Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/aaae38-1b28-449d-be82-73fd2c035eb5/1/WWhdwPPNcbGUHsym6z3E770IfMw.roa
File: WWhdwPPNcbGUHsym6z3E770IfMw.roa (raw, json)
Hash identifier: Bzfbhm8nuzjcHck2z6OTy6hIqNYry5q7Pgy3tJ+iXNY=
Subject key identifier: 59:68:5D:C0:F3:CD:71:B1:94:1E:CC:A6:EB:3D:C4:EF:BD:08:7C:CC
Certificate issuer: /CN=21bfb9e219e15feda6add29639b8d73f5c2cd802
Certificate serial: 026703
Authority key identifier: 21:BF:B9:E2:19:E1:5F:ED:A6:AD:D2:96:39:B8:D7:3F:5C:2C:D8:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ib-54hnhX-2mrdKWObjXP1ws2AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/aaae38-1b28-449d-be82-73fd2c035eb5/1/WWhdwPPNcbGUHsym6z3E770IfMw.roa
Signing time: Thu 02 Jun 2022 11:19:29 +0000
ROA not before: Thu 02 Jun 2022 11:19:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35378
IP address blocks: 95.171.96.0/19 maxlen: 19
37.123.200.0/21 maxlen: 21
176.241.72.0/21 maxlen: 21
77.91.0.0/18 maxlen: 18
185.14.112.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 157443 (0x26703)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bfb9e219e15feda6add29639b8d73f5c2cd802
Validity
Not Before: Jun 2 11:19:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=59685dc0f3cd71b1941ecca6eb3dc4efbd087ccc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:6b:e6:29:33:2d:19:ef:08:26:c9:a7:98:1c:
96:59:cc:81:91:25:21:e7:8f:f7:ce:82:39:10:5c:
51:6d:d9:c4:08:c6:b1:74:72:6b:b4:0a:fc:b7:f2:
21:f4:1e:12:b6:86:0b:7d:72:c5:88:fe:ac:70:d1:
d2:0b:fa:fa:97:3c:7f:25:44:f3:36:9e:ba:b4:1e:
c8:1d:a0:81:b2:6a:9a:ce:3b:4b:db:c6:3a:a6:06:
58:d5:0f:09:73:09:60:68:cb:71:04:73:d7:4e:2a:
16:9e:7f:36:2c:b1:b4:d6:3a:a6:0f:15:47:b1:71:
ca:da:f6:72:f9:45:90:32:03:2f:ec:92:b7:5c:be:
7b:8c:64:04:bb:b6:a2:3e:e5:3c:6a:bc:4e:35:f1:
29:02:1c:bf:a1:7b:7e:42:e8:d0:18:42:a5:9a:c4:
9d:90:d8:ff:32:bd:c7:f7:e1:b2:a0:43:3f:b3:85:
32:0e:9f:a9:81:50:80:70:31:00:b1:bf:b8:ef:31:
99:05:05:b2:1f:b5:bd:de:4d:f0:b4:93:29:fc:08:
d4:b8:54:cb:05:df:78:fd:0b:31:26:bf:1b:87:e5:
9f:45:76:2f:cc:e2:2e:2c:73:88:79:7e:2a:6b:20:
12:94:0d:fc:f4:34:b4:cc:68:61:68:ce:e1:31:52:
e7:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:68:5D:C0:F3:CD:71:B1:94:1E:CC:A6:EB:3D:C4:EF:BD:08:7C:CC
X509v3 Authority Key Identifier:
keyid:21:BF:B9:E2:19:E1:5F:ED:A6:AD:D2:96:39:B8:D7:3F:5C:2C:D8:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ib-54hnhX-2mrdKWObjXP1ws2AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/aaae38-1b28-449d-be82-73fd2c035eb5/1/WWhdwPPNcbGUHsym6z3E770IfMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/aaae38-1b28-449d-be82-73fd2c035eb5/1/Ib-54hnhX-2mrdKWObjXP1ws2AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.123.200.0/21
77.91.0.0/18
