Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/WGknEb0iA-Kad77gWv9k5TxEVWg.roa
File: WGknEb0iA-Kad77gWv9k5TxEVWg.roa (raw, json)
Hash identifier: 5+aW+CChWJpzW6uhCHYgewTXLHSg6GYWSt6hM7XUW/k=
Subject key identifier: 58:69:27:11:BD:22:03:E2:9A:77:BE:E0:5A:FF:64:E5:3C:44:55:68
Certificate issuer: /CN=653f55629121b60fb19c97f99c75dd6f015dd6e8
Certificate serial: 367586E2
Authority key identifier: 65:3F:55:62:91:21:B6:0F:B1:9C:97:F9:9C:75:DD:6F:01:5D:D6:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/WGknEb0iA-Kad77gWv9k5TxEVWg.roa
Signing time: Mon 27 Jun 2022 03:55:40 +0000
ROA not before: Mon 27 Jun 2022 03:55:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 4637
IP address blocks: 195.153.124.0/24 maxlen: 24
195.153.19.0/24 maxlen: 24
217.151.32.0/20 maxlen: 24
195.153.74.0/24 maxlen: 24
195.153.108.0/22 maxlen: 22
195.153.216.0/24 maxlen: 24
195.153.217.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 913671906 (0x367586e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=653f55629121b60fb19c97f99c75dd6f015dd6e8
Validity
Not Before: Jun 27 03:55:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=58692711bd2203e29a77bee05aff64e53c445568
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:c9:90:82:60:4d:e2:2d:85:18:9b:37:ae:1c:
ed:c5:a3:fb:7b:c8:25:75:72:c3:e0:e8:39:c5:75:
e6:b3:9b:60:03:d4:5f:49:c7:51:a2:a2:db:14:6e:
91:fd:03:fb:3f:40:27:80:26:a2:49:bc:dd:ff:a3:
d0:b3:82:12:d7:9a:d5:a8:c5:42:e6:c5:f8:c2:51:
9f:aa:5e:7e:53:be:61:e7:49:1f:f9:d2:75:50:c5:
16:84:64:35:fa:21:ec:d4:ad:cf:a6:b5:1c:e4:3e:
a5:84:3a:dd:e2:a6:af:19:71:42:85:34:df:0f:3f:
41:14:1c:9a:c1:75:6a:d4:92:23:04:8e:25:9d:52:
de:01:71:58:ff:49:20:b1:69:d1:06:8e:7d:f0:e5:
2b:c0:cf:18:81:9a:e4:e8:85:b3:a1:9a:df:c2:52:
03:0a:58:06:cb:a6:a2:e0:15:b2:0c:7f:60:99:84:
ba:dc:27:62:76:53:6f:b4:82:ed:a8:9d:45:16:fc:
ff:fd:9a:f7:93:36:78:4b:69:5b:aa:6c:ae:5e:58:
ef:1c:bb:fe:75:b4:04:ed:9f:7a:0e:9e:9e:87:d1:
10:77:74:95:36:d3:24:52:a1:5c:75:e8:25:61:19:
1b:25:7b:84:dc:b7:bf:12:ff:3f:39:04:63:c3:1e:
4b:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:69:27:11:BD:22:03:E2:9A:77:BE:E0:5A:FF:64:E5:3C:44:55:68
X509v3 Authority Key Identifier:
keyid:65:3F:55:62:91:21:B6:0F:B1:9C:97:F9:9C:75:DD:6F:01:5D:D6:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/WGknEb0iA-Kad77gWv9k5TxEVWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.153.19.0/24
195.153.74.0/24
195.153.108.0/22
195.153.124.0/24
195.153.216.0/23
217.151.32.0/20
Signature Algorithm: sha256WithRSAEncryption
