Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/8aa02d-94c8-4678-92ac-17fb4ffb9fad/1/WkgUPX3WMo75-hum2A_c6LbcWck.roa
File: WkgUPX3WMo75-hum2A_c6LbcWck.roa (raw, json)
Hash identifier: Q7CqhrhL/nXOyv+0cFfTvR8Q2srPrOWeDmlWxD+ozQA=
Subject key identifier: 5A:48:14:3D:7D:D6:32:8E:F9:FA:1B:A6:D8:0F:DC:E8:B6:DC:59:C9
Certificate issuer: /CN=b1bc850d17ca6d3c7b4d00e501e2d356f08a585e
Certificate serial: 08ABC7F0
Authority key identifier: B1:BC:85:0D:17:CA:6D:3C:7B:4D:00:E5:01:E2:D3:56:F0:8A:58:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sbyFDRfKbTx7TQDlAeLTVvCKWF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/8aa02d-94c8-4678-92ac-17fb4ffb9fad/1/WkgUPX3WMo75-hum2A_c6LbcWck.roa
Signing time: Sat 01 Jan 2022 09:00:56 +0000
ROA not before: Sat 01 Jan 2022 09:00:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 27281
IP address blocks: 91.228.74.0/24 maxlen: 24
91.228.72.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 145475568 (0x8abc7f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1bc850d17ca6d3c7b4d00e501e2d356f08a585e
Validity
Not Before: Jan 1 09:00:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5a48143d7dd6328ef9fa1ba6d80fdce8b6dc59c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:cb:67:29:44:5f:0c:72:a4:4e:e4:bb:2d:f2:
2e:79:37:db:ad:e4:26:86:ff:ef:ba:03:c3:69:05:
09:57:c9:27:9d:29:61:f5:13:11:65:39:e5:b9:04:
12:6b:5d:23:ab:f1:66:3e:22:99:1a:d2:d7:b3:54:
d5:6a:d8:e4:20:e2:91:10:b0:c5:d4:43:57:e4:55:
0d:c9:10:3b:2c:59:97:d5:8b:f9:03:d0:02:40:57:
5f:83:c9:cf:9c:87:c3:11:01:72:49:3e:c9:4a:83:
be:fd:c3:a0:f0:c9:7b:2e:d9:ed:c4:49:ca:b2:1a:
a6:0a:c5:30:0c:c2:c9:48:91:65:8c:18:18:33:95:
30:e7:8d:27:5f:96:28:59:36:11:8a:30:4c:38:dd:
52:9e:f3:44:e3:ba:88:a7:0e:21:e0:3e:9b:1f:49:
60:59:a2:c8:c6:9b:84:6e:e3:e2:ab:c4:b9:0d:ca:
7a:48:76:5b:44:bc:1a:9c:c2:2f:4d:58:02:1d:34:
89:fb:5a:14:a3:ce:78:4a:78:55:cb:e1:58:07:c4:
a5:93:5b:0e:05:e2:0e:65:62:dc:2f:19:91:d8:d6:
3e:1e:97:5c:8c:08:cb:e9:79:a2:48:12:9f:c3:ad:
0c:08:17:ec:11:56:70:99:a3:cc:50:b7:6f:09:04:
08:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:48:14:3D:7D:D6:32:8E:F9:FA:1B:A6:D8:0F:DC:E8:B6:DC:59:C9
X509v3 Authority Key Identifier:
keyid:B1:BC:85:0D:17:CA:6D:3C:7B:4D:00:E5:01:E2:D3:56:F0:8A:58:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sbyFDRfKbTx7TQDlAeLTVvCKWF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/8aa02d-94c8-4678-92ac-17fb4ffb9fad/1/WkgUPX3WMo75-hum2A_c6LbcWck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/8aa02d-94c8-4678-92ac-17fb4ffb9fad/1/sbyFDRfKbTx7TQDlAeLTVvCKWF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.72.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:20:13:85:fe:76:17:8a:e7:0e:1f:21:02:e1:0b:e8:84:42:
96:e7:21:a0:75:2e:86:28:55:cb:04:b0:dc:c1:33:66:52:4f:
1b:bb:f3:2d:3f:f3:0f:d5:76:2e:7c:34:8f:49:14:07:f8:4a:
55:54:5e:e5:21:32:ac:1e:98:8a:4d:0c:8a:bd:84:52:87:12:
2d:45:89:63:22:dd:64:73:9b:e7:43:4a:f9:1d:17:84:d3:cb:
bd:05:58:fa:0d:b4:9a:60:0b:16:47:c4:ef:f4:3f:2c:ff:00:
d0:75:82:a2:d3:e4:85:f6:1f:29:33:ce:07:07:e2:0e:00:b5:
5f:29:35:c2:c0:c4:3d:1d:37:ad:9a:79:18:49:ec:8d:8f:5f:
12:0e:30:7d:35:19:b8:ad:63:75:f4:aa:24:9e:9a:a7:fd:f4:
3f:4c:aa:a7:8d:3d:5a:25:b6:dc:56:2c:c7:c8:4a:9e:46:93:
99:bc:04:3f:52:e2:72:87:d2:31:c6:6a:af:db:d0:e1:de:c8:
3b:8d:cf:b0:5c:64:cd:76:40:5d:2d:fd:88:df:9f:a9:61:90:
6c:64:e3:ab:24:7a:b7:2e:12:a7:fb:09:3e:df:10:fc:ec:a7:
d3:7b:dd:d0:69:35:a4:97:ab:7d:c2:a8:0f:b9:28:e2:25:1d:
f8:0e:b0:3e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECKvH8DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWJjODUwZDE3Y2E2ZDNjN2I0ZDAwZTUwMWUyZDM1NmYwOGE1ODVlMB4XDTIyMDEw
MTA5MDA1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWE0ODE0M2Q3ZGQ2
MzI4ZWY5ZmExYmE2ZDgwZmRjZThiNmRjNTljOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALjLZylEXwxypE7kuy3yLnk3263kJob/77oDw2kFCVfJJ50p
YfUTEWU55bkEEmtdI6vxZj4imRrS17NU1WrY5CDikRCwxdRDV+RVDckQOyxZl9WL
+QPQAkBXX4PJz5yHwxEBckk+yUqDvv3DoPDJey7Z7cRJyrIapgrFMAzCyUiRZYwY
GDOVMOeNJ1+WKFk2EYowTDjdUp7zROO6iKcOIeA+mx9JYFmiyMabhG7j4qvEuQ3K
ekh2W0S8GpzCL01YAh00iftaFKPOeEp4VcvhWAfEpZNbDgXiDmVi3C8ZkdjWPh6X
XIwIy+l5okgSn8OtDAgX7BFWcJmjzFC3bwkECFsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRaSBQ9fdYyjvn6G6bYD9zottxZyTAfBgNVHSMEGDAWgBSxvIUNF8ptPHtN
AOUB4tNW8IpYXjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NieUZEUmZLYlR4N1RRRGxBZUxUVnZDS1dGNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjQvOGFhMDJkLTk0YzgtNDY3OC05MmFjLTE3ZmI0ZmZiOWZhZC8x
L1drZ1VQWDNXTW83NS1odW0yQV9jNkxiY1djay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjQv
OGFhMDJkLTk0YzgtNDY3OC05MmFjLTE3ZmI0ZmZiOWZhZC8xL3NieUZEUmZLYlR4
N1RRRGxBZUxUVnZDS1dGNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlvkSDANBgkqhkiG9w0BAQsFAAOC
AQEAfCAThf52F4rnDh8hAuEL6IRCluchoHUuhihVywSw3MEzZlJPG7vzLT/zD9V2
Lnw0j0kUB/hKVVRe5SEyrB6Yik0Mir2EUocSLUWJYyLdZHOb50NK+R0XhNPLvQVY
+g20mmALFkfE7/Q/LP8A0HWCotPkhfYfKTPOBwfiDgC1Xyk1wsDEPR03rZp5GEns
jY9fEg4wfTUZuK1jdfSqJJ6ap/30P0yqp409WiW23FYsx8hKnkaTmbwEP1LicofS
McZqr9vQ4d7IO43PsFxkzXZAXS39iN+fqWGQbGTjqyR6ty4Sp/sJPt8Q/Oyn03vd
0Gk1pJerfcKoD7ko4iUd+A6wPg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:28 2023 by rpki-client on console-ams.rpki-client.org