:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2852
IP address blocks: 160.217.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 177988925 (0xa9be53d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0952ce4dd8640276f4c1841adb3a742f544924ea
Validity
Not Before: Jan 1 13:06:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=59c867e1a04ed4306fb85a8e0ef3d3ab94065b90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:46:8a:fd:fb:db:ea:65:08:cf:ce:8d:b3:4f:
11:d0:1a:57:87:82:84:15:af:73:5d:c0:cc:99:11:
92:67:11:18:52:2b:5f:c6:74:bb:41:0c:5d:22:3d:
b8:e9:19:26:f2:30:82:61:40:4d:f8:72:39:bc:33:
a2:4e:01:94:20:7d:11:49:8c:20:9b:09:2b:85:ed:
8e:c6:57:b5:2b:d8:26:b6:93:eb:ca:41:78:dd:02:
7b:e5:59:3e:76:bf:87:7d:1e:a1:9e:65:52:de:be:
84:ae:22:0e:9d:d4:fc:99:8f:92:b7:0c:7d:62:55:
96:e3:b2:16:83:d6:8b:90:d6:23:4b:cb:a8:3b:fb:
07:82:0e:fe:67:43:70:0e:08:5e:8b:c2:a3:a4:7a:
df:31:d2:b8:95:34:bf:64:75:fd:d2:7b:88:e9:40:
ba:3a:ef:d5:9e:9e:d1:02:a7:68:89:f2:7a:73:9b:
50:c6:e5:16:7d:75:d4:f4:67:a8:7d:4b:a3:6d:8d:
21:88:e2:bb:da:20:6a:69:9d:05:b2:1e:4c:4f:0f:
5c:09:b3:7c:b9:a2:4e:61:d2:ab:75:36:fc:52:57:
22:5f:f6:da:fd:05:42:b7:06:4d:d4:e8:9e:2d:4c:
0d:90:b2:50:fb:5f:4b:d9:26:fd:4e:a9:71:90:4c:
ee:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:C8:67:E1:A0:4E:D4:30:6F:B8:5A:8E:0E:F3:D3:AB:94:06:5B:90
X509v3 Authority Key Identifier:
keyid:09:52:CE:4D:D8:64:02:76:F4:C1:84:1A:DB:3A:74:2F:54:49:24:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CVLOTdhkAnb0wYQa2zp0L1RJJOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/b5d9e0-c6b4-46f6-b45e-c56f177709de/1/Wchn4aBO1DBvuFqODvPTq5QGW5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/b5d9e0-c6b4-46f6-b45e-c56f177709de/1/CVLOTdhkAnb0wYQa2zp0L1RJJOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.217.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a5:0d:23:3f:80:df:1f:64:71:ca:c3:ec:ce:24:e0:9e:dc:f9:
fd:71:63:34:93:ee:c2:c6:38:61:01:53:39:84:8a:a0:86:0d:
31:37:47:5e:95:5b:dc:e7:1e:b8:8b:1d:b5:07:00:16:d8:f9:
58:0c:9c:9f:71:d1:c0:81:da:8b:0f:2e:26:79:f2:8a:43:4c:
9a:e3:18:08:50:90:80:a7:48:2c:3e:dd:a3:5e:a8:c3:36:e8:
44:65:21:02:71:46:39:ec:56:85:13:e4:19:e4:78:2f:05:0f:
23:ff:a4:7a:15:26:14:e4:14:7b:a5:e6:a2:aa:a4:a7:56:7c:
3b:94:dc:c8:64:00:99:a3:9a:22:61:87:3e:ed:ab:09:6d:ea:
7c:1d:fa:c3:05:b2:95:e8:b9:29:06:86:48:46:a8:b9:89:a0:
5b:96:6e:f0:b1:37:5b:2a:e5:89:0e:7d:33:9e:a1:e5:b1:61:
1e:2f:14:52:25:4a:47:5b:22:62:73:ac:27:f8:16:ea:3d:7d:
e3:20:ce:99:61:28:45:64:7b:e2:17:bc:bc:64:25:a2:57:80:
4b:9b:28:cd:67:12:e8:45:96:0e:69:bb:c1:b3:64:44:ec:34:
f4:10:e5:78:70:c9:98:30:03:3d:e7:31:37:98:fb:e1:fc:e8:
ff:03:56:29
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIECpvlPTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
OTUyY2U0ZGQ4NjQwMjc2ZjRjMTg0MWFkYjNhNzQyZjU0NDkyNGVhMB4XDTIyMDEw
MTEzMDYxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTljODY3ZTFhMDRl
ZDQzMDZmYjg1YThlMGVmM2QzYWI5NDA2NWI5MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ1Giv372+plCM/OjbNPEdAaV4eChBWvc13AzJkRkmcRGFIr
X8Z0u0EMXSI9uOkZJvIwgmFATfhyObwzok4BlCB9EUmMIJsJK4XtjsZXtSvYJraT
68pBeN0Ce+VZPna/h30eoZ5lUt6+hK4iDp3U/JmPkrcMfWJVluOyFoPWi5DWI0vL
qDv7B4IO/mdDcA4IXovCo6R63zHSuJU0v2R1/dJ7iOlAujrv1Z6e0QKnaInyenOb
UMblFn111PRnqH1Lo22NIYjiu9ogammdBbIeTE8PXAmzfLmiTmHSq3U2/FJXIl/2
2v0FQrcGTdToni1MDZCyUPtfS9km/U6pcZBM7r8CAwEAAaOCAggwggIEMB0GA1Ud
DgQWBBRZyGfhoE7UMG+4Wo4O89OrlAZbkDAfBgNVHSMEGDAWgBQJUs5N2GQCdvTB
hBrbOnQvVEkk6jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NWTE9UZGhrQW5iMHdZUWEyenAwTDFSSkpPby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWQvYjVkOWUwLWM2YjQtNDZmNi1iNDVlLWM1NmYxNzc3MDlkZS8x
L1djaG40YUJPMURCdnVGcU9EdlBUcTVRR1c1QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWQv
YjVkOWUwLWM2YjQtNDZmNi1iNDVlLWM1NmYxNzc3MDlkZS8xL0NWTE9UZGhrQW5i
MHdZUWEyenAwTDFSSkpPby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAe
BggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAKDZMA0GCSqGSIb3DQEBCwUAA4IB
AQClDSM/gN8fZHHKw+zOJOCe3Pn9cWM0k+7CxjhhAVM5hIqghg0xN0delVvc5x64
ix21BwAW2PlYDJyfcdHAgdqLDy4mefKKQ0ya4xgIUJCAp0gsPt2jXqjDNuhEZSEC
cUY57FaFE+QZ5HgvBQ8j/6R6FSYU5BR7peaiqqSnVnw7lNzIZACZo5oiYYc+7asJ
bep8HfrDBbKV6LkpBoZIRqi5iaBblm7wsTdbKuWJDn0znqHlsWEeLxRSJUpHWyJi
c6wn+BbqPX3jIM6ZYShFZHviF7y8ZCWiV4BLmyjNZxLoRZYOabvBs2RE7DT0EOV4
cMmYMAM95zE3mPvh/Oj/A1Yp
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:05 2023 by rpki-client on console-ams.rpki-client.org