73:da:3d:67:20:ab:e8:23:72:42:9f:16:cd:5f:6f:be:de:97:
27:fe:4d:12:c2:28:be:5a:cb:88:f8:9e:ef:1b:37:3b:75:e8:
9c:13:cc:16:82:49:5b:a5:fc:3e:aa:a3:ad:bd:bf:e0:eb:24:
e3:95:14:01:f0:bf:de:16:fc:09:82:02:40:96:a3:b6:64:1c:
de:15:77:19:45:9c:16:5c:a9:9a:ef:23:a1:b6:0d:d7:1d:c1:
f2:04:77:31:8a:18:e6:0f:a7:27:ca:00:b9:e1:b5:67:ce:78:
9d:9c:54:ec:52:f2:b2:d3:34:35:03:0b:d7:ef:b8:bb:32:ea:
ca:81:86:81:01:6d:e4:8d:7d:b4:ee:e4:0f:bb:7e:f6:d0:ad:
c4:d8:f5:6a:56:6c:01:fa:4f:99:3f:a6:f2:de:b6:07:22:64:
df:84:c5:97:18:61:59:32:75:ff:3a:b2:ab:2a:f8:9a:b0:b4:
54:2f:33:97:07:98:e4:41:d1:d5:73:4d:ef:d7:6b:0b:1b:c9:
6d:77:4b:98:61:cc:e7:76:15:6e:71:45:53:48:43:b6:17:df:
fc:89:b4:3b:ac:74:9c:6b:5e:44:cc:e4:01:59:45:28:d2:e0:
df:96:89:b1:b5:3f:9a:6f:5a:cb:3c:00:05:8c:2a:b1:6d:15:
09:c7:f7:ab
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIENnWG4jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NTNmNTU2MjkxMjFiNjBmYjE5Yzk3Zjk5Yzc1ZGQ2ZjAxNWRkNmU4MB4XDTIyMDYy
NzAzNTU0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTg2OTI3MTFiZDIy
MDNlMjlhNzdiZWUwNWFmZjY0ZTUzYzQ0NTU2ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMfJkIJgTeIthRibN64c7cWj+3vIJXVyw+DoOcV15rObYAPU
X0nHUaKi2xRukf0D+z9AJ4Amokm83f+j0LOCEtea1ajFQubF+MJRn6peflO+YedJ
H/nSdVDFFoRkNfoh7NStz6a1HOQ+pYQ63eKmrxlxQoU03w8/QRQcmsF1atSSIwSO
JZ1S3gFxWP9JILFp0QaOffDlK8DPGIGa5OiFs6Ga38JSAwpYBsumouAVsgx/YJmE
utwnYnZTb7SC7aidRRb8//2a95M2eEtpW6psrl5Y7xy7/nW0BO2feg6enofREHd0
lTbTJFKhXHXoJWEZGyV7hNy3vxL/PzkEY8MeS+sCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBRYaScRvSID4pp3vuBa/2TlPERVaDAfBgNVHSMEGDAWgBRlP1VikSG2D7Gc
l/mcdd1vAV3W6DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pUOVZZcEVodGcteG5KZjVuSFhkYndGZDF1Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNzRjZjNiLTlmNWMtNGY1ZS05NmM0LTI5MjZkMjgxYjUxNC8x
L1dHa25FYjBpQS1LYWQ3N2dXdjlrNVR4RVZXZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NzRjZjNiLTlmNWMtNGY1ZS05NmM0LTI5MjZkMjgxYjUxNC8xL1pUOVZZcEVodGct
eG5KZjVuSFhkYndGZDF1Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAMOZEwMEAMOZSgMEAsOZbAMEAMOZ
fAMEAcOZ2AMEBNmXIDANBgkqhkiG9w0BAQsFAAOCAQEAc9o9ZyCr6CNyQp8WzV9v
vt6XJ/5NEsIovlrLiPie7xs3O3XonBPMFoJJW6X8Pqqjrb2/4Osk45UUAfC/3hb8
CYICQJajtmQc3hV3GUWcFlypmu8jobYN1x3B8gR3MYoY5g+nJ8oAueG1Z854nZxU
7FLystM0NQML1++4uzLqyoGGgQFt5I19tO7kD7t+9tCtxNj1alZsAfpPmT+m8t62
ByJk34TFlxhhWTJ1/zqyqyr4mrC0VC8zlweY5EHR1XNN79drCxvJbXdLmGHM53YV
bnFFU0hDthff/Im0O6x0nGteRMzkAVlFKNLg35aJsbU/mm9ayzwABYwqsW0VCcf3
qw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:07 2024 by rpki-client on console-ams.rpki-client.org