Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/f8a63d-1730-4d88-ab38-3fd30988f677/1/WvlMFfFJyzoEQ0G7nEn9eDjq4U0.roa
File: WvlMFfFJyzoEQ0G7nEn9eDjq4U0.roa (raw, json)
Hash identifier: D2TT3JUOO06kIcFmXsqSelAsmbBftQHa/BmBx9UOIEM=
Subject key identifier: 5A:F9:4C:15:F1:49:CB:3A:04:43:41:BB:9C:49:FD:78:38:EA:E1:4D
Certificate issuer: /CN=19f1a9dd126f37237ce200fb8616ff937bca966c
Certificate serial: 19E6762F
Authority key identifier: 19:F1:A9:DD:12:6F:37:23:7C:E2:00:FB:86:16:FF:93:7B:CA:96:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GfGp3RJvNyN84gD7hhb_k3vKlmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a63d-1730-4d88-ab38-3fd30988f677/1/WvlMFfFJyzoEQ0G7nEn9eDjq4U0.roa
Signing time: Sat 01 Jan 2022 05:01:55 +0000
ROA not before: Sat 01 Jan 2022 05:01:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42926
IP address blocks: 85.95.240.0/24 maxlen: 24
85.95.239.0/24 maxlen: 24
85.95.238.0/24 maxlen: 24
85.95.237.0/24 maxlen: 24
85.95.244.0/24 maxlen: 24
85.95.243.0/24 maxlen: 24
85.95.242.0/24 maxlen: 24
85.95.241.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 434533935 (0x19e6762f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19f1a9dd126f37237ce200fb8616ff937bca966c
Validity
Not Before: Jan 1 05:01:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5af94c15f149cb3a044341bb9c49fd7838eae14d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:8d:8b:07:ad:f9:62:37:d5:16:c7:53:21:a4:
6f:2e:79:b3:79:7a:c4:e1:d9:e8:a8:4b:b8:9d:53:
58:b0:8d:12:79:05:f0:dd:ee:e2:6b:36:27:4b:ee:
4e:7f:5d:2c:ce:1f:dd:c3:aa:07:02:eb:d3:93:5b:
3b:be:20:f0:40:e5:ef:96:e4:d5:f6:46:d2:60:f2:
64:8c:de:d9:8d:3c:de:3e:a6:44:b2:5a:5f:ca:db:
2a:81:06:84:0c:fe:a2:51:75:c3:dd:9e:16:4f:3c:
cf:ba:fc:56:ee:fd:3f:a7:b1:8c:e0:0a:30:a7:1a:
db:3f:c6:a1:4f:86:50:b7:fd:6f:fe:6d:df:3a:8a:
10:be:08:21:9f:25:dc:d3:2a:85:a5:9f:4e:b2:0c:
1d:5a:4b:3e:5d:d7:3d:57:27:72:40:fc:5e:de:c5:
c7:5d:ac:8f:32:65:90:0a:36:8f:fa:40:01:bf:76:
19:2d:eb:c2:31:35:79:a4:7a:d9:cc:85:d8:e2:5a:
84:3e:52:e4:92:7a:5d:cd:7b:a0:cf:25:85:83:d4:
dc:3e:f9:cf:19:a6:88:f5:12:e6:6c:87:de:95:28:
6d:95:2e:9b:10:d3:eb:c3:3a:d6:17:2f:94:4d:7b:
a6:bb:68:f0:da:e7:8e:33:80:6c:dd:ff:bc:1f:3f:
b8:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:F9:4C:15:F1:49:CB:3A:04:43:41:BB:9C:49:FD:78:38:EA:E1:4D
X509v3 Authority Key Identifier:
keyid:19:F1:A9:DD:12:6F:37:23:7C:E2:00:FB:86:16:FF:93:7B:CA:96:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GfGp3RJvNyN84gD7hhb_k3vKlmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a63d-1730-4d88-ab38-3fd30988f677/1/WvlMFfFJyzoEQ0G7nEn9eDjq4U0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a63d-1730-4d88-ab38-3fd30988f677/1/GfGp3RJvNyN84gD7hhb_k3vKlmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.95.237.0-85.95.244.255
