Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/Wk6xeDOBXapK35IA67dWIavoHr0.roa
File: Wk6xeDOBXapK35IA67dWIavoHr0.roa (raw, json)
Hash identifier: CuojqPIdBRJLJNjAZJFyKg/lWU5ZA3je3RXHDqKvC/Y=
Subject key identifier: 5A:4E:B1:78:33:81:5D:AA:4A:DF:92:00:EB:B7:56:21:AB:E8:1E:BD
Certificate issuer: /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial: 01821A918FD003FBEF55A873A294A1AF2E7A
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/Wk6xeDOBXapK35IA67dWIavoHr0.roa
Signing time: Wed 20 Jul 2022 07:45:23 +0000
ROA not before: Wed 20 Jul 2022 07:45:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12793
IP address blocks: 212.88.160.0/19 maxlen: 19
213.147.160.0/19 maxlen: 19
81.5.192.0/18 maxlen: 18
194.152.96.0/19 maxlen: 19
85.90.128.0/19 maxlen: 19
80.89.96.0/20 maxlen: 20
217.149.160.0/20 maxlen: 20
213.225.0.0/18 maxlen: 18
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:1a:91:8f:d0:03:fb:ef:55:a8:73:a2:94:a1:af:2e:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Validity
Not Before: Jul 20 07:45:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5a4eb17833815daa4adf9200ebb75621abe81ebd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c1:89:64:9f:78:27:74:2f:32:74:d4:76:d8:
e8:04:c0:05:d5:eb:73:43:cf:be:cf:06:2a:91:71:
14:93:c8:77:5d:51:26:b1:fc:f3:d7:f2:1c:da:dd:
63:ce:a6:98:1b:ce:fa:53:6f:5e:a7:c6:01:b1:22:
31:08:7b:72:61:30:b7:30:df:01:51:28:7e:59:f3:
42:53:bd:16:89:f2:b9:d6:8d:e1:a7:bc:e6:0f:3d:
3c:b8:17:53:6b:1a:7d:9c:f7:20:39:9b:f6:e8:f0:
d2:ba:a6:57:59:c5:a9:d7:d7:56:a1:0e:50:f2:98:
5d:32:99:26:f5:22:60:ba:14:88:c2:2d:1f:0a:f2:
72:f2:72:83:b0:30:98:29:14:3c:40:d8:a1:1e:e9:
bb:93:d6:c9:e6:63:b2:7e:20:f9:b8:40:eb:08:13:
e4:b6:bf:57:d8:82:8d:cd:2b:34:2c:ec:c9:2a:75:
a3:2a:7d:80:a3:9f:92:7e:01:2c:ad:a7:3a:93:f9:
af:7a:fb:e1:2f:cf:f9:bb:26:a2:da:1c:82:36:d4:
f3:9f:ae:1d:d0:6f:5b:98:4b:d2:48:e7:9b:2c:f8:
e0:9e:87:84:79:e7:b6:d5:49:53:4e:e8:27:b4:1f:
a5:d1:dc:d7:74:1d:fd:00:21:ca:17:52:04:12:be:
6b:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:4E:B1:78:33:81:5D:AA:4A:DF:92:00:EB:B7:56:21:AB:E8:1E:BD
X509v3 Authority Key Identifier:
keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/Wk6xeDOBXapK35IA67dWIavoHr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.89.96.0/20
81.5.192.0/18
85.90.128.0/19
194.152.96.0/19
212.88.160.0/19
213.147.160.0/19
213.225.0.0/18
217.149.160.0/20
Signature Algorithm: sha256WithRSAEncryption
29:e4:f6:c2:4e:3d:93:bd:03:d6:c0:c2:41:3d:55:81:23:09:
ba:da:35:76:47:f7:d3:a0:c9:df:95:dc:d0:4e:53:41:db:6a:
f5:db:30:ce:a4:c3:f5:7e:f3:a4:16:01:ac:c9:50:55:3f:e1:
46:64:7c:6a:8b:e1:b3:76:dc:45:90:77:b1:20:40:77:62:ea:
a8:f0:38:18:8f:6f:27:74:4a:94:0d:f4:bf:39:a2:da:94:96:
a1:df:0c:de:0b:bf:4c:71:c1:b2:e2:bc:7c:cc:ba:e1:81:4f:
3b:65:75:ef:5e:b0:67:23:c2:0b:8f:d3:70:ec:c2:d8:b7:c4:
47:b0:78:08:cb:1e:09:aa:30:67:bf:64:c0:0f:e2:25:34:ed:
0e:07:8e:65:44:bd:b2:c2:ff:19:0e:69:fd:25:c0:cb:40:fb:
cf:f7:84:92:2a:f7:47:00:3a:cf:c2:d2:32:33:da:1b:be:ff:
58:88:d5:2f:70:b8:8d:b5:c7:56:1c:fa:dd:c6:e3:ed:69:82:
60:21:c7:27:cc:27:ac:57:94:b1:e9:c6:10:1a:ea:30:15:74:
d1:df:e8:2c:42:c4:29:21:36:d8:28:a8:b1:e4:c0:a6:67:b6:
24:13:0f:3b:96:31:e4:76:34:3b:14:b3:ec:c4:dc:ce:76:b2:
54:f0:7e:6c
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYIakY/QA/vvVahzopShry56MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjIwNzIwMDc0NTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTRlYjE3ODMzODE1ZGFhNGFkZjkyMDBlYmI3NTYyMWFiZTgxZWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcGJZJ94J3QvMnTUdtjoBMAF1etz
Q8++zwYqkXEUk8h3XVEmsfzz1/Ic2t1jzqaYG876U29ep8YBsSIxCHtyYTC3MN8B
USh+WfNCU70WifK51o3hp7zmDz08uBdTaxp9nPcgOZv26PDSuqZXWcWp19dWoQ5Q
8phdMpkm9SJguhSIwi0fCvJy8nKDsDCYKRQ8QNihHum7k9bJ5mOyfiD5uEDrCBPk
tr9X2IKNzSs0LOzJKnWjKn2Ao5+SfgEsrac6k/mvevvhL8/5uyai2hyCNtTzn64d
0G9bmEvSSOebLPjgnoeEeee21UlTTugntB+l0dzXdB39ACHKF1IEEr5rxwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFFpOsXgzgV2qSt+SAOu3ViGr6B69MB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEvV2s2eGVET0JYYXBLMzVJQTY3ZFdJYXZvSHIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk
LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQEUFlgAwQG
UQXAAwQFVVqAAwQFwphgAwQF1FigAwQF1ZOgAwQG1eEAAwQE2ZWgMA0GCSqGSIb3
DQEBCwUAA4IBAQAp5PbCTj2TvQPWwMJBPVWBIwm62jV2R/fToMnfldzQTlNB22r1
2zDOpMP1fvOkFgGsyVBVP+FGZHxqi+GzdtxFkHexIEB3Yuqo8DgYj28ndEqUDfS/
OaLalJah3wzeC79MccGy4rx8zLrhgU87ZXXvXrBnI8ILj9Nw7MLYt8RHsHgIyx4J
qjBnv2TAD+IlNO0OB45lRL2ywv8ZDmn9JcDLQPvP94SSKvdHADrPwtIyM9obvv9Y
iNUvcLiNtcdWHPrdxuPtaYJgIccnzCesV5Sx6cYQGuowFXTR3+gsQsQpITbYKKix
5MCmZ7YkEw87ljHkdjQ7FLPsxNzOdrJU8H5s
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:09 2023 by rpki-client on console-fra.rpki-client.org