Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/90033c-5b03-4709-b6d3-a865e189ed8a/1/WIMS8ZeEDSH7WnMMP54wyyFYx_g.roa
File: WIMS8ZeEDSH7WnMMP54wyyFYx_g.roa (raw, json)
Hash identifier: N3fxKDrHq8mpKlOQJFhEPxYmZR154FDbBlXhsgNkWPk=
Subject key identifier: 58:83:12:F1:97:84:0D:21:FB:5A:73:0C:3F:9E:30:CB:21:58:C7:F8
Certificate issuer: /CN=c2fca944458606b1017e26c3ca17430f7ff924b3
Certificate serial: 4BC19E64
Authority key identifier: C2:FC:A9:44:45:86:06:B1:01:7E:26:C3:CA:17:43:0F:7F:F9:24:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wvypREWGBrEBfibDyhdDD3_5JLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/90033c-5b03-4709-b6d3-a865e189ed8a/1/WIMS8ZeEDSH7WnMMP54wyyFYx_g.roa
Signing time: Sat 01 Jan 2022 09:59:36 +0000
ROA not before: Sat 01 Jan 2022 09:59:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2107
IP address blocks: 178.172.0.0/17 maxlen: 17
193.2.0.0/16 maxlen: 16
92.244.64.0/19 maxlen: 19
95.87.128.0/18 maxlen: 18
149.62.64.0/18 maxlen: 18
153.5.0.0/16 maxlen: 16
88.200.0.0/17 maxlen: 17
212.235.128.0/17 maxlen: 17
185.13.52.0/22 maxlen: 22
109.127.192.0/18 maxlen: 18
141.255.192.0/18 maxlen: 18
194.249.0.0/16 maxlen: 16
2001:1470::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1270980196 (0x4bc19e64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2fca944458606b1017e26c3ca17430f7ff924b3
Validity
Not Before: Jan 1 09:59:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=588312f197840d21fb5a730c3f9e30cb2158c7f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:05:65:c3:50:ca:cd:ca:57:2c:72:1f:0d:49:
71:1d:3d:df:e1:c3:8f:3b:96:b3:66:d5:7a:36:3e:
0e:4f:73:81:aa:61:c7:60:21:8b:68:48:a2:76:72:
b8:a0:bf:0e:34:9d:58:38:5a:a5:29:cb:33:f0:38:
c6:c2:7c:50:76:1c:d5:fe:8f:5b:f6:cd:41:e1:2e:
3d:29:f7:1f:70:74:7c:98:e4:47:1c:8b:39:fb:85:
9b:02:be:bd:e0:d8:ef:ef:8c:24:6e:05:42:5d:15:
dd:41:65:35:2c:31:64:97:66:47:74:d6:eb:ca:b5:
74:8a:21:f0:db:9a:3f:da:7b:af:7f:eb:71:20:8d:
fd:da:af:4c:27:7b:91:74:fb:fe:9e:41:66:60:ad:
00:7c:10:37:99:bc:e5:4b:fb:e9:38:ca:f1:f2:f1:
bf:d6:0c:43:48:41:94:4c:ac:86:b3:bf:08:20:de:
61:34:5a:cc:dc:8d:96:58:00:c6:68:f5:41:eb:eb:
93:fb:4a:9f:b7:8e:bf:8b:e7:bf:55:72:9d:15:eb:
43:11:d4:c1:f8:6c:8b:5d:d4:a5:21:02:ac:36:4c:
be:67:5e:c7:88:7c:f7:ea:6b:30:a6:c2:bf:2f:29:
b7:b6:fe:87:b9:e5:67:33:37:5b:14:e5:33:22:4c:
6a:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:83:12:F1:97:84:0D:21:FB:5A:73:0C:3F:9E:30:CB:21:58:C7:F8
X509v3 Authority Key Identifier:
keyid:C2:FC:A9:44:45:86:06:B1:01:7E:26:C3:CA:17:43:0F:7F:F9:24:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wvypREWGBrEBfibDyhdDD3_5JLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/90033c-5b03-4709-b6d3-a865e189ed8a/1/WIMS8ZeEDSH7WnMMP54wyyFYx_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/90033c-5b03-4709-b6d3-a865e189ed8a/1/wvypREWGBrEBfibDyhdDD3_5JLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.200.0.0/17