Signature Algorithm: sha256WithRSAEncryption
1e:1b:82:51:08:a3:49:46:8b:d5:17:12:7a:54:4e:b1:10:d3:
c7:ab:16:54:e8:14:b3:fa:3c:1d:1a:39:8d:37:2c:7d:57:cb:
fe:b5:cb:7c:af:70:f1:69:f0:b6:00:34:db:b9:44:bf:34:12:
d4:f9:4e:38:2c:48:93:9e:31:4c:cc:cf:ba:95:ef:dc:98:96:
5a:d1:47:88:ea:17:85:95:57:10:47:86:0c:ba:ba:ff:65:0f:
40:3d:84:ed:e2:48:42:e9:1c:00:26:7c:19:e7:21:a8:46:0f:
6d:c9:a6:78:3d:e7:d8:22:d3:73:69:58:74:88:16:32:53:86:
b0:b4:55:37:9a:dd:f7:cf:fe:fb:51:c8:62:9d:bf:5e:41:d9:
0d:c2:0d:09:ee:d5:a5:40:d8:d2:0a:f0:f9:9a:ae:a6:8e:14:
c0:62:6e:11:3e:9b:9e:c6:80:0a:17:83:49:4d:f4:08:e8:7b:
c1:5d:32:69:57:20:fa:c1:98:f4:a9:25:e7:6d:c6:cf:a5:b1:
37:04:65:49:dc:17:76:94:8e:03:38:99:e2:58:a0:3b:5b:e4:
87:e2:14:da:c5:f5:1b:67:38:e5:d6:ad:35:30:7a:2e:bf:7f:
9e:9c:cd:4a:bc:ee:b1:74:e3:89:a7:16:67:8b:51:b4:c8:a3:
07:d1:1d:ee
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEGeZ2LzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
OWYxYTlkZDEyNmYzNzIzN2NlMjAwZmI4NjE2ZmY5MzdiY2E5NjZjMB4XDTIyMDEw
MTA1MDE1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWFmOTRjMTVmMTQ5
Y2IzYTA0NDM0MWJiOWM0OWZkNzgzOGVhZTE0ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMuNiwet+WI31RbHUyGkby55s3l6xOHZ6KhLuJ1TWLCNEnkF
8N3u4ms2J0vuTn9dLM4f3cOqBwLr05NbO74g8EDl75bk1fZG0mDyZIze2Y083j6m
RLJaX8rbKoEGhAz+olF1w92eFk88z7r8Vu79P6exjOAKMKca2z/GoU+GULf9b/5t
3zqKEL4IIZ8l3NMqhaWfTrIMHVpLPl3XPVcnckD8Xt7Fx12sjzJlkAo2j/pAAb92
GS3rwjE1eaR62cyF2OJahD5S5JJ6Xc17oM8lhYPU3D75zxmmiPUS5myH3pUobZUu
mxDT68M61hcvlE17prto8NrnjjOAbN3/vB8/uC0CAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBRa+UwV8UnLOgRDQbucSf14OOrhTTAfBgNVHSMEGDAWgBQZ8andEm83I3zi
APuGFv+Te8qWbDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dmR3AzUkp2TnlOODRnRDdoaGJfazN2S2xtdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvZjhhNjNkLTE3MzAtNGQ4OC1hYjM4LTNmZDMwOTg4ZjY3Ny8x
L1d2bE1GZkZKeXpvRVEwRzduRW45ZURqcTRVMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
ZjhhNjNkLTE3MzAtNGQ4OC1hYjM4LTNmZDMwOTg4ZjY3Ny8xL0dmR3AzUkp2TnlO
ODRnRDdoaGJfazN2S2xtdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAVV/tAwQAVV/0MA0GCSqGSIb3
DQEBCwUAA4IBAQAeG4JRCKNJRovVFxJ6VE6xENPHqxZU6BSz+jwdGjmNNyx9V8v+
tct8r3DxafC2ADTbuUS/NBLU+U44LEiTnjFMzM+6le/cmJZa0UeI6heFlVcQR4YM
urr/ZQ9APYTt4khC6RwAJnwZ5yGoRg9tyaZ4PefYItNzaVh0iBYyU4awtFU3mt33
z/77Uchinb9eQdkNwg0J7tWlQNjSCvD5mq6mjhTAYm4RPpuexoAKF4NJTfQI6HvB
XTJpVyD6wZj0qSXnbcbPpbE3BGVJ3Bd2lI4DOJniWKA7W+SH4hTaxfUbZzjl1q01
MHouv3+enM1KvO6xdOOJpxZni1G0yKMH0R3u
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:20 2024 by rpki-client on console-fra.rpki-client.org