Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/wcJisCcqD2PlV3vvwuVhoe83ShA.roa
File: wcJisCcqD2PlV3vvwuVhoe83ShA.roa (raw, json)
Hash identifier: wVBTzmFpIZ/irsNJTksXb6+ixe8iB+Uq2XtEQLhFgx0=
Subject key identifier: C1:C2:62:B0:27:2A:0F:63:E5:57:7B:EF:C2:E5:61:A1:EF:37:4A:10
Certificate issuer: /CN=954a2aee086174b01272fae779ad431eb092aeb7
Certificate serial: 360708DC
Authority key identifier: 95:4A:2A:EE:08:61:74:B0:12:72:FA:E7:79:AD:43:1E:B0:92:AE:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lUoq7ghhdLAScvrnea1DHrCSrrc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/wcJisCcqD2PlV3vvwuVhoe83ShA.roa
Signing time: Sat 01 Jan 2022 05:53:37 +0000
ROA not before: Sat 01 Jan 2022 05:53:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44922
IP address blocks: 93.89.16.0/24 maxlen: 24
93.89.17.0/24 maxlen: 24
93.89.21.0/24 maxlen: 24
93.89.22.0/24 maxlen: 24
93.89.20.0/24 maxlen: 24
93.89.18.0/24 maxlen: 24
93.89.19.0/24 maxlen: 24
93.89.25.0/24 maxlen: 24
93.89.26.0/24 maxlen: 24
93.89.28.0/24 maxlen: 24
93.89.29.0/24 maxlen: 24
93.89.27.0/24 maxlen: 24
93.89.30.0/24 maxlen: 24
93.89.31.0/24 maxlen: 24
2a03:400::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 906430684 (0x360708dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=954a2aee086174b01272fae779ad431eb092aeb7
Validity
Not Before: Jan 1 05:53:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c1c262b0272a0f63e5577befc2e561a1ef374a10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:a6:23:84:45:2e:73:f8:47:43:11:f9:14:35:
42:c3:88:b8:40:c5:4d:cb:d8:a8:8c:5a:bd:06:ce:
68:b9:61:f7:8f:b9:3b:8e:b3:53:44:59:26:e6:15:
fc:14:9f:9b:67:9d:51:6e:4a:75:a1:46:b3:8b:41:
c5:d3:c3:fc:f5:ed:8a:8c:d5:19:94:9f:7b:1f:79:
58:88:17:57:6d:47:ab:b3:c9:bc:9f:4a:de:37:35:
0a:4f:ab:e0:75:e0:ec:f4:ae:e3:2d:9b:13:9b:d5:
33:45:dd:cd:c6:2f:a6:a0:44:ec:6e:cd:3b:2c:18:
75:8e:9f:38:8f:db:b3:c8:d4:0d:8b:e7:e5:e6:8e:
07:b3:dc:2b:70:a3:a2:85:61:05:7e:84:48:da:32:
77:e5:aa:be:75:ca:03:39:f2:a5:db:1c:6a:28:a7:
ff:3a:5e:3c:d7:f9:54:4b:c1:dc:e3:06:b1:e8:ec:
e8:f2:91:62:27:cf:14:55:96:14:c7:d0:50:f1:19:
e6:50:4a:63:1d:48:1e:ac:73:ff:df:1e:0f:6f:1c:
5b:70:92:92:2b:cc:8f:8d:d8:ef:9b:33:f1:eb:0a:
ce:33:a6:9d:0c:66:30:a8:bb:24:27:cd:68:cd:e0:
e8:3b:88:bf:7b:3a:3c:d8:8c:e4:47:d2:ac:e9:f2:
8a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:C2:62:B0:27:2A:0F:63:E5:57:7B:EF:C2:E5:61:A1:EF:37:4A:10
X509v3 Authority Key Identifier:
keyid:95:4A:2A:EE:08:61:74:B0:12:72:FA:E7:79:AD:43:1E:B0:92:AE:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lUoq7ghhdLAScvrnea1DHrCSrrc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/wcJisCcqD2PlV3vvwuVhoe83ShA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/lUoq7ghhdLAScvrnea1DHrCSrrc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.89.16.0-93.89.22.255