95.171.96.0/19
176.241.72.0/21
185.14.112.0/22
Signature Algorithm: sha256WithRSAEncryption
22:8a:19:a1:9b:eb:f9:ad:3a:12:c5:59:cd:12:cd:26:a8:1a:
d9:be:80:ec:ba:10:40:20:1c:6f:b4:ad:e5:08:25:9a:bd:a0:
df:cc:cd:24:e1:ab:c1:7a:e7:40:9d:09:17:f5:0a:02:30:40:
de:42:47:b0:c2:9c:8d:1a:1f:3a:77:ca:77:90:21:e1:8d:b7:
17:9b:46:34:79:d8:9b:c3:19:c5:e3:54:c0:07:cb:17:31:da:
3d:26:87:aa:29:a6:b5:aa:84:5f:e2:30:aa:b1:1f:be:bc:38:
89:27:9e:38:d4:4d:f2:03:14:57:49:cb:c7:06:b5:d3:dc:06:
01:f6:21:89:10:63:d8:24:7b:11:20:ca:c2:c9:3b:bc:40:fb:
f7:b8:03:4b:a2:c2:5f:64:60:93:41:7c:e0:4c:79:c8:65:70:
8e:cf:b9:1d:8c:29:f1:06:88:cd:ba:ef:66:8f:47:3b:c4:31:
af:7b:ba:90:75:6e:7f:eb:d6:c9:02:24:50:44:c4:8a:ec:ff:
02:94:47:b5:d4:df:e1:78:8b:a8:00:ca:11:3d:6d:a5:ca:63:
2c:18:a9:99:c8:1e:23:90:57:a6:ee:f0:4c:75:b6:3b:37:60:
f2:fb:88:8b:61:b4:a6:e0:17:6c:7e:88:72:66:d2:0d:92:7f:
0e:47:49:f6
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIDAmcDMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDIx
YmZiOWUyMTllMTVmZWRhNmFkZDI5NjM5YjhkNzNmNWMyY2Q4MDIwHhcNMjIwNjAy
MTExOTI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg1OTY4NWRjMGYzY2Q3
MWIxOTQxZWNjYTZlYjNkYzRlZmJkMDg3Y2NjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnWvmKTMtGe8IJsmnmByWWcyBkSUh54/3zoI5EFxRbdnECMax
dHJrtAr8t/Ih9B4StoYLfXLFiP6scNHSC/r6lzx/JUTzNp66tB7IHaCBsmqazjtL
28Y6pgZY1Q8JcwlgaMtxBHPXTioWnn82LLG01jqmDxVHsXHK2vZy+UWQMgMv7JK3
XL57jGQEu7aiPuU8arxONfEpAhy/oXt+QujQGEKlmsSdkNj/Mr3H9+GyoEM/s4Uy
Dp+pgVCAcDEAsb+47zGZBQWyH7W93k3wtJMp/AjUuFTLBd94/QsxJr8bh+WfRXYv
zOIuLHOIeX4qayASlA389DS0zGhhaM7hMVLncwIDAQABo4ICITCCAh0wHQYDVR0O
BBYEFFloXcDzzXGxlB7Mpus9xO+9CHzMMB8GA1UdIwQYMBaAFCG/ueIZ4V/tpq3S
ljm41z9cLNgCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
SWItNTRobmhYLTJtcmRLV09ialhQMXdzMkFJLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9iNC9hYWFlMzgtMWIyOC00NDlkLWJlODItNzNmZDJjMDM1ZWI1LzEv
V1doZHdQUE5jYkdVSHN5bTZ6M0U3NzBJZk13LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9h
YWFlMzgtMWIyOC00NDlkLWJlODItNzNmZDJjMDM1ZWI1LzEvSWItNTRobmhYLTJt
cmRLV09ialhQMXdzMkFJLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDcG
CCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDJXvIAwQGTVsAAwQFX6tgAwQDsPFI
AwQCuQ5wMA0GCSqGSIb3DQEBCwUAA4IBAQAiihmhm+v5rToSxVnNEs0mqBrZvoDs
uhBAIBxvtK3lCCWavaDfzM0k4avBeudAnQkX9QoCMEDeQkewwpyNGh86d8p3kCHh
jbcXm0Y0edibwxnF41TAB8sXMdo9JoeqKaa1qoRf4jCqsR++vDiJJ5441E3yAxRX
ScvHBrXT3AYB9iGJEGPYJHsRIMrCyTu8QPv3uANLosJfZGCTQXzgTHnIZXCOz7kd
jCnxBojNuu9mj0c7xDGve7qQdW5/69bJAiRQRMSK7P8ClEe11N/heIuoAMoRPW2l
ymMsGKmZyB4jkFem7vBMdbY7N2Dy+4iLYbSm4BdsfohyZtINkn8OR0n2
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:34 2023 by rpki-client on console-fra.rpki-client.org