92.244.64.0/19
95.87.128.0/18
109.127.192.0/18
141.255.192.0/18
149.62.64.0/18
153.5.0.0/16
178.172.0.0/17
185.13.52.0/22
193.2.0.0/16
194.249.0.0/16
212.235.128.0/17
IPv6:
2001:1470::/29
Signature Algorithm: sha256WithRSAEncryption
a1:0b:c8:af:ac:45:17:bb:81:a4:02:8c:e9:2c:4d:24:b3:e6:
5a:be:6d:e2:df:a7:3a:71:d4:5f:ca:1c:63:a1:c3:85:df:12:
50:01:20:c6:24:ca:b0:53:77:4f:5b:07:66:0c:b6:62:28:a1:
ac:dc:19:f7:e1:86:5c:5d:e1:14:aa:31:dc:58:2d:6b:b7:3c:
c7:62:5a:13:74:b9:a0:79:db:16:1a:bc:0a:75:f4:43:7b:55:
86:75:a2:c1:39:8e:88:5a:cd:15:d7:78:95:88:0d:41:6d:a7:
4e:23:d5:5d:e3:17:cb:00:c3:96:4b:a8:a7:cd:4d:c7:c5:80:
6d:f6:d4:7b:b0:60:b0:65:ea:4c:0c:27:72:37:0a:2b:54:20:
d8:63:de:8f:57:4e:84:f3:b9:05:d2:7d:35:ba:7e:83:cf:3e:
8d:75:ca:4d:39:dc:e3:d5:8c:f2:02:b7:a8:31:2f:a6:f4:a5:
63:1e:95:f0:0d:c8:fd:6d:13:99:62:70:00:04:c4:20:12:e1:
9b:27:f1:be:5a:9d:16:36:92:23:91:a7:97:c9:c9:13:96:b2:
f6:7b:7d:ed:a0:db:88:36:1b:b4:ac:a0:12:9d:95:24:86:64:
a3:de:84:d3:d1:eb:35:db:4a:71:b9:6d:a0:ca:cf:19:6f:bc:
b6:0b:98:48
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIES8GeZDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MmZjYTk0NDQ1ODYwNmIxMDE3ZTI2YzNjYTE3NDMwZjdmZjkyNGIzMB4XDTIyMDEw
MTA5NTkzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTg4MzEyZjE5Nzg0
MGQyMWZiNWE3MzBjM2Y5ZTMwY2IyMTU4YzdmODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALIFZcNQys3KVyxyHw1JcR093+HDjzuWs2bVejY+Dk9zgaph
x2Ahi2hIonZyuKC/DjSdWDhapSnLM/A4xsJ8UHYc1f6PW/bNQeEuPSn3H3B0fJjk
RxyLOfuFmwK+veDY7++MJG4FQl0V3UFlNSwxZJdmR3TW68q1dIoh8NuaP9p7r3/r
cSCN/dqvTCd7kXT7/p5BZmCtAHwQN5m85Uv76TjK8fLxv9YMQ0hBlEyshrO/CCDe
YTRazNyNllgAxmj1Qevrk/tKn7eOv4vnv1VynRXrQxHUwfhsi13UpSECrDZMvmde
x4h89+prMKbCvy8pt7b+h7nlZzM3WxTlMyJMaucCAwEAAaOCAlcwggJTMB0GA1Ud
DgQWBBRYgxLxl4QNIftacww/njDLIVjH+DAfBgNVHSMEGDAWgBTC/KlERYYGsQF+
JsPKF0MPf/kkszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3d2eXBSRVdHQnJFQmZpYkR5aGRERDNfNUpMTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvOTAwMzNjLTViMDMtNDcwOS1iNmQzLWE4NjVlMTg5ZWQ4YS8x
L1dJTVM4WmVFRFNIN1duTU1QNTR3eXlGWXhfZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
OTAwMzNjLTViMDMtNDcwOS1iNmQzLWE4NjVlMTg5ZWQ4YS8xL3d2eXBSRVdHQnJF
QmZpYkR5aGRERDNfNUpMTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBt
BggrBgEFBQcBBwEB/wReMFwwSwQCAAEwRQMEB1jIAAMEBVz0QAMEBl9XgAMEBm1/
wAMEBo3/wAMEBpU+QAMDAJkFAwQHsqwAAwQCuQ00AwMAwQIDAwDC+QMEB9TrgDAN
BAIAAjAHAwUDIAEUcDANBgkqhkiG9w0BAQsFAAOCAQEAoQvIr6xFF7uBpAKM6SxN
JLPmWr5t4t+nOnHUX8ocY6HDhd8SUAEgxiTKsFN3T1sHZgy2YiihrNwZ9+GGXF3h
FKox3Fgta7c8x2JaE3S5oHnbFhq8CnX0Q3tVhnWiwTmOiFrNFdd4lYgNQW2nTiPV
XeMXywDDlkuop81Nx8WAbfbUe7BgsGXqTAwncjcKK1Qg2GPej1dOhPO5BdJ9Nbp+
g88+jXXKTTnc49WM8gK3qDEvpvSlYx6V8A3I/W0TmWJwAATEIBLhmyfxvlqdFjaS
I5Gnl8nJE5ay9nt97aDbiDYbtKygEp2VJIZko96E09HrNdtKcbltoMrPGW+8tguY
SA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:16 2024 by rpki-client on console-fra.rpki-client.org