93.89.25.0-93.89.31.255
IPv6:
2a03:400::/32
Signature Algorithm: sha256WithRSAEncryption
c6:05:c4:45:54:7b:80:fd:75:7d:fe:00:37:84:c5:1c:70:20:
59:29:3f:92:d5:d7:9f:37:bf:ab:eb:91:7e:31:d0:4f:02:0d:
64:f7:4a:39:21:3b:b4:cb:9c:e6:ab:ca:33:75:46:d5:e9:ab:
ef:76:8e:20:91:88:c3:96:69:6a:9a:49:e3:64:b6:be:ca:f1:
a3:fa:0c:64:1e:5e:72:33:8f:89:e3:d7:12:21:ca:80:19:d3:
4f:5e:2a:94:5a:3a:e5:d2:5e:c8:2b:35:56:5f:84:ae:e1:37:
66:47:e4:2d:c9:02:d5:a9:c2:0c:d1:0c:28:a4:c2:95:6d:f5:
c4:3b:a0:a3:b8:af:0d:36:9d:ee:9f:19:f2:d9:54:b7:84:e8:
dc:a1:8e:ad:9b:bb:04:83:c6:d3:0c:95:e4:7b:1b:6f:62:2a:
20:c0:a9:fa:de:a8:0f:a1:b1:b3:a6:ea:9c:df:dc:a4:bb:c4:
e6:81:c9:d6:48:79:91:d6:59:43:1a:2f:86:27:37:5b:4e:41:
c3:3c:62:d0:da:4f:24:e3:5a:3c:b2:2c:91:32:f1:a9:55:2c:
27:68:56:0d:cf:3f:1a:a8:df:c6:a2:d4:3d:b9:e9:26:f8:0f:
a7:4f:ea:5c:07:57:0d:04:59:39:08:96:e3:f1:7f:39:d5:05:
a3:18:20:42
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgIENgcI3DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NTRhMmFlZTA4NjE3NGIwMTI3MmZhZTc3OWFkNDMxZWIwOTJhZWI3MB4XDTIyMDEw
MTA1NTMzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzFjMjYyYjAyNzJh
MGY2M2U1NTc3YmVmYzJlNTYxYTFlZjM3NGExMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOmmI4RFLnP4R0MR+RQ1QsOIuEDFTcvYqIxavQbOaLlh94+5
O46zU0RZJuYV/BSfm2edUW5KdaFGs4tBxdPD/PXtiozVGZSfex95WIgXV21Hq7PJ
vJ9K3jc1Ck+r4HXg7PSu4y2bE5vVM0XdzcYvpqBE7G7NOywYdY6fOI/bs8jUDYvn
5eaOB7PcK3CjooVhBX6ESNoyd+WqvnXKAznypdscaiin/zpePNf5VEvB3OMGsejs
6PKRYifPFFWWFMfQUPEZ5lBKYx1IHqxz/98eD28cW3CSkivMj43Y75sz8esKzjOm
nQxmMKi7JCfNaM3g6DuIv3s6PNiM5EfSrOnyig0CAwEAAaOCAi4wggIqMB0GA1Ud
DgQWBBTBwmKwJyoPY+VXe+/C5WGh7zdKEDAfBgNVHSMEGDAWgBSVSiruCGF0sBJy
+ud5rUMesJKutzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xVb3E3Z2hoZExBU2N2cm5lYTFESHJDU3JyYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWUvMjM1Mzk2LTBlNDItNDM3Ny04NTVhLTQ1NjVmMDRmOGQ4NS8x
L3djSmlzQ2NxRDJQbFYzdnZ3dVZob2U4M1NoQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWUv
MjM1Mzk2LTBlNDItNDM3Ny04NTVhLTQ1NjVmMDRmOGQ4NS8xL2xVb3E3Z2hoZExB
U2N2cm5lYTFESHJDU3JyYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBE
BggrBgEFBQcBBwEB/wQ1MDMwIgQCAAEwHDAMAwQEXVkQAwQAXVkWMAwDBABdWRkD
BAVdWQAwDQQCAAIwBwMFACoDBAAwDQYJKoZIhvcNAQELBQADggEBAMYFxEVUe4D9
dX3+ADeExRxwIFkpP5LV1583v6vrkX4x0E8CDWT3SjkhO7TLnOaryjN1RtXpq+92
jiCRiMOWaWqaSeNktr7K8aP6DGQeXnIzj4nj1xIhyoAZ009eKpRaOuXSXsgrNVZf
hK7hN2ZH5C3JAtWpwgzRDCikwpVt9cQ7oKO4rw02ne6fGfLZVLeE6Nyhjq2buwSD
xtMMleR7G29iKiDAqfreqA+hsbOm6pzf3KS7xOaBydZIeZHWWUMaL4YnN1tOQcM8
YtDaTyTjWjyyLJEy8alVLCdoVg3PPxqo38ai1D256Sb4D6dP6lwHVw0EWTkIluPx
fznVBaMYIEI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:18 2024 by rpki-client on console-ams.rpki-client.org